• The KIPS Transactions:PartD
• /
• v.9D no.3
• /
• pp.467-476
• /
• 2002

Importance of Information Systems in banking industry is higher than that of other industries. This study, based on a case study of a bank, analyzes the current status of information systems (IS) audit and proposes future directions in the area of IS control and audit. Major problems identified in the study include deficiency of IS and audit process, and inability of audit function to improve IS process. In addition, deficiency of staffing level and investment in R&D, and lack of competency and independence of audit staff are identified. In order to solve the problems, the following directions were proposed proper division of functions among audit related departments, utilization of outside audit function, and adoption of CSA, CAAT, career path program, risk-based audit approach. The results of the studs will provide valuable implications to banks and companies in other industries. Also the research framework employed in the study can be utilized in the future research in IS control and audit.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.9 no.8
• /
• pp.199-208
• /
• 2019

The escape theory is the theory of problem behavior such as suicide. The purpose of this study is to investigate the causes of gaming disorder, which has been attracting attention as a typical youth problem, through escape theory. Suicide theory is a process in which the problem triggered by the negative external environment flows into internal attribution and self-criticism, and this leads to a process leading to problematic behavior with disgust self-awareness. This process was applied to the environment, psychology, and behavior of adolescents. As a result, the lack of affection and consistency of the parents resulted in negative external environment, which affected the self-esteem of children by creating a negative external environment. And low self-esteem caused negative emotions, lowered self control, and confirmed to induce game addiction. The results of this analysis show that game addiction has a structure similar to obsessive behaviors such as binge eating and shopping addiction explained through the escape theory model and it is necessary to concentrate more on the environmental psychological factors for game addiction research.

• Journal of The Korean Society For Urban Railway
• /
• v.6 no.4
• /
• pp.279-286
• /
• 2018

Recently, a safety control platform to monitor the safety of train operation in real time and prevent accidents and risks through control is under study. In the initial design, DDS communication method supporting distributed network is adopted for real-time processing of large amount of data according to the integration of existing distributed safety data. However, communication between server and console inside the safety control platform is applied to existing TCP socket communication. In the case of TCP socket communication, it is possible to process data for a small system of a safety control test bed by one-to-one communication. However, if the data is expanded all over the country in the future, it becomes difficult to cope with a case where communication traffic occurs due to vast amount of data. In this paper, we propose DDS communication method to support distributed network between server and console of security control platform, and demonstrate TCP socket and DDS method, and compare throughput and speed. As a result, we have found that the scalability and flexibility are improved in case of applying DDS communication to future systems.

• The Journal of Society for e-Business Studies
• /
• v.23 no.4
• /
• pp.153-169
• /
• 2018

Previous e-financial anomalies analysis and detection technology collects large amounts of electronic financial transaction logs generated from electronic financial business systems into big-data-based storage space. And it detects abnormal transactions in real time using detection rules that analyze transaction pattern profiling of existing customers and various accident transactions. However, deep analysis such as attempts to access e-finance by insiders of financial institutions with large scale of damages and social ripple effects and stealing important information from e-financial users through bypass of internal control environments is not conducted. This paper analyzes the management status of e-financial security programs of financial companies and draws the possibility that they are allies in security control of insiders who exploit vulnerability in management. In order to efficiently respond to this problem, it will present a comprehensive e-financial security management environment linked to insider threat monitoring as well as the existing e-financial transaction detection system.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.101-110
• /
• 2017

The purpose of this study is to examine possibilities of industry secret information leakage through IoT devices and to prevent information leakage from the perspective of administrative and technique security. From the administrative security perspective, first, it is important to face the possibility of industry information data leakage through anyone who can access companies and should establish guidelines to limit the use of IoT devices when entering companies. Second, security management guideline should be prepared by companies or upon user's request and use of any electronic devices sharing wireless internet connection should be eliminated or restricted. From technique security perspective, channels that sharing IoT devices in computers should be controlled since industry secret information are stored in computers and servers. Furthermore, IoT devices that accessing wireless internet network or devices that already registered should be regularly checked in order to minimize any information leakage. Lastly, data and information stored in computers and servers should be encrypted.

• The Journal of the Convergence on Culture Technology
• /
• v.5 no.1
• /
• pp.21-26
• /
• 2019

This paper examines effect of fitness between innovation and HRM type on firm performance(quality competitiveness, operating profit). Data were extracted from the Korea Labor Institute's workplace panel survey(WPS) from 2015, and the analysis used 3,431 companies. To test the research model, analysis of variance(ANOVA). The model shows that full-innovation/commitment HRM type companies were significantly higher quality competitiveness, and operating profit than other companies. And low-level innovation/control HRM type companies were significantly lower quality competitiveness and operating profit than other companies.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.125-137
• /
• 2023

Companies that handle sensitive information, led by public institutions, establish separate networks for work and the Internet and protect important data through strong access control measures to prevent cyber attacks. Therefore, systems that involve the junction where the Intranet(internal LAN for work purposes only) and the Internet network are connected require the establishment of a safe security environment through both administrative and technical measures. Mobile Device Management(MDM) solutions to control mobile devices used by institutions are one such example. As this system operates by handling sensitive information such as mobile device information and user information on the Internet network, stringent security measures are required during operation. In this study, a model was proposed to manage sensitive information data processing in systems that must operate on the Internet network by managing it on the internal work network, and the function design and implementation were centered on an MDM solution based on a network interconnection solution.

• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.57-68
• /
• 2022

As the importance and awareness of security have recently expanded, companies and governments are making continuous efforts and investments for security management. However, there are still many security threats in the organization, especially security incidents caused by internal staff. Therefore, it is very important for members to comply with security policies for organizational security management. Therefore, this study classified industrial security management into technical security, physical security, and managerial security, and applied the theory of planned behavior to investigate the impact relationship on the intention to comply with security policies. SPSS 25 and AMOS 25 were used for statistical analysis, and the study found that technical security had a positive(+) effect on subjective norms, physical security had a positive(+) effect on perceived behavior control, and attitude and perceived behavior control had a positive(+) effect on security policy compliance intention.

• Journal of Service Research and Studies
• /
• v.6 no.1
• /
• pp.1-15
• /
• 2016

The purpose of this study is to suggest strategic approach to expand Korean e-government export. Korean e-government was evaluated as a top level by UN electronic government survey 2014. However its export is very limited. This study reviews the literature related to e-government, and analyze existing Korean e-government export. The results of this analysis are as follows: lack of a law related e-government export, decentralized organizations, insufficient export process, lack of e-government solution for sale, limited funds, deficiency of cooperation between large and small enterprises. This study suggests a strategic approach such as to clarify the purpose of e-government export, to decide government or civilian-oriented export, to establish driving strategy, to improve and develop e-government export related areas. There are many ways for improvement and development of e-government export as follows: to enact a basic law or to revise the e-government law, to integrate functions of separated organizations and establish control tower, to improve export process, to build information sharing system, to develop standardized solution module, and to expand fund to support. The author expects that this paper will contribute to enhance Korean e-government export.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.183-194
• /
• 2010

A company's private network protected by a firewall and NAT(Network Address Translation) is not accessible directly through an external internet. However, as Reverse Connection technology used by NetCat extends to the technologies such as SSH Tunnel or HTTP Tunnel, now anyone can easily access a private network of corporation protected by a firewall and NAT. Furthermore, while these kinds of technologies are commercially stretching out to various services such as a remote control and HTTP Tunnel, security managers in a company or general users are confused under the circumstances of inner or outer regulation which is not allowed to access to an internal system with a remote control. What is more serious is to make a covert channel invading a company's private network through a malicious code and all that technologies. By the way, what matters is that a given security system such as a firewall cannot shield from these perceived dangers. So, we analyze the indirect access of technological methods and the status quo about a company's internal network and find a solution to get rid of the related dangers.