• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.295-310
• /
• 2014

DCS (Distributed Control System), the main control system of power plants, is an automated system for enhancing operational efficiency by monitoring, tuning and real-time operation. DCS is becoming more intelligent and open systems as Information technology are evolving. In addition, there are a large amount of investment to enable proactive facility management, maintenance and risk management through the predictive diagnostics. However, new upcoming weaponized malware, such as Stuxnet designed for disrupting industrial control system(ICS), become new threat to the main control system of the power plant. Even though these systems are not connected with any other outside network. The main control systems used in the power plant usually have been used for more than 10 years. Also, this system requires the extremely high availability (rapid recovery and low failure frequency). Therefore, installing updates including security patches is not easy. Even more, in some cases, installing security updates can break the warranty by the vendor's policy. If DCS is exposed a potential vulnerability, serious concerns are to be expected. In this paper, we conduct the penetration test by using NESSUS, a general-purpose vulnerability scanner under the simulated environment configured with the Ovation version 1.5. From this result, we suggest a log analysis method to detect the security infringement and react the incident effectively.

• Convergence Security Journal
• /
• v.14 no.6_2
• /
• pp.3-13
• /
• 2014

The purpose of this research is to establish the effects of the welfare benefits for security agents on the organizational commitment and the job satisfaction. To achieve this purpose, data were collected from 288 security agents of the security companies located in Seoul and Gyeonggi regions using the welfare benefit, organizational commitment, and job satisfaction scale, and the collected data were analyzed using SPSS 18.0 and AMOS 18.0. The conclusion obtained from the results of the analysis is as follows : First, it was the difference in welfare benefits, organizational commitment, job satisfaction, depending on individual characteristics of the security agents. Second, it was found that the cultural support, facilities support, economic support, and life support of welfare benefits had positive effects on the organizational commitment of security agents, and the conclusion that the welfare benefit factors are important to increase the organizational commitment was derived. Third, it was found that the cultural support, facilities support, economic support, and life support of welfare benefits had positive effects on the job satisfaction of security agents, and the conclusion that satisfying the welfare benefits is a way to raise the job satisfaction was derived.

• Information Systems Review
• /
• v.18 no.1
• /
• pp.79-103
• /
• 2016

The Korean Army has to construct a system that will enable it to cope immediately with the flexible military relationships in Northeast Asia by systematizing and improving the efficiency of operations. These improvements include building a smart and strong army, concentrating on cost-effective combat skills, maximizing the utilization of private resources, and establishing a military structure based on information and technology. Accordingly, this study proposes solutions to solve the problems affecting the success of outsourcing in the defense industry. Unlike outsourcing in other government ministries, outsourcing in the national defense sector may be unrealistic because this strategy is related to the renovation project of the Ministry of the National Defense. In general, the objective of outsourcing in the defense industry, similar to other businesses, is to improve efficiency and not to reduce troops and national defense budget. Several factors, such as identification and security guarantee, risk reduction, cost saving, quality improvement, the reliability of enterprise, and professional technology, are necessary to ensure outsourcing success in the national defense sector. In terms of effectiveness, the improvement in service quality significantly influences outsourcing success in the national defense sector. Eventually, the national defense forces must be strengthened to prevent the provocative actions of North Korea and other threats by improving identification, sense of national security, and quality unlike the current outsourcing of the government, as well as emulating German GEBB or PMC, which utilizes social capital.

• Journal of Technology Innovation
• /
• v.23 no.1
• /
• pp.1-36
• /
• 2015

The purpose of this research is to find individual user's preference for cloud storage service such as Daum Cloud, Naver N-Drive, GoogleDrive, Dropbox, SkyDrive and iCloud. Through literature reviewed and pilot tests, 6 attributes of cloud storage service (storage capacity, perceived cost, collaboration, accessibility, social influence and perceived security) were selected and all 6 attributes had significant effects on the preference of cloud storage service by conjoint analysis. The results shows that the user's willingness to pay is estimated 10,553 won for the free storage, 4,646 won for the function for mobile accessibility, and 2,443 won for more reliable cloud computing service provider. This study has significance to apply conjoint analysis with economic, technological, and environmental factors to cloud storage service (SaaS) and shed light on policy promotion of next generation of cloud computing ecosystem by user perception with willingness to pay on the storage service.

• Convergence Security Journal
• /
• v.14 no.1
• /
• pp.33-41
• /
• 2014

The purpose of this study is to establish the relationship of empowerment and organization attachment with the organization culture of security organization. This study is based by setting the security organization employed in security firms in the capital area(Seoul) in 2012 as the parent population and using the purposive sampling method to analyze a total amount of 280 examples. The frequency analysis, analysis on primary factors, reliability analysis, multiple regression analysis, path analysis methods using SPSSWIN 18.0 were used in analysis. The reliability of the survey showed a Cronbach's ${\alpha}$ value of over 0.690. The results are like the following. First, the organization culture of security organization affect empowerment. Thus, the more a practical development culture is settled, the more the capability of self-determinism, meaningfulness, and effect is amplified. Moreover, the more a consensual culture is established, the more the capability of self-determinism is enhanced, and the more a hierarchical culture is established, the more the meaningfulness is enhanced. Second, the organization culture of security organization affect organization attachment. Thus, the continuous normative attachment is enhanced when a more hierarchical culture is established. Moreover, emotional attachment is enhanced when a more practical development culture is established. Third, the empowerment of security organization affects organization attachment. Thus, the continuous normative attachment is decreased when one's capability of self-determinism is more lacking. However, the continuous normative attachment is higher when the meaningfulness and effect is enhanced. Moreover, emotional attachment is enhanced when meaningfulness is increased. Fourth, the organization culture of security organization directly/indirectly affects empowerment and organization attachment. Thus, empowerment is an important mediating factor between organization culture and organization attachment.

• Proceedings of the Korea Association of Information Systems Conference
• /
• 2003.05a
• /
• pp.55-73
• /
• 2003

As the development of wireless technologies continue, mobile stock trading has become a new channel for companies to reach their customers. This study examines the factors affecting customer acceptance of mobile stock trading services. The research model based on the previous studies was established and the research hypotheses were generated. The sample was divided into users and nonuser groups. The test results show that relative advantage and social influence are positively related to intention to accept mobile services as well as in intention to reuse, security risk is negatively related to intention to reuse, frequency of trading is positively related to intention to reuse, cost burden is negatively related to the probability of using mobile stock trading services, and social influence is positively related to the probability of using mobile services. The results also support that information quality and response time are positively related to relative advantage, and interface quality is negatively related to complexity. It is considered that the study results may help managers to increase customer use of mobile stock trading services.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.105-114
• /
• 2014

There are many studies on the adoption intentions for mobile banking. But there are no apparent effect on the popularity of it. This is so because the users have resistance to innovation on Mobile Banking. Therefore, it is necessary to identify empirically the problem of user resistance. In this paper, we identified hindrance factors of mobile banking with previous papers. And then we conducted empirical study by survey reply from undergraduates and graduate students in China. The results of this study are as follows. Social Influence and Perceived Complexity have positive effect on Perceived Risk, and Trust has negative effect on Perceived Risk. Perceived Security and Perceived Protection of Private information have no effect on Perceived Risk. Perceived Risk has effect on User Resistance. The significance of this paper is that financial institutions and telecommunications companies of China could potentially establish new and more accurate strategies based on the resistance factors identified in this paper to gain more profits.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.259-273
• /
• 2016

After realizing through the three large-scale data leakage incidents that intentional or accidental insider jobs are more serious than external intrusions, financial companies in Korea have been taking measures to prevent data leakage from occuring again. But, the IT system architecture reflecting the domestic financial environment is highly complicated and thereby difficult to grasp. It is obvious that despite administrative, physical, and technical controls, insider threats are likely to cause personal data leakage. In this paper, we present a process that based on metadata defines and manages personally identifiable attribute data, and that through inter-table integration identifies personal information broadly and controls access. This process is to decrease the likelihood of violating compliance outlined by the financial supervisory authority, and to reinforce internal controls. We derive and verify a decision-making model that reflects the proposed process.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.4
• /
• pp.786-792
• /
• 2016

Camellia was jointly developed by Nippon Telegraph and Telephone Corporation and Mitsubishi Electric Corporation in 2000. Camellia specifies the 128-bit message block size and 128-, 192-, and 256-bit key sizes. In this paper, a modified round operation block which unifies a register setting for key schedule and a conventional round operation block is proposed. 16 ROMs needed for key generation and round operation are implemented using only 4 dual-port ROMs. Due to the use of a message buffer, encryption/decryption can be executed without a waiting time immediately after KA and KB are calculated. The suggested block cipher Camellia algorithm is designed using Verilog-HDL, implemented on Virtex4 device and operates at 184.898MHz. The designed cryptographic core has a maximum throughput of 1.183Gbps in 128-bit key mode and that of 876.5Mbps in 192 and 256-bit key modes. The cryptographic core of this paper is applicable to security module of the areas such as smart card, internet banking, e-commerce and satellite broadcasting.

• Journal of Digital Contents Society
• /
• v.19 no.3
• /
• pp.569-577
• /
• 2018

Near-Field Communication(NFC) is a useful technology that is receiving worldwide attention. NFC mobile payment systems are being developed by many technology companies including financial institutions especially for the public transportation. In this research we find several factors for the intention to adopt NFC payment system. We surveyed 355 respondents who live in Ho Chi Minh city, Vietnam which became more interested by Korean as a post China country to test our research hypothesis. Using Technology Acceptance Model(TAM) we find that the factors of Social influence, Trust, Security, and Users' Convenience play the significant role to the factor of Intention to Use of NFC payment system.