• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.3
• /
• pp.33-54
• /
• 2016

In the modern society based on information and communication, which is exposed to the risks of a lot of information security breaches, corporate information assets may be an economical scale in a country. Most of damages derived from corporate technological information leak often occur in small and medium corporations. Although many information security managers in corporations have focused on certification systems such as information security management system, small and medium corporations are poorly aware of the information security, and their environments surrounding it should be also improved. In addition, it is difficult to expect spontaneous participations in it, since the sustainable information security management systems are often not forced to be certified. Thus, the purpose of this study is to examine plans to improve small and medium corporations' technological protections by using some component of the information security management system. On the basis of this examination, it also attempts to discuss some methods for effective and efficient information security in the small and medium corporations' technological protections.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.3
• /
• pp.53-62
• /
• 2015

Recently, number of tablet or Smartphone users increased significantly in domestic and around the world. But violation of personal information such as leakage, misuse and abuse are constantly occurring by using mobile devices which is very useful in our society. Therefore, in this paper it will talk about the problems in the network environment of the mobile environment such as tablet and Smartphone, Mobile Malware, hacking of the public key certificate, which could be potential threat to mobile environment. This thesis will research for people to use their mobile devices more reliable and safer in mobile environment from invasion and leakage of personal information. In order to use Smartphone safely, users have to use Wi-Fi and Bluetooth carefully in the public area. This paper will research how to use App safely and characteristic of risk of worm and Malware spreading. Because of security vulnerabilities of the public key certificate, it will suggest new type of security certification. In order to prevent from the information leakage and infect from Malware in mobile environment without knowing, this thesis will analyze the improved way to manage and use the mobile device.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.3
• /
• pp.121-129
• /
• 2010

For the development of software industry, offers an expanded software authentication scheme caused by the unauthorized copying of software is to reduce the damage to software developers, retail sales and to promote the development of the software industry was studied. Serial Number of the current software registration is conducted in such a simple verification procedure if the Serial Number only illegal and can be installed on multiple computers, such as program code to allow third parties to enter the Serial Number, or the extract can be used without is a reality. The proposed extension to the software authentication system when you install the software, my phone authentication and MAC Address Authentication Service introduced to distinguish normal user, the user of the MAC Address of the server and software development company that was sent to the registered MAC Address of the computer to be run only by the use of genuine software and to make unauthorized copies of software generated by the software developer can reduce the damage of the proposed plan.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.2
• /
• pp.95-104
• /
• 2020

Bribery is one of the world's most destructive and challenging issues. Yet despite efforts on national and international levels to tackle bribery, it remains a significant issue. Recognizing this, ISO has developed a new standard to help organizations fight bribery and promote an ethical business culture, which is "ISO 37001 - Anti-bribery Management Systems" in 2016. ISO 37001 can provide the tools and systems to greatly reduce the risk and help organizations deal with it effectively if it does arise. It is a flexible tool, which can be adapted according to the size and nature of the organization and the bribery risk it faces. After enforcing the Improper Solicitation and Graft Act, Korean government standardized ISO 37001, one of the Business Ethics of Global Standard, harmonizing International Standards into Korean Industrial Standards (KS) in 2017. It is meaningful in that Korean companies have localized regulation which applies to global standard anti-bribery management systems. Only about 100 organizations, however, have adopted ISO 37001 so far. The primary purpose of this paper is to examine the expectation and awareness of ISO 37001. Results show that still many organizations lack of awareness of ISO 37001 and it is implicated that much promotion and education will be necessary. This study has originality and value in that it can provide the guidelines for activation of ISO 37001.

• Journal of The Korean Digital Architecture Interior Association
• /
• v.9 no.2
• /
• pp.25-33
• /
• 2009

So far we have investigate and analyzed the actual conditions of building maintenance in Korea and compared the building maintenance laws and systems between Korea and other countries. Now, based on the results from such comparison and analysis, this study proposes the following ideas for improvement: 1) As we can learn from domestic and foreign case studies, in the existing built-up areas becoming obsolete, many building owners remodel their buildings illegally in reaction to current economic and social changes. Therefore, for efficient maintenance of buildings, it is required to improve building maintenance systems by formulating information about inspection items, inspectors, supervisors, inspection costs and intervals of reporting results, depending on how large the buildings are and what they are used for. 2) In addition, to ensure the success of a building maintenance system, it is necessary to keep and manage a history of building maintenance thoroughly and introduce a certification program which gives an appropriate grade to maintenance performance and commits the government to expand their public roles and supporting policies, as widely used in some foreign countries. Further, in keep the building maintenance system secure, there should be a nationwide consensus as well as a favorable evaluation from building owners and manager, and all related people.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.1
• /
• pp.69-78
• /
• 2015

Internet of Things(IoT) is electronic devices and household appliances use wireless sensor network in environment of high speed wireless network and LTE mobile service. The combination of the development of Internet and wireless network led to development of new forms of service such as electronic devices and household appliances can connect to the Internet through various sensors and online servers such as a Home Network. Even though Internet of Things is useful, there are problems in Internet of Things. In environment of Internet of Things, information leakage could happens by illegal eavesdropping and spoofing. Also illegal devices of wireless communication interference can cause interfere in Internet of things service, physical damage and denial of service by modulation of data and sensor. In this thesis, it will analyze security threats and security vulnerability in environment of mobile services and smart household appliances, then it will suggest plan. To solve security issues, it is important that IT and RFID sensor related companies realize importance of security environment rather than focus on making profit. It is important to develop the standardized security model that applies to the Internet of Things by security-related packages, standard certification system and strong encrypted authentication.

• Journal of Digital Convergence
• /
• v.13 no.2
• /
• pp.141-151
• /
• 2015

As smartphone penetration increases are mobile payments service are expanding. Mobile Commerce software market is trend that is soaring. Accordingly, high reliability Mobile Commerce request of high quality are enlarged. And The greater amount of data is going to be more mobile commerce market situation is also gradually increased. In this paper, I surveyed and analysed the general trend and test/certification trend of mobile commerce software, and developed the mobile commerce software quality evaluation metrics base on ISO/IEC 9126 and ISO/IEC 12119, the standard about the quality evaluation.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.2
• /
• pp.71-80
• /
• 2010

This thesis is purposed on developing security product co-evaluation statistics administrate program which is can administrate or analysis CC accreditation product using by DEVS modeling via portal site of member of CCRA. Via developing security product evaluation statistics administrate program, it can analysis the trend of all countries of the world in many ways, and noticed the ways of evaluation and accreditation of most countries via scheme analysis. Except this, it can analysis the situation of accreditation trend of any countries via data analysis of ICCC 2009. Also, For trend analysis to evaluation technique of CCRA member, it analyzed up to date technology and policy of the evaluation organization and the Certification Authority of most countries. And it peformed analysis the most trend of information security of evaluation authorization in CCRA member countries. In this program, It provide the function of trend statistics analysis which can statically analyzed the evaluation accreditation trends of most countries and automatical statistics by categorization ( by Product, Class and statistics in national) and report creation functions which can easily extraction and use the needed data. It has been updated the related informations until latest accredited product using by CC(Common Criteria) portal home page's data.

• Journal of Digital Contents Society
• /
• v.14 no.2
• /
• pp.179-189
• /
• 2013

With the rapid development of information technology in 21st century, networks are being used with various devices. Most human actions are processed through cyber space, and it is no longer separate from daily life; it has changed into one of the most important aspects of human life. Unfortunately, in cyber space, certification method has not only technical problems, but also ethological problems. Many users seemed to use the same password throughout several sites. And for a long period they refused to change it or made a small change from the earlier password. This research aims to discuss general factors of choosing and using passwords within information security through statistical analysis.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.12
• /
• pp.1256-1262
• /
• 2012

Mobile ad hoc networks (MANETs) are infrastructure-less, autonomous, and stand-alone wireless networks with dynamic topologies. Recently, cluster-based ad hoc networks which enhance the security and efficiency of ad hoc networks are being actively researched. And routing protocols for cluster-based ad hoc networks are also studied. However, there are few studies about secure routing protocols in cluster-based ad hoc networks. In this paper, we propose secure routing protocol for cluster-based ad hoc networks. We use Diffie-Hellman key agreement, HMAC, and digital signature to support integrity of routing messages, and finally can perform secure routing.