• Journal of the Korea Society of Computer and Information
• /
• v.23 no.11
• /
• pp.185-191
• /
• 2018

The purpose of this study is to present effective basic data for business management through analysis of importance and performance of personal information protection of the elderly welfare center workers. For this purpose, the questionnaire on the protection of personal information was reconstructed based on the diagnostic level of the personal information security management level of the public institution and the questionnaire was conducted on 105 employees of the elderly welfare center in Chungbuk area. Based on the responses to the importance and the degree of performance of the personal information protection of the elderly welfare center employees, technical statistics and corresponding sample T-tests were conducted and the importance-performance analysis (IPA) was used. Followings are the results of this study: First, there is a statistically significant difference between the importance and the implementation of the management system for the protection of personal information of the workers in the elderly welfare center, establishment and implementation of protection measures, establishment and implementation of infringement measures. Second, IPA analysis on the protection of personal information of the workers in the elderly welfare center shows that the establishment and implementation of protection measures are the areas to maintain good performance. Third, in IPA analysis of the sub-factors of the personal information protection of the workers in the welfare center of the elderly, in the construction and management of the management system, in performing the role of the personal information protection officer and establishing and implementing protection measures, The factors of prevention of information disclosure and exposure and the safe use and management of personal information processing system were analyzed as areas requiring intensive improvement. This study is meaningful as a basic research that can raise the awareness of the personal information protection of the workers in the elderly welfare center and induce the improvement of the related work.

• Journal of Information Technology Services
• /
• v.22 no.5
• /
• pp.1-16
• /
• 2023

This study aimed to provide fundamental insights into the digital customer experience by identifying its components and analyzing their importance and satisfaction levels among youths. To achieve this objective, the components of digital customer experience were identified through a review of prior research and consultation with experts. Subsequently, a survey was conducted with 200 youths in Seoul and Gyeonggi-do. The main findings of the study are as follows: First, The components of the digital customer experience consisted of 12 items grouped into three categories. Second, an analysis of the disparity between the importance and satisfaction levels of digital customer experience revealed statistically significant differences across all items. Third, By utilizing IPA (Importance-Performance Analysis), the digital customer experience was categorized into four quadrant, each with its own characteristics and recommendations for management: The first quadrant, the "current level maintenance area," encompassed items related to "entertainment" and "recommended service." This area is currently functioning well but necessitates continuous attention and management. The second quadrant, the "area to be supported first," included items such as "personalization," "security," "inducing participation," "privacy," and "individuality expression." Intensive management and improvements are imperative in this quadrant. The third quadrant, the "long-term improvement area," consisted of items like 'consistency,' 'information quality,' and 'convenience.' These items require focus on long-term enhancement efforts. The fourth quadrant, the "areas where efforts have already been invested," encompassed items like 'accessibility' and 'deliberation.' It appears that excessive investment has been made in these areas relative to their importance, calling for selective investments while considering the specific issues associated with each factor. These research findings serve as essential data for managing the digital customer experiences of youths.

• Journal of Korea Technology Innovation Society
• /
• v.21 no.2
• /
• pp.875-905
• /
• 2018

Recently China's science and technology development is accelerating, and some technologies have the world's best technology. With the rapid development of science and technology, China has been deeply aware of the importance of science and technology, and many efforts are being made to legislate security regulations to protect their technologies. Korea and other countries are also interested in research security, and research and development cooperation with China is also on the rise. In this paper, we derived some implications by comparing and analyzing China's science and technology security regulation and Korea's national R&D project management regulations. China is also enacting science and technology security regulations as a subordinate to the laws and regulations of science and technology. However, it should be reflected in future legislation that the difference from Korea is composed of separate independent regulations. In particular, the fact that the science and technology security regulations have been enacted separately may be a hint that can be reflected in the nation's future legislation processes. In this paper, major contents of the science and technology security regulations, points to division of knowledge property into scientific and technological cooperation or security tasks, designation of regulations on the characteristics of research security guidelines, and operation of individual national security agencies In addition, in the event that the contents of the related statutes, confidentiality provisions, and import and import control are recorded in this paper, and the results of the joint R&D project are not utilized, or the technology transfer is not carried out.

• Journal of Digital Convergence
• /
• v.14 no.7
• /
• pp.155-166
• /
• 2016

In accordance with the increase of the importance of information security, organizations are making continuous investments to develop policies and adapt technology for information security. Organization should provide systemized support to enhance employees' security compliance intention in order to increase the degree of organization's internal security. This research suggests security policy goal setting and sanction enforcement as a method to improve employees' security compliance in planning and enforcing organization's security policy, and verifies the influencing relationship of Theory of Planned Behavior which explains employee's security compliance intention. We use structural equation modeling to verify the research hypotheses, and conducted a survey on the employees of organization with information security policy. We verified the hypotheses based on 346 responses. The result shows that the degree of goal setting and sanction enforcement has positive influence on self-efficacy and coping efficacy which are antecedents that influence employees' compliance intention. As a result, this research suggested directions for strategic approach for enhancing employee's compliance intention on organization's security policy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.763-780
• /
• 2024

As the domestic and international landscape undergoes rapid changes, the importance of implementing security measures in response to the growing threats that businesses face is increasing. In this context, the need for Security by Design (SbD), integrating security from the early design stages, is becoming more pronounced, with threat modeling recognized as a fundamental tool of SbD. Particularly, to save costs and time by detecting and resolving security issues early, the application of the Shift Left strategy requires the involvement of personnel with limited security expertise, such as software developers, in threat modeling. Although various automated threat modeling tools have been released, their lack of user-friendliness for personnel lacking security expertise poses challenges in conducting threat modeling effectively. To address this, we conducted an analysis of research related to threat modeling tools and derived usability evaluation criteria based on the GQM(Goal-Question-Metric) approach. An expert survey was conducted to validate both the validity and objectivity of the derived criteria. We performed usability evaluations of three threat modeling tools (MS TMT, SPARTA, PyTM), and the evaluation results led to the conclusion that MS TMT exhibited superior usability compared to other tools. This study aims to contribute to the creation of an environment where personnel with limited security expertise can effectively conduct threat modeling by proposing usability evaluation criteria.

• Journal of Korea Port Economic Association
• /
• v.39 no.4
• /
• pp.127-145
• /
• 2023

As the importance of strengthening port security is increasing, it is necessary to conduct a perceptual study on port facility users who pay for port security services first. This study aims to identify improvements in the port security function of Busan Port and contribute to the future development of port security in Korea. A total of 125 questionnaires were collected from port facility security fee collectors at Busan Port. Based on the collected data, exploratory factor analysis, traditional IPA, and modified IPA were conducted. In conclusion, first, the physical function of port security is the most important and should be continuously maintained and strengthened. Second, improving the professionalism of port security personnel is most urgent, and the port security education system needs to be improved. Finally, it is necessary to gradually develop the port security information service function in consideration of future development possibilities.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.6C
• /
• pp.893-900
• /
• 2004

While security traditionally has been an important issue in information systems, the problem of the greatest concern today is related to the availability of information and continuity of services. Since people and organizations now rely on distributed systems in accessing and processing critical services and mission, the availability of information and continuity of services are becoming more important. Therefore the importance of implementing systems that continue to function in the presence of security breaches cannot be overemphasized. One of the solutions to provide the availability and continuity of information system applications is introducing an intrusion tolerance system. Security mechanism and adaptation mechanism can ensure intrusion tolerance by protecting the application from accidental or malicious changes to the system and by adapting the application to the changing conditions. In this paper we propose an intrusion tolerance model that improves the developmental structure while assuring security level. We also design and implement an adaptive intrusion tolerance system to verify the efficiency of our model by integrating proper functions extracted from CORBA security modules.

• Management & Information Systems Review
• /
• v.31 no.1
• /
• pp.149-165
• /
• 2012

Nowadays due to the development of IT, hacking has become a major issue and importance of information system security is rapidly increasing. This research focuses on problems of training system security experts within Korea by analysing university's management information system curriculum and proposes an alternative way to solve this problem. The result of this research is the following. First, reformation of university's curriculum for successfully training system security experts is crucial. Second, theories that was learned in university courses need to be coherent to the actual work that the system security experts do in the field. Lastly, advanced IT countries like the US and Japan have already made standards on training system auditors and reinforced it with laws. Therefore Korea should establish a formal standard system like the other IT industry advanced countries.

• Journal of Energy Engineering
• /
• v.13 no.1
• /
• pp.60-67
• /
• 2004

The recent movement to deregulated and competitive electricity market reacquires new concepts against existing central dispatch in the system operation and pinning. As power systems tend to be operated more closely to their ultimate ratings, the role of SCOPF (Security Constrained Optimal Power flow) is changed and the importance for real-time security inhancement will be more increased i]1 the new and com partitive electricity market. This paper deals with the application of the SCOPF which makes possible the On-Line application. The security margin of power system truly is changed according to the conditions or configuration of power systems, therefore, the sensitivity factor reiated to the security is recalculated and the application should be updated in accordance with the state of power system. The goal of this paper is to obtain proper security through the effluent usage of the sensitivity and to apply this a1gorithm to system operation. The proposed mechanism has been tested on a sample system and the results show more secure conditions against critical contingencies.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.3
• /
• pp.53-60
• /
• 2017

The purpose of this study is to provide empirical and quantitative analysis on user's perceived privacy, security, and user satisfaction when providing visualization information about objects and service provider behaviors that users can not perceive in internet service process. Through previous research, we have examined the importance of privacy and security factors as a key factor to be considered for the characteristics of the Internet of things and the Internet of things. In addition, service blueprint, which is one of the service design methodologies to examine the flow of service usage in providing Internet service of things, was examined. In the flow of things internet service utilization, it is found that the things that are out of the user's cognitive area and the behavior of the service provider take up a large part. Therefore, the hypothesis that the trust of the Internet service security and the satisfaction of the user experience can be improved by providing the security visualization information about the behavior of the object and the invisible service provider in the non-contact aspect of the user and the object. In order to verify the hypothesis, we conducted experiments and questionnaires on the use of virtual objects' internet environment and conducted statistical analysis based on them. As a result, it was analyzed that visual information feedback on non - contact and invisible objects and service provider's behaviors had a positive effect on user's perceived privacy, security, and satisfaction. In addition, we conclude that it can be used as a service design evaluation tool to eliminate psychological anxiety about security and to improve satisfaction in internet service design. We hope that this research will be a great help for the research on application method of service design method in Internet environment of objects.