• Korean Security Journal
• /
• no.36
• /
• pp.7-28
• /
• 2013

In Korea, the size of the private security industry has grown rapidly since the enactment of the Security Business Act in 1976. Unfortunately, the quantitative development has not been accompanied by the comparable qualities, and this shortcoming can be attributed to different unethical incidents caused by the private security officers. This study examined the causal relationship between the organizational characteristics according to the organizational ethics and the organizational citizenship behavior to provide suggestions to promote the ethics of the private security officers, and ultimately play the role of a theoretical foundation for the qualitative advancement of the industry. Private security officers in Seoul and the Gyeonggi province in Korea were studied by using the purposive sampling method and the following results were obtained. First, except for the altruism factor, the levels of organizational ethics perceptions and organizational citizenship behavior of the subjects were relatively high. Moreover, organizational characteristics had a positive partial effect on organizational ethics and organizational citizenship behavior. Furthermore, organizational ethics partially affected organizational citizenship behavior in a positive way, and organizational ethics had a partial mediation effect between organizational characteristics and organizational citizenship behavior. With the results of the analyses, development and management of the ethics training and programs and promoting the ethics among the executives were recommended as a future direction.

• Korean Security Journal
• /
• no.30
• /
• pp.33-60
• /
• 2012

False alarm of Electronic security causes various serious side effects such as decrease of electronic security guard's morale caused by unnecessary mobilization, increase of fatigue caused by workload increase, increase of electronic security company owner's management burden and decrease of electronic security service utilization rate caused by customer's distrust. Therefore, the study considered the Korean regulation related with false alarm of electronic security and proposed actual status of false alarm and measure for it. The study proposed systematic resolution assignments and political assignments in relation with the measure for false alarm. Systematic resolution assignments are as follows. First, electronic security company should construct electronic security system accurately from the initial step of security consulting and security planning related with target facility. Second, it is necessary to encourage installation and operation of video monitoring system. Third, sensor wiring should be separated. Fourth, the measures for false alarm depending on main system causes should be prepared. It is necessary to encourage the installation of 'arming disarming alarm sound' generator. In addition, the measures for false arm depending on the characteristics of sensor should be prepared and standardized. Fifth, system maintenance should be reinforced. Political assignments related with the measures for false alarm are as follows. First, it is necessary to reinforce education & training. Individual nurturing & education process should be run by electronic security company or the education focusing on the measure for false alarm should be performed in job training defined in "Security Industry Act". Second, it is necessary to establish and reinforce legal regulation and establish device. If police authority standardizes the documents related with false alarm, provides their forms and requires them for periodical reports or documents, it is expected that good measures for false alarm will be prepared on the basis of actual data in the future. Third, cooperation organization to discuss the measures for false alarm like 'Conference for False Alarm of Electronic Security' should be organized and operated. Fourth, interest and role of electronic security company and electronic security supervisor should be enlarged.

• Convergence Security Journal
• /
• v.15 no.3_2
• /
• pp.77-82
• /
• 2015

IT convergence has been approached from national strategic dimension with an aim to drive forward technology development and industrial advancement in other fields by taking the IT to the next advanced level, and has been the focus of intensive investment of research resources. Against this backdrop, IT convergence has emerged as a cutting-edge convergence industry that helps spur development of new growth engine being pushed forward at inter-ministerial level, as well as help turn the mainstay industries into high value-added industries and create new IT industry. Health-related convergence services have shifted its focus towards the exercise/sports and rehabilitation-oriented entertainment experiential industry away from conventional disease prevention and control-centric treatment/therapy technology industry. Thus, this study was intended to examine the trends of IT convergence technological development related to health exercise and present recommendation on the future course for development of major technologies and advancement of convergence industry, given the importance assigned to IT convergence.

• Knowledge Management Research
• /
• v.16 no.4
• /
• pp.35-45
• /
• 2015

Fintech, which means the convergence of finance and information technology, becomes a hot topic in the financial sector. Through innovative activities on financial services, ICT(Information and Communication Technology) is integrated into the overall financial industry, and a new form of financial services could be expected to improve the existing financial system. On the other hand, fintech services are relatively vulnerable to security issues. Due to the process simplication and the channel fusion, the leakage of personal and financial informations, authentication bypass, phishing, and pharming are getting more concerned. In this study we investigated the security risk of fintech services in the viewpoints of service provider, technology adoption, and security policy. The possible countermeasures to reduce those risks are suggested because security is an important criterion for selecting financial services. This study basically offers quantification of the potential security risks and step-by-step control measures about business processes in the fintech services. The suggested security model includes user authentication, terminal security, payment information protection, API(Application Programming Interface) security, and abnormal transaction monitoring. This study might contribute to an understanding of the security risks and some possible measures for mitigating those risks on the practical perspective.

• International Journal of Advanced Culture Technology
• /
• v.10 no.4
• /
• pp.1-7
• /
• 2022

The purpose of this study is to review the appropriateness of deploying private security guards using SMS emotional language analysis at the current assembly and demonstration sites, which rely only on the police force, and to suggest a plan. Therefore, it is intended to contribute to suppressing the problems at the assembly and demonstration sites and present a new paradigm for responding to the assembly and demonstration sites based on the study's results. First, it is necessary to prepare a legal basis for the deployment of private security guards in the 'Security Services Industry Act' and 'Assembly and a Demonstration Act'. Second, there is a need for a 'security company selection criteria' for selecting security companies with a lot of experience, such as collective civil petition sites and security for national critical facilities (special security services). Third, it is necessary to prepare financial resources for the deployment of private security guards. This study is expected to serve as a new cornerstone for effective management of assembly and demonstration sites through mutual complementation of the police and private security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.561-575
• /
• 2023

The information security industry has seen a wide variety of growth over the past few decades. In particular, various solutions have been proposed in terms of technology, management, and institutional aspects. Nevertheless, it should be notedthat security accidents continue to occur every year. This proves that there are limitations to various business changes in the digital era as existing security is being promoted with technology-oriented and prevention-oriented policies. Thus, people-centric security (PCS) has recently become a hot topic in order to escape the limitations of traditional securityapproaches. Through the concept of information security violations, PCS strategic principles, and expert interviews, this studyaims to present a fundamental security incident response plan by classifying human-caused vulnerabilities into 5 categories and classifying them into 21 detailed components.

• Korean Security Journal
• /
• no.59
• /
• pp.133-159
• /
• 2019

The free semester system, introduced on a trial basis in 2013, has been fully implemented in all middle schools since 2016. The free semester system for middle school students is divided into subject activities and free semester activities with the purpose of students' dream and career exploration. While the activities of various vocational groups linked to subjects during the free semester are discussed, studies on the industrial security career education in middle schools are hard to find. In addition, the career sites that provide diverse information on career path for teachers, students and parents with support from the Ministry of Education have not established any program regarding industrial security. This study aims to look at the status of career education by the analysis of keywords for industrial security in the career experience network currently operated by the Ministry of Education and in-depth interview with career education teachers, students and parents, and industrial security experts. Based on such analysis, this study attempts to figure out a comprehensive understanding of the free semester system and to explore strategies for promoting industrial security education. The results of this study found that the activation plan for industrial security education requires the industry security education through career network, development of industrial security education program, training and placement of professional industrial security lecturer, and establishment of support systems for experience in industrial security.

• Journal of Internet Computing and Services
• /
• v.8 no.1
• /
• pp.87-98
• /
• 2007

Recently, some reliability problems are notified on the information security industry survey due to the differences of survey purpose, criteria and methodology among the pursuing organizations. This paper firstly identifies the issues of survey methodologies which are currently applied in the information security industry, and then proposes a business outlook survey system which can be adapted in various domain, even in effectively. The proposed system may be applied in surveys of the business outlook, supply and demand, and difficulty factor, with a co-operative database, Especially, it would be utilized as a great tool when the survey is conducted in repeatedly.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.663-664
• /
• 2009

OWASP에서 발표한 2007년 웹 애플리케이션 취약점 중 하나인 XSS 공격이 사용자 브라우저에서 스크립트를 실행하게 함으로써 사용자의 세션을 가로채거나 웜을 업로드하여 악성코드를 삽입하는 공격이다[2]. 하지만 많은 XSS 방어 기법에서는 단순 스크립트 우회기법과 강제적인 스크립트 차단 방법을 채택하고 있다. 또한 강제적인 XSS 필터 적용으로 과탐지로 인한 정상적인 웹 페이지가 출력 되지 않는 사례가 나타나고 있다. 따라서 본 연구는 효율적인 정규식을 이용하여 XSS 공격 특징을 분석하여 특징점들을 추출하고 이 특징점들을 기반으로 특정한 규칙을 가진 문자열들을 모든 문자가 유효한지 확인할 수 있는 정규식 표현 방법을 이용하여 다양한 응용프로그램에 적용할 수 있는 기술을 연구하고자 한다. 또한 이를 기반으로 포털 사이트와 브라우저에서 제공하는 XSS 필터들과 비교하여 과탐지율 및 오탐지율 서로 비교하여 본 연구가 효율성 면에서 효과가 있는지 우위를 둘 것이며, 브라우저 벤더, 포털 사이트, 개인 PC 등 충분한 시험 평가와 수정을 통해서 응용할 수 있는 계기를 마련할 것이다

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.9
• /
• pp.464-472
• /
• 2017

In the ICT (Information and Communication Technology) convergence security environment, a lot of companies use an external public web system for the external disclosure and sharing of product information, manufacturing technology, service manualsand marketing materials. In this way, the web system disclosed on the Internet is an important aspect of cyber security management and has an always-on vulnerability requiringan information protection solution and IT vulnerability checks. However, there are limits to vulnerability detection management in anexternal environment. In this study, in order to solvethese problems, we constructed a system based on digital forensics and conducted an empirical study on the detection of important information in enterprises by using forensic techniques. It was found thatdue to the vulnerability of web systems operated in Korea and overseas, important information could be revealed,such as the companies' confidential data and security management improvements. In conclusion, if a system using digital forensic techniques is applied in response to theincreasing number of hacking incidents, the security management of vulnerable areas will be strengthened and the cyber security management system will be improved.