• Asia pacific journal of information systems
• /
• v.33 no.4
• /
• pp.863-898
• /
• 2023

Previous studies have shown that insiders pose risks to the security of organisations' secret information. Information security policy (ISP) intentional violation can jeopardise organisations. For years, ISP violations persist despite organisations' best attempts to tackle the problem through security, education, training and awareness (SETA) programs and technology solutions. Stopping hacking attempts e.g., phishing relies on personnel's behaviour. Therefore, it is crucial to consider employee behaviour when designing strategies to protect sensitive data. In this case, organisations should also focus on improving employee behaviour on security and creating positive security perceptions. This paper investigates the role of psychological capital (PsyCap), punishment and organisational security resources in influencing employee behaviour and ultimately reducing ISP violations. The model of the proposed study has been modified to investigate the connection between self-efficacy, resilience, optimism, hope, perceived sanction severity, perceived sanction certainty, security response effectiveness, security competence and ISP violation. The sample of the study includes 364 bank employees in Jordan who participated in a survey using a self-administered questionnaire. The findings show that the proposed approach acquired an acceptable fit with the data and 17 of 25 hypotheses were confirmed to be correct. Furthermore, the variables self-efficacy, resilience, security response efficacy, and protection motivation directly influence ISP violations, while perceived sanction severity and optimism indirectly influence ISP violations through protection motivation. Additionally, hope, perceived sanction certainty, and security skills have no effect on ISP infractions that are statistically significant. Finally, self-efficacy, resiliency, optimism, hope, perceived severity of sanctions, perceived certainty of sanctions, perceived effectiveness of security responses, and security competence have a substantial influence on protection motivation.

• The Journal of Information Systems
• /
• v.11 no.1
• /
• pp.175-198
• /
• 2002

This paper is to develop a security module for electronic approval systems. Electronic documents are created, transmitted and saved in the company's intranet computer network. Transmitting electronic documents, however, brings us a security problem. Communications among various computer systems are exposed to many security threats. Those threats are eavesdropping, repudiation, replay back etc. The main purpose of this paper is to develop a module which provides the security of electronic documents while they are passed from one place to another This paper applies Multi-Level security to the electronic approval system that guarantees security of electronic documents from many threats. Multi-Level security controls the access to the documents by granting security level to subject users and object electronic documents. To prevent possible replay back attacks, this paper also uses one time password to the system. The security module is composed of client program and server one. The module was developed using Microsoft Visual Basic 6.0 and Microsoft SQL Server 7.0. The code uses Richard Bondi's WCCO(Wiley CryptoAPI COM Objects) library functions which enables Visual Basic to access Microsoft CryptoAPI.

• The KIPS Transactions:PartA
• /
• v.13A no.5 s.102
• /
• pp.399-404
• /
• 2006

In Jana 2, to enforce a suity policy of a program, programmer writes permission sets required by the code at the policy file, sets Security Manager on system and executes the program. Then Security Manager checks by stack inspection whether an access request to resource should be granted or denied whenever code tries to access critical resource. In this paper, we develop a visualization tool which helps programmers enforce security policy effectively into programs. This system is based on the static permission check analysis which analyzes permission checks which must succeed or fail at each method. Based on this analysis information, programmer can examine visually how permission checks and their stack inspection are performed. By modifying program or policy file if necessary and examining analysis information repeatedly, programmer can enforce security policy correctly.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.339-345
• /
• 2022

Outcome-based education (OBE) is a tried-and-true teaching technique based on a set of predetermined goals. Program Educational Objectives (PEOs), Program Outcomes (POs), and Course Outcomes (COs) are the components of OBE. At the end of each year, the Program Outcomes are evaluated, and faculty members can submit many recommended measures which dependent on the relationship between the program outcomes and its courses outcomes to improve the quality of program and hence the overall educational program. When a vast number of courses are considered, bad actions may be proposed, resulting in unwanted and incorrect decisions. In this paper, a recommender system, using collaborative filtering and association rules algorithms, is proposed for predicting the best relationship between the program outcomes and its courses in order to improve the attributes of the graduates. First, a parallel algorithm is used for Collaborative Filtering on Data Model, which is designed to increase the efficiency of processing big data. Then, a parallel similar learning outcomes discovery method based on matrix correlation is proposed by mining association rules. As a case study, the proposed recommender system is applied to the Computer Information Systems program, College of Computer Sciences and Information Technology, Al-Baha University, Saudi Arabia for helping Program Quality Administration improving the quality of program outcomes. The obtained results revealed that the suggested recommender system provides more actions for boosting Graduate Attributes quality.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.2
• /
• pp.1-8
• /
• 2009

Today the use of RFID is extended in medical. circulation market, manufacture, security field, etc. Besides, the book-lending and the attendance management system are on an increasing trend in the use of RFID The developed dormitory management system is composed of a support program, a room management program, a manager program, and a mobile program etc.. In the support program a student(or a manager) can see his(or all member's) entrance and exit history. The room management program decides whether a student can enter the dormitory or not and manages the use of the power after or inquiring a RFID's input tag information into database server. The manager program is able to input and modify a room state and the fixtures information in the room required to operate the room management program, to set up and retrieve a student's entrance and exit information and a room state information. The mobile program enables a manager to check student's identity whether he is in or out, and the manager can know the personal information of being out in detail.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.660-663
• /
• 2011

The file security function, which this paper suggests, restricts the access of an unauthorized users by using password algorithm and saving file. Saved files that are encrypted are read by decrypting them with decryption algorithm. These features are user interface to design the program for user friendly. The security function implements both file encryption and decryption programs and tests whether the experiment works or not. In addition, when a decryption is progressed and the settings of between decryption and encryption are different each other, the security function also checks the possibility of decryption. We can enhance the security on important files stored in Windows servers or personal computers by developing this program.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.3
• /
• pp.612-618
• /
• 2013

The file security function, which this paper suggests, restricts the access of an unauthorized users by using password algorithm and saving file. Saved files that are encrypted are read by decrypting them with decryption algorithm. These features are user interface to design the program for user friendly. The security function implements both file encryption and decryption programs and tests whether the experiment works or not. In addition, when a decryption is progressed and the settings of between decryption and encryption are different each other, the security function also checks the possibility of decryption. We can enhance the security on important files stored in Windows servers or personal computers by developing this program.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.139-149
• /
• 2023

CBDC has characteristics similar to e-payments in which all records are kept by logs, so it is difficult to satisfy the anonymity level of cash. Therefore, in this study, the CBDC model that encrypts all transaction contents using the Diffie-Hellman key sharing algorithm was presented to enhance anonymity. The proposed model provides unlinkability anduntraceability. In addition, a CBDC certificate that uses pseudonym is used. Through this certificate, illegal transactions that require tracking can be tracked later by authorized institutions.

• Agribusiness and Information Management
• /
• v.2 no.1
• /
• pp.117-128
• /
• 2010

Coordination has been identified as a concern in the cross-cutting issues of food security and nutrition (FSN) in Cambodia. Food Security and Nutrition Information System (FSNIS) in Cambodia is the only "entry portal" to support policy formulation and decision-making with regard to FSN. While this knowledge and information management system has earned a respectful reputation, Council for Agricultural and Rural Development (CARD) faces many challenges in the implementation of the system. This paper will present how FSNIS has been developed and impacts on policy or strategy related to FSN. In addition, sustainability of the system is a key challenge for FSNIS; yet it is interesting to see how it works. Along with a success story, FSNIS is recognized by its stakeholders as the most successful knowledge and information management system in the field of FSN in Cambodia.

• Journal of Information Technology Applications and Management
• /
• v.20 no.4
• /
• pp.83-95
• /
• 2013

This study aims to analyze factors that affect satisfaction of students in employment-contract information technology master programs, and suggest policy implications to improve management of employment-contract master programs. A survey of students supported by Software master program of National IT Industry Promotion Agency (NIPA) and Knowledge Information Security master program of Korea Internet and Security Agency (KISA) indicates that department administration, department vision, scholarship, adviser, and lecturer affect satisfaction of students in employment-contract master programs in listed order.