• Convergence Security Journal
• /
• v.12 no.6
• /
• pp.93-99
• /
• 2012

As the most common application development of software development time, error-free quality, adaptability to frequent maintenance, such as the need for large and complex software challenges have been raised. When developing web applications to respond to software reusability, reliability, scalability, simplicity, these quality issues do not take into account such aspects traditionally. In this situation, the traditional development methodology to solve the same quality because it has limited development of new methodologies is needed. Quality of applications the application logic, data, and architecture in the entire area as a separate methodology can achieve your goals if you do not respond. In this study secure coding, the big issue, web application factors to deal with security vulnerabilities, web application architecture, design procedure is proposed. This proposal is based on a series of ISO/IEC9000, a web application architecture design process.

• International Journal of Computer Science & Network Security
• /
• v.22 no.9
• /
• pp.83-88
• /
• 2022

The main purpose of the study is to determine the key aspects of the public-private partnership system in the context of the economic development of the state. At first glance, the mutually exclusive interests of the state and business do not contribute to the development of common and agreed development goals. At the same time, ignoring the versatility of interests and the aggravation of the discussion regarding the two sides under consideration, the study of the theoretical foundations of the interaction between the public and private sectors of the economy allows us to draw the following conclusion: world economic theory from classical political economy to new institutionalism has a clear structured position on the ancient historical depth of existence of the form of partnerships Based on the results of the study, the main elements of the public-private partnership system in the context of the economic development of the state were identified.

• International Journal of Computer Science & Network Security
• /
• v.23 no.6
• /
• pp.107-114
• /
• 2023

Successful implementations of DevOps practices significantly improvise software efficiency, collaboration and security. Most of the organizations are adopting DevOps for faster and quality software delivery. DevOps brings development and operation teams together to overcome all kind of communication gaps responsible for software failures. It relies on different sets of alternative tools to automate the tasks of continuous integration, testing, delivery, deployment and monitoring. Although DevOps is followed for being very reliable and responsible environment for quality software delivery yet it lacks many quantifiable aspects to prove it on the top of other traditional and agile development methods. This research evaluates quantitative performance of DevOps and traditional/ agile development methods based on software metrics. This research includes three sample projects or code repositories to quantify the results and for DevOps integrated selective tool chain; current research considers our earlier proposed and implemented DevOps hybrid model of integrated automation tools. For result discussion and validation, tabular and graphical comparisons have also been included to retrieve best performer model. This comparative and evaluative research will be of much advantage to our young researchers/ students to get well versed with automotive environment of DevOps, latest emerging buzzword of development industries.

• Convergence Security Journal
• /
• v.13 no.3
• /
• pp.79-84
• /
• 2013

In this study the improved service innovation model to solve the problems that appear from a vantage point of the providing security services process through the application and appeal process of convergence security technologies proposed. The model was in view of service science to resolves the limitations that facilities management and unmanned security of physical security field through the application of meteorological information on convergence security technologies. The contribution of this research: improved risk management based on convergence security technologies through service innovation management, evaluated the quantitative value of risk management activity using service effects, and development of physical security service providing methodology using meteorological information.

• The Journal of the Korea Contents Association
• /
• v.11 no.4
• /
• pp.389-403
• /
• 2011

The objective of this study is to find out how strategic human resource management(SHRM) of a facility security firm affects its organizational culture and behaviors of its members. This study was executed in June 2010 with facility security officers(FSO) in four private security firms by using a judgment sampling technique. A total of 343 FSOs were used in final analysis. Coefficient of reliability(Cronbach's coefficient alpha) of the survey was 0.691. The conclusion was as follows: First, SHRM of facility security firms exert its influence on organizational culture. That is, promotion of education/training, compensation, making avid followers, and career development may facilitate settlement of hierarchical, development-oriented, agreement -based and rationality-oriented culture. Second, SHRM of security firms would affect organizational citizenship behaviors(OCB), i.e., the promotion of education/training, compensation, making avid followers, and career development would tend to enhance consideration for others and altruistic, participatory, conscientious and gentlemanly behaviors. On the other hand, if proper compensation is not made, above-mentioned behaviors would decrease. Third, organizational culture of security firms tends to affect OCB. That is, when hierarchical, development-oriented, agreement-based and rationality-oriented culture is settled, consideration for others, altruistic, participatory, conscientious and gentlemanly behaviors tends to be enhanced.

• Korean Security Journal
• /
• no.14
• /
• pp.21-41
• /
• 2007

This study has analyzed demonstratively the total of 192 dissertations published on the Korea Security Science Association Journal for the last 10 years in order to take a look at the research trends in the field of security. Based on this, this study intends to examine the research trends in the research field of security and present suggestions. The standard for analysis was largely divided into per period, per subject and per method of research. First, the research trend of the group per period was classified into a quickening period, a formative period and a development period. As a result, among the total of 192 dissertations, the quickening period occupied 45%, the formative, 42% and the development, 13%. The dissertations in the field of security were made up of 52% in the formative, 37% in the quickening and 11% in the development period. Also, it was shown that the number of dissertations in the field of security and escort did not even come up to half of total number of publications. Secondly, the research trend of the group per subject is divided into per large subject and per medium subject. As a result, all quickening, formative and development periods showed the highest values for other researches, which showed a tendency to lean upon other researches. In classifying the group per large subject by period, it presented similar aspects with 46% of the quickening period and 43% of the formative. Lastly, for the trends per method of research, compared to 23% of quantitative research, the qualitative research held 77%, which showed an overall tendency to depend on the qualitative research.

• Convergence Security Journal
• /
• v.7 no.3
• /
• pp.25-30
• /
• 2007

CC ver.3 is widening evaluation range extent about Security product. As a result, The security product evaluation research need more definite standard that serves to evaluate composition style product. The paper propose a development guide for composition style TOE. This research is suitable in evaluation basis of CC ver.3, and presents Korean-made composition style product estimation plan. This paper used European ITSEM component guide and TOE analysis to present estimation guide method of composition style product.

• Korean Security Journal
• /
• no.29
• /
• pp.87-113
• /
• 2011

Korean security industry has history of more than half a century, and it is growing fast. Private security industry contributes not only to livelihood safety, but also to national security. The area of the industry is being expanded. Security Act is closely related to the security industry, and has contributed to the growth of private security industry sector. Security Act of Korea, which was established in 1976, was originally made after Japanese Security Act. But nowadays, Korean Security Act is as systematic as the Japanese act. However, for 10 years, Security Act of Korea has been stagnant, not able to reflect security industries' demand. The writer has contributed to the development of Security Act. In 1995, the writer wrote the basic framework of Security Instructor Qualifications System and drafted Security Act in 2002. There are currently many problems in existing Security Act, but there are four representative problems. (1) No more establishment of new security sector, (2) excessively slack qualification criteria, (3) the education system for guards, (4) the security Instructor examination system. This paper derives problems of current Security Act, and suggests solutions for them. Not only the academic world, but all of us should pay attention to the revision of Security Act.

• The KIPS Transactions:PartD
• /
• v.13D no.1 s.104
• /
• pp.67-74
• /
• 2006

The security requirements identification in the software development has received some attention recently. However, previous methods do not provide clear method and process of security requirements identification. We propose a process that software developers can build application specific security requirements from state transition diagrams at the security threat location. The proposed process consists of building model and identifying application specific security requirements. The state transition diagram is constructed through subprocesses i) the identification of security threat locations using security failure data based on the point that attackers exploit software vulnerabilities and attack system assets, ii) the construction of a state transition diagram which is usable to protect, mitigate, and remove vulnerabilities of security threat locations. The identification Process of application specific security requirements consist of i) the analysis of the functional requirements of the software, which are decomposed into a DFD(Data Flow Diagram; the identification of the security threat location; and the appliance of the corresponding state transition diagram into the security threat locations, ii) the construction of the application specific state transition diagram, iii) the construction of security requirements based on the rule of the identification of security requirements. The proposed method is helpful to identify the security requirements easily at an early phase of software development.

• Journal of Korea Society of Industrial Information Systems
• /
• v.16 no.5
• /
• pp.163-171
• /
• 2011

In e-commerce environment, security should be considered as an essential factor for success. In this paper, we analyze security requirements for e-commerce system, and it is focused on the practical usage, not theoretical contribution, in the field of e-commerce security. To identify the security requirements being specific to e-commerce environment, the researches related to e-commerce security are surveyed and a phase of Delphi method and Analytic Hierarchy Process(AHP) are used to determine the relative importance of e-commerce security factors. Since researchers and practitioners can have significantly different views because of each different work environment, we divide the professionals into two respondents' group. This survey result can be useful security guidelines in the development of e-commerce service system from the initial system development step to the completion.