• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.379-382
• /
• 2017

Shipping and logistics safety, security system is strengthening worldwide, the development of shipping and logistics safety security core technology for national security logistics system construction has been carried out. In addition, it is necessary to localize the Array Detection System, which is a core component of the container search machine, to cope with the 100% pre-inspection of the container scheduled for 2018 in the United States. In this paper, we propose a test software program developed by using TI-RTOS (Texas Instruments - Real Time Operating System) with a test digital signal processing board which is developed self development.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.54
• /
• pp.45-80
• /
• 2012

Since the 9.11 terror attack, the event which caused supply chain disruption, supply chain security has become more important than ever before. With this as a momentum, a customs supply chain security paradigm emerged intended to guarantee secure flow of cargo across boarder. Under this circumstances Incoterms(R) 2010 rules have allocated obligations between the buyer and seller to obtain or to render assistances in obtaining security clearances. Thus, security related obligations such as providing advance manifest information is the mandatory requirements for any export and import. The impact on the seller and buyer of security related obligations under the Incoterms(R) 2010 rules environment is obvious. Assistance to provide the security information in advance has become indispensable obligations to the seller and buyer. As such assistances is at the cost and risk of the party responsible for the clearances of the goods, the choice of recognised partner and compliance with the relevant security program, in order to enjoy the relevant benefits, becomes paramount.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.10
• /
• pp.141-148
• /
• 2015

This study aims to inspect national security consciousness of marriage migrant women, and to figure out factors which affect on awareness of national security. Based on this, this study also suggests a way to build up national security of marriage migrant women. As the result of the factors on security situation, there were several things which are necessity of education, trust in the army and government, positivity toward North Korea and so on, while necessity of education, trust in the army and government, national pride and positivity toward North Korea were on the awareness of national security. There are three ways of building up national security consciousness of marriage migrant women. First, security education is needed to be in the social adjustment program of marriage migrant women. Secondly, concern on security is required to them. Third, a necessity of production on security education material is demanded for marriage migrant women.

• Journal of Information Technology Services
• /
• v.19 no.1
• /
• pp.173-185
• /
• 2020

It is very important to evaluate training because it can systematically grasp the current status of training. Evaluation includes getting ongoing feedback from the learner, trainer and learner's supervisor, to improve the quality of the training and identify if the learner achieved the goals of the training. It also provides a justification for the implementation of training. Nonetheless, there is a lack of studies that attempt to evaluate information security training programs. In this study, we utilize the Philips model to evaluate the public training programs for the people who are in charge of the information security duties in the public sector and propose the training improvement plans. Research result has shown that it is necessary to evaluate the level of the trainees in advance and conduct training programs according to the information security skill level. In addition, it needs to conduct training according to duties such as information security management, information security operate and maintain. The limitation of this study is that each education program was not assessed individually because this study had developed an evaluation tool that could be used comprehensively.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.709-720
• /
• 2013

Virtualization obfuscation makes hard to analyze the code by applying virtualization to code section. Protected code by common used virtualization obfuscation technique has become known that it doesn't have restored point and also it is hard to analyze. However, it is abused to protect malware recently. So, It is been hard to analyze and take action for malware. Therefore, this paper's purpose is analyze and take action for protected malware by virtualization obfuscation technique through implement tool which can extract virtualization structure automatically and trace execution process. Hence, basic structure and operation process of virtualization obfuscation technique will be handled and analysis result of protected malware by virtualization obfuscation utilized Equation Reasoning System, one kind of program analysis. Also, we implement automatic analysis tool, extract virtualization structure from protected executable file by virtualization obfuscation technique and deduct program's execution sequence.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.405-414
• /
• 2014

It is very important to IT users that the Cloud service provides dynamic extension of IT resources and cost-saving. However, the reliability for Cloud service hinders utilizing Cloud service actively. Existing studies on assessment program for Cloud Service are executed by extracting information security assessment articles and adding features of cloud services by referencing ISO/IEC 27001:2005. This paper will review the recently released ISO/IEC 27001:2013 for the addition, reduction, and changing of articles for Controls and Control objectives. Comparative analysis for the Controls of ISO/IEC 27001:2013 with those of CSA CCMv.3, FedRAMP which is an assessment program for Cloud service will suggest Control Objects of Information Security Management System for related Cloud service. The suggestion of Controls will be an important reference index for the security policy of companies which manage the information security management system based on Cloud service.

• Journal of Korea Society of Industrial Information Systems
• /
• v.21 no.6
• /
• pp.109-123
• /
• 2016

This study investigates the importance of government's support for logistics security assurance through certification programs. First, the study analyzed priorities among the requirements of logistics firms through Analytic Hierarchy Process(AHP) and Quality Function Deployment(QFD) approaches. For this process we invited 21 logistics experts to assess the relationships between logistic firms' requirements and government policies regarding logistics security using the house of quality, a set of matrices of QFD. The results of this phase of the study revealed the priorities of logistics firms' goals regarding the diffusion of the government security certification program as follows: integrated logistics security systems(40.3%), strengthening government support systems(32.4%), and operational effectiveness of logistics security certification(27.2%). Second, a relative weights applied QFD method based on AHP was applied to determined the expected outcome of the logistics security certification program. The results indicated as follows: productivity improvement(28.4%), improved level of service(26.7%), logistics cost reduction(21.6%), advanced information systems(19.7%), and improved environmental protection(3.6%). The results of this study provide new insights concerning logistics firms' requirements for supply chain security and the importance of government's support policies through logistics security certification programs.

• Journal of the Korea Convergence Society
• /
• v.9 no.9
• /
• pp.69-81
• /
• 2018

The ultimate intention of this research is to identify the factors that have a significant effect on the perceived importance of information security as the antecedent of intention to information security policy compliance. We found that the effectiveness of information security training program did not have statistically significant effect on the perceived cost of policy compliance. Second, the effectiveness of information security policy has significant influence on the perceived cost of policy compliance. Third, perceived vulnerability has a significant effect on the perceived cost of policy compliance. Fourth, perceived cost of policy compliance has a significant effect on perceived importance of information security. Fifth, supervisor's attitude toward information security silence has a significant effect on employee silent behavior towards information security. Sixth, communication opportunities towards information security has a significant influence on employee silent behavior towards information security. Finally, it was shown that employee silent behavior towards information security had a significant influence on the perceived importance of information security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.951-962
• /
• 2018

In order to strengthen the information security of the organization, it is important to invest in the information security facility, but the information security awareness of the organization members is also very important. Effective education is needed to raise awareness of this information security. However, the method of collective education utilized by most organizations is not very effective. Educational methods using serious games can be a good alternative. Educational methods using serious games have already proved effective through various cases and researches and are used in many fields. In this paper, we design and implement a game program to improve the awareness of individual information security policy importance. The training was conducted for the members of the organization and the change of awareness about the importance of individual information security policy was examined through analysis of evaluation data before and after the training.

• Journal of Korea Multimedia Society
• /
• v.10 no.12
• /
• pp.1655-1662
• /
• 2007

Although the PKl-based user authentication solution has been widely used, the security of it can be deteriorated by a simple password. This is because a long and random private key may be protected by a short and easy-to-remember password. To handle this problem, many biometric-based user authentication solutions have been proposed. However, protecting biometric data is another research issue because the compromise of the biometric data will be permanent. In this paper, we present an implementation to improve the security of the typical PKI-based authentication by protecting the private key with a fingerprint. Compared to the unilateral authentication provided by the typical biometric-based authentication, the proposed solution can provide the mutual authentication. In addition to the increased security, this solution can alleviate the privacy issue of the fingerprint data by conglomerating the fingerprint data with the private key and storing the conglomerated data in a user-carry device such as a smart card. With a 32-bit ARM7-based smart card and a Pentium 4 PC, the proposed fingerprint-based PKI authentication can be executed within 1.3second.