• Convergence Security Journal
• /
• v.12 no.2
• /
• pp.13-21
• /
• 2012

The purpose of this study is to profile actual conditions of personal information protection systems operated in overseas countries and examine major considerations of personal information that security service providers must know in the capacity of privacy information processor, so that it may contribute to preventing potential occurrence of any legal disputes in advance. Particularly, this study further seeks to describe fundamental idea and principle of said Personal Information Protection Act; enhancement of various safety measures (e.g. collection/use of privacy data, processing of sensitive information/personal ID information, and encryption of privacy information); restrictions on installation/operation of video data processing devices; and penal regulations as a means of countermeasure against leakage of personal information, while proposing possible solutions to cope with these matters. Using cases among foreign countries for this study.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.137-144
• /
• 2017

Mental power, which is the intangible power of soldiers in our security situation, is very important recently. As for the history of war in East and West Korea, intangible combat power is regarded as a key factor that determines the rise and fall of the nation and the victory and defeat of the war. Recently, we are trying to improve the mental education in the military, but we still regard it as formal education, boring education, and time - consuming education. And continues to present the problem. The purpose of this study is to examine the problems of current mental education and to find out the direction of development of cognitive centered mental education. I would like to suggest a direction for fostering a strong group that is suitable for the diversification era.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1483-1490
• /
• 2017

Wearable devices need a host device to be paired with because of connectivity, functionality and ease personalization. There should be frequent update and backup processes between the paired devices even without user's consciousness. Due to pairing process, user-specific data are copied from smartphone and transferred to paired smartwatch. We focus on what happens in smartwatch because of pairing process. We perform an experiment study by observing and extracting data from smartwatch under real world usage phases. With a survey of user awareness on smartwatch regarding security and privacy, moreover, we suggest risk assessment on smartwatch in five levels, particularly considering pairing process based on security and privacy.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.42 no.2
• /
• pp.36-48
• /
• 2019

As the importance of Knowledge Management System (KMS) in the military increases, Republic of Korea Army (ROK Army) developed Army Knowledge Portal. Although the members in the military are encouraged to use the portal, few members currently use it. This study was conducted to find variables to predict the user's intention to use the portal, which contributes to activating the use of Army Knowledge Portal in the army. On the basis of Technology Acceptance Model (TAM), ten variables such as perceived ease of use, general information security awareness, information security awareness, expectation for external rewards, expectation for relationships, sense of self-worth, attitude toward compliance with security policy, attitude toward knowledge sharing, intention of non-combat knowledge sharing, and intention of combat knowledge sharing were considered as independent variables. 105 participants on active duty who currently use or have experience to use the portal participated in this study. The results indicated that general information security awareness and information security awareness increases compliance with the information security policy. In addition, the attitude toward knowledge sharing is enhanced by expectations for relationship and sense of self-worth. Based on the results, the authors propose the need for policy alternatives to reinforce the reward system and security policy, which activates the use of Knowledge Portal Service for ROK Army.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.31 no.3
• /
• pp.10-16
• /
• 2023

Demand for air travel, which shrank sharply following the outbreak of the COVID-19, has recently recovered up to 80% before the spreading pandemic. As a result, the number of passengers are rapidly increasing again. However, financial difficulties and lack of skilled workers in the aftermath of a long-term recession and pandemic lead to a decrease in aviation safety awareness which is fundamental for safety culture. Consequently, this hazard can act as a potential risk factor for the global aviation industry preparing for a new leap forward in the post-pandemic era. Therefore, this study analyzed and defined the four key elements of aviation safety awareness; attitude, belief, perception, and value. Based on this analysis, this study combined the four key elements into the P-D-C-A cycle to derive what top management, middle managers, and workers should each do to continuously improve the positive safety culture.

• Information Systems Review
• /
• v.18 no.2
• /
• pp.127-149
• /
• 2016

Based on a comprehensive literature review on Theory of Planned Behavior and Social Cognitive Theory, this study proposes and empirically examines a structural model consisting of factors affecting voluntary information security compliance behavior. To test the proposed research model, the study analyzes survey results from employees of a major Korean energy company, which employs an enterprise compliance support system. Results indicate three factors: compliance behavioral belief and compliance knowledge affect compliance behavior; compliance knowledge works as a mediator in the relationship between compliance behavioral belief and compliance behavior; and the more relevant the compliance is to an employee's job, the more the employee prioritizes compliance knowledge. This study suggests methods for encouraging employees to embrace voluntary, positive information security compliance standards. By doing so, this article aims to promote a more effective corporate compliance system for information security and enhance sustainable management practices.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.1
• /
• pp.397-405
• /
• 2021

With the recent phenomenon of the Intelligence Information Society, the cyber security paradigm has begun to change. In particular, the increase of the interconnectedness of the hyperlinked society has extended the scope of damage that can be caused by cyber threats to the real world. In addition to that, it can also be a risk to any given individual who could accompany a crisis that has to do with public safety or national security. Adolescents who are digital natives are more likely to be exposed to cyber threats, which is mainly due to the fact that they are significantly more involved in cyber activities and they also possess insufficient security comprehension and safety awareness. Therefore, it is necessary to strengthen cyber security capabilities of every young individual, so that they can effectively protect themselves against cyber threats and better manage their cyber activities. It examines the changes of the security paradigm and the necessity for cyber security education, which is in direct accordance to the characteristics of a connected society that further suggests directions and a basic system of cyber security education, through a detailed analysis of the current state of Domestic and Overseas Cyber Security Education. The purpose of this study was to define cybersecurity competencies that are necessary within an intelligent information society, and to propose a regular curriculum for strengthening cybersecurity competencies, through the comparison and meticulous analysis of both domestic and overseas educational systems that are pertinent to cybersecurity competencies. Accordingly, a cybersecurity competency system was constructed, by reflecting C3-Matrix, which is a cyber competency system model of digital citizens. The cybersecurity competency system consists of cyber ethics awareness, cyber ethics behavior, cyber security and cyber safety. In addition to this, based on the basic framework of the cybersecurity competency system, the relevant education that is currently being implemented in the United States, Australia, Japan and Korea were all compared and analyzed. From the insight gained through the analysis, the domestic curriculum was finally presented. The main objective of this new unified understanding, was to create a comprehensive and effective cyber security competency curriculum.

• Convergence Security Journal
• /
• v.12 no.5
• /
• pp.3-13
• /
• 2012

Japan came to result in enacting and enforcing the law on rationalization of service pertinent to the Private Detective Service Law in order to rationalize the illegal service realities of private detective service dealers and detective agencies, which were flooded in 2006. Since the enactment of the law, the problems are still taking place in relation to Japanese private detective service as of 2012. However, Japan's regulatory agencies can be known to revise the corresponding statute and to make effort to improve consciousness of agencies in order to improve these problems. Accordingly, it can be considered to be great in implication as for our country's introduction of private investigation service in the future. Arranging these contents, they are as follows. First, it is improvement in problems related to other statutes according to performance of private detective service. Second, it is reinforcement in management of private detective service violators. Third, it is propulsion of rationalization in cost according to a contract of private detective service. Accordingly, it can be considered to be necessary for being newly legislated at the 19th National Assembly from the perspective dubbed development and social right f unction in private investigation industry, by further supplementing Japan's these problems and arranging improvement plans so that the corresponding service called private detective service can do more public function in society.

• Convergence Security Journal
• /
• v.12 no.4
• /
• pp.3-8
• /
• 2012

Smartphones have all the recent technology integration and NFC (Near Field Communication) Technology is one of them and become an essential these days. Despite using smartphones with NFC technology widely, not many security vulnerabilities have been discovered. This paper attempts to identify characteristics and various services in NFC technology, and to present a wide range of security vulnerabilities, prevention, and policies especially in NFC Contactless technology. We describe a security vulnerability and an possible threat based on human vulnerability and traditional malware distribution technic using Peer-to-Peer network on NFC-Enabled smartphones. The vulnerability is as follows: An attacker creates a NFC tag for distributing his or her malicious code to unspecified individuals and apply to hidden spot near by NFC reader in public transport like subway system. The tag will direct smartphone users to a certain website and automatically downloads malicious codes into their smartphones. The infected devices actually help to spread malicious code using P2P mode and finally as traditional DDoS attack, a certain target will be attacked by them at scheduled time.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.811-814
• /
• 2007

홈네트워킹이 댁내의 기기들 간의 연동뿐만 아니라, 이동성에 따른 여러 가지 시나리오가 발생할 수 있다. 이런 경우, 사용자 인증 기능으로 어느 정도의 홈네트워크 보안을 해결할 수는 있지만 한계가 있을 수 있다. 또한 사용자의 개입이 필요한 사용자 인증이 아니라, 사용자가 의식하지 못하는 사이에 홈디바이스에 대한 인증만으로 접근할 수 있는 서비스도 존재하므로 홈디바이스 인증은 더욱 필요하다고 하겠다. 본 논문에서는 공개키 기반의 홈디바이스 인증 체계 및 인증서 프로파일, 그리고 인증 방법에 관하여 기술하고자 한다.