Browse > Article

The Exploratory Study on Security Threats and Vulnerabilities for Mobile Office Environment  

Choi, Young-Jin (Dept. of Medial Management, Eulji University)
Ra, Jong-Hei (Dept. of Distribution & Logistics Management, Gwangju University)
Shin, Dong-Ik (Dept. of E-marketing, Hongik University)
Publication Information
Journal of Information Technology and Architecture / v.11, no.2, 2014 , pp. 175-185 More about this Journal
Abstract
This study is based on the information security management system, the threat from mobile office, mobile office configuration item type, vulnerability analysis and control at the level of the current possibilities for technology to its purpose. To perform exploratory study for mobile Office to target the new technology, we were used the integrated research methods such as the documentary survey, expert FGI and real user's survey. To identify the main risk areas of mobile office services, we develop the mobile service layer model that separated the place, terminal, network, server according to service deliverly system. Finally, the result of survey for threats and vulnerabilities showed that the control of the terminal of user is a significant.
Keywords
Mobile office; Threat; Vulnerability; Integrated research methods;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 Singleton, R. A., & Straits, B. C., "Approaches to social research (4th edition)," New York: Oxford University Press, 2005.
2 Tashakkori, Abbas & Creswell, John W., "The New Era of Mixed Methods," Journal of Mixed Methods Research, Vol. 1, No. 1, pp. 3-7, 2007.   DOI   ScienceOn
3 Tim Godlove, Telework and Mobile Computing : Security Concerns and Risks, The security Journal, Vol. 30, pp. 5-11, 2010.
4 Von Bergen C. W., "Safety and Workers' Compensation Considerations in Telework," Regional Business Review, vol. 27, 2009.
5 William M. Fitzgerald, Ultan Neville, Simon N. Foley, "Automated Smartphone Security Configuration," Data Privacy Management and Autonomous Spontaneous Security Lecture Notes in Computer Science Volume 7731, pp. 227-242, 2013.   DOI   ScienceOn
6 Wolcott, Harry F., "Writing up Qualitative Research. Better," Qualitative Health Research, Vol. 12, No. 1, pp. 91-103, 2002.   DOI
7 Zhi Peng Shao, Shi Da Lu, Mu Chen, "Risk Analysis of Smart Terminals in Mobile Application of Power System and the Protection Solution Design," Applied Mechanics and Materials, Vol. 260-261, pp. 397-401, 2012.   DOI
8 Zernand, M., "The Risks and Management of Telework," EBS Review, Issue 16, pp. 101-104, 2003.
9 Zimmerman, M., Haffey, J., Crane, E., Szumowski, D., Alvarez, F., Bhiromrut, P., Brache, V., Lubis, F., Salah, M., Shaaban, M., Shawky, B., & Sidi, I. P. S., "Assessing the Acceptability of Norplant Implants in Four Countries; Findings from Focus Group Research," Studies in Family Planning, Vol. 21, No. 2, pp. 92-103, 1990.   DOI   ScienceOn
10 Microsoft, "Telework Planning Considerations : A Risk-based Approach for it Managers," A Microsoft U.S. government white paper, 2011.
11 Morgan, David L., "Paradigms Lost and Pragmatism Regained: Methodological Implications of Combining Qualitative and Quantitative Methods," Journal of Mixed Methods Research, Vol. 1, No. 1, pp. 48-76, 2007.   DOI
12 Morrow, B., "BYOD security challenges: control and protect your most sensitive data," Network Security. Dec2012, Vol. 2012 Issue 12, pp. 5-8, 2012.
13 Patricia Mayer Milligan, Donna Hutcheson, "Business Risks and Security Assessment for Mobile Devices," Proceedings of the 8th WSEAS Int. Conference on Mathematics and Computers in Business and Economics, pp. 189-193, 2007.
14 Paul Turpin, "Securing Telecommuters : Possible threats and Solutions," Global Information Assurance Certification Paper, 2004.
15 Peacey, A.,"eleworkers - extending security beyond the office," Network Security Journal, Vol. 2006, no. 11, pp. 14-16, 2006.
16 Peltier, T. R., "Remote Access Security Issue," Information Systems Security, Vol. 10, No. 6, pp.31-36, 2013.
17 Pyöriä, P., "Managing telework: risks, fears and rules," Management Research Review, Vol. 34, No. 4, pp. 386-399, 2011.   DOI   ScienceOn
18 Saint-Germain, Michelle A., Bassford, Tamsen L. & Montano, Gail, "Surveys and Focus Groups in Health Research with Older Hispanic Women," Qualitative Health Research, Vol. 3, No. 3, pp.3 41-367, 1993.   DOI   ScienceOn
19 Ruth, S., "The Dark Side of Telecommuting - Is a Tipping Point Approaching? GMU School of Public Policy Research Paper No. 2012-02, 2011.
20 Sale, Joanna E. M., Lohfeld, Lynne H., & Brazil, Kevin, "Revisiting the Quantitative-Qualitative Debate: Implications for Mixed-Methods Research," Quality & Quantity, Vol. 36, pp. 43-53, 2002.   DOI   ScienceOn
21 Scarfone, K., Hoffman, P. & Souppaya, M., "Guide to enterprise telework and remote access security: recommendations of the national institute of standards and technology," National Institute of Standards and Technology, 2009.
22 Shedden, P., Scheepers, R., Smith, W. & Ahmad, A., "Incorporating a knowledge perspective into security risk assessments," The journal of information and knowledge management systems, Vol. 41 No. 2, pp. 152-166, 2011.
23 Benjamin Halpert, "Mobile device security, InfoSec-CD," '04: Proceedings of the 1st annual conference on Information security curriculum development, pp. 99-101, 2004.
24 Claudio Marciano, "DO YOU FEAR TELEWORK?-Understanding the petrify effect," ICT4S 2013: Proceedings of the First International Conference on Information and Communication Technologies for Sustainability, pp. 265-270, 2013.
25 Day, F. C. and Burbach, M. E., "Telework Considerations for Public Managers with Strategiesfor Increasing Utilization," Communications of the IBIMA, vol. 2011.
26 Ernst and Young, "Risk at Home: Privacy and Security in Telecommuting," Ernst and Young, pp. 1-23, 2008.
27 Furnell, S., "Securing the home worker. Network Security," 2006(11), pp. 6-12, 2006.
28 Godlove, "Examination of the factors that influence teleworkers willingness to comply with information security guidelines," Information Security Journal : A Global Perspective, Vol. 21, No. 4, pp. 216-229, 2012.   DOI
29 James, P., "Are existing security models suitable for teleworking?," The 9th Australian Information Security Management Conference, 2011.
30 Ian Paul, Five Big Security Threats for 2011, PCwolrd, 2011. http://www.pcworld .com/article/2217 80/five_big_security_ threats_for_2011 .html
31 Johnson, R. Burke, Onwuegbuzie, Anthony J., & Turner, Lisa A., "Toward a Definition of Mixed Methods Research," Journal of Mixed Methods Research, Vol. 1, pp. 112-133, 2007.   DOI
32 Joice, W., "Implementing Telework: The Technology Issue," Public Manager, Vol. 36, pp. 64-68, 2007.
33 Karen Scarfone, Murugiah Souppaya, "User's Guide to Securing External Devices for Telework and Remote Access," NIST Special Publication 800-114, NIST, 2007.
34 Kent, K., Hoffman, P., and Souppaya, M., "Guide to enterprise telework and remote access security (draft)," U.S. Dept. of Commerce, National Institute of Standards and Technology, 2009.
35 Krueger, Richard A., "Focus Groups: A Practical Guide for Applied Research," Thousand Oaks, Calif: Sage Publications, 1994.
36 Kitzinger, Jenny., "The Importance of Interaction between Research Participants," Sociology of Health and Illness, Vol. 16, No. 1, pp. 103-121, 1994.   DOI   ScienceOn
37 삼성경제연구소, "스마트폰이 열어가는 미래," 2010.2.3.
38 이민혜, 이준기, "스마트워크 연구에 대한 고찰과 향후 연구 주제," 정보화정책 제18권 제2호 통권67호, pp. 72-84, 2011.
39 이형찬, 이정현, 손기욱, "스마트워크 보안 위협과 대책," 정보보호학회지, 제21권 제3호, pp. 12-21, 2011.
40 정명수, 이동범, 곽진, "스마트워크 보안위협 및 보안 요구사항 분석," 정보보호학회지, 제21권 제3호, pp. 55-63, 2011.
41 한국정보화진흥원, "기업을 위한 스마트워크 도입.운영 가이드라인," 2010.
42 황해수, 이기혁, "안전한 스마트워크 향상을 위한 Mobile Security 대응모델에 관한 연구," 정보보호학회지, 제21권 제3호, pp. 22-34, 2011.
43 Alan Bryman, "Barriers to Integrating Quantitative and Qualitative Research," Journal of Mixed Methods Research, Vol. 1, No. 1, pp. 8-22, 2007.   DOI   ScienceOn