• International Journal of Computer Science & Network Security
• /
• v.24 no.8
• /
• pp.105-118
• /
• 2024

The decision to integrate mobile cloud computing (MCC) in higher education without first defining suitable usage scenarios is a global issue as the usage of such services becomes extensive. Consequently, this study investigates the security determinants of the educational use of mobile cloud computing among universities students. This study proposes and develops a theoretical model by adopting and modifying the Protection Motivation Theory (PMT). The studys findings show that a significant amount of variance in MCC adoption was explained by the proposed model. MCC adoption intention was shown to be highly influenced by threat appraisal and coping appraisal factors. Perceived severity alone explains 37.8% of students "Intention" to adopt MCC applications, which indicates the student's perception of the degree of harm that would happen can hinder them from using MCC. It encompasses concerns about data security, privacy breaches, and academic integrity issues. Response cost, perceived vulnerability and response efficacy also have significant influence on students "intention" by 18.8%, 17.7%, and 6.7%, respectively.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.249-258
• /
• 2012

Cyber attacks expose sensitive information and cause fatal damage in both the public and the private sectors. Therefore, MKE (Ministry of Knowledge Economy) Cyber Security Center was founded on July 25, 2008, to perform three major roles. First, it detects and analyzes cyber attacks for the both sectors. Second, its ISAC (Information Sharing & Analysis Center) service analyzes and evaluates the vulnerability of the communication and network infrastructure to security threats, including control systems. Third, it provides CERT/CC (Computer Emergency Response Team Coordination Center) service to prevent and to respond to computer security incidents. This study focuses on the MKE Cyber Security Center's service analysis, which is playing an increasingly larger role in the both sectors. Based on this analysis, after grasping the response services activity and pointing out the problems, this study suggests improvements to the MKE Cyber Security Center.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.55-61
• /
• 2024

With the development of IoT technology, wearable services have also developed rapidly. Wearable devices required for this service are used as sensors and controllers in the form of smart bands. Wearable devices implement very concise SWlogic for possible long-term use and use wireless communication protocols to improve convenience. However, because this wearable device aims to be lightweight, it is more vulnerable to security than terminals used for other information services. Many smart healthcare or smart medical services are passive or do not apply security technology. By exploiting this security environment, attackers can obtain or modify important information through access to wearable devices. In this study, we analyzed the technical operating environment of wearable services and identified authentication information reuse attacks, BIAS attacks, battery drain attacks and firmware attacks on wearable devices. And we analyzed the mechanism of each security threat and confirmed the attack effect. In this study, we presented a response plan to respond to the identified security threats. When developing wearable services, it is expected that safer services can be built if the response plan proposed in this study is considered.

• Earthquakes and Structures
• /
• v.16 no.6
• /
• pp.641-654
• /
• 2019

This paper investigates the seismic response of a typical non-navigable continuous girder bridge isolated with friction sliding bearings of the Hong Kong-Zhuhai-Macao link projects in China. The effectiveness of the friction pendulum system (FPS) and accuracy of the numerical model were evaluated by a 1/20 scaled bridge model using shaking table tests. Based on the hysteretic properties of friction pendulum system (FPS), double concave friction pendulum (DCFP), and triple friction pendulum system (TFPS), seismic response analyses of isolated bridges with the three sliding-type bearings are systematically carried out considering soil-pile interaction under offshore soft clay conditions. The fast nonlinear analysis (FNA) method and response spectrum are employed to investigate the seismic response of isolated offshore bridge structures. The numerical results show that the implementation of the three sliding-type bearings effectively reduce the base shear and bending moment of the reinforced concrete pier, at the cost of increasing the absolute displacement of the bridge superstructure. Furthermore, the TFPS and DCFP bearings show better isolation effect than FPS bearing for the example continuous girder bridge.

• Journal of Convergence Society for SMB
• /
• v.5 no.3
• /
• pp.1-7
• /
• 2015

Recently, finance technology related to Fin-Tech has emerged while national and international financial incidents have increased. Security technologies that are currently operated in the financial institutions, have been reported to be vulnerable to security attacks. In this paper, we propose a method of response and plan of security incident using Fin-Tech technology in the divers authentication methods and the usage of biometrics. Proposed method provides a convenient banking services to the users by integrating IT technology, such as personal asset management, crowdfunding to finance technology. Also, the proposed method may provide the security with ease by applying the security technologies such as PCI-DSS, tokenization technique, FDS, the block chain. Proposed method analyzes a number of security cases in relation to the Fin-Tech, financial technologies, for a response.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.139-145
• /
• 2016

Recently, The attack on the USB and network are increasing in many domestic infrastructure. These attacks are the most independent of insider intention, caused by the Anthropogenic Manipulation. These attacks are Anthropogenic Response Measures for Physical Security. and Representative Technology has CCTV, Access Control System, Sensor Technology. However, Physical Security, it is represented by several Product family according to the Market, has become an obstacle but rather a variety of Physical Security Technology Development and Application. As the Anthropogenic Attacks have occur continually in the network, it need to the proper Physical Response Techniques in this situation. Therefore, In this paper, we will find out about the awareness and demand trends of Physical Security. And The Physical Vulnerable Factors of Network. Thereby this is expected to be utilized as a basis for the domestic Physical Security Technology development and deployment Road-map in a future.

• Journal of Information Technology Services
• /
• v.12 no.3
• /
• pp.151-163
• /
• 2013

It is no doubt that information technology is the key factor of national safety. Information technology is positively useful for national security such as crime prevention and detection, criminal investigation, disaster management, and national defense. However, it might be a threat to the security as we saw in the examples such as '3.4 DDoS attacks' and 'Nong-hyup Computer Network Failure.' Although the effect that information technology makes upon the national security is immense, the current legal system does not reflect these changes well. National security should be kept during 'prevention-response-recovery' process regardless it is in the online on offline. In addition, public administration for national security should be based on laws. However, the current legal system is lack of legislative basis on cyber and physical disaster, and the laws on the response to disaster might cause confusing. Therefore, this study examines the limitation of the current legal system on national security, and suggests directions for the development of the system based on the new establishment of the legal concept for 'national security'.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.4
• /
• pp.45-54
• /
• 2001

It is necessary to control security management consistently and respond to an intrusion automatically in order to use the network securely in the single administrative domain. This paper presents a Shadowing Mechanism supporting a dynamic extension of security scheme and proposes an ARTEMIS(Advanced Realtime Emergency Management and Intruder Identification System), which is designed and implemented based on the suggested technique. It is possible for security management system developed on the basis of the Shadowing Mechanism to make all network components working under the same security scheme. It enhances the accuracy of intrusion tracing and automatic response through dynamic extension of space and time for security management.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.3-10
• /
• 2017

Standard Protocol Optimized for Resource-Constrained IoT Environment Constrained Application Protocol (CoAP) supports web-based communication between a sensor node in the IoT environment and a client on the Internet. The CoAP is a Request / Response model that responds to the client's CoAP Request message by responding with a CoAP Response message from the server. CoAP recommends the use of CoAP-DTLS for message protection. However, validation of the use of DTLS in the IoT environment is underway. We analyze CoAP and DTLS security mode, evaluate performance of secure channel creation time, security channel creation step time, and RAM / ROM consumption through Cooja simulator and evaluate the possibility of real environment application.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1167-1187
• /
• 2020

We are facing the situation where cyber threats such as hacking, malware, data leakage, and theft, become an important issue in the perspective of personal daily life, business, and national security. Although various efforts are being made to response to the cyber threats in the national and industrial sectors, the problems such as the industry-academia skill-gap, shortage of cybersecurity professionals are still serious. Thus, in order to overcome the skill-gap and shortage problems, we propose a Cybersecurity technical response Job Competency(CtrJC) framework by adopting the concept of cybersecurity personnel's job competency. As a sample use-case study, we implement the CtrJC against to personals who are charged in realtime cybersecurity response, which is an important job at the national and organization level, and verify the our framework's effects. We implement a sample model, which is a CtrJC against to realtime cyber threats (We call it as CtrJC-R), and study the verification and validation of the implemented model.