• Korean Security Journal
• /
• no.17
• /
• pp.361-381
• /
• 2008

Quality rating of machine security systems is difficult because both tangible and intangible services are included. However, still, the research template applied the SERVQUAL model with the intention of confirming machine security systems' service quality formation and experimentally inspecting the relationship between service quality and customer satisfaction. Therefore, the following highlights the experimental research outcomes and their implications for small-scale businesses utilizing machine security systems in the Daegu region. First, after observing whether the determining factors constitute service quality, four components were found to have significant influence on customer satisfaction. Additionally, in observing any differences in their influences, the following in order were observed as having influence on customer satisfaction: empathy, assurance reliability, responsiveness, and tangibility. Moreover, though companies‘ newest facilities and equipment are important, it can be concluded that a company employees’ prudent consideration, individual interest, reliability, and assurance for the customer carry greater importance. Secondly, though we intended to survey machine security systems by employing the SERVQUAL model, determinant factor analysis results found applying SERVQUAL model in its original state a challenge. According to results from determinant factor analysis, the basis for forming service quality is determined by assurance reliability, empathy, tangibility, and responsiveness. Furthermore, in future research, while more accurately distinguishing between assurance and reliability, a more appropriate model must also be considered for modification in domestic machine security system industry‘s service quality evaluation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.105-116
• /
• 2011

Mobile IPTV is a IPTV interactive broadcasting service through wireless Internet. Mobile IPTV service would be much more promoted. Thus, the methods for protecting the broadcasting contents will be indispensible elements for the successful Mobile IPTV service achievement. This paper describes the characteristics of Mobile IPTV and the related contents protection techniques. To evaluate several security issues, we suggest a DCAS security framework model for Mobile IPTV, and speculate the most widespread, a security technologies for Mobile IPTV such as DCSA. Moreover, candidate models of Mobile IPTV protection system are suggested based on these technologies.

• The Journal of the Korea Contents Association
• /
• v.21 no.2
• /
• pp.587-593
• /
• 2021

In this thesis, we will break away from the classic DDoS response system for large-scale denial-of-service attacks that develop day by day, and effectively endure intelligent denial-of-service attacks by utilizing artificial intelligence-based technology, one of the core technologies of the 4th revolution. A possible service model development plan was proposed. That is, a method to detect denial of service attacks and minimize damage through machine learning artificial intelligence learning targeting a large amount of data collected from multiple security devices and web servers was proposed. In particular, the development of a model for using artificial intelligence technology is to detect a Western service attack by focusing on the fact that when a service denial attack occurs while repeating a certain traffic change and transmitting data in a stable flow, a different pattern of data flow is shown. Artificial intelligence technology was used. When a denial of service attack occurs, a deviation between the probability-based actual traffic and the predicted value occurs, so it is possible to respond by judging as aggressiveness data. In this paper, a service denial attack detection model was explained by analyzing data based on logs generated from security equipment or servers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.175-185
• /
• 2019

The security control is to protect IT system from cyber infringement by deriving valid result values in the process of gathering and analyzing various information. Currently, security control is very effective by using SIEM equipment which enables analysis of systematic and comprehensive viewpoint based on a lot of data, away from analyzing cyber threat information with only fragmentary information. However, It can also be said that cyber attacks are analyzed and coped with the manual work of security personnel. This means that even if there is excellent security equipment, the results will vary depending on the user using. In case of operating a characteristic web service including information provision, This study suggests the basic point of security control through characteristics information analysis, and proposes a model for intensive security control through the type discovery and application which enable a step-wise analysis and an effective filtering. Using this model would effectively detect, analyze and block attacks.

• International Journal of Computer Science & Network Security
• /
• v.24 no.3
• /
• pp.23-28
• /
• 2024

The multi-tenancy and high scalability of the cloud have inspired businesses and organizations across various sectors to adopt and deploy cloud computing. Cloud computing provides cost-effective, reliable, and convenient access to pooled resources, including storage, servers, and networking. Cloud service models, SaaS, PaaS, and IaaS, enable organizations, developers, and end users to access resources, develop and deploy applications, and provide access to pooled computing infrastructure. Despite the benefits, cloud service models are vulnerable to multiple security and privacy attacks and threats. The SaaS layer is on top of the PaaS, and the IaaS is the bottom layer of the model. The software is hosted by a platform offered as a service through an infrastructure provided by a cloud computing provider. The Hypertext Transfer Protocol (HTTP) delivers cloud-based apps through a web browser. The stateless nature of HTTP facilitates session hijacking and related attacks. The Open Web Applications Security Project identifies web apps' most critical security risks as SQL injections, cross-site scripting, sensitive data leakage, lack of functional access control, and broken authentication. The systematic literature review reveals that data security, application-level security, and authentication are the primary security threats in the SaaS model. The recommended solutions to enhance security in SaaS include Elliptic-curve cryptography and Identity-based encryption. Integration and security challenges in PaaS and IaaS can be effectively addressed using well-defined APIs, implementing Service Level Agreements (SLAs), and standard syntax for cloud provisioning.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.93-98
• /
• 2022

Information service technology continues to develop, and information service continues to expand based on the IT convergence trend. The premeter-based security model chosen by many organizations can increase the effectiveness of security technologies. However, in the premeter-based security model, it is very difficult to deny security threats that occur from within. To solve this problem, a zero trust model has been proposed. The zero trust model requires authentication for user and terminal environments, device security environment verification, and real-time monitoring and control functions. The operating environment of the information service may vary. Information security management should be able to response effectively when security threats occur in various systems at the same time. In this study, we proposed a security policy distribution system in the object reference method that can effectively distribute security policies to many systems. It was confirmed that the object reference type security policy distribution system proposed in this study can support all of the operating environments of the system constituting the information service. Since the policy distribution performance was confirmed to be similar to that of other security systems, it was verified that it was sufficiently effective. However, since this study assumed that the security threat target was predefined, additional research is needed on the identification method of the breach target for each security threat.

• Journal of Information Technology Applications and Management
• /
• v.23 no.2
• /
• pp.153-176
• /
• 2016

This study investigated factors affecting the use intention of podcast service users based on the unified theory of acceptance and use of technology (UTAUT). Performance expectancy, effort expectancy, social influence, facilitating condition, hedonic motivation, innovativeness, and media credibility were used as independent variables in the model. The survey data from the users of the podcast portal 'podbbang' were analyzed with Smart PLS 2.0 to test the structural equation model. The results revealed that the podcast service user's effort expectancy, facilitating condition, hedonic motivation, and media credibility have a significant influence on use intention. However, the relationship between the podcast service user's performance expectancy, social influence, innovativeness, and use intention were not identified as significant.

• The Journal of Society for e-Business Studies
• /
• v.8 no.3
• /
• pp.241-257
• /
• 2003

XML is a global standard for the Internet and e-business, and its use is growing in proportion to the spreading speed of e-Commerce. Thus, a policy for providing more safe security service for exchanging e-documents within e-Commerce is necessary. XKMS, one of XML security specification, defines the protocol for distributing and registering public keys for verifying electronic signatures and enciphering e-documents of e-Commerce applications with various and complicate functions. In this paper, we propose X-KISS service reference model and implement service component based on standard specification. Also describes the analysis and security of XML key information service for safe e-Commerce, paying attention to the features of XML based security service. This reference model supported include public key location by given identifier information, the binding of such keys to identifier information. The client service component controls the number of locate threads and validate threads to analyze the minimum requirements of real-time key retrievals. This service modeling offers the security construction guideline for future domestic e-business frameworks.

• The Transactions of the Korean Institute of Electrical Engineers P
• /
• v.66 no.2
• /
• pp.76-81
• /
• 2017

In this paper, the risk analysis of smart home services was implemented by applying threat modeling. Identified possible threats for safe deployment of smart home services and identified threats through the STRIDE model. Through the creation of the Attack Tree, the attackable risk was analyzed and the risk was measured by applying the DREAD model. The derived results can be used to protect assets and mitigate risk by preventing security vulnerabilities from compromising and identifying threats from adversely affecting services. In addition, the modeled result of the derived threat can be utilized as a basis for performing the security check of the smart home service.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.199-203
• /
• 2023

Influential trend that widely reflected the software engineering industry is service oriented architecture. Vendors are migrating towards cloud environment to benefit their organization. Companies usually offer products and services with a goal to solve problems at customer end. Because customers are more interested in solution of their problem rather than focusing on products or services. In software industry the approach in which customers' problems are solved by providing services is known as software as a service. However, software development life cycle encounters enormous changes when migrating software from product model to service model. Enough research has been done on the overall development process but a limited work has been done on the factors that influence requirements elicitation process. This paper focuses on those changes that influence requirement elicitation process and proposes a systematic methodology for transformation of software from product to service model in a successful manner. The paper then elaborates the benefits that inherently come along with elicitation process in cloud environment. The paper also describes the problems during transformation. The paper concludes that requirement engineering process turn out to be more profitable after transformation of traditional software from product to service model.