• Journal of the Korea Computer Industry Society
• /
• v.2 no.8
• /
• pp.1015-1024
• /
• 2001

As the internet environment has been rapidly changed, the scale of internet network that needs to be managed has been magnified. In this way, the recognition for the importance of security became extensive, and numerous security systems for the protection of internal information were introduced. But decentralized security systems because of there use of different user interfaces undergo difficulties in effective security management as well as prompt coping when an obstacle happens causing a corpulence of in the security management part. In this paper, I propose an integrated security management system which can grasp the situation of each system and manage every system in the center so that we can consistently and integrally manage every system. Integrated security management system with multi agents has the advantages of prompt coping with obstacles, and the minimization of weaknesses that different security solutions have, and of consistent control and management for decentralized security systems.

• Korean Security Journal
• /
• no.13
• /
• pp.305-326
• /
• 2007

Coming to 21st century, the dangerous causes which threaten for safety of citizen's life is increasing. The national importance of facilitates which is dealing by special security officers are becoming target for enemy or terrorist. Therefore, securities in Korea are developing strongly. This study investigates for status and problem of the special security and aim to suggest the plan for development. The development of special security connects to the development of private security industry, the improvement of work environment for special security officers who are working in this ares, securing of man's ability, reality of salary, introduction of professional qualification system, reorganization of education system and the search system for preparing terror need to improve.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.4
• /
• pp.769-774
• /
• 2013

In order to strengthen the protection of information, public institutions have introduced information security governance system. Public institutions recognizes the importance of information security governance system, and have striven to establish information security governance by establishing institutions and making policies. In this paper, in order to investigate ways that will be the basis for the establishment of information security governance in public institutions, we studied the necessity and model of information security governance. Also, by studying the government policies and cases, we proposed the direction of the policy.

• The Journal of Information Systems
• /
• v.29 no.1
• /
• pp.51-74
• /
• 2020

Purpose Since the number of personal information breach incidents increased, many people have perceived the importance of personal information protection, in the recent. Especially, the number of personal information breach targeting middle-aged and elderly people rapidly increases. Therefore, the purpose of this study is to identify the factors which influence to fail of online information security behaviors among the elderly. Design/methodology/approach This study made a research model by adopting the factors deducted from the protection motivation theory. To analyze the research model, we conducted an online survey targeted on the elderly and middle ages users who have nations of Korean and Chinese respectively. Findings According to the empirical analysis result, we identified that only perceived severity and perceived vulnerability affected information security awareness. On contrast, it was also discovered that perceived barriers, self-efficacy, and response efficacy did not affect information security awareness. Additionally, the awareness of information security also did not affect information security behaviors. Middle-aged and elderly people with personal information protection education did more information security behaviors than people those who no education experiences. Korean middle-aged and elderly people with education significantly did more information protection behaviors than the people without the education.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.973-983
• /
• 2019

The importance of information security has been increasingly emphasized at the national, organizational, and individual levels due to the widespread adoption of software applications. High-safety software, which includes embedded software, should run without errors, similar to software used in the airline and nuclear energy sectors. Software development techniques in the above sectors are now being used to improve software security in other fields. Secure coding, in particular, is a concept encompassing defensive programming and is capable of improving software security. In this paper, we propose a software security vulnerability detection method using an improved coding standard searching technique. Public static analysis tools were used to assess software security and to classify the commands that induce vulnerability. Software security can be enhanced by detecting Application Programming Interfaces (APIs) and patterns that can induce vulnerability.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.109-113
• /
• 2007

With increasing the mont of processed information over the network, the importance of database system increases rapidly. There are two types of security system for database, access control and data encryption. However, it is hard to evaluate security of database systems using the Common Criteria(CC) as there is no protection profile(PP) for these systems. In this paper, we propose a protection profile for secure database systems which can be used in formal evaluation using the Common Criteria. The proposed protection profile can be used by both developer and consumer to evaluate security of database systems.

• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.57-68
• /
• 2022

As the importance and awareness of security have recently expanded, companies and governments are making continuous efforts and investments for security management. However, there are still many security threats in the organization, especially security incidents caused by internal staff. Therefore, it is very important for members to comply with security policies for organizational security management. Therefore, this study classified industrial security management into technical security, physical security, and managerial security, and applied the theory of planned behavior to investigate the impact relationship on the intention to comply with security policies. SPSS 25 and AMOS 25 were used for statistical analysis, and the study found that technical security had a positive(+) effect on subjective norms, physical security had a positive(+) effect on perceived behavior control, and attitude and perceived behavior control had a positive(+) effect on security policy compliance intention.

• The Journal of Society for e-Business Studies
• /
• v.25 no.4
• /
• pp.15-32
• /
• 2020

Increasing uncertainties in the technological innovation environment and increasing technology competition also present new challenges in terms of industrial technology security. Therefore, the purpose of this study was to identify the direction of policy change necessary for the improvement of related policies in the future by examining the importance and implementation of the government's industrial technology security support policies for small and medium-sized enterprises engaged in industrial technology innovation activities. As a result of the analysis, first of all, small and medium-sized enterprises that responded to the government's industrial technology security support policy were perceived to be less performing than the importance of the program. These results can be said to mean that selective budget expansion for related policy programs may be necessary, along with efforts to improve the quality of each program. Second, an analysis of the differences in group recognition between new technology certification firms and industrial technology verification(certification) companies showed that significant differences exist between groups for the program. These results suggest that more effective operation of the relevant policies may require policy enforcement in consideration of the level of security and will of each company in industrial technology, as much as the quantitative characteristics of the entity. This study is meaningful in providing the necessary policy directional basic information for the design and execution of more specific and effective industrial technology security policies by presenting empirical research results that domestic small and medium-sized enterprises are aware of about the government's industrial technology security policies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.5
• /
• pp.1037-1046
• /
• 2024

The widespread adoption of the Internet of Things (IoT) has enhanced efficiency and convenience across various fields, but it has also led to a surge in security threats. Among these, IoT botnets are particularly concerning as they can rapidly infect a large number of devices and launch various types of attacks, making them a significant security threat. In IoT environments where implementing security measures on individual devices is challenging, establishing a security monitoring system for real-time detection and response is essential to mitigate the risks posed by botnets. In the field of security monitoring, it is crucial not only to detect botnets but also to analyze their detailed behaviors to devise effective countermeasures. Security experts devote considerable effort to analyzing the payloads of detected threats to understand botnet behavior and develop appropriate responses. However, analyzing all threats manually is time-consuming and costly. To address this, our study proposes an XAI-based network feature extraction methodology to enhance the effectiveness of IoT botnet behavior analysis. This study proposes a practical security monitoring methodology for IoT botnet behavior analysis and response, consisting of three steps: 1) BPE and TF-IDF based payload feature extraction, 2) XAI-based feature importance analysis, and 3) visualization of decision rationale based on feature importance. This approach provides security experts with intuitive visual evidence of IoT attacks and reduces analysis time, contributing to faster decision-making and response strategy development in security monitoring.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.25 no.2
• /
• pp.77-82
• /
• 2017

Currently the international flight passenger visit at Incheon International Airport increased 12.4% compared to January 2017. Such increase affects on the congestion of an airport and the security check is one of the most congested area. There is a prejudice that airport security is not related to the airport service and is only a type of control that limits the quality of service. However, considering the huge impact that airport security agents have on passenger move within the airport, trustworthy, fast and kind service at airport security check is one of the most important part of airport service quality improvement. This research is an importance performance analysis of Incheon International Airport security service passenger satisfaction and its significance using IPA method. This research will contribute to the improvement of airport operation and service quality, by proving the relation between airport security and service.