• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.38 no.4
• /
• pp.30-38
• /
• 2015

IT security service provides customers with the capability of protecting the networked information asset and infrastructures, and the scope of security service is expanding from a technology-intensive task to a comprehensive protection system for IT environment. To improve the quality of this service, a research model which help assess the quality is required. Several research models have been proposed and used in various service areas, but few cases are found for IT security service. In this work, a research model for the IT security quality has been proposed, based on research models such as SERVQUAL and E-S-QUAL. With the proposed model, factors which affect the service quality and the best quality measure have been identified. And the feasibility of using quantitative measures for quality has been examined. For analysis, structural equation modeling and various statistical methods such as principal component analysis were used. The result shows that satisfaction is the most significant measure affected by the proposed quality factors. Two quality factors, fulfillment and empathy, are the main determinants of the service quality. This leads to a strategy of quality improvement based on factors of emotion and perception, not of technology. The quantitative measures are considered as promising alternative measures, when combined with other measures. In order to design reliable quantitative measures, more work should be done on target processing time and users' expectation. It is hoped that work of this research will provide efficient tools and methods to improve the quality of IT security service and help future research works for other IT service areas.

• The Journal of the Korea Contents Association
• /
• v.19 no.7
• /
• pp.281-290
• /
• 2019

With the goal of enforcing a municipal police system in a national scale starting from 2021, the proposal for introducing municipal police system is promoted and the private security is spotlighted as the measure for supplementing the issues for municipal police system. To solve this issue, the method of promoting and actively utilizing the private security which served as an assistant for security service into the cooperator for security service is suggested as a practical method. To analyze how police's favorable attitude toward introduction of municipal police system influence on the favorable trust toward private security system, this study conducted a survey on front line police officers and analyzed the collected data through statistical technique. As a result, the police officers favorable to introduction of municipal police system also showed positive attitude toward private security and machine security. However, the survey didn't provide significant result on labor expense. In order for the private security service to be accepted as the cooperator for security service, it is necessary to solve the labor expense issue and strengthen trust on machine security.

• International Journal of Computer Science & Network Security
• /
• v.24 no.1
• /
• pp.140-150
• /
• 2024

Database-as-a-Service is one of the prime services provided by Cloud Computing. It provides data storage and management services to individuals, enterprises and organizations on pay and uses basis. In which any enterprise or organization can outsource its databases to the Cloud Service Provider (CSP) and query the data whenever and wherever required through any devices connected to the internet. The advantage of this service is that enterprises or organizations can reduce the cost of establishing and maintaining infrastructure locally. However, there exist some database security, privacychallenges and query performance issues to access data, to overcome these issues, in our recent research, developed a database security model using a deterministic encryption scheme, which improved query execution performance and database security level.As this model is implemented using a deterministic encryption scheme, it may suffer from chosen plain text attack, to overcome this issue. In this paper, we proposed a new model for cloud database security using nondeterministic encryption, order preserving encryption, homomorphic encryptionand database distribution schemes, andour proposed model supports execution of queries with equality check, range condition and aggregate operations on encrypted cloud database without decryption. This model is more secure with optimal query execution performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.237-249
• /
• 2010

If one analyzes recent cyber incidents including personal information infringement cases, it seems like actual attack is targeting Internet service providers but actually they are targeting Internet service users. For many users, all the services were not provided to them as they have signed for in the contract or personal informations, which users have provided to service providers when signing contracts, were disclosed to public without users' consent causing aftereffect. As a result, importance of S-SLA indexes, which is to be included in the SLA to be signed between a user and a service provider, is ever more increasing. Especially, if there is a S-SLA indexes for anti-virus services, service providers have to provide a high quality of service as they have signed in the SLA. However, there wasn't any researches in the S-SLA area domestically and there are only limited SLA indexes related to system or service maintenances at the moment. Therefore, this paper analyses security functions in anti-virus services and proposes S-SLA indexes for different security level.

• Journal of the Society of Disaster Information
• /
• v.3 no.2
• /
• pp.55-78
• /
• 2007

Currently, the departments related to security and secretary service exist in 18 universities and 30 colleges in Korea in order to raise professional security and secretary personnel. Among the 18 four-year colleges in Korea, only two of them have the ethics course include in their curriculum. Also, among the 31 two-year colleges, only three of them have the ethics course included in their curriculum. Besides, as some private security and guardian companies were recently utilized in illegal actions of the rich and ruling class, contradicting their original purpose of existence, many people point out their downfall as a ?forced private army.? As a professional job, if security secretaries take advantage of the knowledge and top-secret technologies and use them for non-ethical purposes, the effect of the damage is far more serious than other fields of jobs. Therefore, taking this event as a turning point, the contract contents and the task area between the client and the security and secretary company must become more transparent in order to prevent illegal actions, and also for the people working in the security and secretary service area, it is necessary to establish a firm ethical consciousness in order to behave appropriately in their working environment. Therefore, this study examines the proper direction of work ethics of the people working in the security and secretary service according to the professionalization of their field, and also aims to propose an appropriate work ethic system such that they will not become an unfortunate victim of various scandals anymore. To do so, the concept of work ethics in professional jobs was examined; and after the code of ethics that reflect the ethical value system of each professional job was reviewed, the study suggested a specific solution for establishing the codes of ethics for security and secretary service.

• Journal of Information Processing Systems
• /
• v.14 no.3
• /
• pp.740-750
• /
• 2018

There are a great number of Internet-connected devices and their information can be acquired through an Internet-wide scanning tool. By associating device information with publicly known security vulnerabilities, security experts are able to determine whether a particular device is vulnerable. Currently, the identification of the device information and its related vulnerabilities is manually carried out. It is necessary to automate the process to identify a huge number of Internet-connected devices in order to analyze more than one hundred thousand security vulnerabilities. In this paper, we propose a method of automatically generating device information in the Common Platform Enumeration (CPE) format from banner text to discover potentially weak devices having the Common Vulnerabilities Exposures (CVE) vulnerability. We demonstrated that our proposed method can distinguish as much adequate CPE information as possible in the service banner.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.2
• /
• pp.634-645
• /
• 2014

VoIP (Voice over Internet Protocol) is a technology of transmitting and receiving voice and data over the Internet network. As the telecommunication industry is moving toward All-IP environment with growth of broadband Internet, the technology is becoming more important. Although the early VoIP services failed to gain popularity because of problems such as low QoS (Quality of Service) and inability to receive calls as the phone number could not be assigned, they are currently established as the alternative service to the conventional wired telephone due to low costs and active marketing by carriers. However, VoIP is vulnerable to eavesdropping and DDoS (Distributed Denial of Service) attack due to its nature of using the Internet. To counter the VoIP security threats efficiently, it is necessary to develop the criterion or the model for estimating the information security level of VoIP service providers. In this study, we developed reasonable security indicators through questionnaire study and statistical approach. To achieve this, we made use of 50 items from VoIP security checklists and verified the suitability and validity of the assessed items through Multiple Regression Analysis (MRA) using SPSS 18.0. As a result, we drew 23 indicators and calculate the weight of each indicators using Analytic Hierarchy Process (AHP). The proposed indicators in this study will provide feasible and reliable data to the individual and enterprise VoIP users as well as the reference data for VoIP service providers to establish the information security policy.

• Journal of Platform Technology
• /
• v.10 no.4
• /
• pp.82-90
• /
• 2022

emerging. And it shows numerous possibilities and tremendous potentials in the virtual world. This metaverse is not limited to one type, but it is evolving and developing into a service in the form of a virtual convergence economy by breaking down boundaries. As a result, various security issues in metaverse are emerging. Metaverse performs all activities in the virtual space, so various problems such as privacy infringement, virtual asset theft, or fraud can occur. In this paper, a service security model is proposed to provide safe services on metaverse. To this end, we analyze security threats in the metaverse framework and propose a security service model to prevent threats. By evaluating the security of the proposed model, it was shown that safe services are effectively possible on the metaverse.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.20 no.4
• /
• pp.91-105
• /
• 2012

This study, the cause of an aviation security employees' job satisfaction and dissatisfaction will be understood and the data can be used as evidence to explain the position of the employees. Moreover, the results of this study shall be conducted to increase the level of service delivery and also to remove unsatisfactory factors. Thus, according to this research survey shows the understanding of the job satisfaction and service delivery influences on the overall job satisfaction of a secure enterprise's security screeners. As a results, by improving the job satisfaction of aviation security screeners, the world's most safe, convenient service and quick airport service delivery could be achieved. Therefore, in order to improve the level of Korea and the international competitiveness of airlines, the promotion of job satisfaction of employees would be very important. Moreover based on the results of this study, the advanced research on the recognition differences for service evaluation between the customers and security screeners are needed.

• Korean Security Journal
• /
• no.17
• /
• pp.53-68
• /
• 2008

The purpose of this study is to investigate about security service history as enlightenment period from the provisional government to 1920s. This study used materials by historical facts for the regulations and books in provisional government, newspapers in 1920s. There are four parts conclusion of this study: police department of provisional government, security service agency in the provisional government, security service agents of an independence movement, the general society of Korea. Firstly, Kim Gu, a prominent Korean nationalist leader, was understand of security service which was to protect provisional government from the enemy. So, Kim Gu participated in training of security service agents in the police department of provisional government. Secondly, there was security service agency in the provisional government. In 1920s, security service agency and agents appeared for the first time in regulations of the provisional government. At the beginning of the security service agency's appearance was influenced on background and circumstances for Korean independence activist who helped the independence of Korea from Japan. Thirdly, security service agents leaded an active for independence movement of the private organizations in 1920s. They carried on an independence movement in defiance of Japanese coercion as nationalist in Korea history. Fourthly, security service came out the general society of Korea in 1920s. The security service was not just for safety, but also for its security system and peace of mind, which were influenced by the political situation, social environment in 1920s. For the this reason, now security service has safety perception in Korea despite the historical progress.