• Journal of Korean Society for Quality Management
• /
• v.41 no.4
• /
• pp.649-657
• /
• 2013

Purpose: In this study, the actual situation of domestic firms vulnerable to industrial security competence will be discussed. And accordingly be discussed for effective response measures. Methods: Using a structured questionnaire by mail, fax, e-mail and fill method was used respondents. By the end of '10 R&D Center, which holds 15,247 companies(population) among the 95% level of confidence, tolerance ${\pm}3%$ p-level corporate type, sector, region extraction method stratified multi-level companies were investigated through the final 1529. Results: The average level of industrial security capabilities 43.8%(out of 100) is very weak, so urgent and positive response measures also need to be investigated sought. Conclusion: we propose the effective management framework and improvement plans to prevent illegal industrial leakage are to be made.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.161-170
• /
• 2008

Despite the recent growth in size and frequency of damages caused by illegal information breaches, current business counter-measures and precautionary systems are greatly limited. Some major companies have developed Information Security Management Systems (ISMS) to safeguard their vital information; however, such measures are largely based on the ISO27001 and lacks in many aspects to grasp the holistic corporate security level and reinforce precautionary measures. The information protection level evaluation model introduced in this paper is a pragmatic evaluative tool that can be utilized to devise effective corporate information security precautionary measures and countermeasures, based on the BSC (Balanced ScoreCard) method for an actual and realistic corporate information security level evaluation possible.

• IE interfaces
• /
• v.16 no.4
• /
• pp.421-431
• /
• 2003

Due to the increasing complexity of the information systems environment, modern information systems are facing more difficult and various security risks than ever, there by calling for a higher level of security safeguard. In this paper, an information technology security risk management model, which modified by adopting the concept of business processes, is applied to client/server distributed systems. The results demonstrate a high level of risk-detecting performance of the model, by detecting various kinds of security risks. In addition, a practical and efficient security control safeguard to cope with the identified security risks are suggested. Namely, using the proposed model, the risks on the assets in both of the I/O stage(on client side) and the request/processing stage(on server side), which can cause serious problems on business processes, are identified and the levels of the risks are analyzed. The analysis results show that maintenance of management and access control to application systems are critical in the I/O stage, while managerial security activities including training are critical in the request/processing stage.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.12 no.2
• /
• pp.29-42
• /
• 2004

This paper performs a historical review on aviation threats through a statistical survey. The impact factor, as a criterion to measure the seriousness of the threats occurred, is introduced and evaluated based on annual totals of hijacking and fatalities against aircraft 1948 through 2004. Also, the paper suggests processes of evaluating the level of threats and key functions for an effective management of the aviation security.

• Journal of the Korea Society of Computer and Information
• /
• v.6 no.2
• /
• pp.1-7
• /
• 2001

The database development is in need or transaction management composed of operations about data, efficiency database management and security of information data in necessity of as well as the new thinking about data security. When users approach data, transaction concurrency is controlled by the users security authentication and security level of data. So, existing secure algorithm occurred the problems which don't satisfy serializability of high level transaction which is delayed high level transaction repeatedly by the low level transaction, because existing secure algorithm is focused on the part which removes the security channel. Therefore this proposed algorithm which prevents waste of resource from the high level transaction reexecution and delay by stopping serializability offense problem by the increase of efficiency of concurrency control.

• Journal of Information Technology Applications and Management
• /
• v.27 no.4
• /
• pp.1-19
• /
• 2020

Infringement of information security has caused the corporate image to be damaged and share price to fall, and it is emerging as an organizational risk. The value of information assets in enterprises has led to a higher level of security than in the past. As a result, companies are aware of the need for officers to protect information and to oversee a security management system. However, despite the growing importance of information security officers, there is a lack of research on their roles and characteristics. This study validates the relationship between determinants that affect the performance of information security. And a structural equation model was presented and empirically analyzed to see the impact of the internal and external characteristics of the staff in charge of information security on the organization's information security performance.

• Journal of Navigation and Port Research
• /
• v.33 no.10
• /
• pp.735-742
• /
• 2009

Information security is an essential factor that enables terminal to be operated. However, despite of this importance of information security, there has hardly been any research related to this topic. And moreover, current level of information security performance in container terminals has not been analyzed so far. The objective of this study is to evaluate current level of information security in container terminals. Through survey from the four leading container terminal operators in Korea, The results firstly showed that average of information security level of major container terminals was 71.7%. And from the results of data analysis, it revealed that the weak point of information security in Korean container terminals was security management, and in detail, lack of expertise of support group.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.1
• /
• pp.87-93
• /
• 2016

In this paper, we propose a new method to enhance an android security by exploiting a selective management of application permission. To that purpose, we analyze behavior of the current android security, via which we draw out possible vulnerabilities. After that, we develop a tool to implement the selective management of the application permission, witch has a function to give a permission selectively for the application when we install a new application. Via experiment we show validity of the developed tool in solving the drawn vulnerability in the current android security.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.4
• /
• pp.57-66
• /
• 2011

We implemented the document DRM applying role based access control(RBAC) mechanism for preventing the information leakage of a document which is transmitted in network environment. It must prevent to access document not related to user role and duty, and must allow operation to document for improving security, considering user role and security level according to a document importance. We improved the security of document DRM by adding to the access control module applying RBAC for satisfying security requirements. Though the user access document, our system allows operation authorizations to document by the user's role & security level and the security attribute of RBAC. Our system prevents indiscriminate access to the documents by user who is not associated with the role, and prevents damage the confidentiality and integrity.

• International Journal of Computer Science & Network Security
• /
• v.23 no.6
• /
• pp.77-83
• /
• 2023

This research is conducted to minimize the potential security risks of conducting online exams to an acceptable level as vulnerabilities and threats to this type of exam are presented. This paper provides a general structure for the risk management process and some recommendations for increasing the level of security.