• Title/Summary/Keyword: Security Importance

Search Result 1,147, Processing Time 0.03 seconds

Knowledge-based modeling and simulation of access control system representing security policies (보안정책을 표현하는 침입차단시스템의 지식기반 모델링 및 시뮬레이션)

  • 고종영;이미라;김형종;김홍근;조대호
    • Journal of the Korea Society for Simulation
    • /
    • v.10 no.4
    • /
    • pp.51-64
    • /
    • 2001
  • It is quite necessary that an organization's information network should be equipped with a proper security system based on its scale and importance. One of the effective methods is to use the simulation model for deciding which security policy and mechanism is appropriate for the complex network. Our goal is to build a foundation of knowledge-based modeling and simulation environment for the network security. With this environment, users can construct the abstracted model of security mechanisms, apply various security policies, and quantitatively analyze their security performance against possible attacks. In this study, we considered security domain from several points of view and implemented the models based on a systematic modeling approach. We enabled the model to include knowledge in modular fashion and provided well-defined guidelines for transforming security policy to concrete rule set.

  • PDF

Comparing the Effects of Two Methods of Education (Online versus Offline) and Gender on Information Security Behaviors

  • Minjung Park;Sangmi Chai
    • Asia pacific journal of information systems
    • /
    • v.30 no.2
    • /
    • pp.308-327
    • /
    • 2020
  • The importance of information security is increasing, and various efforts are being made to improve users' information security behaviors. Among these various efforts, information security education is mainly aimed at providing users with information security knowledge and improving information security awareness. This study classified the types of information security education into offline and online to examine the effects of each education method on attitudes toward information security (perceived severity, vulnerability, self-efficacy and response-efficacy) and information security behaviors. A survey was conducted for users with information security education experiences. The results obtained by comparing the differences in the path coefficients of personal information security behaviors according to information security education experiences showed that security behaviors were more significant in the online experience group than the offline group. In addition, gender differences were analyzed, and it was found that females had a greater impact on information security attitudes than males. This study also found that among Internet users with online information security education experience, females tend to have more information security behavior than males, but there were contrasting results among users with offline information security education experiences. The results of this study finally address the necessity of reflecting users' personalities in the systematic design of information security education in the future. Furthermore, the results of this study support the need for an appropriate education system that sufficiently understands education types to maximize the effects of information security education.

Analysis of Knowledge and Skill for Security Professionals (정보보호 전문가의 직무수행을 위한 지식 및 기술 분석)

  • Choi, Myeong-Gil;Kim, Se-Hun
    • Asia pacific journal of information systems
    • /
    • v.14 no.4
    • /
    • pp.71-85
    • /
    • 2004
  • Due to exponentially growing threats of cyber attacks, many organizations have begun to recognize the importance of information security. There is an explosion in demand for experienced ISMs(Information Security Managers) and ISSDs(Information Security System Developers). To educate ISMs and ISSDs, identifying the specific knowledge and skill for information security professional is critical. This paper identifies 15 items of knowledge and skill for ISMs and ISSDs using a simplified Delphi technique and categories them. The results of this paper could be used in determining what kinds of knowledge and skill should be included in the curriculum of information security programs.

Trend and Cause of Information Security Workforce's Job Turnover (정보보호인력 직무이동의 추이 및 요인)

  • Park, Sang-Woo;Kim, Tae-Sung
    • Journal of Information Technology Services
    • /
    • v.19 no.2
    • /
    • pp.37-47
    • /
    • 2020
  • A significant proportion of information subjects experience information security breaches, and the number of reports and counseling cases of personal information infringements is increasing. Increased awareness of the importance of information security has raised interest in the personnel in charge of such tasks. However, hiring excellent new workers and preventing turnovers in information security remain unresolved. In this paper, by modeling the job career path of information security workforce as a Markov chain, we analyze the workforce turnover process and long-term turnover trends by information security jobs, and further analyze the number and duration of turnovers required to engage in specific jobs. The results of this study are expected to be a reference to balancing the supply and demand of information security workers for the government and to ensuring efficient management of the workforce for businesses.

Survey and Analysis of Industrial Technology Security, Propose the Improvement Plan (산업기술 보안에 대한 조사 및 분석과 개선 방안)

  • Kim, Seong Jong
    • Convergence Security Journal
    • /
    • v.15 no.7
    • /
    • pp.3-8
    • /
    • 2015
  • According to the advent of the seriousness of industrial technology outflow, concerns are mounting about the importance of security, recently. In this paper, I studied a research trend about industrial technology security and real condition of the outflow, analyzed it in various ways, and showed a seriousness of the issue and urgency of the security. Finally, I suggested methods of improving needed in the industrial technology security in legal, business and technical ways.

The Security Architecture for Secure Cloud Computing Environment

  • Choi, Sang-Yong;Jeong, Kimoon
    • Journal of the Korea Society of Computer and Information
    • /
    • v.23 no.12
    • /
    • pp.81-87
    • /
    • 2018
  • Cloud computing is a computing environment in which users borrow as many IT resources as they need to, and use them over the network at any point in time. This is the concept of leasing and using as many IT resources as needed to lower IT resource usage costs and increase efficiency. Recently, cloud computing is emerging to provide stable service and volume of data along with major technological developments such as the Internet of Things, artificial intelligence and big data. However, for a more secure cloud environment, the importance of perimeter security such as shared resources and resulting secure data storage and access control is growing. This paper analyzes security threats in cloud computing environments and proposes a security architecture for effective response.

An Analysis of the Relationship between Energy Security and Economic Growth Using the NARDL Approach (NARDL 접근법을 사용한 에너지 안보와 경제성장에 대한 관계 분석)

  • Kuk Jin, Jang;Jin Sick, Kim;Myoung Sug, Chung;Joo Yeon, Lee
    • Journal of the Korean Society of Systems Engineering
    • /
    • v.18 no.2
    • /
    • pp.149-159
    • /
    • 2022
  • This study investigated the relationship between economic growth and energy security risk levels in Korea using linear and non-linear ARDL methods. While there are many studies on the relationship between energy consumption and economic growth, few studies focus on the relationship between energy security and economic growth considering 4A dimensions of energy security such as energy availability, accessibility, acceptability, and affordability. Energy risk index from Global Energy Institue and GDP data from world bank are used for ARDL and NARDL analysis. Our result of ARDL shows that there is no long-term relationship between energy security risk levels and economic growth. On the other hand, NARDL result shows that there is an asymmetric relationship between economic growth and energy security risk levels in the long run. The results show the importance of expending further research on ensuring energy security to policymakers.

A Study on the Impact Analysis of Security Flaws between Security Controls: An Empirical Analysis of K-ISMS using Case-Control Study

  • Kim, Hwankuk;Lee, Kyungho;Lim, Jongin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.9
    • /
    • pp.4588-4608
    • /
    • 2017
  • The measurement of information security levels is a very important but difficult task. So far, various measurement methods have studied the development of new indices. Note, however, that researches have focused on the problem of attaining a certain level but largely neglecting research focused on the issue of how different types of possible flaws in security controls affect each other and which flaws are more critical because of these effects. Furthermore, applying the same weight across the board to these flaws has made it difficult to identify the relative importance. In this paper, the interrelationships among security flaws that occurred in the security controls of K-ISMS were analyzed, and the relative impact of each security control was measured. Additionally, a case-control study was applied using empirical data to eliminate subjective bias as a shortcoming of expert surveys and comparative studies. The security controls were divided into 2 groups depending on whether or not a security flaw occurs. The experimental results show the impact relationship and the severity among security flaws. We expect these results to be applied as good reference indices when making decisions on the removal of security flaws in an enterprise.

A Study on the Relative Importance of Evaluation Factors for Improvement of Port Security (항만보안 강화를 위한 평가요인과 상대적 중요도 분석)

  • Kang, Min-Gu;Kim, Hwa-Young
    • Journal of Navigation and Port Research
    • /
    • v.43 no.1
    • /
    • pp.49-56
    • /
    • 2019
  • The purpose of this study was to extract the evaluation factors and assess the relative importance between the factors. For this purpose, the evaluation factors were extracted through literature review and the process of brainstorming with experts, who are related to port security. The evaluation factors were then classified into four higher factors and twelve sub- factors through the use of the AHP method. A survey on the classified factors was conducted by experts composed of public officials, port authority employees and education institutions officials. We also carried out statistical tests to determine the perception gap of weights between the groups. As a result of a relative importance analysis of strength, the security operating system factor was highest, followed by improvement of hardware facilities and increase of security personnel. There was a difference in perception among the groups in policy support, facility support and personnel resources budget support. The results of the analysis show that the strength operating system through the establishment of an integrated monitoring system is a priority. It is necessary to understand the difference of perception between groups and build a systematic cooperation system. The evaluation factors extracted from this study can be used for the measurement of port security efficiency in further work.

The effects on privacy protection behavior through mobile messenger security awareness and security intention - Focus on Theory of Self-Determination - (모바일 메신저 보안인식과 보안의도를 통한 개인정보 보호행동에 미치는 영향 - 자기결정성 이론을 중심으로 -)

  • Min, Kyeong-Eun;Kim, Sung-Jun;Kwon, Du-Soon
    • Management & Information Systems Review
    • /
    • v.35 no.1
    • /
    • pp.207-233
    • /
    • 2016
  • Currently mobile messenger industry, based on mobile application, is growing. And it has aroused innovative change, offering services in various forms beyond the form simply sharing messengers. Also because messenger securities are becoming personalized and intelligent, the importance of more diverse mobile applications' securities is increasing. This study carries out the empirical study of the causal relationship that the factors of using application services influence on security recognition and security Intention of mobile securities, and consequentially impact upon protection of personal information of users. In order that, we present the research model which prime variables of SDT, which emphasized on natural immanent motivation of human, applied to. To verify the research model of this study empirically, we conducted a survey targeting the public and university students which have ever used mobile messenger applications. With this, we desire to contribute to emphasizing the significance of individual messenger security and playing a positive role to develop security guide for consumers. The path analysis results are as follows. First, perceived autonomy has a positive effect on both security awareness and security intention. Second, perceived competence has a positive effect on security intention. Third, perceived relatedness has a positive effect on both security awareness and security intention. Last, security awareness and security intention. have a positive effect on privacy protection behavior. Through emphasizing the importance of the security of the messenger of individuals and contribute to a positive role for development of the necessary security guidelines to consumers.

  • PDF