• The Journal of Asian Finance, Economics and Business
• /
• v.7 no.6
• /
• pp.221-231
• /
• 2020

This research investigates the relationship among product risk, financial risk, security risk, privacy risk, perceived satisfaction, and purchase intention. Validated measurements were identified from a literature review. The measurement model and the conceptual model depicting hypothesized relationships were evaluated based on responses from 306 customers using confirmatory factor analysis and structural equation modeling. The results showed that product risk, financial risk, security risk, and privacy risk impacted on perceived satisfaction. Besides, product risk, privacy risk, and perceived satisfaction influenced purchase intentions. Thus, this study focused on the influences of product risk, financial risk, security risk, and privacy risk on their cognitive attitudes toward websites. That means the more consumer perceive security, the more they avoid shopping online. The study is important to show how perceived risk affects online shopping behaviors, and it invites marketers to make necessary adjustments to prevent perceived risks to increase and online shopping to decrease. The findings of this study suggest the creation of a framework on the effect of perceived risk types on online shopping. Managers need to take perceived risks into account when designing their electronic marketing channels. In addition, shopping websites should strengthen their transaction security by appropriately using various available resources and new information technologies.

• Journal of the Korea Computer Industry Society
• /
• v.4 no.4
• /
• pp.491-500
• /
• 2003

The need for network security is being increasing due to the development of information communication and internet technology, In this paper, firewall models, operating system models and other network component models are constructed. Each model Is defined by basic or compound model using MODSIM III. In this simulation environment with representative attacks, the following attacks are generated, SYN flooding and Smurf attack as an attack type of denial of service. The simulation is performed with the models that exploited various security policies against these attacks. In addition, the results of the simulation show that the analysis of security performance according to various security policies, and the analysis of correlation between availability and confidentiality according to security empowerment.

• Journal of KIISE:Computer Systems and Theory
• /
• v.34 no.7
• /
• pp.282-287
• /
• 2007

Information society is dramatically developing in the various areas of finance, trade, medical service, energy, and education using information system. Evaluation for risk analysis should be done before security management for information system and security risk analysis is the best method to safely prevent it from occurrence, solving weaknesses of information security service. In this paper, Modeling it did the evaluation-base CBD function it will be able to establish the evaluation plan of optimum. Evaluation-based CBD(case-based reasoning) functions manages a security risk analysis evaluation at project unit. it evaluate the evaluation instance for beginning of history degree of existing. It seeks the evaluation instance which is similar and Result security risk analysis evaluation of optimum about under using planning.

• Convergence Security Journal
• /
• v.16 no.6_2
• /
• pp.33-42
• /
• 2016

This study was set up hypothesis "NCS recognition ➩ NCS training needs ➩ Performance of the NCS training". The survey was conducted to explore the need for Security-related NCS education at university and awareness of the NCS for Security Studies students. Results of analyzing the internal consistency, this study showed that ensure internal consistency is calculated Chronbach's Alpha coefficient of more than 0.8. Validation of the survey was investigated by secured Convergent validity and discriminant validity among the variables calculated all over the reference value. This study showed that the model is appropriate with results using the structural equation modeling to validate the research model The correlation analysis of this hypothesis was very high as calculated the standardization factor 0.726 and 0.870 for each relationship by hypothesis testing results.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.4
• /
• pp.61-74
• /
• 2004

Risk analysis model is systematic and structural process that considers internal security problems and threat factors of the information systems to find optimal level of security control. But, the risk analysis model is just only defined conceptually and there are not so many empirical studies. This research used structural equation modeling(SEM) research methodology with rigorously validated research instrument. Based on results of this study, risk analysis methodology was proved to be practically useful in e-commerce environment. Factors like threat and control were significantly related to risk. In conclusion, the results of this study can be applied to general situation or environment of information security for analyzing and managing the risk and providing new approach to comprehend concept of risk in e-commerce environment.

• Journal of the Korean Society of Industry Convergence
• /
• v.24 no.4_2
• /
• pp.421-434
• /
• 2021

The expansion of information sharing activities using online can increase the threat of information exposure by increasing the diversity of approaches to information within an organization. The purpose of this study is to present conditions for improving the information security compliance intention of insiders to improve the level of information security within the organization. In detail, the study applies the theory of planned behavior that clearly explains the cause of an individual's behavior and proposes a way to increase the compliance intention by integrating the social control theory and goal-setting theory. The study presented research models and hypotheses based on previous studies, collected samples by applying a questionnaire technique, and tested hypotheses through structural equation modeling. As a result, information security attitude, subjective norms, and self-efficacy had a positive influence on the intention to comply. Also, attachment, commitment, and involvement, which are the factors of social control theory, formed a positive attitude toward information security. Goal difficulty and goal specificity, which are the factors of goal setting theory, formed a positive self-efficacy. The study presents academic and practical implications in terms of suggesting a method of improving the information security compliance intention of employees.

• Convergence Security Journal
• /
• v.11 no.1
• /
• pp.39-48
• /
• 2011

QoS(Quality of Service) is defined "The collective effect of service performance which determines the degree of satisfaction of a user of the service" by ITU-T Rec. E.800. The final goal of information system is to secure the performance efficiency within the required time. The security QoS framework is the modeling of the QoS measurement metrics, the measurement time schedule, instrument, method of measurement and the series of methodology about analysis of the result of measurement. This paper relates to implementing issue and performance measuring about blended mechanism between networking technology and security technology. We got more effectiveness in overall network security, when applying and composing amalgamated security mechanism between network technology and security technology. In this paper, we suggest techniques being used on infrastructure system and also offers a security QoS methodology as a model of more effective way. Methodology proposed in this research has proven that it is possible to measure response time through the scheduled method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.187-194
• /
• 2019

Ever since the world's largest Bitcoin Echange, (Mt. Gox), was closed in March 2014 due to the series of hacking, still many other Exchages incl. recent Coinale in Korea have been attacked. Those hacking attempts never stopped and have caused significant threats to the overall industry of Crypto Currency and resulted in the loss of individual investors' asset. The DEX (Decentralized Exchange) has been proposed as a solution to fix the security problem at the Exchange, but still it is far away to resolve all issues. Therefore, this paper firstly analyzes security threats against existing Crypto Currency Exchanges and secondly derives security requirements for them. To do that it proposes a secure and distributed Crypto Currency Transaction Model through Personal Security devices as a solution. The paper also proves this new attempt by demonstrating its unique modelling; ultimately by adopting this modeling into Crypto Exchange is to avoid potential security threats.

• Journal of Korea Society of Industrial Information Systems
• /
• v.26 no.3
• /
• pp.23-39
• /
• 2021

Investment of organization in information security is increasing, but information security threats within the organization are not decreasing. The purpose of this study is to suggest a direction to increase the information security compliance intention of employees. In detail, the study presents the positive effects of security motivation and organization trust on the information security compliance intention, and presents the moderating effect of work promotion focus. Research model and hypothesis verification are confirmed through structural equation modeling and the study conducted a questionnaire technique to the employees of the organization applying the information security policy for quantitative verification. As a result, information security punishment and value congruence had a positive affect on the compliance intention by mediating organization trust. In addition, work promotion focus had a moderating effect on the positive relationship between the precedent factors on the compliance intention. The research has academic and practical implications from the viewpoint of presenting the factors of the organization's efforts to improve the level of information security compliance by insiders.

• Journal of the Korea Convergence Society
• /
• v.12 no.2
• /
• pp.247-258
• /
• 2021

Recently, organizations are demanding strict information security behavior from their employees. Strict information security policies and techniques can cause information security related stress. The purpose of this study is to present the negative effects of information security related techno stress and role stress that reduce knowledge sharing behavior and person-organization fit. The survey was conducted to people working in organizations with information security policies and system, and the research hypothesis was verified by structural equation modeling using 309 samples. As a result of the study, person-organization fit had a positive effect on knowledge sharing behavior, but role stress had a negative effect. And, techno-stress negatively affected the person-organization fit. Additionally, role ambiguity had a moderating effect between person-organization fit and knowledge sharing behavior. The implications of the study were to confirm the negative effects of information security related techno stress and role stress, and to suggest directions for minimizing negative behavior of insiders.