• The Journal of Society for e-Business Studies
• /
• v.8 no.3
• /
• pp.69-86
• /
• 2003

A Protection Profile(PP) is a common security and assurance requirements for a specific class of Information Technology security products such as firewall and smart card. A PP should be included "TOE(Target of Evaluation) Security Environment", which is consisted of subsections: assumptions, treat, organizational security policies. This paper presents a new threats statement generation method for developing TOE security environment section of PP. Our survey guides the statement of threats in CC(Common Criteria) scheme through collected and analysed hundred of threat statements from certified and published real PPs and CC Tool Box/PKB that is included a class of pre-defined threat and attack statements. From the result of the survey, we present a new asset classification method and propose a threats statement generation model. The former is a new asset classification method, and the later is a production rule for a well formed statement of threats.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.59-65
• /
• 2010

Since an attacker can occur an error in cryptographic device during encryption process and extract secret key, the fault injection attack has become a serious threat in chip security. In this paper, we show that an attacker can retrieve the 128-bits secret key using fault injection attack on the for statement of final round key addition in AES implementation. To verify possibility of our proposal, we implement the AES system on ATmega128 microcontroller and try to inject a fault using laser beam. As a result, we can extract 128-bits secret key through just one success of fault injection.

• Journal of Advanced Navigation Technology
• /
• v.27 no.1
• /
• pp.16-22
• /
• 2023

Terrorists have been attacking in the vulnerable points of aviation sector with the diverse methods of attacks. Recently, Vulnerability is increasing because the Modus Operandi of Terrorism is carried out by exploitation of people in the form of employee working in aviation sector whose role provides them with privileged access to secured locations, secured items or security sensitive information. Furthermore, cases of insider threat are rising across the world with the phenomenon of personal radicalization through internet and social network service. The government of ROK must respond to insider threat could exploit to acts of unlawful interference and the security regulations should be established to prevent from insider threat in advance refer to the acts of unlawful interference carried out in foreign countries and the recommendations by USA, UK and ICAO.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.439-445
• /
• 2012

Since an attacker can extract secret key of cryptographic device by occurring an error during encryption operation, the fault injection attack have become a serious threat in cryptographic system. In this paper, we show that an attacker can retrieve the 128-bits secret key in AES implementation adopted iterative statement for round operations using fault injection attack. To verify the feasibility of our attack, we implement the AES algorithm on ATmega128 microcontroller and try to inject a fault using laser beam. As a result, we can extract 128-bits secret key by obtaining just two pairs of correct and faulty ciphertexts.

• Management & Information Systems Review
• /
• v.33 no.3
• /
• pp.167-187
• /
• 2014

While Korean GAAP had detailed regulations for the measurement and disclosure of operating income in the past, K-IFRS did not provide specific rules for operating income until 2011. Some firms that adopted K-IFRS before 2011 did not disclose or calculated operating income in an inconsistent manner although operating income is usually considered as one of the core information items to assess firm valuation. Inconsistency in firms' treatment of operating income invoked much criticism from diverse users of financial statement. The Korean Accounting Institute (KAI hereafter) revised the K-IFRS rules relevant to operating income in September 2010 in response to the voices raised by the business community, whereby the operating income number is allowed to be calculated in conformity with the previous K-GAAP. This study was motivated by the revision of K-IFRS and aims to provide a clue on the validity of such policy decision. To achieve the research objective, we test the relative value relevance of the alternative operating income numbers under K-IFRS versus K-GAAP. Our main findings are as follows. The value relevance of operating income reported before K-IFRS is proved to be higher than after K-IFRS. K-IFRS operating income adjusted to the previous K-GAAP has greater explanatory power for market values relative to one calculated under the K-IFRS regime. In an additional analysis, the sample was decomposed according to whether the operating income under K-IFRS is greater than under K-GAAP. The difference in the value relevance of K-IFRS versus K-GAAP operating income is significant only in the subsample consisting of firms which reports higher operating income under K-IFRS compared to K-GAAP. Also, the firms which would have reported negative operating income on a consecutive basis are more likely to have chosen K-IFRS, resulting in higher numbers than otherwise. It is likely that firms facing the threat of delisting due to consecutive operating loss reporting are more likely to have adopted K-IFRS disclosure rules by which they could report higher operating income numbers. To sum up, these results corroborate the limitation inherent in the K-IFRS regarding operating income disclosures. This paper suggests that the recent revision of K-IFRS implemented by KAI is likely to mitigate some of afore-mentioned limitations effectively.

• Asia Marketing Journal
• /
• v.14 no.2
• /
• pp.65-96
• /
• 2012

Brand has received much attention from considerable marketing research. When consumers consume product or services, they are exposed to a lot of brand related stimuli. These contain brand personality, brand experience, brand identity, brand communications and so on. A special kind of new crisis occasionally confronting companies' brand management today is the brand related rumor. An important influence on consumers' purchase decision making is the word-of-mouth spread by other consumers and most decisions are influenced by other's recommendations. In light of this influence, firms have reasonable reason to study and understand consumer-to-consumer communication such as brand rumor. The importance of brand rumor to marketers is increasing as the number of internet user and SNS(social network service) site grows. Due to the development of internet technology, people can spread rumors without the limitation of time, space and place. However relatively few studies have been published in marketing journals and little is known about brand rumors in the marketplace. The study of rumor has a long history in all major social science. But very few studies have dealt with the antecedents and consequences of any kind of brand rumor. Rumor has been generally described as a story or statement in general circulation without proper confirmation or certainty as to fact. And it also can be defined as an unconfirmed proposition, passed along from people to people. Rosnow(1991) claimed that rumors were transmitted because people needed to explain ambiguous and uncertain events and talking about them reduced associated anxiety. Especially negative rumors are believed to have the potential to devastate a company's reputation and relations with customers. From the perspective of marketer, negative rumors are considered harmful and extremely difficult to control in general. It is becoming a threat to a company's sustainability and sometimes leads to negative brand image and loss of customers. Thus there is a growing concern that these negative rumors can damage brands' reputations and lead them to financial disaster too. In this study we aimed to distinguish antecedents of brand rumor transmission and investigate the effects of brand rumor characteristics on rumor spread intention. We also found key components in personal acceptance of brand rumor. In contextualist perspective, we tried to unify the traditional psychological and sociological views. In this unified research approach we defined brand rumor's characteristics based on five major variables that had been found to influence the process of rumor spread intention. The five factors of usefulness, source credibility, message credibility, worry, and vividness, encompass multi level elements of brand rumor. We also selected product involvement as a control variable. To perform the empirical research, imaginary Korean 'Kimch' brand and related contamination rumor was created and proposed. Questionnaires were collected from 178 Korean samples. Data were collected from college students who have been experienced the focal product. College students were regarded as good subjects because they have a tendency to express their opinions in detail. PLS(partial least square) method was adopted to analyze the relations between variables in the equation model. The most widely adopted causal modeling method is LISREL. However it is poorly suited to deal with relatively small data samples and can yield not proper solutions in some cases. PLS has been developed to avoid some of these limitations and provide more reliable results. To test the reliability using SPSS 16 s/w, Cronbach alpha was examined and all the values were appropriate showing alpha values between .802 and .953. Subsequently, confirmatory factor analysis was conducted successfully. And structural equation modeling has been used to analyze the research model using smartPLS(ver. 2.0) s/w. Overall, R² of adoption of rumor is .476 and R² of intention of rumor transmission is .218. The overall model showed a satisfactory fit. The empirical results can be summarized as follows. According to the results, the variables of brand rumor characteristic such as source credibility, message credibility, worry, and vividness affect argument strength of rumor. And argument strength of rumor also affects rumor intention. On the other hand, the relationship between perceived usefulness and argument strength of rumor is not significant. The moderating effect of product involvement on the relations between argument strength of rumor and rumor W.O.M intention is not supported neither. Consequently this study suggests some managerial and academic implications. We consider some implications for corporate crisis management planning, PR and brand management. This results show marketers that rumor is a critical factor for managing strong brand assets. Also for researchers, brand rumor should become an important thesis of their interests to understand the relationship between consumer and brand. Recently many brand managers and marketers have focused on the short-term view. They just focused on strengthen the positive brand image. According to this study we suggested that effective brand management requires managing negative brand rumors with a long-term view of marketing decisions.