• Journal of Information Technology Services
• /
• v.14 no.1
• /
• pp.53-68
• /
• 2015

This article aims to identify the quality factors of public data which have increased as a public issue; analyze the impact of users satisfaction in the perspective of Technology Acceptance Model (TAM), and investigate the effect of service satisfaction on the government's open policy of public data. This study is consistent with Total Data Quality Management (TDQM) of MIT, it focuses on three main qualities except Contextual Data Quality (CDQ) and includes seven independent variables : accuracy, reliability, fairness for Intrinsic Data Quality (IDQ), accessibility, security for Accessibility Data Quality (ADQ), Consistent representation and understandability for Representational Data Quality (RDQ). Basing on TAM, the research model was conducted to examine which factors affect to perceived usefulness, perceived ease of use, service satisfaction and how service satisfaction affects to the government's open policy of public data. The results showed that accuracy, fairness, understandability affect both perceived ease of use and perceived usefulness; while reliability, consistent representation, security, and accessibility affect only perceived ease of use. This article found that the influence of perceived ease of use on perceived usefulness and the influence of these two causes on service satisfaction in the perspective of TAM were significant and it was consistent with prior studies. The service satisfaction when using public data leads to the reliability of public data open policy. As an initial study on unstructured public data open policy, this article offered quality factors that pubic data providers should consider and also present the operation plan of public data open policy in the future.

• Journal of Communications and Networks
• /
• v.13 no.6
• /
• pp.583-590
• /
• 2011

Full-mesh IPSec tunnels pass through a black ("unsecure") network (B-NET) to any red ("secure") networks (RNETs). These are needed in military environments, because they enable dynamically changing R-NETs to be reached from a BNET. A dynamically reconfiguring security policy database (SPD) is very difficult to manage, since the R-NETs are mobile. This paper proposes advertisement process technologies in association with the tunnel gateway's protocol that sends 'hello' and 'prefix advertisement (ADV)' packets periodically to a multicast IP address to solve mobility and security issues. We focus on the tunnel gateway's security policy (SP) adaptation protocol that enables R-NETs to adapt to mobile environments and allows them to renew services rapidly soon after their redeployment. The prefix ADV process enables tunnel gateways to gather information associated with the dynamic changes of prefixes and the tunnel gateway's status (that is, 'down'/restart). Finally, we observe two different types of performance results. First, we explore the effects of different levels of R-NET movements on SP adaptation latency. Next, we derive the other SP adaptation latency. This can suffer from dynamic deployments of tunnel gateways, during which the protocol data traffic associated with the prefix ADV protocol data unit is expected to be severe, especially when a certain tunnel gateway restarts.

• The Journal of Information Systems
• /
• v.22 no.4
• /
• pp.49-69
• /
• 2013

Recently, enterprises have reinforced security control in order to prevent infringement of personal information and abuse of customer information by insiders. However, the reinforcement of security control by enterprises makes it difficult for internal users to perform business by using a business information system. There is, therefore, a need for research on various fields, which makes it possible to establish an appropriate security control policy while minimizing an impact on business. The present research verifies and analyzes an impact on difficulty in business of internal users using customer information, which is caused by security control performed by display restriction on customer information identifiers. The present research is intended to academically develop a technique for statistically analyzing an impact degree and a causal relationship between security control and an impact on business, which is a dichotomous variable, and to practically contribute to the establishment of an efficient security policy in consideration of an impact on business when an enterprise applies security control. A research target was internal business information systems of domestic securities enterprises, data was collected by questionnaire, and verification/analysis was performed by logistic regression analysis.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2002.11a
• /
• pp.72-81
• /
• 2002

Management for security product and application is becoming more difficult because they became more specialized. Most of research is focused on combining policies for information security management policy, security standard, and security tools. However, there are no researches for total solution for both application and security policy. Thereby, the purpose of this research is to propose a remote integrated management system based on linux. The system could efficiently manage data update for application and policy update for a server supporting the distinct configuration of each server. By using the remote integrated management system, system manager with poor secure knowledge also could easily manage their system securely.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2002.11a
• /
• pp.72-81
• /
• 2002

Management for security product and application is becoming more difficult because they became more specialized. Most of research is focused on combining policies for information security management policy, security standard, and security tools. However, there are no researches for total solution for both application and security policy. Thereby, the purpose of this research is to propose a remote integrated management system based on linux. The system could efficiently manage data update for application and policy update for a server supporting the distinct configuration of each server. By using the remote integrated management system, system manager with poor secure knowledge also could easily manage their system securely.

• The KIPS Transactions:PartC
• /
• v.8C no.6
• /
• pp.711-720
• /
• 2001

An enlarging a scale of logical domain organizing Internet, security policy association among entities become complicated. Establishment and control of security policies for each system is a hard problem to solve because of the environment and composite factors with variable properties. In this paper, to solve this actual problems, we orgainze a hierarchical structure of network and than we design the structure of database to apply security policies for secure communication. This enables efficient management of security data and association of security policy by using designed data structure between different domain in hierarchical structure with make secure communication possible.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.101-110
• /
• 2011

Recently, an attack to an application incapacitates the intrusion detection rule, the defense policy for a network and database and induces intrusion incidents. Thus, it is necessary to study integration security to ensure the security of an internal network and database from that attack. This article is about building an integration security system to prevent an attack to an application set with intrusion detection rules. It responds to network-based attack through detection, disperses attack with the internal integration security system through virtual clustering and load balancing, and sets up defense policy for attacking destination packets, analyzes and records attack packets, and updates rules through monitoring and analysis. Moreover, this study establishes defense policy according to attacking types to settle access traffic through virtual machine partition policy and suggests an integration security system applied to prevent attack and tests its defense. The result of this study is expected to provide practical data for integration security defense for hacking attack from outside.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.5
• /
• pp.2718-2731
• /
• 2019

Conjunctive keyword search encryption is an important technique for protecting sensitive data that is outsourced to cloud servers. However, the process of searching outsourced data may facilitate the leakage of sensitive data. Thus, an efficient data search approach with high security is critical. To solve this problem, an efficient conjunctive keyword search scheme based on ciphertext-policy attribute-based encryption is proposed for cloud storage environment. This paper proposes an efficient mechanism for removing the secure channel and resisting off-line keyword-guessing attacks. The storage overhead and the computational complexity are regardless of the number of keywords. This scheme is proved adaptively secure based on the decisional bilinear Diffie-Hellman assumption in the standard model. Finally, the results of theoretical analysis and experimental simulation show that the proposed scheme has advantages in security, storage overhead and efficiency, and it is more suitable for practical applications.

• Convergence Security Journal
• /
• v.15 no.4
• /
• pp.27-33
• /
• 2015

In this paper, the development level of information security technology for internet of things(Iot), big data and clo ud services is analyzed, and the detail policy is proposed to be leader in area of patents and ICT standard. The conc ept of ICT convergence is defined frist, market and current state of technology for three convergence services is the n analyzed, and finally main function and security target for each technology are presented. The evaluation criteria a nd IPR are analyzed to diagnose the level of patent and standard for the technology. From the results, even though the domestic competence is inferior compared to other advanced country, the efficient policy should be presented by using our capability for the big data and cloud. Furthermore, the technology development for the IoT and cloud is ne eded in advance considering the market-technology influence effects. In addition to, M2M security framework in IoT, data security in big data and reliable networking in cloud should be developed in advance.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.39-54
• /
• 2022

Recently, the importance of collecting, analyzing, and real-time sharing of various cybersecurity data has emerged in order to effectively respond to intelligent and advanced cyber threats. To cope with this situation, Korea is making efforts to expand its cybersecurity data sharing system, but many private companies are unable to participate in the cybersecurity data sharing system due to a lack of budget and professionals to collect cybersecurity data. In order to solve such problems, this paper analyzes the research and development trends of existing domestic and foreign cyber security data sharing systems, and based on that, propose a cybersecurity data sharing system model with a hierarchical structure that considers the size of the organization and a step-by-step security policy that can be applied to the model. In the case of applying the model proposed in this paper, it is expected that various private companies can expand their participation in cybersecurity data sharing systems and use them to prepare a response system to respond quickly to intelligent security threats.