• The Journal of Society for e-Business Studies
• /
• v.16 no.4
• /
• pp.87-96
• /
• 2011

The importance of the security management system for the aviation infrastructure cannot be overemphasized. What is especially important on the security management system for it is the assessment that is detaild and systematic. This article presents a framework based on a Hanulcha-type security management system model for a Information security of the Aviation infrastructure. This system checks, estimates and analyzes the goal of security with effect, especially in case of the security-accident on the aviation infrastructure because this system model gives the integrated security assessment method.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.513-517
• /
• 2003

올해 발생한 슬래머웜 등 인터넷웜은 감염스피드와 피해영향으로 인하여, 정보보호의 전략을 급격하게 수정하게 만들었다. 가장 큰 문제는 기존의 정보보호제품이 신종 취약점과 공격에는 무용지물임이 증명되었고, 결국 Practice에 근거한 관리 및 프로세스에 의한 보안이 중요함을 보이고 있다. 또한 그동안 보안관리는 온라인화 되지 않은 자산에 근거한 모델이 많았지만 현재는 온라인화 된 자산에 대한 실시간 보안관리 방법이 매우 중요해지고 있다. 실시간 취약점관리, 실시간 위협관리, 실시간 위험관리 등을 통하여, 실시간 보안관리의 해외동향과 이론적 근거에 바탕을 둔 프레임워크 설계를 보이고자 한다.

• Management & Information Systems Review
• /
• v.32 no.2
• /
• pp.213-235
• /
• 2013

This study investigates proper solution available for flexibly management pointing out reality a lack of understanding and interest for executing security management while importance of firm security management gets bigger. Accordingly, this study suggests 4 exogenous variables such as organizational commitment, experience of security risks, perceived benefits, partner interdependence as factors of having influence upon development and implementation in security management. It suggests IT volatility as moderating variable, which will intensify between development and implementation. The research model was tested by using Structural Equation Modeling, via Amos 19.0 analysis on a sample collected from 209 firms. As a result, the remaining variables except partner interdependence showed statistically positive influence. The implications of the findings suggest a new theoretical framework of the security management and offers important solutions for the practical application guidelines.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.209-221
• /
• 2023

Due to the rapid spread of the COVID-19 virus in December 2019, the working environment was rapidly converted to telecommuting. However, since the defense industry is an organization that handles technology related to the military, the network separation policy is applied, so there are many restrictions on the application of telecommuting. Telecommuting is a global change and an urgent task considering the rapidly changing environment in the future. Currently, in order for defense companies to implement telecommuting, VPN, VDI, and network interlocking systems must be applied as essential elements. Eventually, some contact points will inevitably occur, which will increase security vulnerabilities, and strong security management is important. Therefore, in this paper, attack types are selected and threats are analyzed based on the attack tactics of the MITER ATT&CK Framework, which is periodically announced by MITER in the US to systematically detect and respond to cyber attacks. Then, by applying STRIDE threat modeling, security threats are classified and specific security requirements are presented.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.1
• /
• pp.240-263
• /
• 2021

One of the biggest challenges that the software industry is facing today is to create highly efficient applications without affecting the quality of healthcare system software. The demand for the provision of software with high quality protection has seen a rapid increase in the software business market. Moreover, it is worthless to offer extremely user-friendly software applications with no ideal security. Therefore a need to find optimal solutions and bridge the difference between accessibility and protection by offering accessible software services for defense has become an imminent prerequisite. Several research endeavours on usable security assessments have been performed to fill the gap between functionality and security. In this context, several Multi-Criteria Decision Making (MCDM) approaches have been implemented on different usability and security attributes so as to assess the usable-security of software systems. However, only a few specific studies are based on using the integrated approach of fuzzy Analytic Network Process (FANP) and Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) technique for assessing the significant usable-security of hospital management software. Therefore, in this research study, the authors have employed an integrated methodology of fuzzy logic, ANP and TOPSIS to estimate the usable - security of Hospital Management System Software. For the intended objective, the study has taken into account 5 usable-security factors at first tier and 16 sub-factors at second tier with 6 hospital management system softwares as alternative solutions. To measure the weights of parameters and their relation with each other, Fuzzy ANP is implemented. Thereafter, Fuzzy TOPSIS methodology was employed and the rating of alternatives was calculated on the foundation of the proximity to the positive ideal solution.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.573-584
• /
• 2001

Policy-Based Network Management (PBNM) architecture is to meet various needs of network users and to provide effective management facilities in distributed and large scale networks to network managers. In PBNM, network managers perform network management operations by stipulating a set of rules rather than control each network component. On the other hand, providing security services such as authentication, privacy of messages as well as a new flexible and extensible administration framework, SNMPv3 enables network managers to monitor and control the operation of network components more secure way than ever before. Despite of its enhanced security services, SNMPv3 has difficulties in managing distributed, large-scaled network because it does not provide centralized security management facilities. In this paper, we propose a new security model called Role-based Security Management model (RSM) with security management policy to support scalable and centralized security management for SNMP-based networks. Also, the structure and the operation of the security system as well as the efficiency analysis of RSM in terms of security management are also described.

• Asia pacific journal of information systems
• /
• v.34 no.1
• /
• pp.292-320
• /
• 2024

The amount of data a related to a person is so substantial that it appears that a digital version of them can be built thereon. They are usually handled as personal information, and the attempts made to understand personal information have led to bundling and unbundling of various data, yielding numerous fragmented categories of personal information. Therefore, we attempt to construct a generalizable lens for a deeper understanding of person-related data. We develop a theoretical framework that provides a fundamental method to understand these data as an entity of a digitally represented person based on literature review as well as the concepts of inforg and infosphere. The proposed framework suggests person-related data consist of three informational inforg dimensions that can preserve the archetype of a person, form, content, and interaction. Subsequently, the framework is examined and tested through several analyses in two different contexts: social media and online shopping mall. This framework demonstrates the suggested dimensions are interrelated with certain patterns, the prominent dimension can determine the data characteristics, and the dimensional composition of data types can imply the characteristics of the digitally represented person in certain contexts.

• Journal of the Korea Safety Management & Science
• /
• v.19 no.2
• /
• pp.41-50
• /
• 2017

Disaster and safety budget can be characterized as a large-scale public asset on which the government has a significant role. It is of a crucial importance to properly allocate the limited national budget to various areas as necessary. Higher investment efficiency of the budget related to disaster and safety management requires distribution criteria based on relevance and efficiency. Currently, the budget related to disaster and safety management is orchestrated through the prior consultation system. However, there is still no clear framework for reviewing the investment direction and setting the priority investment areas by prior consultation. This study analyzes the status and characteristics of disaster and safety management projects by damage type and proposes a structured system for prioritization. This framework can be useful in selecting the areas that need priority investments by damage type of disaster and safety management projects, thereby contributing to improving investment efficiency.

• International Journal of Advanced Culture Technology
• /
• v.11 no.2
• /
• pp.1-9
• /
• 2023

The purpose of this study is to examine the disaster management system of local governments by diagnosing the current status of disaster management experts in Korea, deriving problems and improvement measures, and looking at local governments' total labor cost system. The status and status of disaster management personnel were compared and analyzed to find ways to improve the local government's disaster management response system under the Framework Act on Disaster and Safety Management in Korea. Considering Korea's reality, because national security and disaster management exist together, we devised a plan to improve on-site response capabilities and seek solutions by deriving the problems of the currently operating security and safety-related organizations.

• Journal of the Korea Safety Management & Science
• /
• v.16 no.1
• /
• pp.1-9
• /
• 2014

New paradigm to the technological advancement and policies for disaster management is required for the fast change of the social framework such as climate change, urbanization, and aging. In these circumstances, enhancing the capacity of disaster management of national has become important issues, which is based on the ISO/TC223(Societal Security) In this research, we analyzed international trend and proposed effective domestic strategy for adapting TC223; 1) establishing a new department for effective corresponding, 2) activating an accreditation related to public and private field.