• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.63-76
• /
• 2023

Identity and access management in cloud computing is one of the leading significant issues that require various security countermeasures to preserve user privacy. An authentication mechanism is a leading solution to authenticate and verify the identities of cloud users while accessing cloud applications. Building a secured and flexible authentication mechanism in a cloud computing platform is challenging. Authentication techniques can be combined with other security techniques such as intrusion detection systems to maintain a verifiable layer of security. In this paper, we provide an interactive, flexible, and reliable multi-factor authentication mechanisms that are primarily based on a proposed Authentication Method Selector (AMS) technique. The basic idea of AMS is to rely on the user's previous authentication information and user behavior which can be embedded with additional authentication methods according to the organization's requirements. In AMS, the administrator has the ability to add the appropriate authentication method based on the requirements of the organization. Based on these requirements, the administrator will activate and initialize the authentication method that has been added to the authentication pool. An intrusion detection component has been added to apply the users' location and users' default web browser feature. The AMS and intrusion detection components provide a security enhancement to increase the accuracy and efficiency of cloud user identity verification.

• Convergence Security Journal
• /
• v.13 no.5
• /
• pp.147-156
• /
• 2013

This research tried to find out the influence of organization nature on management outcome in security companies. First, in the relation between organization nature and management outcome (inside viewpoint) in security companies, factors of organization culture (t=2.534, p<.05) and job nature (t=6.425, p<.001), in organization nature, were shown to give statistically meaningful positive (+) influence on inside viewpoint, and the relative influence of independent variables measured in terms of beta coefficient was ${\beta}$=.226 for organization culture and ${\beta}$=.576 for job nature. Second, in the relation between organization nature and management outcome (study growth viewpoint) in security companies, factors of organization culture (t=2.070, p<.05) and job nature (t=10.507, p<.001), in organization nature, were shown to give statistically meaningful positive (+) influence on study growth viewpoint, and the relative influence of independent variables measured in terms of beta coefficient was ${\beta}$=.145 for organization culture and ${\beta}$=.741 for job nature. It may be concluded that the nature of security service organization affects organization culture relatively, with the implication that systematic educational practice system and organizational study should be accompanied for achievement of ultimate purpose of the organization. It is also implied that field support will be needed considering the job nature, because organization nature has a causal relationship with the specialty of security service job.

• Journal of Digital Contents Society
• /
• v.19 no.1
• /
• pp.93-102
• /
• 2018

This study aims to present policy implications by analyzing information security behavior factors of internet users. The research model, based on PMT and UTAUT2, consists of perceived threat, severity, social influence, self-efficacy, experience and habits, PC and privacy behaviors, security behaviors on new services and set demographic characteristics, use places of internet, use of paid products, and experiences of accident as moderate variables to analyze the effect on security behavior. The results showed that perceived severity, self-efficacy significantly influenced on experience and habits, and experience and habits and self-efficacy had a high influence on PC and privacy behavior. Also, PC and privacy behaviors have a high impact on security behavior of new services. Age, income, use of paid products, and experience of accidents have a moderating effects on security behaviors. The results of this study are expected to help policy decision making to improve the level of information security of internet users.

• Korean Security Journal
• /
• no.20
• /
• pp.291-311
• /
• 2009

Amid intensified global competition, securing high technologies is becoming a prerequisite towards achieving developed nation status. Korea has made tremendous efforts into developing technologies for decades and it has now obtained a leading position in many fields. As a result, however, Korea has become a major target of industrial espionage and not a few Korean businesses have already suffered from it. In order to effectively counter industrial espionage, this research explores the use of polygraph security screening as an internal control method through literature review, and discusses matters which need to be considered before the introduction of it into Korea, focusing on the accuracy of security screening. Since polygraph security screening generates deterrent effect by increasing certainty and celerity of punishment, it makes a valuable contribution to the control of industrial espionage. However, the most important problem with the use of the polygraph in security screening is errors of the examination. Thus, polygraph security screening should be used as a part of comprehensive security management program to reduce the possibility of errors. In addition, because factors such as countermeasures and examiner's experience are known to influence the accuracy of the examination, the issues surrounding them should also be addressed.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.179-186
• /
• 2017

The purpose of this study is to analyze the relation of security officers' martial arts training and job performance. To this end, we conducted surveys on security practitioners. The questionnaire consisted of three variables, "necessity of martial arts training, application to practical security work, improvement of job satisfaction". In this study for reliability analysis, Chronbach's Alpha coefficient was calculated. In order to verify the validity of the measured variables, exploratory factors were analyzed using the Berimax method. Both AVE and CR values of the measured variables were above the reference value of 0.5, indicating that the convergence validity was good. As a result of the hypothesis test, the standardization coefficient is 0.636 for "need for training in martial arts training${\Rightarrow}$practical security work", 0.986 for "practical security work${\Rightarrow}$job satisfaction improving", and the relationship between the two hypotheses is positive(+). In order to improve the job satisfaction of security-related practitioners, it seems necessary to raise the need for martial arts training.

• Journal of the Korea Convergence Society
• /
• v.13 no.1
• /
• pp.283-295
• /
• 2022

This study attempts to explore factors that influence the perception of importance of information security. Three possible exogenous variables including perceived certainty of punishment, perceived response cost, and acquiescense are suggested that are based on the protectiom motivation theory. As a result, we found followings. First, The perceived punishment certainty has a significant effect on the perceived importance of information security. Also, it influences a negative effect on acquiescence. Second, the response cost has a negative effect on the perceived importance of information security. In addition, the response cost positively effects on acquiescence. Finally, acquiescence negatively influences on the perceived importance of information security. The results show that, in order to increase the perceived importance of information security among employees, it is necessary to make them aware that a security violation can result in certain punishment. At the same time, organizations should also attempt to remove major obstacles accompanying security behaviors of employees. Finally, organizations encourage open communication relating to information security among employees.

• Health Policy and Management
• /
• v.15 no.1
• /
• pp.1-29
• /
• 2005

This study examined the antecedents of psychological empowerment at hospital organizations, and also examined their differential effects among occupational groups within hospitals: doctors, nurses, engineers, and administrative workers. Various variables for multi-level factors were examined as antecedents: tenure, income, work centrality, and career goal as personal factors, job variety, job clarity, job significance, and job fitness as job factors, and security, reward justice, and organizational support as organizational factors. Data were collected from 8 national university hospitals, and 1,289 data were used for final analysis. For the whole groups, all antecedents except reward justice had significant effects on, and explained large amount of variance of empowerment. Results from the analysis for each occupational group showed that income, career goal, and job significance had significant effects on empowerment at all occupational groups, while reward justice had not at any groups. The effects of other variables depended on occupational groups. 1bis study found some important antecedents of empowerment which have been less considered in previous research: career goal, work centrality, security, and organizational support. The finding that differential effects of antecedents on empowerment by occupational groups suggests that group characteristics should be considered for studying empowerment. In this study, for example, personal factors rather than both job factors and organizational factors were more effective for empowerment in the engineering group whose job is relatively simple and clear, while job factors were most effective in other groups. The differential effects of antecedents on empowerment by occupational groups also have practical implications for improvement of empowerment at hospitals. For empowerment, personnel management efforts would be more required for administrative workers than other occupational groups, because they perceived least job clarity, job significance, job fitness among the groups, all of which were found to be important determinants of empowerment for them.

• The Journal of the Korea Contents Association
• /
• v.19 no.5
• /
• pp.542-552
• /
• 2019

This study aimed to analyze characteristics of employment and factors affecting of employment of person with Brain disorder. Participants were 317 individuals with brain disorders. Data were analyzed using Chi-square test, regression analyses. according to the Panel Survey of Employment for the Disabled in Korea. These factors were classified into disability and health factors, employment related factors, and household related factors. First, The employment group showed significantly severe disorder, higher health status, absent of daily life helper, absent of assistive devices, higher level education, licenses, public employment service, job arrangement of acquaintance, find a job oneself, married, absent of basic living security assistance, greater supports of family compared to the unemployed group. Second, Factors affecting employment of individuals with brain disorders included daily life helper, education level, job arrangement of acquaintance, married, basic living security assistance. Base on these results, developing dailylife and education system and social supported system and modifying the benefit system can promote employment acquisition of individuals with brain disorder.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.117-128
• /
• 2023

Due to the full revision of the Digital Signature Act (enforcement on December 10, 2020), various certificates are being released and competing in the market. Under fierce competition, the certificate market share of large IT platform companies is increasing, and it is predicted that they will eventually monopolize the market. Therefore, identifying the consumer's certificate choice factors and understanding the difference in importance between the choice factors are essential elements for establishing a company's strategy for the certificate market and product positioning, and are key points in setting the government's certificate policy direction. In this study, consumers' certificate choice factors were extracted based on the details of preceding papers and surveys, and based on the extracted choice factors, 4 choice factors (reliability of issuer, program installation, certificate usage method(how to use), versatility(where to use)) were identified through a Delphi survey. As a result of conjoint analysis by conducting a consumer survey with selected choice factors, the reliability of the issuer was found to be the most important utility value. In order of importance, the certificate usage method(how to use), program installation, and versatility(where to use) appeared.

• Korean Security Journal
• /
• no.53
• /
• pp.283-303
• /
• 2017

This study which was started to identify the factors that change the security level of military organizations, analyzed the data collected from articles written by the active officers in the Defense Daily Journal hoping to improve the military security level by the qualitative research method called Grounded Theory, and establish causal relationship how organizational members respond to insider security threats. As a result of the analysis, the causal condition is 'the security threat of the insider', the contextual condition is 'the specificity of the military organization', the central phenomenon is 'the conflict of values as a soldier', the arbitrary condition is 'the security consciousness', Strategy is 'the responds to security threats', and the result was 'security level change'. The core categories can be presented as 'the degree of conflict of values on insider security threats' and two hypotheses have been derived. First, the members of the military organization strongly felt the conflict of values about security threat as the tendency to emphasize security was strong, and they helped to develop the security level of organization by responding strongly. Second, the stronger the tendency to focus on colleagues, respond weakly to security threats. And it undermines the security level of the organization. Finally, in order to improve the security level of the organization, it is necessary to establish a solid security consciousness and to make institutional development to support it.