• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.101-110
• /
• 2017

The purpose of this study is to examine possibilities of industry secret information leakage through IoT devices and to prevent information leakage from the perspective of administrative and technique security. From the administrative security perspective, first, it is important to face the possibility of industry information data leakage through anyone who can access companies and should establish guidelines to limit the use of IoT devices when entering companies. Second, security management guideline should be prepared by companies or upon user's request and use of any electronic devices sharing wireless internet connection should be eliminated or restricted. From technique security perspective, channels that sharing IoT devices in computers should be controlled since industry secret information are stored in computers and servers. Furthermore, IoT devices that accessing wireless internet network or devices that already registered should be regularly checked in order to minimize any information leakage. Lastly, data and information stored in computers and servers should be encrypted.

• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.69-77
• /
• 2022

Globally, the medical field is growing very fast with technology development and convergence with ICT technology, and Precision Medicine using personal health information, genetic information, and clinical information is growing into a next-generation medical industry. Since Precision Medicine deals with individual health and life, the issues of personal information protection and health and medical information protection are emerging.Accordingly, this paper presents security improvements by domestic and foreign standards, laws, and systems in the cloud and medical field, and proposes a plan to protect healthcare and medicine information protection for safe Precision Medicine.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.18 no.4
• /
• pp.41-46
• /
• 2022

In the fourth industrial era, when various technologies are fused and combined, new and advanced technologies from other industries are used extensively in the maritime industry field. New security threats are also increasing along with the development of new technologies. In addition, in incorporating convergence technologies into the maritime industry, various problems, such as communication definitions and procedures between technologies and customer-customized delays, occur. In this paper, for the problems mentioned above, research results on the network configuration of safer autonomous vessels by supplementing and fusing existing solutions rather than developing new technologies are proposed. In conclusion, the entire network consists of VDI and presents additional configurations to ensure confidentiality, integrity, and availability, which are the three security elements. According to the composition of such a convergence network, it is intended to help prepare countermeasures to protect internal data from external threats.

• Journal of the Korean Society of Industry Convergence
• /
• v.24 no.4_2
• /
• pp.421-434
• /
• 2021

The expansion of information sharing activities using online can increase the threat of information exposure by increasing the diversity of approaches to information within an organization. The purpose of this study is to present conditions for improving the information security compliance intention of insiders to improve the level of information security within the organization. In detail, the study applies the theory of planned behavior that clearly explains the cause of an individual's behavior and proposes a way to increase the compliance intention by integrating the social control theory and goal-setting theory. The study presented research models and hypotheses based on previous studies, collected samples by applying a questionnaire technique, and tested hypotheses through structural equation modeling. As a result, information security attitude, subjective norms, and self-efficacy had a positive influence on the intention to comply. Also, attachment, commitment, and involvement, which are the factors of social control theory, formed a positive attitude toward information security. Goal difficulty and goal specificity, which are the factors of goal setting theory, formed a positive self-efficacy. The study presents academic and practical implications in terms of suggesting a method of improving the information security compliance intention of employees.

• International journal of advanced smart convergence
• /
• v.5 no.3
• /
• pp.27-31
• /
• 2016

High-tech industries in a state well enough to troubleshoot hacking information introduction a big barrier to delay the growth of the market related to IoT(Internet of Things) as is likely to be on the rise. This early on, security issues introduced in the solution, a comprehensive solution, including the institutional laws/precautions needed. Recent examples of frequent security threats while IoT is the biggest issue of introducing state-of-the-art industry information due to the vulnerable security hacking. This high-tech industries in order to bridge the information responsible for the target attribute, target range, and the protection of security and how to protect the subject, IoT environment (domestic industrial environment) considering the approach is needed. IoTs with health care and a wide variety of services, such as wearable devices emerge. This ensures that RFID/USN-based P2P/P2M/M2M connection is the implementation of the community. In this study, the issue on the high-tech industrial information and the vulnerable security issues of IoT are described.

• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.25-32
• /
• 2020

In the midst of the rising need for Industrial Security experts, the development of National Competency Standards(NCS) with regards to industrial security is a very important and urgent task. The NCS standardizes university-level academic curriculum and qualification systems and connects them with the industry's needs. This study has extracted, classified and analyzed security-related jobs and tasks requiring security expertise that is required within NCS. Through this study, many tasks have been confirmed to require security competencies that are different from those in IT-security, physical security that already exist as a NCS tasks. It is expected that the industry's needs of industrial security expertise will be reflected in future NCS development, which will be used as basic data for systematizing industrial security jobs and competency.

• International journal of advanced smart convergence
• /
• v.13 no.2
• /
• pp.69-79
• /
• 2024

AI technology is a central focus of the 4th Industrial Revolution. However, compared to some existing non-artificial intelligence technologies, new AI adversarial attacks have become possible in learning data management, input data management, and other areas. These attacks, which exploit weaknesses in AI encryption technology, are not only emerging as social issues but are also expected to have a significant negative impact on existing IT and convergence industries. This paper examines various cases of AI adversarial attacks developed recently, categorizes them into five groups, and provides a foundational document for developing security guidelines to verify their safety. The findings of this study confirm AI adversarial attacks that can be applied to various types of cryptographic modules (such as hardware cryptographic modules, software cryptographic modules, firmware cryptographic modules, hybrid software cryptographic modules, hybrid firmware cryptographic modules, etc.) incorporating AI technology. The aim is to offer a foundational document for the development of standardized protocols, believed to play a crucial role in rejuvenating the information security industry in the future.

• Convergence Security Journal
• /
• v.16 no.6_2
• /
• pp.43-51
• /
• 2016

In the 1980s, private security was established in the framework of institutional framework with the Security Industry Act which was enacted in 1976. The agents who brought in the development of the private sector in 1980 enjoyed a boom in the global economy, affected by its high-flying dollar value, low international interest rate, low oil prices, and the blooming economy. In addition, the semiconductor, computers and communications equipment that was promoted in accordance with the e-Literacy plan were raised. Following the economic development of various events such as Seoul International Trade Fair, "86 Asian Games," and "88 Seoul Olympic Games," private security expenses were enhanced by increasing awareness of civilian expenses. Also, in the 1980s, Korean investment in foreign companies, including Japan's Secom, or Korean technology, brought many changes to the private security. Meanwhile, the cost of security, which has been centered around human expenses, has brought about the era of mechanized spending, or machine security expenses. The purpose of this study is to systematically analyze the social environment surrounding the private security in the 1980s and systematically analyze the important factors that contribute to private security.

• Convergence Security Journal
• /
• v.12 no.4
• /
• pp.97-108
• /
• 2012

In this study, we analysis the distributing malware using email on the korean defense service and defense industry as the social engineering attack. E-mail attack distributes the document files with the malware. Using the malware, attacker get the Information of the targeted people and devices. we proposed expected new types of attacks by analysis and transformation. And, expect the new email attack agendas which will be tried.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.85-97
• /
• 2022

With the development of big data technology, data is rapidly entering a hyperconnected intelligent society that accelerates innovative growth in all industries. The convergence industry, which holds and utilizes various high-quality data, is becoming a new growth engine, and big data is fused to various traditional industries. In particular, in the medical field, structured data such as electronic medical record data and unstructured medical data such as CT and MRI are used together to increase the accuracy of disease prediction and diagnosis. Currently, the importance and size of unstructured data are increasing day by day in the medical industry, but conventional data security technologies and policies are structured data-oriented, and considerations for the security and utilization of unstructured data are insufficient. In order for medical treatment using big data to be activated in the future, data diversity and security must be internalized and organically linked at the stage of data construction, distribution, and utilization. In this paper, the current status of domestic and foreign data security systems and technologies is analyzed. After that, it is proposed to add unstructured data-centered de-identification technology to the guidelines for unstructured data and technology application cases in the industry so that unstructured data can be actively used in the medical field, and to establish standards for judging personal information for unstructured data. Furthermore, an object feature-based identification ID that can be used for unstructured data without infringing on personal information is proposed.