• Convergence Security Journal
• /
• v.14 no.3_1
• /
• pp.11-19
• /
• 2014

As both medical and IT technologies advance, convergent medical technologies such as implantable medical devices are receiving a lot of attentions from the research and medical appliance market. On the other hand, such a new medical service is facing several new security threats including patient privacy breach since the service is based on the wireless communication. Especially, the new security threat could induce the patient's life threatening accident, so that more secure measures should be provided. In this paper, a variety of security threats associated with the implantable medical devices are pinpointed and a new security mechanism against such threats is proposed.

• 한국항공운항학회:학술대회논문집
• /
• 2016.05a
• /
• pp.245-248
• /
• 2016

현대의 항공테러는 단순한 항공기 납치뿐만 아니라 항공기의 공중 폭파, 항공기에 대한 미사일 공격, 공항과 승객에 대한 공격, 그리고 항공 외부 시설에 대한 공격 등 실로 다양한 형태로 자행되고 있다. 항공 교통에서의 불법 방해행위를 사전에 방지하기 위해서는 출발지의 보안 검색이 무엇보다도 중요하며, 이를 위해서 사전 예방적 선제적 항공보안관리 체계 전환, 출입부터 탑승까지 전 과정을 프로세스화한 점검활동 강화, 국제권고기준 항공보안장비 보유와 첨단화 등 미래 변화에 대한 능동적 대처뿐만 아니라 정확한 보안검색과 고객편의의 융합을 통해 세계 최고 공항으로 지향하며, 행동탐지기법의 도입을 통해 일상적이고 포괄적인 보안검색 운영의 약점을 보완하여 항공보안 강화의 토대를 마련해야 하고, 불법 방해행위의 억지를 위해 2015년부터 새롭게 실시하는 국제민간항공기구 상시 모니터링 제도의 항공보안 평가(USAP-CMA) 방식을 적극 검토하여 국정원 공항공사 항공사 등 관련기관 정보 공유, 지속적인 모니터링 및 국내 국제민간항공기구(ICAO) 인증 항공 보안평가관 등과 철저히 대비한 세부 대응 계획을 수립하고 항공보안 전문가 육성을 강구하여야 한다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.1
• /
• pp.122-127
• /
• 2009

In this paper, it is reviewed security architecture and proposed security model about secure aeronautical system, which is considering in the cynical research topics out of aeronautical traffic system. The reviewed contents is treated about security model fur domestic aeronautical system with international security technology trends in the basis of security technology related aeronautical services. In the security framework of aeronautical communication network, it is analyzed data link security technology between air and ground communication, and security architecture in according to aeronautical system, and presented security architecture of U information HUB model. The security architecture of U-information HUB includes the internetworking scope of airline, airport network, airplane network, and related government agency, etc.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.3
• /
• pp.351-362
• /
• 2002

Today, management object using SNMP is not only covered network but also more privacy object like personal or billing data. To enforce security management, view-based access control model is introduced in SNMPv3. However, they are not designed to enforce more privacy object such as purpose and increase complexity of user management. Task-based access control can provide enhanced security service using purpose binding and leverage the complexity of user management using purpose of task.

• Annual Conference of KIPS
• /
• 2011.11a
• /
• pp.726-729
• /
• 2011

스마트폰의 보급으로 인해 이를 이용한 전자금융거래가 빠르게 확산되고 있다. 대부분의 금융회사가 스마트폰을 이용한 전자금융거래 서비스를 시행하고 있으며, 장소와 시간의 제약이 없는 스마트폰의 특성으로 인해 이용자 수는 계속 증가하고 있다. 그러나, 현재의 스마트폰은 전자금융거래에서 가장 중요하게 처리해야 할 인증 단계에서 보안 취약점을 보유하고 있으며, 이에 대한 보안 대책 기술이 강력하게 마련되지 못하고 있는 실정이다. 따라서 본 연구에서는 기존 연구가 가지고 있는 인증 방식의 취약점을 보안하기 위해 2팩터 인증기술과 인증 이미지 사진의 GPS정보를 활용하여 본인 인증 절차를 강화시키고, 전자금융거래에서 부인방지 기능을 제공한다. 또한, 단계별 시나리오 및 설계 방안을 제시하고 이를 바탕으로 보안 모듈을 설계 및 구현하여 연구의 효율성 및 타당성을 증명해 보이고자 한다.

• Journal of Digital Convergence
• /
• v.13 no.8
• /
• pp.133-144
• /
• 2015

In digital convergence environment, information security management plays crucial role in maintaining firms' competitiveness. Organizational citizenship behavior(OCB) enables informations security countermeasures to be more effectively worked by helping employees to have much knowledge of information security policy, by facilitating employees to participate in information security education/training. Thus, the purpose of this study is to investigate the mediating effect of OCB on the relationships between information security countermeasures and compliance intention. Questionary was designed based on prior information security research, and survey was conducted among companies' employees across the industry. Results showed that information security policy and information security education/training were found to be key predictors of compliance intention. In addition, OCB was proven to mediate the relationships between information security countermeasures and compliance intention.

• Information Systems Review
• /
• v.18 no.1
• /
• pp.1-23
• /
• 2016

This study proposes an alternative to minimize insider-caused security threats that are relatively difficult to control and cause high uncertainty in information security management. Therefore, we investigate the relationship between organizational effort and the security understanding of employees to eventually enhance security compliance intention among employees. We develop a research model and formulate hypotheses on the basis of past findings. Accomplished questionnaires are collected from 526 employees working in organizations where information security policy is being implemented. In addition, we prove the hypotheses using a structural model. After reviewing the structural model, the security knowledge of employees and information security culture are determined to positively influence the security compliance intention of employees. Moreover, top management support, security policy, security visibility, and security education programs are proven to be antecedent factors in establishing a security culture in organizations. The findings of this study could guide organizations in formulating information security strategies to enhance the security compliance intention of employees.

• Convergence Security Journal
• /
• v.15 no.6_1
• /
• pp.69-78
• /
• 2015

Methods that industrial spies use to smuggle core technology out are becoming more intelligent, technological, and complex, thus resulting in more serious damages. In particular, defense industries in which involve national core technology as well as institutions including labor force are industries that are in a greater need of the convergence security. Defense Industry develops, experiments, and produces defense security supplies for national security protection. Defense industry involves a number of security elements such as military secret, industrial secret, core technology labor force, defense industry supply, critical national facility, and information communication system. Defense industry security is a complex of military security and industrial security which is convergence security that integrates all security elements of defense industry. Therefore, defense industry security is a typical ideal model for convergence security. Research on defense industry security is relatively insufficient compared to research of security in other industrial fields. In order to prevent core technology of denfese industry from leaking and to protect technical professionals and institutions, research and action on defense industry security from convergence security perspective are therefore essential at this point of time.

• Journal of Digital Contents Society
• /
• v.19 no.2
• /
• pp.293-300
• /
• 2018

This study explored the security of Industry 4.0 such as security trends and security threats in Industry 4.0, and security system in Industry 4.0. The threat elements in Industry 4.0 are changing from ICT to IoT and to CPS security, so security paradigm and security System should change accordingly. In particular, environmental and administrative security are more important to solve CPS security. The fourth industry-age security should change to customized security for individual systems, suggesting that the security technology that combines hardware and software in product production design should change from the beginning of development. The security system of the fourth industry proposes design and implementation as a CPS security system as a security system that can accommodate various devices and platforms from a security system in a single system such as a network to an individual system.

• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.57-68
• /
• 2022

As the importance and awareness of security have recently expanded, companies and governments are making continuous efforts and investments for security management. However, there are still many security threats in the organization, especially security incidents caused by internal staff. Therefore, it is very important for members to comply with security policies for organizational security management. Therefore, this study classified industrial security management into technical security, physical security, and managerial security, and applied the theory of planned behavior to investigate the impact relationship on the intention to comply with security policies. SPSS 25 and AMOS 25 were used for statistical analysis, and the study found that technical security had a positive(+) effect on subjective norms, physical security had a positive(+) effect on perceived behavior control, and attitude and perceived behavior control had a positive(+) effect on security policy compliance intention.