• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.133-140
• /
• 2006

For the verification of the security level against a IT product development environment, we should analyze the vulnerability and the various threatening factors which exists in the IT product development environment. Also we need the evaluation criteria and tools for the evaluation and improvement of the level of information security. For that, we need evaluation indices and the standard it will be able to improve the evaluation methodology in the actual IT product development environment which will reach it will be able to apply must be researched. In this study, our aims are the development of verification tools for the security level of IT product development environment.

• Journal of Korean Society for Quality Management
• /
• v.50 no.3
• /
• pp.571-591
• /
• 2022

Purpose: The purpose of this study is to examine the factors affecting the intention to use online collaboration tools for non-face-to-face educational environment in the perspective of the learners. Methods: For empirical analysis, the survey of this study was administered with data that were limited to experienced learners using online collaboration tools such as Google Docs, Allo, Padlet, and Slido in online education environments such as Zoom, Webex, MS Teams, etc. and valid 400 data were analyzed by SPSS(ver 22.0) and R(ver 4.1.0) program package. Results: The results of empirical analysis showed that performance expectancy were found to have an effect on reliability of system quality, empathy of service quality, playfulness and informativity of content quality among the characteristics of online collaboration tools. On the other hand, it was found that the security of system quality, responsiveness of service quality, and extroversion of user personality characteristics did not affect. It was analyzed that playfulness had the greatest positive effect, followed by informativity, empathy, and reliability. Among the characteristics of online collaboration tools, it was found that the reliability and security of system quality and informativity of content quality had an effect on the effort expectancy. It was analyzed that informativity has the greatest influence, followed by security and reliability. Conclusion: This study is meaningful in that it examines the perspectives of users and learners, who can be said to be the end customers of online collaboration tools. Based on the results of this study, it is expected that not only platform operators that provide online collaborative tools, but also providers that use online collaboration tools will have a significant impact on the development of edutech and infrastructure in the educational environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.165-176
• /
• 2011

In this paper, we examine the reliability verification procedure of evidence analysis tools for computer forensics and test the famous tools for their functional requirements using the verification items proposed by standard document, TIAK.KO-12.0112. Also, we carry out performance evaluation based on test results and suggest the way of performance improvement for evidence analysis tools. To achieve this, we first investigate functions that test subjects can perform, and then we set up a specific test plan and create evidence image files which contain the contents of a verification items. We finally verify and analyze the test results. In this process, we can discover some weaknesses of most of analysis tools, such as the restoration for deleted & fragmented files, the identification of the file format which is widely used in the country and the processing of the strings composed of Korean alphabet.

• The KIPS Transactions:PartC
• /
• v.11C no.4
• /
• pp.485-496
• /
• 2004

The wide spread of Internet makes susceptible to the attacks via communication Web from hackers using the vulnerability of both computer and network systems. In this paper, we design and implement an integrated security system, named as LISS(Linux-based Integrated Security System) in which an integrated security management is possible. This system is based on the open operating system, Linux and consists of open security tools, which is effective in security management of Linux based-servers. We also construct a test-bed in order to testify the performance of the LISS. It is revealed that the implemented system captures all the attack Patterns generated from Network Mapper.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.787-797
• /
• 2016

This paper is directed for the information security education of the elementary students. The dependence on human involvement and human behavior to protect information assets necessitates an information security education to make the awareness of their roles and responsibilities towards information security. The information security education is needed even to elementary school students. The information security learning model integrating knowledge, attitudes, and ways to practice was developed, and the teaching plan and learning material hand-out were accordingly made out. As the test result analysis, it was verified that the developed teaching tools of elementary network security learning using gamification mechanism was effective to help the students learn the knowledge, attitudes, skills and ways to practice.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.973-983
• /
• 2019

The importance of information security has been increasingly emphasized at the national, organizational, and individual levels due to the widespread adoption of software applications. High-safety software, which includes embedded software, should run without errors, similar to software used in the airline and nuclear energy sectors. Software development techniques in the above sectors are now being used to improve software security in other fields. Secure coding, in particular, is a concept encompassing defensive programming and is capable of improving software security. In this paper, we propose a software security vulnerability detection method using an improved coding standard searching technique. Public static analysis tools were used to assess software security and to classify the commands that induce vulnerability. Software security can be enhanced by detecting Application Programming Interfaces (APIs) and patterns that can induce vulnerability.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.123-135
• /
• 2002

As the development of information technology and thus the growth of security incidents, there has been increasing demand on developing methodologies and tools for measuring the information security level of organizations for the efficient security management. However, most works from foreign countries are not realistic in constructing the checklists, moreover their tools provide neither the ease of use nor the inexpensiveness, and most domestic works are not properly considering the characteristics of the organizations when measuring the information security level. In this study, an efficient information security levelling tool is suggested, which applies the multiple variable weights for security levelling according to the characteristics of organizations and the fuzzy technique to reduce the user's subjectivity.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.4 s.36
• /
• pp.375-384
• /
• 2005

As the development of information communication technology and thus the growth of security incidents, there has been increasing demand on developing methodologies and tools for measuring the information security level of organizations for the efficient security management. However, most works from foreign countries are not realistic in constructing the checklists, moreover their tools provide neither the ease of use nor the inexpensiveness, and most domestic works are not properly considering the characteristics of the organizations when measuring the information security level. In this study, an efficient information security levelling tool is suggested, which applies the multiple variable weights for security levelling according to the characteristics of organizations and the fuzzy technique to reduce the user's subjectivity and the genetic algorithm to establish the security countermeasure.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.353-363
• /
• 2021

As the Untact era is rapidly changing, collaboration tools are increasing their utilization and value as digital technologies for non-face-to-face work. While instant messenger-based collaboration tools support a variety of functions, crime and accident concerns are also increasing in proportion to their convenience, such as information leakage and security incidents. Meanwhile, the digital forensics perspective on collaborative tools is not enough, so forensics research is needed. This study analyzes significant artifacts in the two operating environments through Windows and Android forensics research on Microsoft Teams, the collaboration tool with the highest share in the world. Also, based on differences in artifacts and data attributes according to the operating environment, by applying 'differential forensic', we proved that the usefulness of evidence can be improved by presenting a complementary analysis method and timeline configuration through information linkage.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.9
• /
• pp.1315-1328
• /
• 2002

Recently there has been increasing demand on developing methodologies and tools for measuring the information security level of organizations for the efficient security management, as the growth of security incidents. However, most methodologies from foreign countries are not realistic in constructing the checklists, moreover their tools provide neither the ease of use nor the inexpensiveness, and most domestic works are not properly considering the characteristics of the organizations. In this study, based on the recently developed standard for information security management, an information security levelling tool is designed and implemented which can be used before building an information security management system while considering the characteristics of organizations more efficiently. The efficiency comes from applying multiple variable weights for security levelling according to the characteristics of organizations.