• Journal of Digital Convergence
• /
• v.16 no.6
• /
• pp.205-212
• /
• 2018

This Study aims to propose a new information security governance model design method for streamlining security governance at national strategic level. The research method of this study is to diagnose our operational experience and to derive a new model design method. In the meantime, national information security activities were perceived to be focused on knowledge transfer, and motivation of activities and securing of executive power were weak. As a result, security blind spots and frequent occurrence of large security incidents have become unresolved challenges. National cyber security governance should be grouped together as a whole systematically from the upper policy to the lower level of performance under the responsibility of the national leader. Based on this approach, this study presented the comprehensive framework of Korean security governance model and embodied it into four architectural designs such as vision, goal, process, and performance, thus deriving the foundation for future national governance model design. Further research is needed to diagnose problems in life cycle flow, security policies based on environmental changes, and new frameworks in which all subjects participate.

• Korean Security Journal
• /
• no.36
• /
• pp.177-200
• /
• 2013

As we enter a high industrial society that widens the gap between the rich and poor, demand for the security services has grown explosively. With the growth in quantitative expansion of security services, people have also placed increased requirements on more sophisticated and diversified security services. Consequently, market outlook for private security services industry is positive. However, Korea's private security services companies are experiencing difficulties in finding a direction to capture this new market opportunity due to their small sizes and lack of management-strategic thinking skills. Therefore, we intend to offer a direction of development for our private security services industry using a management-strategy theory and the Analytic Hierarchy Process(AHP), a structured decision-making method. A resource-based theory is one of the important management strategy theories. It explains that a company's overall performance is primarily determined by its competitive resources. Using this theory, we could analyze a company's unique resources and core competencies and set a strategic direction for the company accordingly. The usefulness and validity of this theory has been demonstrated as it has often been subject to empirical verification since 1990s. Based on this theory, we outlined a set of basic procedures to establish a management strategy for the private security services companies. We also used the AHP method to identify competitive resources, core competencies, and strategies from private security services companies in contrast with public companies. The AHP method is a technique that can be used in the decision making process by quantifying experts' knowledge and unstructured problems. This is a verified method that has been used in the management decision making in the corporate environment as well as for the various academic studies. In order to perform this method, we gathered data from 11 experts from academic, industrial, and research sectors and drew distinctive resources, competencies, and strategic direction for private security services companies vis-a-vis public organizations. Through this process, we came to the conclusion that private security services companies generally have intangible resources as their distinctive resources compared with public organization. Among those intangible resources, relational resources, customer information, and technologies were analyzed as important. In contrast, tangible resources such as equipment, funds, distribution channels are found to be relatively scarce. We also found the competencies in sales and marketing and new product development as core competencies. We chose a concentration strategy focusing on a particular market segment as a strategic direction considering these resources and competencies of private security services companies. A concentration strategy is the right fit for smaller companies as a strategy to allow them to focus all of their efforts on target customers in a single segment. Thus, private security services companies would face the important tasks such as developing a new market and appropriate products for such market segment and continuing marketing activities to manage their customers. Additionally, continuous recruitment is required to facilitate the effective use of human resources in order to strengthen their marketing competency in a long term.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1277-1286
• /
• 2013

Cloud computing's unique attributes such as elasticity, rapid provisioning and releasing, resource pooling, multi-tenancy, broad-network accessibility, and ubiquity bring many benefits to cloud adopters(company and organization), but also entails specific security risks associated with the type of adopted cloud and deployment mode. To minimize those types of risk, this paper proposed cloud computing security framework refered to strategic alliance model. The cloud computing security framework has main triangles that are cloud threat, security controls, cloud stakeholders and compose of three sides that are purposefulness, accountability, transparent responsibility. Main triangles define purpose of risk minimization, appointment of stakeholders, security activity for them and three sides of framework are principles of security control in the cloud computing, provide direction of deduction for seven service packages.

• Journal of Distribution Science
• /
• v.16 no.11
• /
• pp.29-36
• /
• 2018

Purpose - Research on community empowerment based on superior commodities to improve the economic resilience of the tourist village of Lumajang Regency is an investigative descriptive study to obtain an overview of the problems of community economic development, especially regarding economic resilience. The output of this research activity is the formation of integrated and comprehensive strategic programs and activities in order to improve economic empowerment and food security of the community around the tourist village. Research design, data, and methodology - This research method applies several methods of analysis such as the Loqation Quotion (LQ) method, SWOT analysis, Trend analysis, and analysis of Community Economic Empowerment in the agricultural sub-sector. Results - This research has strategic values and objectives in addition to providing important information to improve food security of tourism villages in Lumajang district in particular and disadvantaged communities in Indonesia in general. Through this supportive community economic empowerment programs, Lumajang District has an agricultural area and at the same time as a nature-based tourism area that supports it. Conclusion - Village tourism community empowerment activities are taken based on existing superior commodities. The existing tourism village program in Lumajang district can be used as one of the references for the upcoming tourism village program.

• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.83-91
• /
• 2010

Information security is a critical issue for national defense. This paper provides a result of a study on the countermeasures to the North Korean Asymmetric Strategy-'Cyber Surprise Attack'. After the attack on Yeonpyeong island, the North Korea threatened there will be more surprise attack to the South Korea. Based on the analysis of 'Stuxnet' cyber attack to Iran and China, the North Korean surprise attack may be 'Stuxnet'class cyber attack. This paper several strategic countermeasures in order to overcome the anticipated the North Korean cyber surprise attack.

• Proceedings of the IEEK Conference
• /
• 2006.06a
• /
• pp.297-298
• /
• 2006

In this paper, we propose a real-time surveillance system for security of important area such as military bases, prisons, and strategic infra structures. The proposed system recognizes the movement of objects in dark environments. First, the Multi-scale retinex (MSR) is processed to enhance the contrast of image captured in dark environments. Then, the enhanced input image is subtracted with the background image. Finally, each bounding box enclosing each objects are tracked. The center point of each bounding box obtained by the proposed algorithm provides more accurate tracking information. Experimental results show that the proposed system provides good performance even though an object moves very fast and the background is quite dark.

• Journal of Korea Society of Industrial Information Systems
• /
• v.8 no.1
• /
• pp.62-74
• /
• 2003

Information security becomes a critical attribute to corporate information systems as increased strategic an operational reliance on information systems. Current proliferation of password requires more attention on information security because its nature of external connection with password user makes information systems more vulnerable from various threats are an important element of information systems management. This study focused on two issues : (1) the relationships between risk management factors(asset, threat, vulnerability) and risk level affected by threat, (2) the relationships between risk level and key password characteristics(length, composition, lifetime, selection method).

• Convergence Security Journal
• /
• v.7 no.2
• /
• pp.27-37
• /
• 2007

Companies have to take agility against change of environment and build up the capacity of new value creation in today's management environment. Until now, there are so many management method for efficiency of management, rationality of management and IT (information technology) supported this method by integration of enterprise task and process automation. but company's competitiveness through the efficiency of management realized the limitations recently. so companies needs the new management method to raise core value of enterprise. This study applies strategy intelligence which is some part of Business Intelligence. We can identify the core value driver by using this method. and the core value driver is connected the KPI (key performance indicator) of processes in BPM (Business Process Management). This help the management of process focused on value driver. and some part of activity driver that effect the process performance can be use the Six Sigma method to strategic business process. This study first introduces the concept of Business Intelligence, Business Process Management and Six Sigma. and then efficient connection plan for value based strategic business process is introduces.

• Journal of Digital Convergence
• /
• v.14 no.7
• /
• pp.155-166
• /
• 2016

In accordance with the increase of the importance of information security, organizations are making continuous investments to develop policies and adapt technology for information security. Organization should provide systemized support to enhance employees' security compliance intention in order to increase the degree of organization's internal security. This research suggests security policy goal setting and sanction enforcement as a method to improve employees' security compliance in planning and enforcing organization's security policy, and verifies the influencing relationship of Theory of Planned Behavior which explains employee's security compliance intention. We use structural equation modeling to verify the research hypotheses, and conducted a survey on the employees of organization with information security policy. We verified the hypotheses based on 346 responses. The result shows that the degree of goal setting and sanction enforcement has positive influence on self-efficacy and coping efficacy which are antecedents that influence employees' compliance intention. As a result, this research suggested directions for strategic approach for enhancing employee's compliance intention on organization's security policy.

• Journal of Fashion Business
• /
• v.3 no.1
• /
• pp.81-92
• /
• 1999

The purpose of this thesis is to analyze the present conditions and problems of the Electronic Commerce, specially by the fashion companies that utilize the Internet and to propose using plans of Internet Electronic Commerce as a strategic method of fashion companies that have a information-oriented mind to adapt itself to modern century. On the basis of my analysis, I propose some using plans of Internet Electronic Commerce by the fashion companies as follows. As a means of construction method, it is need for the pertinent companies to have an information-oriented mind and then to construct the low-expense but high-speed communication Infrastructure. As an operation and management method, positive web site advertisements plans, such as promotion, using various mass media, subscribing to the Internet search engines and dissemination of products information, etc., are need for companies to attract the consumers to connect to the web site. Second, to offer more satisfactory experiences, it is need for companies to frame the integrated shopping mall as a strategic alliance in the management of shopping mall. To frame the integrated shopping mall is also effective in solving financial problems of shopping mall management and introducing of security system As a means of technology supplement, security management systems, such as SSL or SET, should be introduced for consumers to pay the price and furnish their personal informations. Second, new technology developments, such as the newest simulation programs using Virtual Reality to solve the problem of products' actual feeling, should be need for consumers to feel as they really put clothes on. If these technological developments are realized, fashionable products will be dealt in the Internet shopping mall as well and the marketability of Internet shopping mall will be expanded.