• The KIPS Transactions:PartC
• /
• v.9C no.6
• /
• pp.823-830
• /
• 2002

Enterprise security management system proposed to properly manage heterogeneous security products is the security management infrastructure designed to avoid needless duplications of management tasks and inter-operate those security products effectively. In this paper, we propose the model of generalized security policies. It is designed to help security management build invulnerable security policies that can unify various existing management infrastructures of security policies. Its goal is not only to improve security strength and increase the management efficiency and convenience but also to make it possible to include different security management infrastructures while building security policies. In the generalization process of security policies. we first diagnose the security status of monitored networks by analyzing security goals, requirements, and security-related information that security agents collect. Next, we decide the security mechanisms and objects for security policies, and then evaluate the properness of them on the basis of security goals, requirements and a policy list. With the generalization process, it is possible to integrate heterogeneous security policies and guarantee the integrity of them by avoiding conflicts or duplications among security policies. And further, it provides convenience to manage many security products existing in large networks.

• International Journal of Computer Science & Network Security
• /
• v.21 no.11
• /
• pp.111-118
• /
• 2021

The authors of the study highlight the conceptual foundations of the investment mechanism of innovation of enterprises in the context of strategic development. Such indicators of investment attraction for the enterprise as investment attractiveness, investment activity of the enterprise, critical mass of investments, minimum sufficiency of investments and others are singled out. It is proved that the balance of investment resources is facilitated by the action of the investment mechanism of innovation activity at the enterprise in the context of achievements of strategic development tasks. Investment processes and their intensification have an impact on the expansion of production capacity of economic entities in strategic development and on improving the efficiency of existing capacities. The investment mechanism of innovative activity at the enterprise in the context of achievement of tasks of strategic development contains system of complex actions which provides: definition of the clear purpose and tasks for the mechanism and achievement of the purposes of the enterprise; assessment of the investment potential of the enterprise; definition of tasks of innovative development of enterprises and investment resources necessary for this purpose, etc. The tasks of the investment mechanism of innovative activity at the enterprise in the context of achievements of tasks of strategic development and its economic, organizational and information components are singled out, as well as levers of influence and regulators of the investment mechanism of innovation in the enterprise.

• The Journal of Asian Finance, Economics and Business
• /
• v.8 no.8
• /
• pp.287-296
• /
• 2021

Stepping into the technological boom time, Vietnam has integrated into the trends of using Fintech applications as a new means of payment. This article evaluates the relationship between perceived security (including service security and platform security), knowledge, confirmation, perceived usefulness, satisfaction, attitude and lastly enterprise's images regarding the service and continuous intention to use Fintech services. The survey results of 352 Vietnamese customers using Fintech services, reliability test and extended post-acceptance model (EPAM) which is based on PAM and ECT models. From the survey, we further found out that perceived security (BSS) has no direct impact on continued intention to use, while perceived security (BSS) has positive impact on confirmation (CON), similarly, perceived usefulness (PU) and user's satisfaction (SES). Knowledge of the Mobile Fintech payment service (KNOW) has a positive impact on perceived security (BSS). Confirmation (CON) has a positive influence on perceived usefulness but in the meanwhile it has created a negative impact on user's satisfaction (SES). From the survey it can also tell that user's attitude (ATT) and enterprise image (IMG) both have a positive impact on continual intention to use Fintech services. From the research results, we also propose some recommendation to enhance the continual intention to use Fintech services in Vietnam.

• Korean Security Journal
• /
• no.29
• /
• pp.35-57
• /
• 2011

While demands on private securities have been increase, expectations on the service quality as compensation for the investment expensive is also rising. However, private security services are in situations of not satisfying various customer's needs owing to insufficient special manpower, capital, and skills in spite of expected high-quality services toward customers. Therefore, this study aims to find out the causality between private security enterprises and relationship characteristics, purchasing behaviors of customers, and then searching for a marketing strategy that can provide best services to the enterprises that are confronting to limitless competitive systems by grasping customer's needs and necessities. For achieving this goal, the study objected to shop employees using private security enterprises after diving Cheonan City of South Chungcheong Province into South, East and East, West, and then collected 236 persons by using the convenience sampling. Regarding to research tools, this study used questionnaire having been recomposed based on previous researches home and abroad, and frequency analysis, reliability analysis, factor analysis, correlation analysis, and regression analysis were carried out data was treated by treatments by using SPSS version 18.0 statistic package for treating the data. Through above research methods and procedures, results could be gotten same as followings. First, correlations between private security enterprise's relationship characteristics and purchasing behaviors showed positive (+) relations, and the latter was increased as much as relationship characteristics were high. Second, as the result of analyzing correlations between private security enterprise's relationship characteristics and purchasing behaviors, reputation, physical features, and communication affected influences to word of mouth activities. Third, reputation and communication affected to repeated purchasing behaviors as the result of analyzing private security's relationship characteristics and repeat purchasing behaviors.

• Journal of Information Processing Systems
• /
• v.2 no.3 s.4
• /
• pp.170-177
• /
• 2006

Recently, RFID technology has attracted considerable attention in many industry fields. The RFID environment requires a standard architecture for the smooth exchange of data between heterogeneous networks. The architecture should offer an efficient standard environment, such as a communication environment based on Web Services, PKI or Kerberos-based security, and abstract business processes which could be used in the diverse domains. Therefore, in this paper, we propose an Enterprise Application Framework (EAF) which includes a standard communication protocol, security functions, and abstract level business processes. The suggested architecture is expected to provide a more secure and flexible security management in the dynamic RFID application environments, and is expected to provide an abstract business event for the development of business processes which could apply RFID technology to the existing systems.

• Journal of information and communication convergence engineering
• /
• v.18 no.1
• /
• pp.39-48
• /
• 2020

Information-security management systems (ISMSs) are becoming very important, even for micro, small, and medium enterprises (MSMEs). However, implementing an ISMS is not an easy task. Many obstacles must be overcome, e.g., complexity, document tracking, competency management, and even changing cultures. The objective of our study is to provide ISMS application tools, based on ISO 27001:2013 ISM frameworks. The application was developed on the Odoo Open Enterprise Resource Planning platform. To validate its feasibility for future improvement, the application was implemented by an MSME company. For this implementation, information-security-related users gave their feedback through a questionnaire. The distributed feedback questionnaire consists of nine assessment parameters, covering topics from the application's technical aspects to users' experiences. Based on the questionnaire feedback, all users of the application were satisfied with its performance.

• Convergence Security Journal
• /
• v.13 no.1
• /
• pp.25-30
• /
• 2013

In this paper, the key performance index for advanced logistics is analyzed, and the specific requirements for the material flow IT services are proposed to improve the world competitiveness of the material flow industries and to implement the advanced logistics in Korea by survey research. The key performance index is classified into three types of efficiency, sustainability and economics, and two classes of enterprise and public for IT services are proposed. In addition to, for case studies, the survey analysis for the Pyeongtaek Port is performed to diagnose the material flow enterprise and to analyze the priorities of the IT services for Port's employee, trade enterprise, public service personnel, and local resident. From the results, to improve the productivity and efficiency of the enterprise, the secure the professional man-power and standardization are needed, and the automation, u-Port, green technology and material flow security for the IT services are required.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.109-121
• /
• 2002

As the development of information technology and thus the growth of security incidents, there has been increasing demand on developing a system for centralized security management, also known as Enterprise Security Management(ESM), uniting functions of various security systems such as firewall, intrusion detection system, virtual private network and so on. Unfortunately, however, developers have been suffering with a lack of related standard. Although ISTF recently announced firewall system and intrusion detection system log format, it still needs for truly efficient ESM further development of the related standard including event and control messaging. This paper analyses ISTF standard and further suggests an additional event and control messaging standard for firewall and intrusion detection systems. It is expected that this effort would be helpful for the development of ESM and further related standard.

• Journal of Information Technology Applications and Management
• /
• v.27 no.6
• /
• pp.89-99
• /
• 2020

Cloud computing is rapidly increasing for achieving comfortable computing. Cloud computing has essentially security vulnerability of software and hardware. For achieving secure cloud computing, the vulnerabilities of cloud computing could be analyzed in a various and systematic approach from perspective of the service designer, service operator, the designer of cloud security and certifiers of cloud systems. The paper investigates the vulnerabilities and security controls from the perspective of administration, and systems. For achieving the secure operation of cloud computing, this paper analyzes technological security vulnerability, operational weakness and the security issues in an enterprise. Based on analysis, the paper suggests secure establishments for cloud computing.

• Convergence Security Journal
• /
• v.15 no.4
• /
• pp.57-63
• /
• 2015

Development of IT technology, the rapid computerization of society has accelerated the digitization of the world's information. Then, the activation of the e-commerce is the collection of a number of sensitive information, storage, operational increased rapidly. Currently, the public sector, financial sector, the private sector has utilized a number of privacy. Accidents caused by leakage of information is a tendency to increase day by day. For a review of the problems of security and protection for such sensitive information, the need for easier support system it is required. This thesis suggests E-PIAMS(Enterprise-Privacy Impact Assessment Management System) applicable effectively in private sectors.