• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.9-17
• /
• 2023

Due to COVID-19, the concept of Zero Trust, a safe security in a non-face-to-face environment due to telecomm uting, is drawing attention. U.S. President Biden emphasized the introduction of Zero Trust in an executive order to improve national cybersecurity in May 2021, and Zero Trust is a global trend. However, the most difficulty in introd ucing new technologies such as Zero Trust in Korea is excessive regulation of cloud and network separation, which is based on the boundary security model, but is limited to not reflecting all new information protection controls due to non-face-to-face environments. In particular, in order for the government's policy to ease network separation to b ecome an effective policy, the zero trust name culture is essential. Therefore, this paper aims to study legal improve ments that reflect the concept of zero trust under the Electronic Financial Transactions Act.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.131-139
• /
• 2023

In recent years, there have been frequent incidents of invasion of national defense networks by insiders. This trend can be said to disprove that the physical network separation policy currently applied by the Korea Ministry of National Defense can no longer guarantee military cyber security. Therefore, stronger cybersecurity measures are needed. In this regard, Zero Trust with a philosophy of never trusting and always verifying is emerging as a new alternative security paradigm. This paper analyzes the zero trust establishment trends currently being pursued by the US Department of Defense, and based on the implications derived from this, proposes a zero trust establishment plan tailored to the Korean military. The zero trust establishment plan tailored to the Korean military proposed in this paper includes a zero trust establishment strategy, a plan to organize a dedicated organization and secure budget, and a plan to secure zero trust establishment technology. Compared to cyber security based on the existing physical network separation policy, it has several advantages in terms of cyber security.

• The Journal of the Korea Contents Association
• /
• v.15 no.1
• /
• pp.388-398
• /
• 2015

This study is to investigate an impact of emotional index, social network, and trust to customers on sales performance with emotional intelligence theory and social relationship theory. We found that the higher is seller's emotional index, the higher are cognitive and affective trust, and the high trust improves sales performance. We also found that the higher emotional index strengthens social network, but does not have an effect on cognitive and affective trust. With these results we provide the sales competency in clothing shop.

• Journal of Digital Convergence
• /
• v.12 no.4
• /
• pp.103-113
• /
• 2014

Bargain position and trust are core issues in supply chain management, yet the effect of bargain position on trust remains to be undetermined. The purpose of this research is to present theoretical and methodological hurdles for the relationship among various bargain positions and trust, and develops a set of hypotheses about the asymmetric effect of bargain position on trust in supply chain network. An analytical tool to analyze nonlinear effects on a response surface is introduced. Based on the data collected through a survey of firms participating in Project Supply chain, a set of hypotheses is tested. The analysis results support the prediction that the bargain position perceived by the buyers have asymmetric effects on trust toward supplies, and provide more fine-grained accounts on the relationships among bargain power, bargain position and trust in a supply chain network.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.5
• /
• pp.103-117
• /
• 2009

In MANET(Mobile Ad-Hoc Network), providing security to routing has been a significant issue recently. Existing studies, however, focused on either of secure routing or packet itself where malicious operations occur. In this paper, we propose SRPPnT(A Secure Routing Protocol in MANET based on Malicious Pattern of Node and Trust Level) that consider both malicious behavior on packet and secure routing. SRPPnT is identify the node where malicious activities occur for a specific time to compose trust levels for each node, and then to set up a routing path according to the trust level obtained. Therefore, SRPPnT is able to make efficient countermeasures against malicious operations. SRPPnT is based on AODV(Ad-Hoc On-Demand Distance Vector Routing). The proposed SRPPnT, from results of the NS-2 network simulation. shows a more prompt and accurate finding of malicious nodes than previous protocols did, under the condition of decreased load of networks and route more securely.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.21-26
• /
• 2024

The security model in the previous network environment has a vulnerability in which resource access control for trusted users is not properly achieved using the Perimeter model based on trust. The Zero Trust is an absolute principle to assume that the users and devices accessing internal data have nothing to trust. Applying the Zero Trust principle is very successful in reducing the attack surface of an organization, and by using the Zero Trust, it is possible to minimize damage when an attack occurs by limiting the intrusion to one small area through segmentation. ZTNA is a major technology that enables organizations to implement Zero Trust security, and similar to Software Defined Boundary (SDP), ZTNA hides most of its infrastructure and services, establishing one-to-one encrypted connections between devices and the resources they need. In this study, we review the functions and requirements that become the principles of the ZTNA architecture, and also study the security requirements and additional considerations according to the construction and operation of the ZTNA solution.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.12
• /
• pp.4661-4676
• /
• 2014

In Wireless Mesh Networks (WMN), an authentication technique can be compromised due to the distributed network architecture, the broadcast nature of the wireless medium and dynamic network topology. Several vulnerabilities exist in different protocols for WMNs. Hence, in this paper, we propose trust based authentication and key establishment for secure routing in WMN. Initially, a trust model is designed based on Ant Colony Optimization (ACO) to exchange the trust information among the nodes. The routing table is utilized to select the destination nodes, for which the link information is updated and the route verification is performed. Based on the trust model, mutual authentication is applied. When a node moves from one operator to another for accessing the router, inter-authentication will be performed. When a node moves within the operator for accessing the router, then intra-authentication will be performed. During authentication, keys are established using identity based cryptography technique. By simulation results, we show that the proposed technique enhances the packet delivery ratio and resilience with reduced drop and overhead.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.5
• /
• pp.2082-2102
• /
• 2018

In recent years, social network related applications such as WeChat, Facebook, Twitter and so on, have attracted hundreds of millions of people to share their experience, plan or organize, and attend social events with friends. In these operations, plenty of valuable information is accumulated, which makes an innovative approach to explore users' preference and overcome challenges in traditional recommender systems. Based on the study of the existing social network recommendation methods, we find there is an abundant information that can be incorporated into probability matrix factorization (PMF) model to handle challenges such as data sparsity in many recommender systems. Therefore, the research put forward a unified social network recommendation framework that combine tags, trust between users, ratings with PMF. The uniformed method is based on three existing recommendation models (SoRecUser, SoRecItem and SoRec), and the complexity analysis indicates that our approach has good effectiveness and can be applied to large-scale datasets. Furthermore, experimental results on publicly available Last.fm dataset show that our method outperforms the existing state-of-art social network recommendation approaches, measured by MAE and MRSE in different data sparse conditions.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.6
• /
• pp.3273-3308
• /
• 2017

Building appropriate trust evaluation models is an important research issue for security guarantee in social networks. Most of the existing works usually consider the trust values at the current time slot, and model trust as the stochastic variable. However, in fact, trust evolves over time, and trust is a stochastic process. In this paper, we propose a novel time-variant stochastic trust evaluation (TSTE) model, which models trust over time and captures trust evolution by a stochastic process. Based on the proposed model, we derive the time-variant bound of untrustworthy probability, which provides stochastic trust guarantee. On one hand, the time-variant trust level of each node can be measured by our model. Meanwhile, by tolerating nodes with relatively poor performance, our model can effectively improve the node resource utilization rate. Numerical simulations are conducted to verify the accuracy and consistency of the analytical bounds on distinguishing misbehaved nodes from normal ones. Moreover, simulation results on social network dataset show the tradeoff between trust level and resource utilization rate, and verify that the successful transmission rate can be improved by our model.

• Journal of Information Technology Applications and Management
• /
• v.21 no.4
• /
• pp.247-261
• /
• 2014

Trust and perceived usefulness have been variables frequently used by IS researchers to explain consumers' online transaction intention. A group of prior studies have incorporated the two variables simultaneously to build better models to capture the phenomenon. However, the studies have largely ignored the role of trust by replacing trust with trustworthiness. The purpose of this study is to fill this gap. To do this, the study conceptualizes and tests relationships between trust, perceived usefulness and related variables. Based on the study results, the study discusses that trust and trustworthiness are distinct and have causal relationships, the dimensions (ability, integrity, and benevolence) of trustworthiness are related but theoretically distinct, and trust performs a mediating role within its nomological network.