• International Journal of Computer Science & Network Security
• /
• v.22 no.5
• /
• pp.245-249
• /
• 2022

This paper explored gifted students' perspectives on using educational technologies in their schools in the Saudi context. Adopting a descriptive research approach, a questionnaire was used to collect information from a sample of 196 gifted secondary school students in Jeddah. Findings showed that educational technology was used to a high degree, with an overall mean of 3.74 and 4.06 for the degree of importance of technological usage. Based on the findings, the researcher forwards some recommendations for effectively using such technologies to promote gifted students' abilities and talents.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.05a
• /
• pp.265-267
• /
• 2023

스마트 컨트랙트는 작성된 코드에 의해 정의되어 실행조건이 충족될 시 자동으로 실행되는 전자 계약으로 다양한 분야에서 활용될 수 있다. 스마트 컨트랙트가 블록체인 네트워크에 배포되면 수정이 불가한데, 개발자들이 스마트 컨트랙트를 작성하는데 코드 패턴 재상용 하는 경우가 대다수이다. 이로 인한 스마트 컨트랙트 취약점 사고를 예방하기 위해 개발 단계에서 보안을 고려하여 스마트 컨트랙트 작성이 필요하다. 본 논문에서는 대표적인 스마트 컨트랙트에 대한 보안 취약점을 확인하고 보안 권장 사항을 정리한다.

• International Commerce and Information Review
• /
• v.10 no.1
• /
• pp.217-236
• /
• 2008

The purpose of this paper is to discuss the impact of the New Container Security Initiatives of U.S., CSI(Container Security Initiative) and C-TPAT(Customs-Trade Partnership against Terrorism). The CSI which aims to pre-screen high-risk containers in ports of loading. It is a unilateral effort that seeks to develop bi-lateral agreements between the United States and foreign countries with significant container trade volumes into the U.S. C-TPAT is a voluntary initiative to develop cooperative security relationships between the U.S. government and U.S. firms in the global supply chain. Government and Industry have already responded with proposals to create more confidence in supply chain security. These proposals call for heightened inspection and scrutiny of the goods flowing through a supply chain, increased information exchange among participants of supply chain. While government and the private sector are working together to launch new initiative to create more secure and reliable supply chains, industry is rapidly exploring the potential of new technologies such as RFID. The security recommendations will eventually become the requirements to be complied with by importers and their supplier extending to the carriers. It is needed that Korean shippers involved in US importer's supply chain should pay attention to the requirements and start implementing the security measures.

• Journal of the Korea Safety Management & Science
• /
• v.4 no.2
• /
• pp.113-122
• /
• 2002

The marketing environment of recent security business has been changed as goods and service have been changed variously. Under this condition, the security corporations have been trying to have good relationship with customers and to have high gains as well. But the management of the customers in the bond marketing is not enough. Then, this paper suggests some methods to promote the CRM at bond brokerage in order to make profits in the security corporation. First, the customers will know the earning rate of the bond that they have and also they can analysis the difference selling the bond and keeping it until the due date. The developed bond management system analyzes customers' preference from questionaire which is responded by customers. It also can make customers actively sell and buy the bond through recommendations corresponding with customers' preference. Moreover, this paper suggests the video conference consulting system for close relationship with corporation and customers. We have tested this bond management system and we expect that this system activates the buying and selling of the bond that non-experts can easily invest bonds and the security corporations can increase profit.

• International Journal of Computer Science & Network Security
• /
• v.21 no.1
• /
• pp.107-118
• /
• 2021

The term Internet of Things (IoTs) refers to the future where things are known daily through the Internet, whether in one way or another, as it is done by the method of collecting various information from various sensors to form a huge network through which people, things and machines are helped to make a link between them at all time and anywhere. The IoTs is everywhere around us such as connected appliances, smart homes security systems and wearable health monitors. However, the question is what if there is a malfunction or outside interference that affects the work of these IoTs based devises? This is the reason of the spread of security causes great concern with the widespread availability of the Internet and Internet devices that are subject to many attacks. Since there aren't many studies that combines requirements, mechanisms, and the attacks of the IoTs, this paper which explores recent published studies between 2017 and 2020 considering different security approaches of protection related to the authentication, integrity, availability and confidentiality Additionally, the paper addresses the different types of attacks in IoTs. We have also addressed the different approaches aim to prevention mechanisms according to several researchers' conclusions and recommendations.

• Journal of Information Processing Systems
• /
• v.17 no.2
• /
• pp.253-270
• /
• 2021

In January 2013, the National Institute of Standards and Technology (NIST) announced the CAESAR (Competition for Authenticated Encryption: Security, Applicability, and Robustness) contest to identify authenticated ciphers that are suitable for a wide range of applications. A total of 57 submissions made it into the first round of the competition out of which 6 were announced as winners in March 2019. In the process of the competition, NIST realized that most of the authenticated ciphers submitted were not suitable for resource-constrained devices used as end nodes in the Internet-of-Things (IoT) platform. For that matter, the NIST Lightweight Cryptography Standardization Process was set up to identify authenticated encryption and hashing algorithms for IoT devices. The call for submissions was initiated in 2018 and in April 2019, 56 submissions made it into the first round of the competition. In August 2019, 32 out of the 56 submissions were selected for the second round which is due to end in the year 2021. This work surveys the 32 authenticated encryption schemes that made it into the second round of the NIST lightweight cryptography standardization process. The paper presents an easy-to-understand comparative overview of the recommended parameters, primitives, mode of operation, features, security parameter, and hardware/software performance of the 32 candidate algorithms. The paper goes further by discussing the challenges of the Lightweight Cryptography Standardization Process and provides some suitable recommendations.

• Journal of Information Technology Services
• /
• v.22 no.3
• /
• pp.49-63
• /
• 2023

The inclusion of software and wireless communication devices in vehicles has raised concerns regarding automobile security. In its response, UNECE WP.29 implemented the first-ever international standard for automotive cyber security in June 2020. Yet, the existing disparity between national standards for automotive certification systems and 「UN Regulation No. 155」 has caused confusion among auto makers. This discrepancy not only jeopardizes the security of domestic vehicles but also poses challenges to the seamless import and export of automobiles. Hence, there is a need to enhance the automotive cyber security certification system; however, there is a dearth of scholarly discourse on this topic. Consequently, this study presents a proposal for enhancing the domestic automotive cyber security certification system. In view of this, existing legal frameworks such as the 「Motor Vehicle Management Act」 and the 「Self-Driving Vehicle Act」 were reviewed, along with domestic and international automotive certification systems. The recommendations for improvement, derived from the findings, encompass institutional, legal, and operational aspects. This study is highly significant as it examines both domestic and international automotive certification systems in an area where there is a lack of academic discussion.

• Journal of the Korea Convergence Society
• /
• v.5 no.4
• /
• pp.93-99
• /
• 2014

Cloud computing refers to borrow IT resources as needed by leveraging Internet technology and pay as much as you used by supporting real-time scalability depending on the service load. Virtualization which is the main technology of cloud computing is a technology that server, storage and hardware are regarded as not separate system but one system area and are allocated as needed. However, the security mechanisms provided by virtualized environments are difficult to cope with the traditional security mechanisms, having basic levels of visibility, control and audit function, on which the server is designed to monitor the traffic between the servers. In this paper, the security vulnerabilities of virtualization are analysed in the cloud computing environment and cloud virtualization security recommendations are proposed.

• Journal of Information Technology Services
• /
• v.10 no.4
• /
• pp.21-32
• /
• 2011

The recently revised "Telecommunications Business Promotion and Personal Data Protection Act" is an important legal milestone in promoting the Korean telecommunications infrastructure and industry as well as protecting individuals' personal data and individuals' rights to privacy. Special characteristics of information security and privacy protection services including public goods' feature, adaptiveness, relativity, multi-dimensionality, and incompleteness, are reviewed. The responsibility of chief security/privacy officers in the IT industry, and the fairness and effectiveness of the criminal negligence in the Telecommunications Act are analyzed. An assessment of the rationale behind the act as well as a survey of related laws and cases in different countries, offers the following recommendations : i) revise the act and develop new systems for data protection, ii) grant a stay of execution or reduce the sentence given extenuating circumstances, or iii) use technical and managerial measures in data protection for exemption from criminal negligence.

• Korean Security Journal
• /
• no.41
• /
• pp.293-326
• /
• 2014

Piracy is a worldwide issue, but the deteriorating security situation in the seas off Somalia, the Gulf of Aden and the wider Western Indian Ocean between 2005 and 2012 and in the increasing number of attacks in the Gulf of Guinea are a major problem. The depth of concern for the problem internationally is amply demonstrated by the levels of co-operation and coordination among naval and other forces from several countries that have assembled in the west Indian Ocean region and the Gulf of Aden to escort ships carrying humanitarian aid to Somalia and to protect vulnerable shipping. Notwithstanding this unprecedented effort, the vast sea area in which the pirates now operate makes it difficult to patrol and monitor effectively, particularly with the limited resources available. More resources, in the form of naval vessels and aircraft, are needed and at every opportunity the IMO encourages Member Governments to make greater efforts to provide the additional naval, aerial surveillance and other resources needed through every means possible. IMO provide interim guidance and recommendations to be taken into account when considering the use of PCASP(privately contracted armed security personnel) if and when a flag State determines that such a measure would be lawful and, following a full risk assessment, appropriate. The interim guidance and recommendations of IMO are not intended to endorse or institutionalize the use of armed guards. Therefore, they do not represent any fundamental change of policy by the Organization in this regard. It is for each flag State, individually, to decide whether or not PCASP should be authorized for use on board ships flying their flag. If a flag State decides to permit this practice, it is up to that State to determine the conditions under which authorization will be granted. Therefore, Korea should be introduced rationally PCASP for safe shipping. PCASP on board ships is much the same to special guard personnel of security services industry act. Act plan of Oceans and fisheries ministry on PCASP collides with special guard personnel system of National Police Agency. Rather than new law making, PCASP regukations have to be included in security services industry act. Management Agency of PCASP is to not Oceans and fisheries ministry, but Central Headquarters Korea Coast Guard of Public Safety and Security Ministry because of specialty and closely connection.