• IEIE Transactions on Smart Processing and Computing
• /
• v.3 no.2
• /
• pp.65-73
• /
• 2014

An overall responding security-centered framework is necessary required for infringement accidents, failures, and cyber threats. On the other hand, the correspondence structures of existing administrative, technical, physical security have weakness in a system responding to complex attacks because each step is performed independently. This study will recognize all internal and external users as a potentially threatening element. To perform connectivity analysis regarding an action, an intelligent convergence security framework and road map is suggested. A suggested convergence security framework was constructed to be independent of an automatic framework, such as the conventional single solution for the priority defense system of APT of the latest attack type, which makes continuous reputational attacks to achieve its goals. This study suggested the next generation convergence security framework to have preemptive responses, possibly against an APT attack, consisting of the following five hierarchical layers: domain security, domain connection, action visibility, action control, and convergence correspondence. In the domain, the connection layer suggests a security instruction and direction in the domains of administrative, physical and technical security. The domain security layer has consistency of status information among the security domain. A visibility layer of an intelligent attack action consists of data gathering, comparison and decision cycle. The action control layer is a layer that controls the visibility action. Finally, the convergence corresponding layer suggests a corresponding system of before and after an APT attack. The administrative security domain had a security design based on organization, rule, process, and paper information. The physical security domain is designed to separate into a control layer and facility according to the threats of the control impossible and control possible. Each domain action executes visible and control steps, and is designed to have flexibility regarding security environmental changes. In this study, the framework to address an APT attack and load map will be used as an infrastructure corresponding to the next generation security.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.9
• /
• pp.92-99
• /
• 2013

As a recent cyber attack has a characteristic that is intellectual, advanced, and complicated attack against precise purpose and specified object, it becomes extremely hard to recognize or respond when accidents happen. Since a scale of damage is very large, a corresponding system about this situation is urgent in national aspect. Existing data center or integration security framework of computer lab is evaluated to be a behind system when it corresponds to cyber attack. Therefore, this study suggests a better sophisticated next generation convergence security framework in order to prevent from attacks based on advanced persistent threat. Suggested next generation convergence security framework is designed to have preemptive responses possibly against APT attack consisting of five hierarchical steps in domain security layer, domain connection layer, action visibility layer, action control layer and convergence correspondence layer. In domain connection layer suggests security instruction and direction in domain of administration, physical and technical security. Domain security layer have consistency of status information among security domain. A visibility layer of Intellectual attack action consists of data gathering, comparison, decision, lifespan cycle. Action visibility layer is a layer to control visibility action. Lastly, convergence correspond layer suggests a corresponding system of before and after APT attack. An introduction of suggested next generation convergence security framework will execute a better improved security control about continuous, intellectual security threat.

• Asia pacific journal of information systems
• /
• v.22 no.1
• /
• pp.53-77
• /
• 2012

Financial firms, especially large scaled firms such as KB bank, NH bank, Samsung Card, Hana SK Card, Hyundai Capital, Shinhan Card, etc. should be securely dealing with the personal financial information. Indeed, people have tended to believe that those big financial companies are relatively safer in terms of information security than typical small and medium sized firms in other industries. However, the recent incidents of personal information privacy invasion showed that this may not be true. Financial firms have increased the investment of information protection and security, and they are trying to prevent the information privacy invasion accidents by doing all the necessary efforts. This paper studies how effectively a financial firm will be able to avoid personal financial information privacy invasion that may be deliberately caused by internal staffs. Although there are several literatures relating to information security, to our knowledge, this is the first study to focus on the behavior of internal staffs. The big financial firms are doing variety of information security activities to protect personal information. This study is to confirm what types of such activities actually work well. The primary research model of this paper is based on Theory of Planned Behavior (TPB) that describes the rational choice of human behavior. Also, a variety of activities to protect the personal information of financial firms, especially credit card companies with the most customer information, were modeled by the four-step process Security Action Cycle (SAC) that Straub and Welke (1998) claimed. Through this proposed conceptual research model, we study whether information security activities of each step could suppress personal information abuse. Also, by measuring the morality of internal staffs, we checked whether the act of information privacy invasion caused by internal staff is in fact a serious criminal behavior or just a kind of unethical behavior. In addition, we also checked whether there was the cognition difference of the moral level between internal staffs and the customers. Research subjects were customer call center operators in one of the big credit card company. We have used multiple regression analysis. Our results showed that the punishment of the remedy activities, among the firm's information security activities, had the most obvious effects of preventing the information abuse (or privacy invasion) by internal staff. Somewhat effective tools were the prevention activities that limited the physical accessibility of non-authorities to the system of customers' personal information database. Some examples of the prevention activities are to make the procedure of access rights complex and to enhance security instrument. We also found that 'the unnecessary information searches out of work' as the behavior of information abuse occurred frequently by internal staffs. They perceived these behaviors somewhat minor criminal or just unethical action rather than a serious criminal behavior. Also, there existed the big cognition difference of the moral level between internal staffs and the public (customers). Based on the findings of our research, we should expect that this paper help practically to prevent privacy invasion and to protect personal information properly by raising the effectiveness of information security activities of finance firms. Also, we expect that our suggestions can be utilized to effectively improve personnel management and to cope with internal security threats in the overall information security management system.

• Journal of Contemporary Eastern Asia
• /
• v.16 no.2
• /
• pp.82-92
• /
• 2017

The Korean state evolved as a distinct entity in a region of major power convergence and conflict. All states, as human constructions, seek sovereignty and life security of their subjects/citizens, and are rotted in organic society. In the Republic of Korea, constitutional order has provided a framework for political action and a succession of regimes - authoritarianism, military dictatorship, and constitutional democracy. Since 1960 two paradigms have undergone a cycle of growth and decline, and a third, since the 2016 candlelight demonstrations in Gwanghwamun, may be the beginnning of a third generation paradigm - populist constitutionalism.

• Proceedings of the KSR Conference
• /
• 2007.05a
• /
• pp.1685-1690
• /
• 2007

Wave and following checking cycle arbor in the mountains form that examine various theories that decide checking cycle and data and application possibility that can acquire actually were presented. If see in standpoint that breakdown detects singularity availability before change happening, problem is advanced how action of device may do ordinary times supervision (monitoring) or checking cycle. In checking cycle decision, situation of latency breakdown that can not know that cause breakdown before device that is using examines can exist. Example such as car examination, faur and equitable spirit health examination, security device etc. can be fatal the time. Therefore, study and examined arbor in the mountains room of family proper checking cycle.

• Resources Recycling
• /
• v.24 no.2
• /
• pp.69-78
• /
• 2015

Recently, the importance of efficient resource management has been highlighted due to the uncertainty of its security. Developed countries promote the legislative provision and transition of industrial structure to maximize the efficiency of resource use through supporting the sustainable resource management at national level. Meanwhile Korea has very sensitive industrial structure along with the international resource supply and demand conditions. It is acutely necessary to improve the resource productivity with the various action plans such as the increase of recycling rate and the establishment of methodical resource management system. Especially, the study on the direction of each flow stage and the concrete action plans for using resource efficiently in the life-cycle of resource will be required. Therefore, this study suggests the future direction of each flow stage(production stage and circulatory stage), and the concrete action plans to improve the present problems of resource management in Korea.

• The Journal of Society for e-Business Studies
• /
• v.16 no.4
• /
• pp.87-96
• /
• 2011

The importance of the security management system for the aviation infrastructure cannot be overemphasized. What is especially important on the security management system for it is the assessment that is detaild and systematic. This article presents a framework based on a Hanulcha-type security management system model for a Information security of the Aviation infrastructure. This system checks, estimates and analyzes the goal of security with effect, especially in case of the security-accident on the aviation infrastructure because this system model gives the integrated security assessment method.

• Advanced Industrial SCIence
• /
• v.2 no.1
• /
• pp.21-38
• /
• 2023

An attempt has been made in this article to discuss the fundamentals of technical analysis of the stock market. A retail investor or trader may not have the wherewithal to source that kind of information. Technical analysis requires a candlestick chart only. Most of the brokers in India provide charting solutions as well. Studying the price action of a security or commodity or Forex generally indicates a price pattern. Prices react at certain levels and widely known as support and resistance levels. Since whatever is happening with the price of the security is considered to be a part of a pattern or cycle which has already played out sometime in the past, these studies help a keen technical analyst to identify with certain probability, the future movement of the price. Study of the candlestick patterns, price action, volumes and indicators offer the opportunities to identify a high probability trade with probable target and a stop loss. A trader or investor can take high probability trade or position and control only her losses.

• The Journal of the Korea Contents Association
• /
• v.10 no.11
• /
• pp.262-274
• /
• 2010

In Welfare Center for the disabled, under the Government's information acceleration plan, the computer system has been developed starting from work standardization in 2001 but it has been emphasized only on the technical and customer convenience side leaving out preparation for the side effects of them. Therefore this article will seek the necessity of personal information protection, legal basis in the Welfare Center for the disabled. Additionally after analyzing current status for the personal security of Welfare Center for the disabled, establishing an alternative plan for personal security policy's way could be addressed. Increasing education for awareness stress of personal information security, and preparing institutional protection apparatus from applying life cycle of personal information would be an alternative plan for personal information protection for Welfare Center for the disabled. Also frequent monitoring of accessing personal information from the computerized system should be achieved. It is impossible to recover damage caused by leak of personal information although post actions are progressed. From this essay, awareness of personal information protection should be newly revised for both the Social Welfare Organization and the Disabled welfare center, and also technical, institutional strategy's action should be arranged.

• Journal of Korean Society of societal Security
• /
• v.2 no.4
• /
• pp.35-41
• /
• 2009

If any bridge has the monitoring system, the bridge manager can check the history of bridge behavior and the progress of the damage more exactly. When the unexpected event (ex: earthquake and flood) happens, the manager can check the safety condition of the bridge and make the pertinent action for bridge management which is reduction of vehicle speed or traffic control through the system. Additionary the manager can make the well-timed repair or reinforcement through the system, so he can save the management cost or the life cycle cost. This study presents the method of setting the criteria by FEM analysis in bridge monitoring system, and the standard progress for setting the criteria about measurement items of monitoring system for the steel box type bridge.