• Nuclear Engineering and Technology
• /
• v.51 no.6
• /
• pp.1696-1707
• /
• 2019

This paper conducts a qualitative policy analysis of current challenges to safety culture and security culture in Southeast Asia and emerging best practices in Northeast Asia that are aimed at strengthening both cultures. It analyses lessons, including strengths and limitations, that can be derived from Northeast Asian states, given the long history of nuclear energy in South Korea, China and Japan. It identifies and examines best practices from Northeast Asia's Nuclear Security Centres of Excellence in terms of boosting nuclear security culture and their relevance for Southeast Asia. The paper accentuates the important role of the State in adopting policy and regulatory frameworks and in institutionalising nuclear education and training programmes to deepen the safety-security cultures. Best practices in and challenges to developing a nuclear safety culture and a security culture in East Asia are examined using three frameworks of analysis (i) a comprehensive nuclear policy framework; (ii) a proactive and independent regulatory body; and (iii) holistic nuclear education and training programmes. The paper argues that Southeast Asian states interested in harnessing nuclear energy and/or utilising radioactive sources for non-power applications must develop a comprehensive policy framework on developing safety and security cultures, a proactive regulatory body, and holistic nuclear training programmes that cover both technical and human factors. Such measures are crucial in order to mitigate human errors that may lead to radiological accidents and nuclear security crises. Key lessons from Japan, South Korea and China such as best practices and challenges can inform policy recommendations for Southeast Asia in enhancing safety-security cultures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1277-1286
• /
• 2013

Cloud computing's unique attributes such as elasticity, rapid provisioning and releasing, resource pooling, multi-tenancy, broad-network accessibility, and ubiquity bring many benefits to cloud adopters(company and organization), but also entails specific security risks associated with the type of adopted cloud and deployment mode. To minimize those types of risk, this paper proposed cloud computing security framework refered to strategic alliance model. The cloud computing security framework has main triangles that are cloud threat, security controls, cloud stakeholders and compose of three sides that are purposefulness, accountability, transparent responsibility. Main triangles define purpose of risk minimization, appointment of stakeholders, security activity for them and three sides of framework are principles of security control in the cloud computing, provide direction of deduction for seven service packages.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12spc
• /
• pp.399-408
• /
• 2021

Information security reports four types of basic attacks on information. One of the attacks is named as fabrication. Even though mobile devices and applications are showing its maturity in terms of performance, security and ubiquity, location-based applications still faces challenges of quality of service, privacy, integrity, authentication among mobile devices and hence mobile users associated with the devices. There is always a continued fear as how location information of users or IoT appliances is used by third party LB Service providers. Even adversary or malicious attackers get hold of location information in transit or fraudulently hold this information. In this paper, location information fabrication scenarios are presented after knowing basic model of information attacks. Peer-to-Peer broadcast model of location privacy is proposed. This document contains introduction to fabrication, solutions to such threats, management of fabrication mitigation in collaborative or peer to peer location privacy and its cost analysis. There are various infrastructure components in Location Based Services such as Governance Server, Point of interest POI repository, POI service, End users, Intruders etc. Various algorithms are presented and analyzed for fabrication management, integrity, and authentication. Moreover, anti-fabrication mechanism is devised in the presence of trust. Over cost analysis is done for anti-fabrication management due to nature of various cryptographic combinations.

• Convergence Security Journal
• /
• v.24 no.3
• /
• pp.187-193
• /
• 2024

With the advancement of AI and IoT, cybersecurity threats have increased dramatically. As the methods and objectives of cyber-attacks evolve, universities, like all major industries, are facing serious cybersecurity issues. Universities hold vast amounts of sensitive information such as students' personal data, research data, and intellectual property, making them prime targets for cyber threats. Therefore, this paper aims to present cybersecurity strategies from both institutional and technical perspectives to help university leaders and policymakers enhance their cybersecurity posture. The study reviews current trends through the flow of cyber-attacks and proposes governance, policy development, risk management, and the establishment of FIDO and AI-based security systems to respond to the increase in sophisticated threats such as ransomware and AI-based malware.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.47-59
• /
• 2020

The Army, which is dreaming of a military leap forward through the fourth industrial revolution, needs to also consider the side effects and adverse functions of the fourth industrial revolution. In particular, this study conducted an analysis of whether it was consistent with the global technological trend of normal 'military security'. This paper focuses on the countermeasures that could result from 4th industrial revolution by utilizing the text-mining technique and social network technique of big data. 1. Active promotion of a convergence program with private, public, militaryand industrial, academic, and solidarity, 2. Information Sharing for International Cooperation and Cooperation in Cyber security, 3. Military Innovation and Military Unsymmetric Cyber security innovation, 4.The Establishment of Military Security Convergence Interface Management System in accordance with the Fourth Industrial Revolution, 5. Cooperation in the transition from technology engineering to social technology, 6. Establishing a military security governance system in the military, 7. Specifying confidential military digital data We look forward to providing useful information so that the results of this study can help develop the military and enhance military confidentiality.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.331-334
• /
• 2001

본 논문에서는 현재 그 중요성이 증가하고 있는 정보보호관리체계에 대하여 기존의 국내·외 정보보호관리체계 지침이나 표준 문서들이 단지 일반적인 가이드라인을 제공 할 뿐, 평가나 측정, 혹은 인증을 위해 필요한 상세하고 객관적인 지표가 없다는 점을 파악하고, 이러한 주요 지표들을 개발하기 위한 프레임워크를 제시하고자 한다. 이 프레임워크는 정보보호관리 국제 표준인 ISO/IEC TR 13335 GMITS에서 정의하고 있는 정보보호관리 프로세스를 기준으로 적절한 정보보호관리 프로세스를 도출한 다음, 현재 정보기술 통제 기준으로 사용중인 COBIT의 각 주요 지표들을 위에서 도출된 프로세스별로 적용시키는 것이다. 즉 정보보호관리 프로세스별 주요목표지표(KGI - Key Goal Indicator), 주요성과지표(KPI - Key Performance Indicator), 그리고 핵심성공요소(CSF - Critical Success Factor)들을 개발하여 정보보호관리체계에 대한 상세하고 객관적인 평가와 측정을 가능하게 하고 이를 통해 총체적인 정보보호관리 통제 이룩하고자 한다.

• Korean Security Journal
• /
• no.3
• /
• pp.117-144
• /
• 2000

Not only has there been movement along the sectoral continuum, Johnston argues, but changes in the spatial balance of policing are also visible. More concretely, he suggests that British policing has been undergoing a century-long process that has gathered pace since the 1960s. Three factors have been central to this process. First, legislative centralization brought about by the Police Act 1964 - which established the tripartite structure for police governance and amalgamated forces - and the Local Government Act 1972 which reorganized local government. Secondly, the political and industrial unrest of the 1970s and early 1980s led to the establishment of new levels of national police co-operation and, in the words of one author, to the establishment of a 'de facto national police force'. Thirdly, increasing European influence has further internationalized police co-operation and organization. Johnston concludes that the spatial restructuring that appears to be taking place in British policing is indicative of a broader process of fragmentation of social structures and systems for maintaining order.

• Journal of Information Technology Services
• /
• v.14 no.4
• /
• pp.221-236
• /
• 2015

Application software is delivered to customers as a form of service at cloud environment. A cloud service provider is a marketplace between supply side (application providers) and demand side (customers). Cloud service providers have to validate applications to be included in their service portfolio. Not only performance, security, networking, compliances should be checked but also business contract, authentication should be provided. Organization customers are more sensitive to these validation criteria and process. We study the Internet2 NET+, which is a successful cloud marketplace of applications for research and education organizations. This case study shows us three things : (i) a cloud marketplace's application management process : selection, validation, transition to service, customization of applications (ii) what a cloud marketplace has for its infrastructure like authentication, security, access control etc. (iii) what a cloud marketplace has as its governance structure. This case study will provide informative analysis of Internet2 NET, a profit-making vertical and buyer's marketplace (education industry). And we will get some strategic implications for planning and implementing cloud marketplaces.

• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.108-118
• /
• 2021

This paper aims to presents the overview of research in the sustainable smart cities development domain. It investigates the key challenges of the sustainable smart cities development that faced by the developers from different countries. The qualitative research method via the interview is conducted to collect the data. 10 experts on the sustainable smart cities development project were interviewed in this study. The results indicate that there are 12 sustainable smart cities development challenges named: (1) budgetary constraint; (2) lack of resources; (3) lack of institutional capacity to deliver technology; (4) lack of systems integration; (5) social acceptability; (6) lack of awareness level in the smart city development among residents; (7) the need to drive towards content development; (8) lack of strategically approach in the smart city transformation; (9) disagreement on standardizing the smart city model; (10) lack of overarching institution to create the governance structure; (11) lack of sustainable focused strategies; and (12) lack of the smart city operational framework. Furthermore, the solutions framework for these challenges was proposed as the guidelines to overcome or minimize them.

• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.43-50
• /
• 2022

Continuous development is the key of development issue in developing nations. Smart city measurement is prevalently carried through in the cities in which the nations have been classified as industrialized countries. In addition, cities in Europe becomes the models of smart city system. Smart city concept used in the cities in Europe applies six predominant features i.e. smart economic, smart mobility, smart environment, smart people, smart living, and smart governance. This paper focuses on figuring out city' development strategy in developing nations particularly Indonesia in regard with European Framework by way of Multi Expert Multi Criterion Decision Making (ME-MCDM). Recommendation is resulted from the tests using the data collected from one of the metropolis cities in Indonesia, whereby issuing recommendation must firstly implement smart education, secondly communication, thirdly smart government, and fourthly smart health, as well as simultaneously implement smart energy and smart mobility.