• Journal of the Korea Society of Computer and Information
• /
• v.20 no.8
• /
• pp.35-43
• /
• 2015

Recently, internal information leaks is increasing rapidly by internal employees and authorized outsourcing personnel. In this paper, we propose a method to integrate internal control systems like system access control system and Digital Rights Managements and so on through expansion model of SIEM(Security Information Event Management system). this model performs a analysis step of security event link type and validation process. It develops unit scenarios to react illegal acts for personal information processing system and acts to bypass the internal security system through 5W1H view. It has a feature that derives systematic integration scenarios by integrating unit scenarios. we integrated internal control systems like access control system and Digital Rights Managements and so on through expansion model of Security Information Event Management system to defend leakage of internal information and customer information. We compared existing defense system with the case of the expansion model construction. It shows that expanding SIEM was more effectively.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.285-291
• /
• 2022

With the growing exchange of data between individuals and institutions through various electronic communication, valuable data protection is in high demand to ensure that it is not hacked and that privacy is protected. Many security techniques, such as encryption and steganography, have emerged to prevent security breaches. The purpose of this research is to integrate cryptographic and steganography techniques to secure text message sending. The Rijndael algorithm was used to encrypt the text message, and the Least Significant Bit algorithm was also used to hide the encrypted message in a color image. Experiments on the suggested method have proven that it can improve the security of sent messages due to the human eye's inability to identify the original image from the image after it has been covered, as well as the encryption of the message using a password.

• Journal of Information Technology Services
• /
• v.22 no.4
• /
• pp.81-95
• /
• 2023

The emergence of Security Token has revolutionized the way assets are traded, bringing efficiency, transparency, and accessibility to the market. However, the Real Estate Security Token market faces challenges, particularly in terms of liquidity. The CMTO(Collateralized Mortgage Token Obligation) model addresses this issue by introducing a novel approach that combines the benefits of NFT(Non-Fungible Token), STO(Security Token Offering), and CMO(Collateralized Mortgage Obligation) techniques to enhance liquidity and promote investment in Real Estate Security Token. The CMTO framework functions by allowing DABS token investors to leverage their tokens as collateral for loans. These token-collateralized loans are pooled together and form the basis for issuing Sequential CMO named CMTO. The CMTO represent a diversified portfolio of token-collateralized loans, providing investors with options based on their financial goals and risk preferences. By implementing CMTO, the Real Estate Security Token market can overcome liquidity challenges, attract a broader range of investors, and unlock the full potential of digital assets in the real estate industry.

• Strategy21
• /
• s.44
• /
• pp.291-322
• /
• 2018

This research aims to cast light upon security characteristics of the Peace Line, which have been underestimated. To understand maritime order and maritime security policy of the Republic of Korea between 1950 and 1970, it is necessary to analyze the Peace Line as line of defence and to investigate its character This research begins with analyzation of historical facts and investigation on security characteristics of the Peace Line. It goes further to examination of legal justification of the Peace Line, which was one of international legal issues of the period, principally regarding its security characteristics. As results of the study, it could be said that the security characteristics of the Peace Line was the line of defensive waters, which set its goal mainly to prevent infiltration of communist spies. The Peace Line had practical effect as it functioned as a base line of the ROK Navy to take anti-spy operation. At the early phase of the Korea-Japan Negotiation, the Korea delegation interpreted significance of the Peace Line passively. After abrogation of Clark Line, the delegation, however, became positive to maintain the Peace Line and its security characteristics. Security characteristics of the Peace Line was recognized again, as it became the base line of special maritime zone which was made in 1972. Through analysis on international law, it is concluded that the Peace Line was fair as a part of the right of self-defense against indirect aggression. North Korea attempted indirect aggression mainly from sea way, and these might undermine peace and cause urgent and unjust damage on the ROK. Thus the ROK's action of anti-spy operation through the Peace Line can be justifiable as considering the right of self-defence. Also the Peace Line accorded with principles of necessity, immediacy and proportionality. As it was argued on the above, the Peace Line as line of defence was one of the most significant factor in the ROK's maritime security history from the Hot war against communist forces to Cold war period after Korean War and must not be underestimated.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.53 no.6
• /
• pp.69-79
• /
• 2016

If the security incidents are occurred then, the company concentrates on the quick reaction to security incidents, reports the reason of incidents, it's problem, the result of measure to the top management team. There will be the case that actively finding problems and taking it's actions with linking the internal problems whenever external security incidents are occurred or that having only interest of problems at the moment. It is important that lasting the preventing action to prevent security incidents than not concentrating on only the security incidents are occurred. To do this, the systematical and consistent method for this should be provided. In this paper, we will provide a security incident forecast system. The security incident forecast system updates the incident induction factor which helping to forecast the potential security incidents on the database inferred from the direct security incidents which are occurred inside the company as well as the indirect security incidents which are occurred outside the company and makes interact with the incident experience and the measure process systematically. The security incident forecast system is the efficient measure about the potential security incidents in taking precaution.

• Korean Security Journal
• /
• no.12
• /
• pp.245-269
• /
• 2006

The suggestions that follow are about the device to assure the effectiveness of administrational regulation and supervision in Korean private security. First, government clearance should be reinforced. For this it is necessary that the qualification for security dealer-careers and academic backgrounds with security etc.- should be elucidated in Security Law. Also it should be achieved to increase the capital fund and to keep security guards for insuring substitutional manpower. Second, after legal permission governmental supervision should be done in quality by means of setting up the competent institutions independently. Third, the punishment for obtaining security license mendaciously, carrying out illegal or unfair task and assigning Security Guard Supervisors expediently should be strengthened. Also to prevent expedient acts it is necessary to prescribe illegal or unfair acts in the concrete in Security Law and violators should be legally responsible. Fourth, to lay the foundation for security industry itself and make up for perfunctory governmental direct System for Professional License (of private security guard) should come into effect.

• Convergence Security Journal
• /
• v.16 no.6_2
• /
• pp.3-22
• /
• 2016

The purpose of this paper is to study ways to improve the welfare of private security guards. For this reason, it was analyzed the actual situation of the private security guards' wage and welfare system. As a result of the analysis, the most important factors that affect the wages and welfare system of private security guards was such as contracting costs, the minimum wage level, professional duties. In particular, a private security guards have been recognized as the most low-level professionalism sorted by the simple laborers standard classification. Wages of guards in accordance with this recognition is only about 47% of major company on average, about 80% of the small business average. If the proposed future improvements include: First, we need to improve the professionalism of a private security. Second, It is established a mutual-aid project about private security guards. Third, It shall regulate the wage of private security guards on Private Security Industry Act. Fourth, we should adopt a selective welfare system.

• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.25-32
• /
• 2020

In the midst of the rising need for Industrial Security experts, the development of National Competency Standards(NCS) with regards to industrial security is a very important and urgent task. The NCS standardizes university-level academic curriculum and qualification systems and connects them with the industry's needs. This study has extracted, classified and analyzed security-related jobs and tasks requiring security expertise that is required within NCS. Through this study, many tasks have been confirmed to require security competencies that are different from those in IT-security, physical security that already exist as a NCS tasks. It is expected that the industry's needs of industrial security expertise will be reflected in future NCS development, which will be used as basic data for systematizing industrial security jobs and competency.

• Journal of Korea Port Economic Association
• /
• v.30 no.1
• /
• pp.97-118
• /
• 2014

Recent accidents of customer information leakage increase the necessity of information security for organization and the importance of information security team for it. To strengthen information security, organizations make information security policy and ask the members to comply with it. In this regard, maritime organization also needs to structure information security policy and examine its ability and behavior. The purpose of this study is to analyze the effects of compliance with information security policy on the ability and behavior of workers in shipping and port organization. The results of investigation show that information security education and norm affect compliance with information security of the workers. On the contrary, the punishment of information security is insignificant. It is shown that the degree of compliance with information security significantly affects its ability and behavior of the workers in shipping and port organization.

• Information Systems Review
• /
• v.14 no.3
• /
• pp.131-141
• /
• 2012

Depending on the sophistication of IT, it is increasing more and more information leaks and breaches. Accordingly the majority of companies have expand investment protection for the information. However, companies still have been exposed the vulnerability of information leakage. Especially, small IT service businesses than large corporations relatively have some limitations in the points of resources and manpower business activities. For studies on information security for small IT service companies so far, however, there have been insufficient studies considering small business scales and business characteristics of IT services. In this study, we made to design an information security management model for establishing security measures of small IT service companies which are classified SI/SM, DB, IR and IP industry that depending on how the value creation of the business. In detail, we performed an empirical analysis for small IT service business to consider business characteristics and we proposed security implementation strategies based on the analysis results.