Browse > Article
http://dx.doi.org/10.13089/JKIISC.2010.20.2.91

Improving Research Information Security in Academic Institutes through the Analysis of Security Awareness and Activities  

Park, Il-Hyung (School of Electrical Engineering and Computer Science, Seoul National University)
Kim, Seong-Woo (School of Electrical Engineering and Computer Science, Seoul National University)
Seo, Seung-Woo (School of Electrical Engineering and Computer Science, Seoul National University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.20, no.2, 2010 , pp. 91-108 More about this Journal
Abstract
Universities are one of leading R&D institutes, however, their scarce security investment allows research information to leak outside. This paper proposes methods for improving security level of academic institutes to protect research information by analyzing security awareness and activities. To do that, we verified the current status of information security and awareness level by analyzing the survey which was conducted for a member of Seoul National University. As a result of statistical analysis using correlation, analysis of variance, multi regression and so on, we concluded that it is essential to improve security awareness, activities, professor's security level and management process for research labs. Thus, we suggest the following methods, security awareness and knowledge development through education, security management for research labs through provision, introduction of data protection softwares and physical control of visitors which are to be adopted to improve security level.
Keywords
Academic Security; Research Information Protection; Security Awareness; Security Level; Survey;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 S.M. Lee and Y.R. Kim, "An empirical study of the relationships among end-user information systems acceptance, training, and effectiveness," Journal of Management Information Systems, vol. 12, no. 2, pp. 189-202, Jan. 1995.   DOI
2 D.L. Goodhue and D.W. Straub, "Security concerns of system users: a study of perception of the adequacy of security," Information & Management, vol. 20, no. 1, pp. 13-27, Jan. 1991.   DOI   ScienceOn
3 임채호, "효과적인 정보보호인식제고 방안," 정보보호학회지, 16(2), pp. 30-36, 2006년 4월.   과학기술학회마을
4 방송통신위원회, "2008년 정보보호 실태조사 결과," 2009년 2월.
5 국가정보원, "2009 국가정보보호 백서," 2009년 4월.
6 연합뉴스, "1천만명 정보유출 돈노린 내부자 소행," 2008년 9월.
7 G.V. Post and A. Kagan, "Evaluating information security tradeoff: restricting access can interfere with user tasks," Computers & Security, vol. 26, no. 3, pp. 229-237, May 2007.   DOI   ScienceOn
8 S. Harris, CISSP certification all-in-one exam guide, McGraw-Hill Osborne Media, Nov. 2007.
9 연합뉴스, "<연합시론> 기술유출 범국가적 대응 필요하다," 2008년 8월.
10 국가정보원, "대학산업기술보호 매뉴얼," 2007년 8월.
11 ISACA, "CISA review manual," Dec. 2008.
12 S. Garfinkel and A. Shelat, "Remembrance of data passed: a study of disk sanitization practices," IEEE Security & Privacy, pp. 17-27, Feb. 2003.   DOI   ScienceOn
13 김종기, 강다연, "패스워드의 정보시스템 보안효과에 영향을 미치는 요인에 관한 연구," 경영정보학연구, 18(4), pp. 1-26, 2008년 12월.   과학기술학회마을
14 서울대학교 중앙전산원, "서울대학교 정보보안 현황 및 대책에 관한 연구," pp. 102-139, 2009년 6월.
15 P. Gutmann, "Secure deletion of data from magnetic and solid-state memory," 6th USENIX Security Symposium, pp. 77-90, July 1996.
16 서의훈, SPSS 12.0 한글판을 이용한 SPSS 통계 분석, 자유아카데미, 2005년 9월.
17 한국정보화진흥원, "정보보호 가이드북," 2003년 4월.
18 최현철, 사회통계방법론(SPSS/PC WINDOWS 12.0), 나남, 2007년 7월.
19 방송통신위원회, "방송통신위원회고시 제2008-11호 정보보호관리체계 인증 등에 관한 고시," 2008년 5월.
20 ISO, "ISO/IEC 13335-1:2004," 2004.
21 국가사이버안전센터, "정보보호생활수칙," 2008년.