• The Journal of the Korea institute of electronic communication sciences
• /
• v.3 no.4
• /
• pp.210-220
• /
• 2008

Insider threat is becoming a very serious issue in most organizations and management is responsible for security implementation. This study is to develop a personnel security management indicators in the areas of Personnel Assurance, Personnel Competence, and Security Environment and protection against insider threats. In this study, the information security management system and related papers are examined by reviewing the existing researches and cases. Proposed indicators are verified by pilot test, empirically analyzed to expose experts' perception and the validity, importance, and risk level of each indicators through a questionnaire. Result were encouraging, but additional study focused on personnel security management using factor analysis is needed in the future.

• Korean Security Journal
• /
• no.2
• /
• pp.5-32
• /
• 1999

Private security will be of great importance in the coming 21st century. In the future, most of the crimes will be violent and frequent. In order to prevent crimes private security must be dealt with in public service area and private area. For this reason, nowadays studies on private security is going on actively. But in reality, serious studies on theoretical backgrounds of private security has not been made yet. Currently, almost all of the theories propose various grounds, such as administrative, economic, and social grounds. And they are based on five backgrounds, that is, profit-oriented enterprise theory, economic reduction theory, vacuum theory, interest group theory, and private management theory. The article furnishes several grounds in addition to these. They are local self-government, management of local self-government, and task-force of guard enterprise. In this article, I am going to present some perspectives in classifying the theories. They are administrative, economic, and social perspective. They are shown as follows by figure. In conclusion, based on theoretical backgrounds mentioned above, private security will be advanced constantly in the future. But in carrying out studies on private security, approaching method of proposing the developmental model is more important than theoretical approaching method.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.360-368
• /
• 2021

This study aims at knowing both the level of information security awareness in the use of social media among female secondary school students in Makkah Al-Mukarramah, and the procedures that students follow when exposed to hacking or other security problems. The study relied on the descriptive survey approach. The results showed a high percentage of social media use among the study sample, and the most used applications by the students are snapchat and Instagram applications successively. In fact, 48% of the study sample have awareness of information security, the majority of the students memorize the password in the devices, most of them do not change them, and they have knowledge of fake gates and social engineering. However, their knowledge of electronic hacking is weak, and students do not share passwords with anyone at a rate of 67%. At the same time, they do not update passwords. Moreover, most of the procedures followed by students when exposed to theft and hacking is to change the e-mail data and the password, and the results varied apart from that, which reflects the weak awareness of the students and the weakness of procedures related to information security. The study recommends the necessity to raise awareness and education of the importance of information security and safety, especially in light of what the world faces from data electronic attacks and hackings of electronic applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.157-169
• /
• 2010

As the information society changes into the ubiquitous computing society, the importance of information security has increased. Governments and enterprises are carrying out various information security activities to operate their information asset effectively. Since 2006, the Korean government has implemented 'Advance Diagnosis' policy to analyze the vulnerability of the information security from the early stage of the information system development to secure the information stability. This study proposes an analyzing framework for the economic effects of Advance Diagnosis for Information Security and presents an illustrative application em a real Advance Diagnosis case. The results of this study can be applied to secure the economic justification of government policies for the security of information systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.3
• /
• pp.591-605
• /
• 2022

As drones are widely used, attack attempts using drone vulnerabilities are increasing, and drone security is growing in importance. This paper derives security requirements for reconnaissance drone delivered to government office through threat modeling. Threats are analyzed by the data flow of the drone and collecting possible vulnerabilities. Attack tree is built by analyzed threats. The security requirements were derived from the attack tree and compared with the security requirements suggested by national organizations. Utilizing the security requirements derived from this paper will help in the development and evaluation of secure drones.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.295-297
• /
• 2008

Session Initiation Protocol (SIP) has become the call control protocol of choice for Voice over IP (VoIP) networks because of its open and extensible nature. However, the integrity of call signaling between sites is of utmost importance, and SIP is vulnerable to attackers when left unprotected. Currently a hop-by-hop security model is prevalent, wherein intermediaries forward a request towards the destination user agent server (UAS) without a user agent client (UAC) knowing whether or not the intermediary behaved in a trusted manner. This paper presents an integrated security model for SIP-based VoIP network by combining hop-by-hop security and end-to-end security.

• Journal of Information Technology Services
• /
• v.12 no.2
• /
• pp.291-300
• /
• 2013

In this study, divide by a private enterprise and army, 2 organizations about observed priority item among administrator, service provider, user viewpoint about the information security item for smartwork activation and in 3 steps hierarchic according to AHP technique analyzed and decided priority for information security observance item. As a result, importance difference could confirm identified by administrator, service provider, user viewpoint period of about information security observance item recognizing in a private enterprise and army.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.1
• /
• pp.89-97
• /
• 2014

Recently, spread of Smartphones caused activation of mobile services, because of that Big Data such as clouding service able to proceed with large amount of data which are hard to collect, save, search and analyze. Many companies collected variety of private and personal information without users' agreement for their business strategy and marketing. This situation raised social issues. As companies use Big Data, numbers of damage cases are growing. In this Thesis, when Big Data process, methods of analyze and research of data are very important. This thesis will suggest that choices of security levels and algorithms are important for security of private informations. To use Big Data, it has to encrypt the personal data to emphasize the importance of security level and selection of algorithm. Thesis will also suggest that research of utilization of Big Data and protection of private informations and making guidelines for users are require for security of private information and activation of Big Data industries.

• Proceedings of the IEEK Conference
• /
• 2002.07c
• /
• pp.1944-1947
• /
• 2002

The importance of security in WLAN(Wireless LAN) service is very critical, so IEEE organization has made the IEEE 802.1x standard. The IEEE 802.1x standard uses the EAP as authentication protocol which requires AAA(Authentication, authorization, and Accounting) server for authentication & accounting. for the reliable and scalable AAA service, the Diameter protocol has more advanced characteristics than existing radius protocol. So the Diameter protocol can be used for WLAN service provider who has large scale WLAN system and a large number of subscriber. This paper proposes the design of Diameter AAA server for the authentication and accounting of WLAN system which is adopting IEEE 802.1x standard.

• Annual Conference of KIPS
• /
• 2003.05c
• /
• pp.1965-1968
• /
• 2003

The importance of Security measures by means of Physical Security, Network Security and Online/Internet Security. Lack of security is one of the primary obstacles in fielding many technologies in both commercial and DoD networks. Moreover, Internet censorship may be growing and is becoming increasingly sophisticated. In this paper, we will evaluate the Practice to Policy to Theory Approach for survivability by means of software rejuvenation models. These models would be assessed the effectiveness of proactive fault management in operational software systems and determined optimal times to perform rejuvenation.