• Title/Summary/Keyword: Information Security Intent

Search Result 43, Processing Time 0.026 seconds

A Study on the Dual Mediating Effects of Individual Optimistic Bias and Information Security Intent in the Relationship between Information Security Attitude and Information Security Behavior of Social Welfare College Students (사회복지 전공대학생의 정보보안 태도와 정보보안 행위와의 관계에서 개인의 낙관적 편견과 정보보안 의도의 이중 매개효과)

  • Yun, Il-Hyun
    • Journal of Industrial Convergence
    • /
    • v.19 no.6
    • /
    • pp.145-153
    • /
    • 2021
  • This study empirically verified whether there is a dual mediating effect of individual optimistic bias and information security intention in the relationship between information security attitude and information security behavior of social welfare college students. The subjects were 295 college students majoring in social welfare. Spss Process macro was used for analysis. As a result. first there was a significant positive correlation between the variables. Second in the relationship between information security attitude and information security behavior, individual optimistic bias and information security intent each had a simple mediating effect. Third when an individual's optimistic bias and information security intent were simultaneously input, each had a simple mediating effect. Fourth there was a double mediating effect between individual optimistic bias and information security intent. This study provided basic data for the expansion of information security model and information security education of social welfare students.

Analysis of Usage Patterns and Security Vulnerabilities in Android Permissions and Broadcast Intent Mechanism (안드로이드 권한과 브로드캐스트 인텐트 매커니즘의 사용 현황 및 보안 취약성 분석)

  • Kim, Young-Dong;Kim, Ikhwan;Kim, Taehyoun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.5
    • /
    • pp.1145-1157
    • /
    • 2012
  • Google Android employs a security model based on application permissions to control accesses to system resources and components of other applications from a potentially malicious program. But, this model has security vulnerabilities due to lack of user comprehension and excessive permission requests by 3rd party applications. Broadcast intent message is widely used as a primary means of communication among internal application components. However, this mechanism has also potential security problems because it has no security policy related with it. In this paper, we first present security breach scenarios caused by inappropriate use of application permissions and broadcast intent messages. We then analyze and compare usage patterns of application permissions and broadcast intent message for popular applications on Android market and malwares, respectively. The analysis results show that there exists a characteristic set for application permissions and broadcast intent receiver that are requested by typical malwares. Based on the results, we propose a scheme to detect applications that are suspected as malicious and notify the result to users at installation time.

Study on Security Vulnerabilities of Implicit Intents in Android (안드로이드 암시적 인텐트의 보안 취약점에 대한 연구)

  • Jo, Min Jae;Shin, Ji Sun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.6
    • /
    • pp.1175-1184
    • /
    • 2014
  • Android provides a message-passing mechanism called intent. While it helps easy developments of communications between intra and inter applications, it can be vulnerable to attacks. In particular, implicit intent, differing from explicit intent specifying a receiving component, does not specify a component that receives a message and insecure ways of using implicit intents may allow malicious applications to intercept or forge intents. In this paper, we focus on security vulnerabilities of implicit intent and review researched attacks and solutions. For the case of implicit intent using 'developer-created action', specific attacks and solutions have been published. However, for the case of implicit intent using 'Android standard action', no specific attack has been found and less studied. In this paper, we present a new attack on implicit intent using Android standard action and propose solutions to protect smart phones from this attack.

Response Technique for the Vulnerability of Broadcast Intent Security in Android (안드로이드 브로드캐스트 인텐트의 보안 취약성 대응기법)

  • Lim, Jae-Wan;Ryu, Hwang-Bin;Yoon, Chang-Pyo
    • Convergence Security Journal
    • /
    • v.12 no.6
    • /
    • pp.61-67
    • /
    • 2012
  • Accordingly the number of smart-phone-based malicious codes is also increasing and their techniques for malicio us purpose are getting more clever and evolved. Among them, the malicious codes related to Android take the major portion and it can be estimated that they are based on open source so that the access to the system is easy. Intent is a technique to support the communication between application's components by transmitting message subjects in Android. Intent provides convenience to developers, but it can be utilized as security vulnerability that allows the developer with a malicious purpose to control the system as intended. The vulnerability of intent security is that personal information can be accessed using discretionally its proper function given to application and smart phone's functions can be maliciously controlled. This paper improves with the Intent security vulnerability caused by the smart phone users' discretional use of custom kernel. Lastly, it verifies the malicious behaviors in the process of installing an application and suggests a technique to watch the Intent security vulnerability in realtime after its installation.

A Study on the Effects of University Students' Personal Information Protection Awareness on Information Security Attitudes: Information Security, Personal Information Infringement, Personal Experience, Information Security Intent Multi-Mediation Effect Analysis (대학생의 개인정보보호 인식이 정보보안 태도 미치는 영향연구: 정보보안, 개인정보침해, 개인적 경험, 정보보안 의도 다중매개효과분석)

  • Yun, Il-Hyun
    • Journal of Digital Convergence
    • /
    • v.19 no.12
    • /
    • pp.125-132
    • /
    • 2021
  • This study analyzed the multi-mediating effects of information security, personal information infringement, personal experience, and information security intention in the relationship between personal information protection and information security attitude. For this purpose, a survey was conducted on 221 students from G University. First, information security, personal information infringement, and information security awareness had a simple mediating effect. Second, information security, personal information infringement, personal experience, and information security consciousness had parallel multi- mediation effects. Third, personal information infringement and information security awareness had a simple mediating effect in the parallel multiple mediation state. Fourth, information security had a simple mediating effect, but it was found that there was no simple mediating effect in the parallel multiple mediation state. This study is meaningful in that it empirically compared the simple and multi-mediation effects.

Detection and Blocking Techniques of Security Vulnerability in Android Intents (안드로이드 인텐트의 보안 취약성 탐지 및 차단 기법)

  • Yoon, Chang-Pyo;Moon, Seok-jae;Hwang, Chi-Gon
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2013.05a
    • /
    • pp.666-668
    • /
    • 2013
  • Recently, the kind and number of malicious code, which operates in Operation System of smart devices, are rapidly increasing along with the fast supplement of smart devices. Especially, smart devices based on Android OS have high potential of danger to expose to malicious code as it has an easy access to system authority. When using intent, the global message system provided from Android, inter approach between applications is available, and possible to access to created data by the device. Intent provides convenience to application development in the aspect of reusability of component however, it could be appointed as a risk element in security-wise. Therefore, if intent is used in malicious purpose, it is easy to lead the condition where is weak on security. That is, it is possible to control as accessing to resources which application is carrying to operate by receiving intents as making smart device uncontrollable or consuming system resources. Especially, in case of system authority is achieved, the risks such as smart device control or personal information exposure become bigger when misusing broadcast intent through malicious code. This paper proposes a corresponding method of security vulnerability of Android intent that monitors the appearance of intent with intent pattern inspection, detects and blocks unidentified pattern intent.

  • PDF

Research on the Importance of Security and Personal Information in Mobile Commerce (모바일커머스에서 보안과 개인정보의 중요성에 대한 연구)

  • Lee, Chan-Hee;Kim, In-Seok
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.4
    • /
    • pp.913-921
    • /
    • 2017
  • Mobile electronic commerce is rapidly growing up on the strength of popularization of smart devices such as smart phone followed by internet user increase. Concurrently with this, the anxiety on information security and personal information leakage of the user of mobile electronic commerce significantly built up in recent. In this respect, the information security and personal information protection should be become aware of their importance for the sustainable expansion and development of mobile commerce. Based on the demands as mentioned, this study analyzed the effects of the awareness of personal information security on recognized risk, recognized confidence and intent to use. The result of this study indicates that information security and personal information protection contribute to improvement in confidence by decreasing anxiety and uncertainty related to mobile commerce. Reduction of anxiety and uncertainty implies a crucial point that affects psychological mechanism making intent to use higher.

Study On Identifying Cyber Attack Classification Through The Analysis of Cyber Attack Intention (사이버공격 의도분석을 통한 공격유형 분류에 관한 연구 - 사이버공격의 정치·경제적 피해분석을 중심으로 -)

  • Park, Sang-min;Lim, Jong-in
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.1
    • /
    • pp.103-113
    • /
    • 2017
  • Cyber attacks can be classified by type of cyber war, terrorism and crime etc., depending on the purpose and intent. Those are mobilized the various means and tactics which are like hacking, DDoS, propaganda. The damage caused by cyber attacks can be calculated by a variety of categories. We may identify cyber attackers to pursue trace-back based facts including digital forensics etc. However, recent cyber attacks are trying to induce confusion and deception through the manipulation of digital information or even conceal the attack. Therefore, we need to do the harm-based analysis. In this paper, we analyze the damage caused during cyber attacks from economic and political point of view and by inferring the attack intent could classify types of cyber attacks.

Analyses of Security for Software Attack (소프트웨어 공격에 대한 보안성 분석)

  • Kim, Jung-Tae
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2007.10a
    • /
    • pp.725-728
    • /
    • 2007
  • Software security is about making software behave correctly in the presence of a malicious attack, even though software failures usually happen spontaneously in the real world. Standard software testing literature is concerned only with what happens when software fails, regardless of intent. The difference between software safety and software security is therefor the presence of an intelligent adversary bent on breaking the system. Software security for attacking the system is presented in this paper

  • PDF

The Effect of Characteristics of Hospital Choice, Security and Hospital Service Quality Characteristics on Revisiting Intent (병원 선택 특성과 보안성 및 병원 서비스 품질 특성이 재이용의도에 미치는 영향)

  • Park, Junghong
    • Korea Journal of Hospital Management
    • /
    • v.24 no.1
    • /
    • pp.57-76
    • /
    • 2019
  • The purpose of this study was to investigate the effect of characteristics of hospital choice and hospital service quality on service value, customer satisfaction and hospital revisiting intent and a survey involving patients and their caregivers who used the hospital before was conducted for empirical analysis. Thus, the theory and factors concerning the characteristics of hospital choice, hospital service quality, service value, customer satisfaction and hospital revisiting intent and relevant preceding research were explored after examining the preceding research, the research model was developed accordingly. A total of 459 collected questionnaires were analyze after carrying out the survey on a national scale. The findings of this study have significance since it identified the motivation that affect the choice of hospital and provide information. Also, this study could be utilized as reference data for hospitals to survive in the fierce competition, as it carried out factual survey on considerations when making choice of hospital. Furthermore, due to the low expectation of patients and caregivers for hospital administration, the study indicated that it's linked to a significantly low chance of customer satisfaction and provide the cause. This study was differentiated with other research on hospital choice since it selected security as a factor of hospital choice, though it's not discussed in the preceding research and moreover, conducted the empirical analysis. And the results of empirical analysis revealed that customers felt that service value was improved when the information security was strengthened. In other words, the strengthening of hospital information security could be hospital choice motivation, which means this study provided practical implication.