• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1117-1132
• /
• 2019

Recently, IT technology such as internet, mobile, and IOT has rapidly developed, making it easy to collect data necessary for business, and the collected data is analyzed as a new method of big data analysis and used appropriately for business. In this way, data collection and analysis becomes easy. In such data, personal information including an identifier such as a sensor id, a device number, IP address, or the like may be collected. However, if systematic management is not accompanied by collecting and disposing of large-scale data, violation of relevant laws such as "Personal Data Protection Act". Furthermore, data quality problems can also occur and make incorrect decisions. In this paper, we propose a new data governance maturity model(DGMM) that can identify the personal data contained in the data collected by companies, use it appropriately for the business, protect it, and secure quality. And we also propose a over all implementation process for DG Program.

• East Asian Journal of Business Economics (EAJBE)
• /
• v.1 no.3
• /
• pp.71-84
• /
• 2013

Purpose: The South African government is determined in alleviating poverty while encouraging job creation and protecting the disposable incomes of poor households. This article looks at the challenges that are facing the South African Social Security system and argues that the provision of income security is amongst the most practical expressions of a nation's cohesion and values. Research Design, Data and Methodology: There are seven proposals in the Social Security and Retirement Reform and these proposals are based on the following two principal objectives of the government, that is, to ensure a basic standard of living and to prevent destitution in old age or in circumstances of unemployment or incapacity partly or wholly through redistributive measures, and to encourage savings to provide for the replacement of income on retirement, disablement or death through long-term insurance arrangements. Results: This article evaluates these seven proposals, state old age pension, wage subsidy, mandatory participation in a national social security system for all, mandatory participation in private occupational or individual retirement funds, Voluntary additional contributions to occupational or individual retirement funds, reform of the governance and regulation of the retirement funding industry and reform of the tax system. Conclusion: This article concludes that the population size of South Africa has increased significantly to 51, 8 million in 2011 and therefore the time is right for bold new steps in improving income security of the poor and strengthening the fabric of social solidarity that binds all South Africans together.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.33-39
• /
• 2017

In the age of full scale IoT, concept of "security convergence" has been popularized widely. However, it is not clear whether current "security convergence" concept reflects IoT characteristics and traits. In this thesis, a new concept, complementing "security convergence" concept researches up to date, has been suggested considering IoT characteristics. Required governance methodology and key technical factors are suggested for re-establishment of "security convergence" concept and for enterprise security strategy development.

• Asia pacific journal of information systems
• /
• v.23 no.4
• /
• pp.129-149
• /
• 2013

According to the development of new Information Technologies, firms consistently invest a significant amount of money in IT activities, such as establishing internal and external information systems. However, several anti-Information activities-such as hacking, leakage of information and system destruction-are also rapidly increasing, thus many firms are exposed to direct and indirect threats. Therefore, firms try to establish information security systems and manage these systems more effectively via an enterprise perspective. However, stakeholders or some managers have negative opinions about information security systems. Therefore, in this research, we study the relationship between multibusiness firms' performance and information security systems. Information security indicates physical and logical correspondence of information system department against threats and disaster. Studies on information security systems suggested frameworks such as IT Governance Cube and COBIT Framework to identify information security systems. Thus, this study define that information security systems is a controlled system on enterprise IT process and resource on IT Governance perspective rather than independent domain of IT. Thus, Information Security Systems should be understood as a subordinate concept of IT and business processes. In addition, this study incorporates information capability to information security system literature to show the positive relationship between Information Security Systems and Corporate Performance. The concept of information capability suggested that an interaction of human, information, technical and an effect on corporate performance using three types of capability (IT Practice, Information Management Practice, Information Behaviors and Values). Information capability is about firms' capability to manage IT infrastructure and information as well as individual employees who use IT infrastructure and information. Thus, this study uses information capability as a mediating variable for the relationship between information security systems and firms' performance. To investigate the relationship between Information Security Systems and multibusiness firms' performance, this study extends the IT relatedness concept into Information Security Systems. IT relatedness provides understanding of how corporations cope with conflicts between headquarters and business units to create a synergy effect and achieve high performance using IT resources. Based on the previous literature, this study develops the IT Security Relatedness model. IT Security Relatedness is our main independent variable, while Information Capability and Information Security Performance are mediating variables. To control for the common method bias, we collect each multibusiness firm's financial performance and use it as our dependent variable. We find that Information Security Systems influence Information Capability and Information Security Performance positively, and these two variables consequently influence Corporate Performance positively. In addition, this result indirectly shows that corporations under a multibusiness environment can obtain synergy effects using the integrated Information Security Systems. This positive impact of Information Security Systems on multibusiness firms' performance has an important implication to various stakeholders. Therefore, multibusiness firms need to establish Information Security Systems to achieve better financial performance.

• International journal of advanced smart convergence
• /
• v.5 no.3
• /
• pp.27-31
• /
• 2016

High-tech industries in a state well enough to troubleshoot hacking information introduction a big barrier to delay the growth of the market related to IoT(Internet of Things) as is likely to be on the rise. This early on, security issues introduced in the solution, a comprehensive solution, including the institutional laws/precautions needed. Recent examples of frequent security threats while IoT is the biggest issue of introducing state-of-the-art industry information due to the vulnerable security hacking. This high-tech industries in order to bridge the information responsible for the target attribute, target range, and the protection of security and how to protect the subject, IoT environment (domestic industrial environment) considering the approach is needed. IoTs with health care and a wide variety of services, such as wearable devices emerge. This ensures that RFID/USN-based P2P/P2M/M2M connection is the implementation of the community. In this study, the issue on the high-tech industrial information and the vulnerable security issues of IoT are described.

• Review of Korean Society for Internet Information
• /
• v.14 no.3
• /
• pp.52-57
• /
• 2013

Information and Communication Technologies(ICTs) have substantially enlarged both the opportunities to realize one's human rights but have also resulted in the emergence of new challenges. ICTs are so deeply embedded and cental to almost all aspects of human activity. And ICTs are assuming an increasingly central role in all aspects of human and societal development across the world. But this is especially true of the right to privacy, which faces challenges such as profiling and data mining for public(including national security) and private purposes. ICTs access is a fundamental right for all humans in the information age. So we have need for regulation based on human rights in the digital age. And governments have a responsibility to protect individuals against violations of human rights and data protection by public authorities, but also by private entities. In addition, internet governance and multi-stakeholder principle have to be stressed on all of the internet issues because internet governance is included in the principle of democracy which have bottom-up communication and equality. So it is very importance that Internet Governance Forum is the space for a meaningful discussion on public policy issues relating to the internet.

• Journal of Information Processing Systems
• /
• v.12 no.2
• /
• pp.226-233
• /
• 2016

Cloud computing is a distributed computing model that has lot of drawbacks and faces difficulties. Many new innovative and emerging techniques take advantage of its features. In this paper, we explore the security threats to and Risk Assessments for cloud computing, attack mitigation frameworks, and the risk-based dynamic access control for cloud computing. Common security threats to cloud computing have been explored and these threats are addressed through acceptable measures via governance and effective risk management using a tailored Security Risk Approach. Most existing Threat and Risk Assessment (TRA) schemes for cloud services use a converse thinking approach to develop theoretical solutions for minimizing the risk of security breaches at a minimal cost. In our study, we propose an improved Attack-Defense Tree mechanism designated as iADTree, for solving the TRA problem in cloud computing environments.

• Korean Security Journal
• /
• no.55
• /
• pp.97-116
• /
• 2018

Due to the rapid developments of South Korea, local communities have faced various social pathologies which generated more violent crimes and criminalized younger students. Several horrendous violences, such as a Kangneung Girl assassination assault case in July 2017 and a Busan Girls assault case in September 2017, happened only between young students. This ignited a public uproar and people were more interested in related national policies and voiced for stronger penalties in ways that punish student offenders and abolish the juvenile law. In this respect, various effective policies are needed to prevent the school violence and to eliminate the students' fear of crime. These are expected to create an environment where students could enthusiastically study in a safe environment. Focusing on elementary school students, this study seeks to empirically analyse the effects of their perception of local crime control governance on their fear of crime and, subsequently, to suggest policy implications which could prevent future school violence and juvenile crimes and reduce the students' fear of crime. The results of this study are as follows: First, the analysis of the general fear of local crime control governance and the fear of crime showed that elementary school students' trust in police officers had a significant effect on the general fear. Second, the analysis of the local fear of crime control governance and the fear of crime highlighted that their trust in the police, social ties, intimacy between the police and residents had a significant effect on the specific fear. Therefore, this study is applicable in reality in that it can contribute to the prevention of school violence and reduction of fear of crime by constructing local crime control governance.

• International Journal of Computer Science & Network Security
• /
• v.23 no.2
• /
• pp.173-182
• /
• 2023

The UAE government has set its sights on creating a smart, electronic-based government system that utilizes AI. The country's collaboration with India aims to bring substantial returns through AI innovation, with a target of over $20 billion in the coming years. To achieve this goal, the UAE launched its AI strategy in 2017, focused on improving performance in key sectors and becoming a leader in AI investment. To ensure public safety as the role of AI in government grows, the country is working on developing integrated cyber security solutions for SCADA systems. A questionnaire-based study was conducted, using the AI IQ Threat Scale to measure the variables in the research model. The sample consisted of 200 individuals from the UAE government, private sector, and academia, and data was collected through online surveys and analyzed using descriptive statistics and structural equation modeling. The results indicate that the AI IQ Threat Scale was effective in measuring the four main attacks and defense applications of AI. Additionally, the study reveals that AI governance and cyber defense have a positive impact on the resilience of AI systems. This study makes a valuable contribution to the UAE government's efforts to remain at the forefront of AI and technology exploitation. The results emphasize the need for appropriate evaluation models to ensure a resilient economy and improved public safety in the face of automation. The findings can inform future AI governance and cyber defense strategies for the UAE and other countries.

• Korean Security Journal
• /
• no.39
• /
• pp.355-386
• /
• 2014

Current business environment asks the fundamental changes about business security. The essences of these changes are that the security management of today's global business is important task of managers and the security practitioner is professional who needs very specialized education and training with business thinking. Rapid process of globalization of global village tore down the business limit that was restricted on the geological areas' limitation. Rapid business environments' change that is driving depends on development of science and technology with globalization needs new paradigm to keep business continuity. With the process of globalization, Korea, which importance is gradually increasing in the national economy, has trade dependent economic system, which keeps power of national economy through trade, so Korean economic tendency is accelerating. To keep competitiveness in global market, new strategy that is different with existing domestic business management is necessary. That is, capacity of coping with outside risk in domestic business management is established in some degree, but business activities in foreign countries faces at numerous unexpected risks that differ from country to country such as difference with the custom, changes of corporate governance etc. To cope with these new risks effectively, new paradigm for business risk is necessary. Especially, flexibility of thinking like new paradigm is necessary to cope with new security risk effectively. To cope with security risk that occurs in the new business environment effectively and competes against international company in global market, company management and members' changes of cognition about security and innovative changes in security policy is necessary. In the basement of these changes, there is expansion of business security tasks, improvement of report line, enhancement of professionalism and status of security officers, variation of hands-on workers and increasing of investment to the security etc.