• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.2
• /
• pp.19-25
• /
• 2018

With the development of IT technology, various services such as artificial intelligence and autonomous vehicles are being introduced, and many changes are taking place in our lives. However, if secure security is not provided, it will cause many risks, so the information security becomes more important. In this paper, we analyzed the research trends of main themes of information security over time. In order to conduct the research, 'Information Security' was searched in the Web of Science database. Using the abstracts of theses published from 1991 to 2016, we derived main research topics through topic modeling and time series regression analysis. The topic modeling results showed that the research topics were Information technology, system access, attack, threat, risk management, network type, security management, security awareness, certification level, information protection organization, security policy, access control, personal information, security investment, computing environment, investment cost, system structure, authentication method, user behavior, encryption. The time series regression results indicated that all the topics were hot topics.

• Journal of KIISE
• /
• v.44 no.9
• /
• pp.918-931
• /
• 2017

Recently, the spread of smartphones and various wearable devices has led to increases in the accumulation and usage of personal information. As a result, privacy protection has become an issue. Even though there have been studies and efforts to improve legal and technological security measures for protecting privacy, personal information leakage accidents still occur. Rather than privacy requirements, analysts mostly focus on the implementation of security technology within software development. Previous studies of security requirements strongly focused on supplementing the basic principles and laws for privacy protection and securing privacy requirements without understanding the relationship between privacy and security. As a result, personal information infringement occurs continuously despite the development of security technologies and the revision of the Personal Information Protection Act. Therefore, we need a method for eliciting privacy requirements based on related privacy protection laws that are applicable to software development. We also should clearly specify the relationship between privacy and security. This study aims to elicit privacy requirements and create privacy assurances cases for Privacy Friendly System development.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.9
• /
• pp.4588-4608
• /
• 2017

The measurement of information security levels is a very important but difficult task. So far, various measurement methods have studied the development of new indices. Note, however, that researches have focused on the problem of attaining a certain level but largely neglecting research focused on the issue of how different types of possible flaws in security controls affect each other and which flaws are more critical because of these effects. Furthermore, applying the same weight across the board to these flaws has made it difficult to identify the relative importance. In this paper, the interrelationships among security flaws that occurred in the security controls of K-ISMS were analyzed, and the relative impact of each security control was measured. Additionally, a case-control study was applied using empirical data to eliminate subjective bias as a shortcoming of expert surveys and comparative studies. The security controls were divided into 2 groups depending on whether or not a security flaw occurs. The experimental results show the impact relationship and the severity among security flaws. We expect these results to be applied as good reference indices when making decisions on the removal of security flaws in an enterprise.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.139-150
• /
• 2008

Recently, financial institutes and industrial companies are adopted to security token such as OTP, smart card, and USB authentication token and so on for secure system management and user authentication. However, some research institutes have been introduced security weaknesses and problems in security tokens. Therefore, in this paper, we analyses of security functions and security requirements in security token performed by analyses of standardization documents, trends, security problems, attack methods for security tokens. Finally, we propose a CC v.3.1 based security token protection profile.

• Journal of the Korea Convergence Society
• /
• v.10 no.9
• /
• pp.47-53
• /
• 2019

This paper is analyzed of the characteristics of development operations and development security operations of the software and product, and the use analysis tools from a software code perspective. Also, it is emphasized the importance of human factors and the need to strengthen them, when considering security design rules. In this paper, we consider a secure process for managing change, focusing on fast and accurate decision-making in terms of procedural factors, when considering development security operations. In addition, the paper discussed the need for maturity model analysis in relation to the development security operating characteristics, and analyzed the meaning of the analysis elements through detailed procedures for the strength and integration elements of the dynamic and static elements accordingly. The paper also analyzed factors such as scanning activity and code analysis for threat modeling and compliance and control.

• Journal of Digital Contents Society
• /
• v.8 no.2
• /
• pp.165-171
• /
• 2007

The penetration of malicious code and the function of security blocking are performed on the same course of traffic pathway. The security domain is the concept to distinguish the domain from the group handling with the traffic on the structure of network which is performed with the function of penetration and security. The security domain could be different from the criterion of its realm and function, which requires the development and the application of security mechanism for every domain. For the establishment of security domain it is needed to show what criterion of net work should be set up. This study is to research the criterion for topology factor, security domain. structure map selection, and blocking location and disinfection net. It is shown to increase the effective rate blocking the virus with the proposed method in this paper rather than the traditional network architecture. The purpose of this paper is to suggest the necessity of development of security mechanism and the distinguished blocking function according to the level of security domain.

• Journal of the Society of Disaster Information
• /
• v.2 no.1
• /
• pp.91-111
• /
• 2006

Technology development of modern society reduces times, costs and labor costs but demands work forces requiring expert knowledge on technology. Consequently knowledge worker becomes important. Not changing into a specialist acquired expert knowledge, people can't survive in competitive society. Therefore, the purpose of this study is to grasp the actual condition of private security industry and to examine problems. The final goal is to find the way to improve the professionalism of workers in private security industry. First. Now we must make up for the subject for examination actually and be in a triangular position and complement a professional materials for teaching. At the same time it must strengthen the education using advanced instruments seek to Total Security System. Moreover it is demanded 'institutional supplement of security guard instructors' which means job training for security guard instructor Second. On the job training which can deal with a state of emergency through 'security guard training' with a theory and an actual training must be strengthen. Also, most security guards have low understandings and interests because their ages are from 50's to 60's. Accordingly proper education must be offered to security guard. Third. Certification system of the private security guards are needed to fix the problems on an indiscreet issue and an abuse of license through deliberation on the security license. Fourth. Universities must find a new market to minimize the squandering of human resources because of oversupply and reduce the personnel. Also with enhancing the employment rate through specialized education, universities must offer an education which keeps pace with the times for not an entrance strategy but a long-term development. Effort for education of specialist will produce an improvement in business quality and improved services produce a customer satisfaction. A customer satisfaction will produce a fame of a successful company and positive images in market area. Finally the private industry will be developed by productivity improvement.

• Korean Security Journal
• /
• no.17
• /
• pp.195-220
• /
• 2008

Various Kinds of social pathology and crimes that threaten our daily safety are on the increase in process of time as a result of the development of science and technology empty of moral sense, Value Confusions, apolaustic tendency, economic and social transformation recently. Moreover the effective provision of police service lies beyond the boundaries of the police organization. Therefore private security personnel have made an effort for safety and protection of group as well as an individual through the introduction of private security industry based on a benefit principle and private security industry is being become complexes utilizing technology as well as high-end devices through various international events. The field of private security industry in Korea is being extended rapidly with expansionism of society and public services but the quality improvement is declining. Furthermore the study of recruit education program for security personnel as the basis of quality improvement is insufficient compared with the study of police service. Consequently, this investigation is going to contribute to development of recruit education program for security personnel through the analysis about difference of each subject usability for education about electronic security and facility guard.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.4
• /
• pp.183-188
• /
• 2020

This study is primarily aimed at providing a foundation for academic development and the leap forward of the Special Security Industry through the press report analysis on Korea's special security guard using big data. The research methods It was analyzed by the research methods in relation to keyword trends for 'special security guard' and 'special guards' using the Big Kinds program. According to the analysis based on the period of growth (quantitative and qualitative) of the special security industry, there were many press reports and exposure related to carrying firearms, national major facilities, and regular employees. Unlike the general security guards, the special security guards were released higher by media as a law was revised to allow them to carry or use firearms at important national facilities. There was a lot of media attention concerned about the side effects of misuse, and there were also high media reports on the transition of regular workers to improve poor treatment, such as the unstable status of special security guards and low wages. Therefore, the need for continuous development and improvement of professionalism and work efficiency of special security services are emphasized.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.13 no.6
• /
• pp.1155-1160
• /
• 2018

Presently in 2018, the security market is requiring progressive development and innovation in the area of security on account of new changes and technologies. This means the rapid and prompt development of the service platforms and service-based information systems. Here, this study is going to examine the process of operating a number of services and obtaining security, not the criteria for selecting particular service in online environment where the various services exist. Within a series of flows to protect the manager's authority about the platforms operated by information systems, and to provide and destroy services, this author limits the entire service platforms of the optimized balance module into four categories maximum for the security of the area apt for illegal invasion and access, and the proper area. Also, about the area with limited security, this researcher again applies subordinate security policy and technology respectively. This author here will suggest a method to provide and to extend safety and security for the information system and also propose the process of applying it as well.