• Journal of the Korean Society for information Management
• /
• v.26 no.1
• /
• pp.107-124
• /
• 2009

On Dec 1, 2008, according to the special law for the information disclosure of education relevant institutes, the educational information of each university is opened at their homepages and at portal web sites. Every university, thus, is in the moment to set up strategies to consistently respond to following information disclosure as well as the one already disclosed. The strategy should contain the assurance of the basic accountability mechanism of the university. On the occasion of the public announcement of the university information, the present study has a purpose to examine the structure of the university accountability and to suggest a mechanism, which is necessary for effectively and efficiently executing the increasing accountability practices in disclosing and announcing the information. To meet the purpose, this study introduces how to redesign university jobs as practices focused on evidence information for the accountability and also suggests solutions how to improve the mechanism for the accountability responsibility, which include clarifying the roles and responsibilities for accountability jobs, revising the process of information disclosure and building the information systems for an accountability.

• Health Policy and Management
• /
• v.21 no.2
• /
• pp.213-248
• /
• 2011

Past studies on organizational accountability have had similar limitations. First, empirical evidence of organizational accountability is rare as the majority of research takes a conceptual approach of the topic. Only a few of these studies are applicable to health care organizations (HCOs). To fill these gaps, we attempted to develop a model for analysis of organizational accountability for HCOs. Accountability for HCOs was conceptualized by two axes: answerability(X, horizontal) and value-creation(Y, vertical). Our concept building could relieve competing accountability mechanism which past studies stressed. Four elements of accountability(legal, economical, social, and clinical) were applied to specify each of the two features of organizational accountability. And then four types of accountability behavior were coordinated by this x-y axis : high A/high VC, high A/low VC, low A/high VC, low A/low VC. Finally, a multidimensional model of HCOs' accountability, enabling an empirically testable multi-level analysis, was proposed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.5
• /
• pp.2394-2406
• /
• 2016

ABE has become an effective tool for data protection in cloud computing. However, since users possessing the same attributes share the same private keys, there exist some malicious users exposing their private keys deliberately for illegal data sharing without being detected, which will threaten the security of the cloud system. Such issues remain in many current ABE schemes since the private keys are rarely associated with any user specific identifiers. In order to achieve user accountability as well as provide key exposure protection, in this paper, we propose a key-insulated ciphertext policy attribute based encryption with key exposure accountability (KI-CPABE-KEA). In our scheme, data receiver can decrypt the ciphertext if the attributes he owns match with the self-centric policy which is set by the data owner. Besides, a unique identifier is embedded into each user's private key. If a malicious user exposes his private key for illegal data sharing, his identity can be exactly pinpointed by system manager. The key-insulation mechanism guarantees forward and backward security when key exposure happens as well as provides efficient key updating for users in the cloud system. The higher efficiency with proved security make our KI-CPABE-KEA more appropriate for secure data sharing in cloud computing.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1832-1853
• /
• 2018

The personal health record (PHR) system is a promising application that provides precise information and customized services for health care. To flexibly protect sensitive data, attribute-based encryption has been widely applied for PHR access control. However, escrow, exposure and abuse of private keys still hinder its practical application in the PHR system. In this paper, we propose a coordinated ciphertext policy attribute-based access control with user accountability (CCP-ABAC-UA) for the PHR system. Its coordinated mechanism not only effectively prevents the escrow and exposure of private keys but also accurately detects whether key abuse is taking place and identifies the traitor. We claim that CCP-ABAC-UA is a user-side lightweight scheme. Especially for PHR receivers, no bilinear pairing computation is needed to access health records, so the practical mobile PHR system can be realized. By introducing a novel provably secure construction, we prove that it is secure against selectively chosen plaintext attacks. The analysis indicates that CCP-ABAC-UA achieves better performance in terms of security and user-side computational efficiency for a PHR system.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.4
• /
• pp.200-206
• /
• 2014

Accountable Internet Protocol (AIP) is one of the future Internet architectures to provide accountability concept by using the self-certifying address that is derived by the public key of the host. In AIP, when a host sends a packet, a domain that is located between the source and the destination hosts discards the packet in order to verify the source IP address. Therefore, performance degradation can occur due to packet discard especially when there is asymmetric route. In this paper, we propose the improved AIP mechanism to verify the source IP address without discarding the packet by including the timestamp, public key value and the signature for protecting from forfeiting the source address. Security safety of the proposed mechanism is evaluated and the proposed mechanism can provide the more robust security as well as reducing the latency due to discarding packets.

• Management & Information Systems Review
• /
• v.19
• /
• pp.49-81
• /
• 2006

The private college education plays a crucial role both in training and supplying manpower needed for national economic growth and in increasing employability and personal labor earnings of individual workers. In oder for private college education to effectively respond to the rapid changes in industrial and occupational structures, it is necessary to secure appropriate level of investment funds and manage them efficiently. For this, it is required to discuss the structure, magnitude and management mechanism of the current private college education finance, changes in future demand for private college education and resultant changes in budget estimates, and new financial resources and allocation schemes. This study attempted to analyze current status and problems of private college education finance in Korea and, based on this analysis, to suggest future policy directions to improve private college education finance system. In order to make the private college education system in Korea competent and competitive enough to survive in international market, it is prerequisite to provide enough budget for the private college education and to manage the private college education finance in more efficient ways. First, for securing the adequacy and stability of investment budget for the private college education, it is recommended to 1) increase the government budget and put emphasis on the private college education; 2) diversify financial resources and induce financial contribution from private sector such as school juridical persons and enterprises. Second, for higher efficiency of financial management, it is recommended 1) make valid allocation standards and mechanism; 2) introduce competition system; 3) develop and utilize evaluation mechanism for the private college education finance to check adequacy, efficiency, accountability, and effectiveness; 4) apply consumer-oriented financial management scheme. In addition to the above policy measures, it is necessary to 1) make scientific forecasts of industrial and occupational structures periodically and apply these analyses to medium & long-term the private college education planning; and 2) redesign budget accounting system and develop the private college education performance indicators for the evaluation of accountability of the private college education institutions and administration institutes.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.5
• /
• pp.815-825
• /
• 2015

DNP3(Distributed Network Protocol) is one of the most representative protocols which is used in SCADA(Supervisory Control and Data Acquisition) system. IEC 62351 is listing the integrity, confidentiality, availability and non-repudiation or accountability as the security requirement. However, IEEE Std. 1815 that is DNP3 standards does not define a mechanism for non-repudiation or accountability. In this paper, we propose a non-repudiation of origin technique about the sender of critical ASDU and implement the proposed scheme using software such as OpenSSL and SCADA source code library.

• Journal of the Korean Society for information Management
• /
• v.26 no.4
• /
• pp.249-276
• /
• 2009

The purpose of this study is to investigate the information-seeking procedure of surveillants against public sector organizations in Korea. The surveillants used accountability mechanisms such as National Assembly Inspection and information disclosure to find out information they wanted. Examples of such group include social activists, professional supervisors, aides of the National Assembly congressman and the press members. Using data collected by in-depth interviews and participative observations, we studied their information seeking behaviors and factors that affect the procedure. Based on the Grounded Theory approach, we first generated 56 concepts, 17 categories and 6 super-categories about the participants' feeling, experiences and perception related to their information seeking. Then we developed a factor model among those generated concepts. The main contributions of this study are a) the results provide a useful guidance for the public information seekers b) we draw the requirements for enhancing public sector organizations' information management systems.

• The Journal of Asian Finance, Economics and Business
• /
• v.5 no.2
• /
• pp.53-61
• /
• 2018

Corporate governance has received massive attention in academic research nowadays due to several recent corporate failures. Inefficiency of corporate governance mechanisms have driven the minds of the researchers and the policy makers to look with more insights into this area. Board composition, as part of corporate governance mechanism, plays a significant role to achieve company's goals or objectives and ensure transparency and accountability. The objective of this study is to find out the efficiency of board composition through board size, independent directors and female directors on firm performance in the listed manufacturing firms of Bangladesh. In this study, a sample of 162 firm years are considered as the sample during the period of 2011 to 2016. This study finds that large board is the significant explanatory variable in improving firm performance. This study also shows that board independence and female directors have no significant association with firm performance which implies that instrument of corporate governance mechanism particularly board composition is very weak. This study recommends that code of corporate governance, specially the role of independent directors and female directors, should be reformed in the light of cultural and institutional context along with the effective enforcement.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.1
• /
• pp.98-115
• /
• 2012

New trend called ubiquitous leads the recent business by standardization and integration. It should be the main issue how to guarantee the integration and accountability on each business, especially in mission critical system which is mainly supported by M2M (Machine to Machine) control mechanism. This study is from the analysis of digital forensics case study that is from the M2M Sensing Control Mechanism problem of the "Imjin River" case in 2009, where a group of family is swept away to death by water due to M2M control error. The ubiquitous surroundings bring the changes in the field of criminal investigation to real time controls such as M2M systems. The needs of digital forensics on M2M control are increasing on every crime scene but we suffer from the lack of control metrics to get this done efficiently. The court asks for more accurately analyzed results accounting high quality product development design. Investigators in the crime scene need real-time analysis against the crime caused by poor quality of mission critical systems. It seems to be every need of Real-Time-Enterprise, so called ubiquitous society on the case. We try to find the efficiency and productivity in discovering non-functional design defects in M2M convergence products focusing on three metrics in study model with quick implementation. Digital forensics system in present status depends on know-how of each investigator and is hard to expect professional analysis on every field. This study set up a hypothesis "Co-working of professional investigators on each field will qualify Performance and Integrity" especially in mission critical system such as M2M and suggests "Online co-work analysis model" to efficiently detect and prevent mission critical errors in advance. At the conclusion, this study proved the statistical research that was surveyed by digital forensics specialists around M2M crime scene cases with quick implementation of dash board.