• Asia-Pacific Journal of Business Venturing and Entrepreneurship
• /
• v.8 no.2
• /
• pp.107-117
• /
• 2013

The main objective of this study lies at examining economic features of IT security investment and comparing alternative mechanisms to achieve optimal provision of IT security resources within a firm. There exists a paucity of economic analysis that provide useful guidelines for making critical decisions regarding the optimal level of provision of IT security and how to share the costs among different users within a firm. As a preliminary study, this study first argues that IT security resources share some unique characteristics of pure public goods, namely nonrivalry of consumption and nonexcludability of benefit. IT security provision problem also suffers from information asymmetry problem with regard to the valuation of an individual user for IT security goods. Then, through an analytical framework, it is shown that the efficient provision condition at the overall firm level is not necessarily satisfied by individual utility maximizing behavior. That is, an individual provision results in a suboptimal solution, especially an underprovision of the IT security good. This problem is mainly due to the nonexcludability property of pure public goods, and is also known as a free-riding problem. The fundamental problem of collective decision-making is to design mechanisms that both induce the revelation of the true information and choose an 'optimal' level of the IT security good within this framework of information asymmetry. This study examines and compares three alternative demand-revealing mechanisms within the IT security resource provision context, namely the Clarke-Groves mechanism, the expected utility maximizing mechanism and the Groves-Ledyard mechanism. The main features of each mechanism are discussed along with its strengths, weaknesses, and different applicability in practice. Finally, the limitations of the study and future research are discussed.

• Convergence Security Journal
• /
• v.5 no.1
• /
• pp.1-9
• /
• 2005

XML is the most common tool for data processing and data transmission in web applications. Policies are extensively used in all online business solutions and it is recognized that abinary decision such as 'yes/no' for access requests is not enough. In this paper, a method is developed to convert policy rules with provisions and obligations in logic formula formats into XML formats. The primary purpose is to enable security policy programmers to write flexible authorization policies in XML and to implement them easily. General syntaxes are defined to specify information for users, objects and actions in XML formats and an XML DTD is developed to specify authorization rules with these three components. To support various security features such as data transcoding and non-repudiation depending on data in addition to access control based on authorization policies, studies for specifying them in XML policy rules will be performed in the future.

• The KIPS Transactions:PartC
• /
• v.11C no.1
• /
• pp.47-54
• /
• 2004

The growth of computer resource and network speed has increased requests for the use of remotely located computer systems by connecting through computer networks. This phenomenon has hoisted research activities for application service provision that uses server-based remote computing paradigm. The server-based remote computing paradigm has been developed as the ASP (Application Service Provision) model, which provides remote users through application sharing protocol to application programs. Security requirement such as confidentiality, availability, integrity should be satisfied to provide ASP service using centralized computing system. Existing Telnet or FTP service for a remote computing systems have satisfied security requirement by a simple access control to files and/or data. But windows-based centralized computing system is vulnerable to confidentiality, availability, integrity where many users use the same application program installed in the same computer. In other words, the computing system needs detailed security level for each user different from others, such that only authorized user or group of users can run some specific functional commands for the program. In this paper, we propose windows based centralized computing system that sets security policies for each user for the use of instructions of the application programs, and performs access control to the instructions based on the security policies. The system monitors all user messages which are executed through graphical user interface by the users connecting to the system. Ail Instructions, i.e. messages, for the application program are now passed to authorization process that decides if an Instruction is delivered to the application program based on the pre-defined security polices. This system can be used as security clearance for each user for the shared computing resource as well as shared application programs.

• International Journal of Computer Science & Network Security
• /
• v.22 no.9
• /
• pp.244-250
• /
• 2022

Reforming social relations requires changing the system of relations between state executive bodies, institutions subordinate to them and a citizen, which is characteristic for most of the country, in which the latter is a petitioner even if his indisputable rights and legitimate interests are satisfied. One of the most important areas of public administration reform is the formation and development of a system of administrative services and appropriate information support. The result of the implementation of this direction should be the creation of such a legal framework and its real implementation in administrative and legal practice, in which consumers of administrative services will have broad rights and powers and will not be passive subjects manipulated by civil servants.Thus, the main task of the study is to analyze the normative legal aspects of information support for the provision of administrative services in the field of public administration. As a result of the study, the main aspects of normative legal aspects of information support for the provision of administrative services in the field of public administration were investigated.

• International Journal of Computer Science & Network Security
• /
• v.24 no.3
• /
• pp.71-82
• /
• 2024

This paper proposes a new communication system for e-learning applications to mitigate the negative impacts of COVID-19 where the online massive demands impact the current commu-nications systems infrastructures and capabilities. The proposed system utilizes high-altitude platforms (HAPs) for fast and efficient connectivity provision to bridge the communication in-frastructure gap in the current pandemic. The system model is investigated, and its performance is analyzed using adaptive antenna arrays to achieve high quality and high transmission data rates at the student premises. In addition, the single beam and multibeam HAP radio coverage scenarios are examined using tapered uniform concentric circular arrays to achieve feasible communication link requirements.

• KSCE Journal of Civil and Environmental Engineering Research
• /
• v.38 no.3
• /
• pp.497-503
• /
• 2018

Most of the conditions of contract applied in international construction contracts, including various conditions of contract published by FIDIC, include the provision for Retention Money which inevitably result in negative impact on cash-flow or financial burden to the contractors. In this study, fundamental reasons behind the application of Retention Money provisions are analysed and contractual mechanisms included in the FIDIC conditions of contract are searched, which include provisions for Performance Security and Defects as well as Termination, so that proper judgement can be derived on the application of Retention Money. In conclusion, considering the various contract provisions, performance security, termination of the contract by the Employer etc. included in the FIDIC conditions of contract, it is not necessary to include the provision for Retention Money.

• Journal of Korea Technology Innovation Society
• /
• v.21 no.2
• /
• pp.875-905
• /
• 2018

Recently China's science and technology development is accelerating, and some technologies have the world's best technology. With the rapid development of science and technology, China has been deeply aware of the importance of science and technology, and many efforts are being made to legislate security regulations to protect their technologies. Korea and other countries are also interested in research security, and research and development cooperation with China is also on the rise. In this paper, we derived some implications by comparing and analyzing China's science and technology security regulation and Korea's national R&D project management regulations. China is also enacting science and technology security regulations as a subordinate to the laws and regulations of science and technology. However, it should be reflected in future legislation that the difference from Korea is composed of separate independent regulations. In particular, the fact that the science and technology security regulations have been enacted separately may be a hint that can be reflected in the nation's future legislation processes. In this paper, major contents of the science and technology security regulations, points to division of knowledge property into scientific and technological cooperation or security tasks, designation of regulations on the characteristics of research security guidelines, and operation of individual national security agencies In addition, in the event that the contents of the related statutes, confidentiality provisions, and import and import control are recorded in this paper, and the results of the joint R&D project are not utilized, or the technology transfer is not carried out.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.891-898
• /
• 2022

Along with global interest, drones are expanding the base of utilization such as transportation of goods, forest protection, and safety management, and cluster flights are being applied in various fields such as military operations and environmental monitoring. Currently, specialized networks such as e-UM 5G for services in specific industries are being established in Korea. In this regard, drone systems are also moving to establish specialized networks to provide services that are fused with AI and autonomous flight. As drones converge with various services, various security threats in various environments are also subordinated, and in response, requirements and guidelines for drone security are being prepared in Korea. In this paper, we propose a technology method for peer identification and safe information provision between cluster flight drones by utilizing a cryptographic module equipped with wireless LAN and quantum entropy-based random number generator in a cluster flight system and a mobile communication network such as e-UM 5G.

• Journal of the military operations research society of Korea
• /
• v.18 no.1
• /
• pp.15-31
• /
• 1992

Developments toward a 'the end of the Cold War' are the main factor determining the situation in the Korean Peninsula. While all the combat resources of North Korea are systematically controlled and kept available for instant mobilization even in peacetime. South Korea is inferior to North Korea in terms of mobilization system and efficiency, exercise intensity and equipments. In sum, the South faces far greater restraints in wartime conversion capability than does the North. Mobilization refers to a nation's compulsory control, management and operation of its human and material resources for the purpose of national security. The total capability for safeguarding national security must be pursued by the continuous examination and complementation of our mobilization system and capability. This paper proposes an efficient management of national mobilization system that can be instantly operated on the whole in time of national emergency. Therefore, the actual operation of National Security Council is suggested to prepare operations against the emergencies and establish the foundation for national security.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.146-158
• /
• 2023

Smart City is gaining attention with the advancement of Information and Communication Technology (ICT). ICT provides the basis for smart city foundation; enables us to interconnect all the actors of a smart city by supporting the provision of seamless ubiquitous services and Internet of Things. On the other hand, Crowdsourcing has the ability to enable citizens to participate in social and economic development of the city and share their contribution and knowledge while increasing their socio-economic welfare. This paper proposed a hybrid model which is a compound of human computation, machine computation and citizen crowds. This proposed hybrid model uses knowledge-based crowdsourcing that captures collaborative and collective intelligence from the citizen crowds to form democratic knowledge space, which provision solutions in areas of civic innovations. This paper also proposed knowledge-based crowdsourcing framework which manages knowledge activities in the form of human computation tasks and eliminates the complexity of human computation task creation, execution, refinement, quality control and manage knowledge space. The knowledge activities in the form of human computation tasks provide support to existing crowdsourcing system to align their task execution order optimally.