• The Journal of Society for e-Business Studies
• /
• v.16 no.2
• /
• pp.159-169
• /
• 2011

In order for agencies and companies at the IT service industry to check as well as to upgrade the current status of their information security programs, this paper suggests the assessment method for information security levels. The study developed 12 assessment fields and 54 assessment items derived from domestic and foreign cases including SP800-26, SP800-53, ISMS, and ISO27001. It categorized 54 assessment items into 5 levels for determining information security levels. Also, the study presents 7 strategies for performing their efficient evaluations. The proposed method and process in this paper can be useful guidelines for improving the national information security level.

• Journal of Korea Society of Industrial Information Systems
• /
• v.22 no.4
• /
• pp.65-77
• /
• 2017

We Investigated the Two Additional Effects Regarding the Causal Relationship between the Perceived Risks of cloud Services on the Intention to use the Abandonment Option. First, we Empirically Tested the Moderation Effect of IS Maturity on the Causal Relationship between these Two Variables. Second, we also Investigated the Mediation Effect of Cloud Service Satisfaction on the same Causal Relationship. We could find the Moderation and Mediation Effect only on the Influence of Relational Risk (Which Occurs from the Power Abuse of Cloud Service Providers) on the Intention to sue the Abandonment Option. So, we have better Understanding when and how the Abandonment Option is Attractive in Reducing the Potential Influence of the Relational Risk in using the Cloud Services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1153-1165
• /
• 2019

Recently, threats of hacking have been increasing on the national intelligence service network and key infrastructure, including the defense field. The defense information system responds to threats from the outside through the network separation, but if the defense information system is hacked, it has a serious impact on the operations of wartime or peacetime military forces. Today, cyberattacks and threats are rising to unpredictable levels and making it practically impossible to completely block and prevent hacking threats completly. So, in this study proposed a maturity model to assess the level of cyber-resilience, which is the ability to ensure the system's viability and maintain continuity through rapid response and recovery if signs of cyberattacks by the defense information system are expected or occurred. The proposed maturity model is expected to contribute to improving the cyber security level of the defense information system by assessing the level of cyber resilience of the defense information system and identifying and supplementing fields that are lacking.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.8
• /
• pp.570-578
• /
• 2019

In this era of big data, a variety of government organizations are trying to create new added value via Information Integration. Therefore, several projects related to government agencies' information sharing have activated system connection/integration. The risk factors of system operation, however, have increased as the volume of Information Integration System grows. The interference in information sharing is predicted to affect the operation of the agencies, and the issue will grow even worse with massive impact on civil society when the agency operation is interrupted due to system failures in terms of infrastructure, software, data quality, and security. Diverse studies related to the maintenance of Information System have been conducted, but there is currently no evaluation framework for the operational system of Information Integration between various government agencies. In this respect, this study distinguishes each of the Information System components, Data, IT, People, Process, systematizes with Plan-Do-See, and finally presents a maturity model for Information Integration. Nine derived processes were analyzed through interview and questionnaires from Information Integration System officials, further suggesting maturity stage applying CMMI. This model allows diagnosis of the maturity level of an Information Integration System, and is expected to be utilized as resource for improving organizational processes.

• The Journal of Society for e-Business Studies
• /
• v.9 no.1
• /
• pp.255-268
• /
• 2004

User authentication is indispensable in computer login and internet banking. Usability as well as security is needed in user authentication software. To develop the software systematically, development process must be defined, and it can result in the improvement of software maturity. In this paper, a process needed to develop user authentication software systematically is proposed from experience of developing visual password input software. This process is composed of 6 phases and 15 activities. It is able to improve usability with its requirement analysis, planning, integration testing, and acceptance testing activity.

• Proceedings of the Optical Society of Korea Conference
• /
• 2000.02a
• /
• pp.88-89
• /
• 2000

광전송 시스템의 전송용량은 WDM 기술의 비약적 성장에 의해 테라 bps급으로 증대된 데 비해 LAN 또는 MAN 등을 포함한 광 다중 접속 네트워크에 대한 연구는 비교적 덜 성숙한 실정이다. 광 코드분할 다중접속 (CDMA) 네트워크는 비동기 다중 사용자 시스템에의 응용 가능성과 자체적인 보안성의 제공으로 광 다중 접속 네트워크 구성의 유망한 해결책 중 하나로 관심을 모으고 있다. 현재까지 다양한 광 CDMA 네트워크 구성 방안들이 제안되었으며 이들은 크게 시간영역 또는 주파수영역에서의 부/복호 방식, 인코히어런트 또는 코히어런트 광 신호처리 방식으로 분류되어진다$^{(1)}$ . (중략)

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.29-40
• /
• 2013

This study analyzed that adjustment roles of the organization and Information System strategy suitability factors between influence and introduction outcome factors in the IT outsourcing in government offices. Influence factors of IT outsourcing are organization factor(information system maturity, CEO's support), trade factor(asset speciality, uncertainty, using degree of information system), risk factor(risk of security, risk of increase in cost, risk of losing autonomy). And outcome factors are set as economic effect and technology effect. We analyzed that organization and IS strategy suitability factors as moderator variables. Results are the followings. It was analyzed that organization and IS strategy suitability factors are in charge of adjusting role among information system maturity which is lower variable of organization factor, CEO's support, uncertainty of trade factor's lower variable, risk of security which is risk factor's lower variable, risk of increase in cost, loss of autonomy. Therefore, in order for organization to increase the outcome of information technology, organization strategy and IS strategy should be promoted in combined manner. However, it was analyzed that strategy suitability could not take the adjusting role between asset specialty and introduction outcome.

• Management & Information Systems Review
• /
• v.33 no.2
• /
• pp.63-79
• /
• 2014

This study is based on the previous studies on m-commerce features, found factors that affects reliability and user's intention. After that, it examined how these factors influence the relationship between reliability and user's intention. In addition, this study showed that some factors have different influence on Korean and Chinese users in terms of reliability and user's intention. The main results of this study are as follows: (1) Personal innovation attributed to reliability in both Korea and China. Personal innovation also attributed to user's intention in Korea. (2) Localization, reach ability, security, and convenience had different influence on use and reliability in the two countries. (3) And the influences between reliability and user's intention are all positive both in Korea and China. Based on the result of this empirical study, this study reveal some implications for the firms that running with mobile business in both Korea and China.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.69-74
• /
• 2015

Korea has established diplomatic relations with 190 countries in the world. It opened its diplomatic offices in 113 countries. Korea raised its status in international society through multinational force peace activities, national defense cooperation activity and UN peace maintenance activity for the maintenance of world peace. But there have been vio lent crimes by terrorist organizations and armed groups that try to achieve their political, religious and ideological go als greatly damaging Koreans working in overseas countries. This research studied the tendency of international terr orism against Koreans. The suggestion and conclusion are as follows. First, the study shows that armed groups and extremists have threatened and attacked Koreans in overseas countries. But there aren't enough personnel who can i mmediately and correctly analyze and respond the threats and attacks. So it is urgent to raise experts continually an d develop manuals to respond the attacks. Next, the damaging targets in overseas countries have been changed from hard targets to soft targets. There could be a limit in the restriction of basic rights of people by governmental agenc ies. So it is necessary for people to show mature civic awareness not going to a tourism-prohibited area.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.155-165
• /
• 2018

As medical healthcare industry is growing up rapidly these days, providing various new healthcare service is considered carefully. Health information is considered to be more important than financial information; therefore, protecting health information becomes a very significant task. Ransomware is now targeting industry groups that have high information value. Especially, ransomware has grown in various ways since entering maturity in 2017. Healthcare industry is highly vulnerable to ransomeware since most healthcare organizations are configured in closed network with lack of malware protection. Only meeting the security criteria is not the solution. In the case of a successful attack, restoration process must be prepared to minimize damages as soon as possible. Ransomware is growing rapidly and becoming more complex that protection must be improved much faster. Based on ISO 27799 and 27002 standard, we extract and present security measures against advanced ransomware to maintain and manage healthcare system more effectively.