• Journal of the Korea Society of Computer and Information
• /
• v.21 no.11
• /
• pp.79-83
• /
• 2016

In this paper, we define four levels of analysis, design, implementation, and testing of the configuration of the development phase by S/W development life cycle. In particular, it dealt with the stage of the analysis phase to prepare an information system developed intensively. Details of the derivation of the information security requirements, it can be seen that comes from the perspective of confidentiality, integrity, availability and accountability, etc. It dealt with from the first manifestations of the projects planning to final planning to establish information security in activities of the Information Security requirements. As an example exhibited by assessing the information security analysis phase activities of S corporations, it can be seen that the improved sales rise in information security activities.

• Proceedings of the KAIS Fall Conference
• /
• 2011.12a
• /
• pp.299-302
• /
• 2011

본 논문에서는 현 정부 들어 정보통신부 폐지에 따른 전체 IT의 경쟁력이 어느 정도 변화가 있었는지에 대해 논하고자 한다. 이를 정부부서 변화 및 부처 간 예산의 변화, 주요 IT 경쟁력지수현황, IT수출입, R&D IT 부문 성과와 정보통신부 부활에 대한 의견의 순으로 살펴보고자 한다. 또한 이를 토대로 IT정책이 어찌 변해야 하는지에 대해 논하고자 한다.

• The Journal of Society for e-Business Studies
• /
• v.19 no.2
• /
• pp.109-124
• /
• 2014

As the emerged importance and awareness for information security, It is being implemented by each industrial sector to protect information assets. In this paper, we analyze the information security checklists or security ratings criteria to derive similarity and difference in context which used to knowledge network analysis method. The analyzed results of all checklists (ISMS, PIMS, 'FSS', 'FISS', 'G') are as follows : First, It is common factors that the protection of information systems and information assets, incident response, operations management. Second, It deals with relatively important factors that IT management, the adequacy of audit activities in the financial IT sector including common factors. Third, the criteria of ISMS contains the majority of the contents among PIMS, 'FSS', 'FISS'and 'G'.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.439-440
• /
• 2009

본 연구는 IT서비스관리체계의 기술수준과 IT서비스 관리 프로세스 성숙도 정도가 IT 아웃소싱 성과에 미치는 영향을 통계적으로 유의한 분석을 통해 객관적인 결과를 제시함으로써 기업에 IT 서비스의 SCM에 대한 의식 수준 강화와 IT서비스 관리 프로세스의 중요성을 인식 시켜 주고, 이것이 고객만족과 SLA의 성과에 영향을 주고 있음을 시사하고 있다.

• Journal of the Korean Home Economics Association
• /
• v.43 no.2
• /
• pp.175-189
• /
• 2005

This study analyzed the degree of demand for genetically modified organisms(GMOs) to provide the basic information for consumers' reasonable purchase decision making and their right to know about GMOs. Based on the (Ed-there are no study results above) study results, the following suggestion were made. First, throughout the survey, it was found that those consumers who participated had a high level of perception on the harm of GMOs. Therefore, reliable organizations such as government agencies are required to present the results of safety tests and formulate plans related to the safety of GMOs. Second, the average score on consumers' level of consumer knowledge on GMOs was very low, being 1.68 out of a possible 8 points. Third, since women and housewives engaged in dietary habits and food had high demand for information on GMOs, it is necessary to provide women with information on GMOs. Fourth, since it is difficult to confirm the presence or absence of GMOs. in rapidly increasing demand for fast-food, it is necessary that consumers be provided with relevant information and make a reasonable judgement in purchasing food. Fifth, it is necessary to provide detailed regulations and measures for concrete contents and directions of information on GMOs. Sixth, it is necessary to provid information on GMOs from the commercial sources of information that are most preferred by consumers.

• Proceeding of Spring/Autumn Annual Conference of KHA
• /
• 2008.04a
• /
• pp.231-234
• /
• 2008

Each corporation isn't consistent because of offering specific information for publicity. It spends considerable labor force and time surfing of the material information and choosing need material. That's the reason it's different with material information and choice system between production and marketing corporation. Among lots of material information, some of them are used by offering material information simplify. So it is demanded necessity of reasonable material choice system. That system helps it choose a material more easily. So we studied about the information retrieval system of reasonable material choice through the study about assortment system of material information and material choice method. It's the basic study for the suggestion of reasonable material choice system. According to this study, if that system is suggested and realized, we can overcome from the system of typical and repeatable at every course of architecture during several times. It will be helpful to increase about the productivity of architecture as the minimization of time, labor, resource and cost for the material choice.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.2
• /
• pp.233-245
• /
• 2010

This paper proposes security architecture, security audit framework, and audit check item. These are based on the security requirement that has been researched in the information system audit. The proposed information security architecture is built in a way that it could defend a cyber attack. According to its life cycle, it considers a security service and security control that is required by the information system. It is mapped in a way that it can control the security technology and security environment. As a result, an audit framework of the information system is presented based on the security requirement and security architecture. The standard checkpoints of security audit are of the highest level. It was applied to the system introduction for the next generation of D stock and D life insurance company. Also, it was applied to the human resources information system of K institution and was verified. Before applying to institutions, system developers and administrators were educated about their awareness about security so that they can follow guidelines of a developer security. As a result, the systemic security problems were decreased by more than eighty percent.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.11
• /
• pp.75-84
• /
• 2018

Social engineering attack means to get information of Social engineering attack means to get information of opponent without technical attack or to induce opponent to provide information directly. In particular, social engineering does not approach opponents through technical attacks, so it is difficult to prevent all attacks with high-tech security equipment. Each company plans employee education and social training as a countermeasure to prevent social engineering. However, it is difficult for a security officer to obtain a practical education(training) effect, and it is also difficult to measure it visually. Therefore, to measure the social engineering threat, we use the results of social engineering training result to calculate the risk by system asset and propose a attack graph based probability. The security officer uses the results of social engineering training to analyze the security threats by asset and suggests a framework for quick security response. Through the framework presented in this paper, we measure the qualitative social engineering threats, collect system asset information, and calculate the asset risk to generate probability based attack graphs. As a result, the security officer can graphically monitor the degree of vulnerability of the asset's authority system, asset information and preferences along with social engineering training results. It aims to make it practical for companies to utilize as a key indicator for establishing a systematic security strategy in the enterprise.

• Journal of Information Technology Services
• /
• v.8 no.4
• /
• pp.87-101
• /
• 2009

The current information system audit merely inspects a web based information system by focusing on checking items that are extracted from structured and information engineering model and object-oriented component model. As a result, the checking item of web contents and design is inadequate. This paper aims to extract audit framework in order to strengthen the audit of web contents and design during the development of the web based information system and to suggest checking items based on audit framework. For this, the web development process and web site evaluation model were studied, compared, and analyzed with the current information system development audit. From a result of the survey, it was found that the adequacy of the suggested audit framework and audit checking items is above the average value. It is believed that the suggested audit framework is helpful for the audit of web based information system.

• Journal of Information Science Theory and Practice
• /
• v.7 no.2
• /
• pp.54-64
• /
• 2019

A theory of public knowledge is offered for the purposes of defining more clearly its role in information systems and classification schemas. Public knowledge is knowledge intended to be available for use in a public system. It is knowledge accessible to the public or knowledge in the public arena as opposed to the other seemingly multitudinous ways to describe knowledge. Furthermore, there are many different public arenas or small worlds. Public knowledge, irrespective of these different arenas, has four important overlying characteristics: It is consensual, it does not imply complete truth or certainty, it is autonomous, and it has a constant renewal of old knowledge with new knowledge. Each of these attributes has been culled from a study of the works of Patrick Wilson, Karl Popper, and John Ziman.