• KIPS Transactions on Software and Data Engineering
• /
• v.3 no.11
• /
• pp.465-470
• /
• 2014

The SP quality assessments from national IT industry promotion agency of Korea(NIPA) assesses ability of software development process. And the SP quality assessments is getting popular over the nation. But, in the SP quality assessments, there is no concern about security attribute. In this paper new secure process base on ISO 27001 is proposed for the organization that is already passed SP quality assessments. This process can detect security threatening factors and gives chance to protect those factors. Furthermore, since detected security weaknesses can be used as a measurement, the system can be managed in aspect to security attribute.

• Journal of Information Processing Systems
• /
• v.20 no.1
• /
• pp.38-52
• /
• 2024

The 5G is the 5th generation mobile network that provides enhanced mobile broadband, ultra-reliable & low latency communications, and massive machine-type communications. New services can be provided through multi-access edge computing, network function virtualization, and network slicing, which are key technologies in 5G mobile communication. However, these new technologies provide new attack paths and threats. In this paper, we analyzed the overall threats of 5G mobile communication through a literature review. First, defines 5G mobile communication, analyzes its features and technology architecture, and summarizes possible security issues. Addition, it presents security threats from the perspective of user devices, radio access network, multi-access edge computing, and core networks that constitute 5G mobile communication. After that, security requirements for threat factors were derived through literature analysis. The purpose of this study is to conduct a fundamental analysis to examine and assess the overall threat factors associated with 5G mobile communication. Through this, it will be possible to protect the information and assets of individuals and organizations that use 5G mobile communication technology, respond to various threat situations, and increase the overall level of 5G security.

• Journal of Information Technology Services
• /
• v.16 no.1
• /
• pp.99-118
• /
• 2017

Growing importance of online security on certification, many of the web-related security technology introduced day by day. Especially, using smart certificate (USIM) is recognized as one of the most safe and convenient method for the security of public certificate. The purpose of this study is to find the factors that affect the Intention of switching to smart certificate for the general public who use public certificate service. Based on migration theory, this study determined the relationship between pull factors, push factors and mooring factors which can affect the intention of switching to smart certificate. To empirically analyze the proposed hypothesis, the statistical analysis were conducted based on the response from 350 public certificate service users using SPSS 22.0 and Smart PLS 2.0. The results of this study can be summarized as follows. First, system quality, one of the pull factors has positive influence on perceived ease of use. On the other hand, the other pull factor, service quality has positive influence on both perceived ease of use and perceived usefulness. Second, push factors, user experience and information security awareness have positive influence on perceived ease of use only. Third, mooring factor, switching cost does not have influence on switching intention while perceived usefulness has positive influence on. The results of this research can be used for whom has interest to the switching intention of public certificate service for online security and provide the proper understanding about smart certificate service mechanism.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.38 no.4
• /
• pp.193-201
• /
• 2015

Corporation's valuable intelligent asset is being threatened from the skills of threatening subject that has been evolved along with the growth of the information system and the amount of the information asset. Domestically, attempts of various private information attacks, important information extortion, and information damage have been detected, and some of them have abused the vulnerability of security of information system, and have become a severe social problem that generates security incident. When accessing to the security, most of companies used to establish a strategy with a consistent manner and a solution plan. However, this is not a proper way. The order of priorities vary depending on the types of business. Also, the scale of damage varies significantly depending on the types of security incidents. And method of reaction and critical control point vary depending on the types of business and security incidents. In this study, I will define the security incidents by their types and preponderantly examine how one should react to those security incidents. In this study, analyzed many types of security accidents that can occur within a corporation and an organization considering various factors. Through this analysis, thought about factors that has to be considered by corporations and organizations when they intend to access to the information security. This study focuses on the response methodology based on the analysis of the case analysis of the leakage of industrial secret and private secret other than the conceptual response methodology that examines the way to prevent the leakage of the industry security systems and the industry information activities. And based on these factors, want to be of help for corporations to apply a reasonable approach when they establish a strategy to information security.

• Journal of Industrial Convergence
• /
• v.13 no.2
• /
• pp.45-54
• /
• 2015

This Study aims to analyze the factors for the success of commercialization of the facial extraction and recognition image security information system of the domestic companies in Korea. As the results of the analysis, the internal factors for the success of commercialization of the facial extraction and recognition image security information system of the company were found to include (1) Holding of technology for close range facial recognition, (2) Holding of several facial recognition related patents, (3) Preference for the facial recognition security system over the fingerprint recognition and (4) strong volition of the CEO of the corresponding company. On the other hand, the external environmental factors for the success were found to include (1) Extensiveness of the market, (2) Rapid growth of the global facial recognition market, (3) Increased demand for the image security system, (4) Competition in securing of the engine for facial extraction and recognition and (5) Selection by the government as one of the 100 major strategic products.

• Journal of the Korea Convergence Society
• /
• v.11 no.9
• /
• pp.229-242
• /
• 2020

The purpose of this study is to present the environmental factors of positive and negative aspects that affect the information security compliance intention, and reveals the relationship of the individual's the security compliance intention. The subjects of this study are employees of organizations that apply information security policies and technologies, and effective samples were obtained through surveys. In the process of analysis, the study model was verified through structural equation modeling. The measurement variables consisted of security policy, security system, technical support, work impediment, security non-visibility, compliance intention and organizational commitment and used for analysis. The results confirmed that security compliance factors such as policy, system, technical support, and non-compliance factors, work impediment, respectively, had an impact on organizational commitment, leading to compliance intention. The verification result of the research model suggests the direction of establishing a security compliance strategy for employees to improve the level of information security compliance of the organization.

• Korean Security Journal
• /
• no.27
• /
• pp.107-128
• /
• 2011

The purpose of this study was to determine the relationship between gymnasium selection and training adherence of security martial arts trainees. To this aim, this study selected 8 gymnasiums in Gyounggi and Incheon province and sampled 220 people above the fourth grade in elementary school. Out of these, 14 cases were dropped due to insufficient answers or incomplete answers, and 206 qualified cases were finally adopted for this study. Data were analyzed using exploratory factor analysis, reliability analysis and frequency analysis, MANOVA, correlation analysis and multiple regression analysis with SPSS 18.0. The results of this study were as follows. First, there were significant differences in gymnasium selection factors(instructor background, training program, public relations) depending upon the trainee's sex. Second, there were significant differences in gymnasium selection factors(training program, main others, public relations) depending upon the trainee's school grade. Third, there were no significant differences in training adherence factors depending upon the trainee's sex and school grade. Fourth, there were positive correlations between instructor background, training program and public relations-factors among gymnasium selection and management program, external and social relations-factors among training adherence. Fifth, the partial sub-factors of gymnasium selection have influenced training adherence. Consequently, security martial arts managers and instructors need to establish marketing strategies suitable for sex and school grade to recruit new security martial arts trainees. It may be considered that security martial arts instructors should construct the differentiated management system for trainees and the specialized training program for lasting training of new or existing security martial arts trainees.

• Journal of Information Technology Applications and Management
• /
• v.22 no.4
• /
• pp.225-251
• /
• 2015

This paper analyzed factors for employees to violate information security policy in financial companies based on the theory of reasoned action (TRA), general deterrence theory (GDT), and information security awareness and moderating effects of perceived sensitivity of customer information. Using the 376 samples that were collected through both online and offline surveys, statistical tests were performed. We found that the perceived severity of sanction and information security policy support to information policy violation attitude and subjective norm but the perceived certainty of sanction and general information security awareness support to only subjective norm. Also, the moderating effects of perceived sensitivity of customer information against information policy violation attitude and subjective norm were supported. Academic implications of this study are expected to be the basis for future research on information security policy violations of financial companies; Employees' perceived sanctions and information security policy awareness have an impact on the subjective norm significantly. Practical implications are that it can provide a guide to establish information security management strategies for information security compliance; when implementing information security awareness training for employees to deter violations by emphasizing the sensitivity of customer information, a company should make their employees recognize that the customer information is very sensitive data.

• Convergence Security Journal
• /
• v.16 no.1
• /
• pp.69-80
• /
• 2016

The purpose of this study is to examine the effects of job stress factors on Coping Strategy' turnover intention, and to analyze the moderating effects of five personality factors between each job stress factor and turnover intention. To achieve this purpose, this study surveyed users of the Seoul and Gyeonggi in based on cluster sampling method. A total of 262 samples were used for this study, except 18 erroneous samples dropped. For the data process of the questionnaire, each answer content was coded and an element analysis, credibility analysis, frequency analysis, co-relationship analysis and regression analysis were performed using the SPSS version 18.0 of Angel for Windows. Through the data analysis following the research methods above, the conclusion was acquired as follows: First, thejob stress of the security personnel affect coping behavior. Second, in the effects of Security Agents Job Stress on Coping Strategy, Five Personality Factors showed moderating effects.

• Journal of Information Processing Systems
• /
• v.16 no.4
• /
• pp.784-794
• /
• 2020

In order to effectively evaluate the urban water security, the study investigates a novel system to assess factors that impact urban water security and builds an urban water poverty evaluation index system. Based on the contribution rates of Resource, Access, Capacity, Use, and Environment, the study adopts the Water Poverty Index (WPI) model to evaluate the water poverty levels of 14 cities in Gansu during 2011-2018 and uses the least variance method to evaluate water poverty space drive types. The case study results show that the water poverty space drive types of 14 cites fall into four categories. The first category is the dual factor dominant type driven by environment and resources, which includes Lanzhou, Qingyang, Jiuquan, and Jiayuguan. The second category is the three-factor dominant type driven by Access, Use, and Capability, which includes Longnan, Linxia, and Gannan. The third category is the four-factor dominant type driven by Resource, Access, Capability, and Environment, which includes Jinchang, Pingliang, Wuwei, Baiyin, and Zhangye. The fourth category is the five-factor dominant type, which includes Tianshui and Dingxi. The driven types impacting the urban water security factors reflected by the WPI and its model are clear and accurate. The divisions of the urban water security level supply a reliable theoretical and numerical basis for an urban water security early warning mechanism.