• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.4
• /
• pp.107-113
• /
• 2017

Open platform technology in the banking industry is anticipated to impact the market very positively together with the activation of Fin Tech services. The domestic environment of payment services has been rapidly changing into the mobiles and multiple new payment services have been introduced from a variety of vendors. However, the convenience of payment always causes worsening the security, and the accidents on the security have been continued to occur such as leakage of personal information, hacking and so on upon the expansion of the industry and the market size. This study aims to analyze the status of Fin Tech open platforms and various problems of the related standard technologies, and to suggest the possible solutions. Upon the analysis results, it was confirmed that multiple solutions were required to improve the main security protocols of open platforms and to process the security functions diversely. In conclusion, the results of this study will be helpful to determine the direction of the solution on the security issues in the open platform environment of the current industry.

• Structural Engineering and Mechanics
• /
• v.34 no.1
• /
• pp.15-38
• /
• 2010

In order to predict the shear strengths of reinforced concrete beams, many deterministic models have been developed based on rules of mechanics and on experimental test results. While the constant and variable angle truss models are known to provide reliable bases and to give reasonable predictions for the shear strengths of members with shear reinforcement, in the case of members without shear reinforcement, even advanced models with complicated procedures may show lack of accuracy or lead to fairly different predictions from other similar models. For this reason, many research efforts have been made for more accurate predictions, which resulted in important recent publications. This paper develops probabilistic shear strength models for reinforced concrete beams without shear reinforcement based on deterministic shear strength models, understanding of shear transfer mechanisms and influential parameters, and experimental test results reported in the literature. Using a Bayesian parameter estimation method, the biases of base deterministic models are identified as algebraic functions of input parameters and the errors of the developed models remaining after the bias-correction are quantified in a stochastic manner. The proposed probabilistic models predict the shear strengths with improved accuracy and help incorporate the model uncertainties into vulnerability estimations and risk-quantified designs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.1055-1062
• /
• 2021

As face-to-face education becomes difficult due to the spread of COVID-19, the use of e-learning content and virtual training is increasing. In the case of information security education, practice to learn response techniques is important, so simulation hacking and vulnerability analysis activities have been supported as virtual training for a long time. In order to increase the educational effect, contents should be designed similar to real situation, and learning activities to achieve the learning goals should be designed. In addition, excellent functions and scalability of the system supporting learning activities are required. The researcher developed an LMS evaluation index that supports non-face-to-face education by considering the key elements of non-face-to-face education and training. The developed evaluation index was applied to the information security education platform to verify its practical utility.

• Journal of Industrial Convergence
• /
• v.17 no.2
• /
• pp.1-7
• /
• 2019

The Kakao bank can be conveniently used if there are only smartphones, identity cards, and bank accounts. However, a few days before the inauguration of Kakao Bank, the company opened an account for receiving loans from other people. In order to avoid such cases, the financial transactions will be detected if the SDS is withdrawn at a short interval of time. The detection system of FDS has four functions which are monitoring and auditing, collection, analysis, and response. There are security problems of the cocoa banks in various directions. The Kakao bank has a way to respond to the problem using FDS.: Keywords : Cocoa bank, security issues, information protection, FDS

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.7
• /
• pp.109-116
• /
• 2019

In this study, a GIS-based park safety assessment index was developed to enable objective park vulnerability assessment through data-based GIS analysis, a safety assessment was conducted by selecting a target site where various parks are operated and applying the park safety assessment index. In addition, a facility management system was developed for efficient management of the park safety assessment to update the park safety and provide a foothold for indirect PPGIS. In the case of the assessment index of the safety rating of the park, it was possible to conclude that the accurate quantitative performance was given to the calculation of the safety grade of the park based on the fact that the facilities are different depending on the environment and the size of the park. In addition, the marking the safety grade of parks, as well as the function to show the safety facilities of parks, a common living area for citizens, the management system is expected to have an impact on promoting the use of parks. In the future, in functions such as reporting of facility failures and verifying civil information are implemented by applying civic group participation programs and crowd-sourcing technologies, it is believed that all facilities as well as parks managed by the local government can be managed more efficiently.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.139-150
• /
• 2008

Recently, financial institutes and industrial companies are adopted to security token such as OTP, smart card, and USB authentication token and so on for secure system management and user authentication. However, some research institutes have been introduced security weaknesses and problems in security tokens. Therefore, in this paper, we analyses of security functions and security requirements in security token performed by analyses of standardization documents, trends, security problems, attack methods for security tokens. Finally, we propose a CC v.3.1 based security token protection profile.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.17 no.1
• /
• pp.35-44
• /
• 2021

With the development of information technology, the cybersecurity threat continues as digital-related technologies are applied to the instrumentation and control system of nuclear power plants. The malfunction of the instrumentation and control system can cause economic damage due to shutdown, and furthermore, it can lead to national disasters such as radioactive emissions, so countering cybersecurity threats is an important issue. In general, the study of cybersecurity in instrumentation and control systems is concentrated on safety systems, and diverse protection systems perform protection and reactor shutdown functions, leading to reactor shutdown or, in the worst case, non-stop situations. To accurately analyze cyber threats in the diverse protection system, its linked facilities should be analyzed together. Risk analysis should be conducted by analyzing the potential impact of inter-facility cyberattacks on related facilities and the impact of cybersecurity on each configuration module of the diverse protection system. In this paper, we analyze the linkage of the diverse protection system and discuss the cybersecurity linkage threat by analyzing the availability of equipment, the cyber threat impact of the linked equipment, and the configuration module's cybersecurity vulnerability.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.207-212
• /
• 2021

A buffer overflow attack is carried out to subvert privileged program functions to gain control of the program and thus control the host. Buffer overflow attacks should be prevented by risk managers by eradicating and detecting them before the software is utilized. While calculating the size, correct variables should be chosen by risk managers in situations where fixed-length buffers are being used to avoid placing excess data that leads to the creation of an overflow. Metamorphism can also be used as it is capable of protecting data by attaining a reasonable resistance level [1]. In addition, risk management teams should ensure they access the latest updates for their application server products that support the internet infrastructure and the recent bug reports [2]. Scanners that can detect buffer overflows' flaws in their custom web applications and server products should be used by risk management teams to scan their websites. This paper presents an experiment of buffer overflow vulnerability and attack. The aims to study of a buffer overflow mechanism, types, and countermeasures. In addition, to comprehend the current detection plus prevention approaches that can be executed to prevent future attacks or mitigate the impacts of similar attacks.

• Earthquakes and Structures
• /
• v.22 no.1
• /
• pp.15-23
• /
• 2022

One of the key tools in assessing the seismic vulnerability of the structures is the use of fragile functions, which is the possibility of damage from a particular damage surface for several levels of risk from the seismic movements of the earth. The aim of this study is to investigate the effect of two categories of earthquake events on the fragile curve (FRC) of the steel construction system. In this study, the relative lateral displacement of the structures is considered as a damage criterion. The limits set for modifying the relative lateral position in the HAZUS instruction are used to determine the failure modes, which include: slight, moderate, extensive and complete. The results show, as time strong-motion increases, the probability of exceeding (PoE) increases (for Peak ground acceleration (PGA) less than 0.5). The increase in seismic demand increases the probability of exceeding. In other words, it increases the probability of exceeding, if the maximum earthquake acceleration increases. Also, 7-storey model in extensive mode has 20 and 26.5% PoE larger than 5- and 3-storey models, respectively.

• The KIPS Transactions:PartC
• /
• v.16C no.4
• /
• pp.461-476
• /
• 2009

Digital Printers that are mainly used in enterprises and public institutions are compound machinery and tools which are combined into various functions such as printing, copying, scanning, and fax so on. Digital Printers has security functionality for protecting the important data related with confidential industry technology from leaking. According to the trends, CC(Common Criteria) evaluation and assurance about digital printer is on progress in Japan and USA. Domestically CC evaluation and assurance is started recently. However, the know-how about the digital printer evaluation is not enough and the developers and the evaluators have difficulty in CC evaluation of digital printer products in the country. Therefore, the testing method of digital printer security functionality and evaluation technology is essentially needed for increasing demand for the evaluation afterwards. In this study, we analyze the security functionality and developing trends of digital printer products from internal and external major digital printer companies. Moreover, we research the characters of each security functions and propose guideline for digital printer security functionality evaluation and vulnerability testing methods.