• Management & Information Systems Review
• /
• v.35 no.1
• /
• pp.207-233
• /
• 2016

Currently mobile messenger industry, based on mobile application, is growing. And it has aroused innovative change, offering services in various forms beyond the form simply sharing messengers. Also because messenger securities are becoming personalized and intelligent, the importance of more diverse mobile applications' securities is increasing. This study carries out the empirical study of the causal relationship that the factors of using application services influence on security recognition and security Intention of mobile securities, and consequentially impact upon protection of personal information of users. In order that, we present the research model which prime variables of SDT, which emphasized on natural immanent motivation of human, applied to. To verify the research model of this study empirically, we conducted a survey targeting the public and university students which have ever used mobile messenger applications. With this, we desire to contribute to emphasizing the significance of individual messenger security and playing a positive role to develop security guide for consumers. The path analysis results are as follows. First, perceived autonomy has a positive effect on both security awareness and security intention. Second, perceived competence has a positive effect on security intention. Third, perceived relatedness has a positive effect on both security awareness and security intention. Last, security awareness and security intention. have a positive effect on privacy protection behavior. Through emphasizing the importance of the security of the messenger of individuals and contribute to a positive role for development of the necessary security guidelines to consumers.

• Journal of Convergence for Information Technology
• /
• v.10 no.10
• /
• pp.32-39
• /
• 2020

In the large-scale infrastructure of cloud environment, illegal access rights are frequently caused by sharing applications and devices, so in order to actively respond to such attacks, a strengthened access control system is required to prepare for each situation. We proposed an entity attribute-based access control(EABAC) model based on security level and relation concept. This model has enhanced access control characteristics that give integrity and confidentiality to subjects and objects, and can provide different services to the same role. It has flexibility in authority management by assigning roles and rights to contexts, which are relations and context related to services. In addition, we have shown application cases of this model in multi service environment such as university.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.2
• /
• pp.107-114
• /
• 2022

Delegation is a powerful mechanism that allocates access rights to users to provide flexible and dynamic access control decisions. It is also particularly useful in a distributed environment. Among the representative delegation models, the RBDM0 and RDM2000 models are role delegation as the user to user delegation. However, In RBAC, the concept of inheritance of the role class is not well harmonized with the management rules of the actual corporate organization. In this paper, we propose an Adding Attributes on Permission-Based Delegation Model (ABDM) that guarantees the permanence of delegated permissions. It does not violate the separation of duty and security principle of least privilege. ABDM based on RBAC model, supports both the role to role and user to user delegation with an attribute. whenever the delegator wants the permission can be withdrawn, and A delegator can give permission to a delegatee.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.20 no.2
• /
• pp.141-157
• /
• 2024

This study examines the impact of cryptocurrency value characteristics on cryptocurrency investment intention. Stock craze and information provided through various media, including YouTube, play an essential role in helping investors recognize the value of cryptocurrency and develop positive investment intentions. In this study, we applied the Value-Based Adoption Model (VAM) to verify the relationship between cryptocurrency value characteristics and investment intention. We surveyed 500 cryptocurrency investors to assess network externalities, awareness, compatibility, cost benefits (fees), technicality, security, perceived value, and investment intentions. SEM (Structural Equation Modeling) using AMOS 26.0 was used for data analysis. Results show that network externalities, awareness, compatibility, cost benefits (fees), security, and perceived value significantly impact investment intention. This study provides insights that help investors accurately perceive cryptocurrencies and develop strategies to increase investment intentions. It also contributes to improving investors' decision-making ability. This comprehensive approach will foster the growth of the cryptocurrency market and strengthen investor confidence.

• Journal of Digital Convergence
• /
• v.11 no.10
• /
• pp.153-168
• /
• 2013

Information security has been a major concern in organizations. The longstanding question of how to improve employees security behaviors and reduce human errors remains unanswered and requires further exploration in the information security domain. To do this, we propose a risk compensation theory-based model and examine the model. Research results shows that the relationships between information security countermeasures and information security compliance intention of employees are moderated by system vulnerability. However, the finding is contrary to the previously held risk compensation assumption and deserve further study. In addition, system quality does not play a moderator role in the relationship. Conclusions and implications are discussed.

• Asia pacific journal of information systems
• /
• v.28 no.4
• /
• pp.320-349
• /
• 2018

Purpose: The application of IoT is finding continuous acceptance in our daily lives, particularly, smart speakers are making life easier and convenient for consumers. This research aims to develop and test an integrated model of factors influencing consumer's adoption of voice-enabled IoT devices. Design/methodology/approach: Based on the VAM, an integrated voice-enabled IoT device adoption model is proposed. Gender differences on five constructs relating with perceived value (perceived usefulness, perceived enjoyment, perceived security risk, perceived technicality and perceived cost) was also examined through PLS-MGA technique. The usage experience of consumers was also controlled in the integrated VAM. Findings: Result shows that Perceived-Usefulness, Perceived-Enjoyment and Perceived-Cost have a strong effect on Perceived-Value. However, Perceived-Technicality and Perceived-Security-Risk are non-influential and have no significant effect on PV. Additionally, Perceived-Value and Social-Influence plays a significant role in predicting adoption intention. Gender differences also exist in consumers perception of usefulness, enjoyment and cost. In comparison to the basic value-based adoption model, the integrated model provides more insight on consumers adoption of voice-enabled IoT devices. Originality/value: Using an integrated model, this study is one of the first scholarly attempt at modelling the influential factors for adopting smart speakers i.e., voice-enabled IoT devices, with implications for improved adoption.

• Journal of Convergence for Information Technology
• /
• v.8 no.5
• /
• pp.69-75
• /
• 2018

The purpose of access control is to prevent computing resources from illegal behavior such as leakage, modification, and destruction by unauthorized users. As the cloud computing environment is expanded to resource sharing services using virtualization technology, a new security model and access control technique are required to provide dynamic and secure cloud-based computing services. The virtualization management convergence access control model provides a flexible user authorization function by applying the dynamic privilege assignment function to the role based access control mechanism. In addition, by applying access control mechanism based on security level and rules, we solve the conflict problem in virtual machine system and guarantee the safeness of physical resources. This model will help to build a secure and efficient cloud-based virtualization management system and will be expanded to a mechanism that reflects the multi-level characteristics.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.10
• /
• pp.2708-2730
• /
• 2012

The growing concern for the protection of personal information has made it critical to implement effective technologies for privacy and data management. By observing the limitations of existing approaches, we found that there is an urgent need for a flexible, privacy-aware system that is able to meet the privacy preservation needs at both the role levels and the personal levels. We proposed a conceptual system that considered these two requirements: a graph-based, access control model to safeguard patient privacy. We present a case study of the healthcare field in this paper. While our model was tested in the field of healthcare, it is generic and can be adapted to use in other fields. The proof-of-concept demos were also provided with the aim of valuating the efficacy of our system. In the end, based on the hospital scenarios, we present the experimental results to demonstrate the performance of our system, and we also compared those results to existing privacy-aware systems. As a result, we ensured a high quality of medical care service by preserving patient privacy.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.179-191
• /
• 2024

With the advancement of modern technology, cyber-attacks are always rising. Specialized defense systems are needed to protect organizations against these threats. Malicious behavior in the network is discovered using security tools like intrusion detection systems (IDS), firewall, antimalware systems, security information and event management (SIEM). It aids in defending businesses from attacks. Delivering advance threat feeds for precise attack detection in intrusion detection systems is the role of cyber-threat intelligence (CTI) in the study is being presented. In this proposed work CTI feeds are utilized in the detection of assaults accurately in intrusion detection system. The ultimate objective is to identify the attacker behind the attack. Several data sets had been analyzed for attack detection. With the proposed study the ability to identify network attacks has improved by using machine learning algorithms. The proposed model provides 98% accuracy, 97% precision, and 96% recall respectively.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.8
• /
• pp.1205-1212
• /
• 2022

Cyber threat targeting ICS (Industrial Control System) has indicated drastic increases over the past decade and Cyber Incident in Critical Infrastructure such as Energy, Gas Terminal and Petrochemical industries can lead to disaster-level accidents including casualties and large-scale fires. In order to effectively respond to cyber attacks targeting ICS, a multi-layered defense-in-depth strategy considering Control System Architecture is necessary. In particular, the centralized security log system integrating OT (Operational Technology) and IT (Information Technology) plays an important role in the ICS incident response plan. The paper suggests the way of implementing centralized security log system that collects security events and logs using OPC Protocol from Level 0 to Level 5 based on IEC62443 Purdue Model to integrate ICS security logs with SIEM (Security Information Event Management) operated in IT environment.