• Journal of Digital Convergence
• /
• v.12 no.2
• /
• pp.563-570
• /
• 2014

As information security is becoming more important today, efforts in managing information security more efficiently is becoming greater. Each department such as Ministry of Security and Public Administration, Ministry of Science, Ministry of Education, National Intelligence Service, etc. is established screening criteria for information security and conducted the evaluation. Various information security certification and evaluation for public institutions effectively help to improve the level of information security. However, there are limitations of efficient security management because the examination to be performed frequently by each department. In this paper, we analyze screening criteria of the information security management that is being conducted in the public institutions. We also present limitations of information security management and the direction of improving the limitations.

• Journal of Digital Convergence
• /
• v.16 no.11
• /
• pp.303-312
• /
• 2018

The purpose of this study is to design the easy payment service research model and to find the influencing effect on the intention for the reuse of easy payment service by analysing the factors such as the social influence, the promotion condition, the security and the convenience as UTAUT model has. Also the research model employs the trust and the user satisfaction as parameters. The result shows that even though people feel the trust due to the convenience by the social influence, it has a negative influence on the user satisfaction if the risk recognized in the easy payment service and the weakness in the security are anticipated. The results of this study are academically meaningful as they established the research model for the easy payment service and the theoretical basis of the easy payment service area; they have provided the various practical implications.

• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.33-39
• /
• 2022

Recently, cyberattacks on infrastructure have been continuously occurring with the starting of neutralizing the user authentication function of information systems. Accordingly, the vulnerabilities of system are increasing day by day, such as the increase in the vulnerabilities of the encryption system. In this paper, an alternative technique for the symmetric key algorithm has been developed in order to build the encryption algorithm that is not easy for beginners to understand and apply. Vigenere Cipher is a method of encrypting alphabetic text and it uses a simple form of polyalphabetic substitution. The encryption application system proposed in this study uses the simple form of polyalphabetic substitution method to present an application model that integrates the three steps of encryption table creation, encryption and decryption as a framework. The encryption of the original text is done using the Vigenère square or Vigenère table. When applying to the automatic generation of secret keys on the information system this model is expected that integrated authentication work, and analysis will be possible on target system. ubstitution alphabets[3].

• Proceedings of the Korea Database Society Conference
• /
• 2001.11a
• /
• pp.622-635
• /
• 2001

최근의 정보 시스템 감리수요는 공공부문을 중심으로 매우 빠르게 증가하여 점차적으로 민간부문으로 확대되고 있는 추세이다. 이는 정보 시스템 감리를 통해 정보 시스템의 품질 향상을 기대할 수 있기 때문이며, 향후에도 조직의 정보시스템에 대한 의존도가 증가할 것 이므로, 정보시스템의 효과성, 효율성 및 보안성은 더욱 중요한 문제로 대두 될 것이며, 따라서 시스템 감리의 중요성은 높아질 수 밖에 없을 것이다. 그러나 아직 정보시스템감리는 이러한 기대에 부응하기 위한 체계적 기술분야로 정립되지 못하고 있으며, 그 원인으로서는 분석 결과의 객관적 증거 확보를 통한 감리 결과의 신뢰성 제고가 미흡한 것이 제기되고 있다. 이는 정보시스템 감리가 다분히 주관적인 요소에 의해 수행되며 이로 인하여 감리인과 피감리인 간의 의견 상충이 다수 발생되며, 이러한 갈등은 감리의 효과성을 크게 저하시키고 있다. 본 연구 이러한 문제를 극복하기 위해 다양한 문헌 고찰을 통해 실질적인 계량적 감리 접근방법을 제시하고자 한다. 본 연구에서 제시된 방법론 실무에서 유용하게 쓰일 수 있으며, 이러한 노력은 우리나라의 감리 품질 제고에 큰 도움이 될 것이라 생각한다. 또한 이러한 계량적 데이터 추후 감리 연구의 기초 자료로 활용될 수 있어 감리 연구에도 많은 도움이 될 것이다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.432-435
• /
• 2011

Hacking 공격자에 대한 수사실무에서는 Proxy Server를 연동한 해외에서의 우회공격에 대한 기법과 기술을 알아야 MAC address 또는 Real IP에 대한 역추적이 가능하다. 즉 Proxy Server를 여러 번 거치면서 자신의 Real IP를 숨기고 ARP Spoofing 기법을 사용하여 MAC address를 속이기 때문이다. 본 논문에서는 해외에서의 해킹 공격자들이 어떻게 공격자의 Real IP를 숨기고, ARP Spoofing 기법을 응용하여 공격을 시도하는 기법과 기술을 연구한다. 또한 Proxy Server를 통한 우회공격에서 ARP Spoofing 공격을 보안하는 방법을 연구한다. 본 논문 연구가 해외로 부터의 Hacking과 방어를 위한 기술 발전에 기여 할 것 이다.

• 정보보호뉴스
• /
• s.136
• /
• pp.22-25
• /
• 2009

사단법인 한국침해사고대응팀협의회(CONCERT) 사무국은 지난 1월 4일부터 23일까지 3주간에 걸쳐 CONCERT 396개 회원사 중 125개 정회원사를 대상으로 '2009년도 기업 정보보호 이슈'에 대한 조사를 실시했다. CONCERT의 정회원사는 현재 보안전담팀이 구축.운영되고 있는 기업 및 기관, 즉 기업 정보보호에 있어 그들만의 뚜렷한 의식을 지니고 있는 곳을 의미하기에, 이들을 대상으로 한 설문결과는 사실상 우리나라 기업 정보보호의 방향성을 제시한다고 해도 과언이 아니다. 매년 그렇듯이 CONCERT FORECAST 보고서는 제품/서비스 공급자나 학계 등의 의견이 아닌 순수 유저들의 입장에서 기업 실무와 직접적으로 연관된 이슈들만을 추려냈다는 점에서 타 전망자료들과는 그 궤를 달리하며, 그렇기에 기업 실무자의 입장에서는 가장 흥미롭고 유용한 참고자료로 사용될 수 있다. 기업 정보보호 담당자들의 현실적인 고민들이 듬뿍 묻어있는 금번 조사결과를 소개한다.

• The Journal of Society for e-Business Studies
• /
• v.18 no.1
• /
• pp.107-127
• /
• 2013

The evolution of IT facilitated the communication and knowledge sharing between the social network service (SNS) users. When the more information about SNS users had been posted in SNS site, SNS users had sometimes exposed in the risk of privacy invasion. To remedy this problem, we had introduced the information control mechanisms from the prior studies in data management to the SNS area and empirically validated the effect of these mechanisms in this research. Three information control mechanisms had been elected as access control, reference control and diffusion control. We had conducted a survey to the Facebook users which is the most famous SNS site. 459 data had been gathered and analyzed by PLS algorism. As the results, reference control and diffusion control has significantly increased the trust on SNS providers and decrease the privacy concern. This change could significantly affect on the satisfaction with the SNS site and knowledge sharing intention of SNS users. This study could introduce the new perspective about privacy protection issues in SNS area. Also, the information control mechanisms suggested in this study could contribute to make more robust privacy protection mechanisms in SNS site in practice.

• Journal of Venture Innovation
• /
• v.5 no.4
• /
• pp.91-108
• /
• 2022

This study is an empirical analysis regarding what kind of factors affect the intention to use autonomous vehicles. For the empirical analysis the research model was derived from value-based adoption model base and integrated some aspects that only autonomous vehicles have. At default variables of VAM are usefulness, enjoyment, technicality, perceived cost, some autonomous vehicle related variables were added, and those are convenience, safety, security, social influence. A survey was done in order to empirically analyze with this research model, and 216 valid survey answers were chosen to analyze. Empirical analysis was done by structural equation using AMOS24. The result of empirical analysis were as follows. Variables usefulness, enjoyment, safety, security had a significant positive effect on perceived value. Technicality and perceived cost had a significant negative effect of perceived value. In addition, security and social influence had no significant effect on perceived value. Furthermore, perceived value had significant positive effect on intention to use. Among the variables that came out to be significantly positive, the most influencing variable was safety, followed by convenience, perceived cost, enjoyment, usefulness and then technicality. In addition, the analysis of mediating effect of perceived value shows that usefulness, enjoyment, convenience, safety, technicality, perceived cost had mediating role towards intention to use. However, security and social influence had no siginificant mediating effect towards intention to use. Considering all these research results this study has provided theoretical and practical implications to researchers on the intention to use autonomous vehicles.

• Journal of Venture Innovation
• /
• v.6 no.4
• /
• pp.153-170
• /
• 2023

Generative AI services, including ChatGPT, were becoming increasingly active. This study aimed to empirically analyze the factors that promoted and hindered the diffusion of such services from a consumer perspective. Accordingly, a research model was developed based on the Value-based Adoption Model (VAM) framework, addressing both benefit and sacrifice factors. Benefits identified included usefulness and enjoyment, while sacrifices were security and hallucination. The study analyzed how these factors affected the intention to use generative AI services. A survey was conducted among college students for empirical analysis, and 200 valid responses were analyzed. The analysis utilized structural equation modeling with AMOS 24. The empirical results showed that usefulness and enjoyment had a significant positive impact on perceived value, while security and hallucination had a significant negative impact. The order of influence on perceived value was usefulness, hallucination, security, and then enjoyment. Perceived value had a significant positive impact on usage intention. Moreover, perceived value was found to mediate the relationship between usefulness, enjoyment, security, hallucination, and the intention to use generative AI services. These findings expanded the research horizon academically by validating the effectiveness of generative AI services based on existing models and demonstrated the continued importance of usefulness in a practical context.

• Convergence Security Journal
• /
• v.15 no.6_2
• /
• pp.11-17
• /
• 2015

Private security guard certification system was recognized as a national certification in 12. 2012 after it was first given in 2006 as a civil certification and then became a national test in 2013. Thinking it short of regulations on some of exemptible requirements as well as test-taking age limit due to the certification's specificity, the current researcher tried to present the following improvement plans. First, in taking the test, only the bottom age limit is given with no top age limit, so a regulation on its top age limit needs to be newly made so that it can select those substantially able to protect persons. Second, it can expand some of its exemptible requirements to not only police civil officials, private security guard civil officials but also military civil officials and college graduates who have taken all the courses for its primary test and have career in private security guard. Third, certain validity period can be set by standard of the date when the certification test application is accepted after retirement from related occupations so that they can maximally exert their ability in actual works. Fourth, the exemptible courses of the test must be limited to the primary test only while its hands-on test must not be exempted to meet the requirement of the ability for actual personal protection. In this manner, it's necessary that the personal protection certification system, as a national certificate, should be carefully reviewed to keep abreast with the growing civil protection industry.