• Title/Summary/Keyword: Information Security Technology

Search Result 4,768, Processing Time 0.032 seconds

An Analysis of the Impact of the Characteristics of Corporate Information Security Systems upon Technology Acceptance Intention based on UTAUT - Focusing on the Moderating Effect of Innovation Resistance among Semiconductors Production Workers - (통합기술수용이론(UTAUT)을 기반으로 기업정보보호시스템의 특성요인이 사용자 기술수용의도에 미치는 영향 분석 - 반도체 제조 구성원의 혁신저항 조절효과를 중심으로 -)

  • Woogwang Jeon;Seungwoo Son
    • Journal of the Semiconductor & Display Technology
    • /
    • v.23 no.1
    • /
    • pp.36-47
    • /
    • 2024
  • The purpose of this study is to identify the factors that impact the user's intention to accept technology when Introducing new information security systems for the workers of a semiconductor company. The findings of this study were as follows. First, the factors of a company's information security systems, namely reliability, expertise, availability, security, and economic efficiency, all significantly and positively impacted performance expectations. Second, the performance expectation of introducing information security systems for a company significantly and positively impacted the intention to accept technology. Third, the social impact of introducing information security systems for a company had a significant and positive impact on technology acceptance intention. Fourth, the facilitating conditions for introducing a company's information security systems significantly and positively impacted technology acceptance intention. Fifth, as for the moderating effect of innovation resistance, the moderating effect was significant in the paths of [performance expectation -> technology acceptance intention], [social impact -> technology acceptance intention], and [facilitating conditions -> technology acceptance intention]. The implication of this study is that the factors to be considered when introducing information security systems were provided to companies that are the actors of their proliferation, providing the base data to lay the foundation for introducing security technologies and their proliferation.

  • PDF

A Study on Attack Pattern and Analysis System against SIP Signaling Message-based DoS (SIP 호 설정 메시지기반 서비스 거부 공격패턴 및 분석시스템에 관한 연구)

  • Ha, Do-Yoon;Kim, Hwan-Kuk;Ko, Kyoung-Hee;Lee, Chang-Yong;Kim, Jeong-Wook;Jeong, Hyun-Cheol
    • Annual Conference of KIPS
    • /
    • 2009.11a
    • /
    • pp.653-654
    • /
    • 2009
  • 인터넷전화의 활성화와 더불어 SIP 프로토콜의 사용이 증가하고 있다. 최근 DDoS 공격이 주요위협으로 이슈가 되고 있으며, 향후 SIP관련 서비스 대상 서비스 거부 공격 위협도 증가할 것으로 예상된다. 본 논문에서는 SIP 프로토콜의 특성을 이용한 SIP서비스 거부 공격들의 유형을 살펴보고, SIP 프로토콜의 특성을 이용한 서비스거부 공격 탐지를 위한 고려사항을 바탕으로 분석시스템 아키텍처를 제안한다. SIP서비스 거부공격의 유형은 분류 기준에 따라 다양할 수 있으나, 본 논문에서는 SIP 프로토콜의 특성을 이용한 공격 기법을 대상으로 한다. SIP서비스 거부 공격 트래픽 분석을 위해 정보수집, 정보분석, 정보관리 기능을 고려한다.

The Mitigation of Information Security Related Technostress and Compliance Intention (조직 내 정보보안 기술스트레스 완화와 준수의도)

  • Hwang, Inho;Hu, Sungho
    • The Journal of Information Systems
    • /
    • v.29 no.1
    • /
    • pp.23-50
    • /
    • 2020
  • Purpose As information management grows in importance around the world, organizations are investing in information security technology. However, the higher the level of information security technology in an organization, the higher the techno-stress of employees. The purpose of this study is to suggest stress factors related to information security technology that affect the reduction of employees' intention to comply with information security and to suggest ways to alleviate stress. Design/methodology/approach The research presented a model for mitigating technical stress related to information security based on technical stress theory and person-organization fit theory. 346 questionnaire data were analyzed from the members of the organization who applied the information security technology, and the research hypothesis was verified through the structural equation modeling. Findings The hypothesis test confirms that security-related techno-stress reduces the information security compliance intention of employees, organizational technical support mitigates technical stress, and person-organization fitness mitigates the negative relationship between techno-stress and compliance intention. The results of the study contribute to the organization's strategy for minimizing the reduction of the information security compliance intention of employees, and are meaningful in that the theoretical basis for mitigating techno-stress is provided in the field of information security.

Trusted Certificate Validation Scheme for Open LBS Application Based on XML Web Services

  • Moon, Ki-Young;Park, Nam-Je;Chung, Kyo-Il;Sohn, Sung-Won;Ryou, Jae-Cheol
    • Journal of Information Processing Systems
    • /
    • v.1 no.1 s.1
    • /
    • pp.86-95
    • /
    • 2005
  • Location-based services or LBS refer to value-added service by processing information utilizing mobile user location. With the rapidly increasing wireless Internet subscribers and world LBS market, the various location based applications are introduced such as buddy finder, proximity and security services. As the killer application of the wireless Internet, the LBS have reconsidered technology about location determination technology, LBS middleware server for various application, and diverse contents processing technology. However, there are fears that this new wealth of personal location information will lead to new security risks, to the invasion of the privacy of people and organizations. This paper describes a novel security approach on open LBS service to validate certificate based on current LBS platform environment using XKMS (XML Key Management Specification) and SAML (Security Assertion Markup Language), XACML (extensible Access Control Markup Language) in XML security mechanism.

Service Identification of Internet-Connected Devices Based on Common Platform Enumeration

  • Na, Sarang;Kim, Taeeun;Kim, Hwankuk
    • Journal of Information Processing Systems
    • /
    • v.14 no.3
    • /
    • pp.740-750
    • /
    • 2018
  • There are a great number of Internet-connected devices and their information can be acquired through an Internet-wide scanning tool. By associating device information with publicly known security vulnerabilities, security experts are able to determine whether a particular device is vulnerable. Currently, the identification of the device information and its related vulnerabilities is manually carried out. It is necessary to automate the process to identify a huge number of Internet-connected devices in order to analyze more than one hundred thousand security vulnerabilities. In this paper, we propose a method of automatically generating device information in the Common Platform Enumeration (CPE) format from banner text to discover potentially weak devices having the Common Vulnerabilities Exposures (CVE) vulnerability. We demonstrated that our proposed method can distinguish as much adequate CPE information as possible in the service banner.

Internal and External Characteristics of Information Security Officers Affecting Organization's Information Security Performance (조직 정보보호성과에 영향을 미치는 정보보호담당임원의 내·외적 특성)

  • Oh, Ha-Kyeong;Kim, Tae-Sung
    • Journal of Information Technology Applications and Management
    • /
    • v.27 no.4
    • /
    • pp.1-19
    • /
    • 2020
  • Infringement of information security has caused the corporate image to be damaged and share price to fall, and it is emerging as an organizational risk. The value of information assets in enterprises has led to a higher level of security than in the past. As a result, companies are aware of the need for officers to protect information and to oversee a security management system. However, despite the growing importance of information security officers, there is a lack of research on their roles and characteristics. This study validates the relationship between determinants that affect the performance of information security. And a structural equation model was presented and empirically analyzed to see the impact of the internal and external characteristics of the staff in charge of information security on the organization's information security performance.

A Participation Scheme of the Central Region Research Institute related to National Defense Information Security Industry (국방정보보호산업 관련 중부권 연구기관 활용방안)

  • Eom, Jung-Ho
    • Journal of National Security and Military Science
    • /
    • s.9
    • /
    • pp.191-206
    • /
    • 2011
  • This study is presented a scheme that information security research institutions located within the central area can be participated actively m national defense information security industry. The many of information security company are located in the central region(Daejeon) and there are many research institutes. However, the participation rate of the Defense Information Security Industry is not high compared to other provinces. Although a variety of reasons, there are no the Defense Privacy Office that could have a role in protocol and the information about the industry. In addition, the Department of Defense related to national defense information security industry have not information about research institutions in the central region and are not well to identify the characteristics of institutional technology and research. So in this paper we presented some of the alternatives. 1) Building Pool involved in information security research according to the characteristics of each agency 2) Constitute the research community between Research institutions and the company 3) Build the technology cooperation between research institutions and the defense research institutes 4) Utilization of industry/university/research institutes related to Information Security Industry 5) Make strategic alliances among research institutes based on technical expertise.

  • PDF

Analysis on Cyber Security and Its Challenges to Society

  • Shashank Mishra;Raghav Sandhane
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.6
    • /
    • pp.141-152
    • /
    • 2024
  • Cyber security plays an important role in the field of IT industry and other industry too. Whenever we talk about cyber security, the word cybercrime pops out. Cybercrime is the biggest issues we are facing right now. Every 39 seconds an attacker is hacking something. Since 2008 to 2019 there are more than 8800 data breach cases is being found or filed. Even as we are aware of cybercrime and its stats, only 5% organization are fully secured and other 95% are not fully secured. According to survey 56% organization have weak controls. Basically they are not secured. Apart from taking measures cyber security are facing huge challenges or disturbs to many. This paper mainly focuses on dare to cyber security and also center of attraction is cyber security expertise, morals with changing in technology with time. [1]

Revitalization Strategy of Information Security Industry Using Cognitive Map Analysis (인지지도분석을 통한 정보보호 산업 활성화전략)

  • Lee, Jung Mann;Cho, Ilgu;Rim, Myung Hwan
    • Journal of Information Technology Applications and Management
    • /
    • v.23 no.2
    • /
    • pp.177-194
    • /
    • 2016
  • This study analyzed President Park's speeches and the government's industry policy in the field of information security using cognitive map. The relationship analysis between policy tool variables and policy goal variables was employed to derive revitalization strategy of information security. This paper found that entrepreneurship revitalization has very strong causality with expansion of domestic market and global market. But, on the other hand, HR development has very weak causality with job creation and future growth driver because the labor market in the information security industry is poor and its transfer rate to other industry is very high. This study showed that this cognitive map could be characterized by a scarcity of feedback loops and a strong emphasis on the positive loops in the structure of virtuous circle. In this paper, we also constructed a comprehensive cognitive map on the policy vision of information security, showing that there are a risk of cyber threat, an opportunity of new fusion security market, information security reinforcing circle, global economic circle, and domestic market circle.

A Study on the Direction of the Formulation of "Safe Country" Laws and Regulations due to the Development of Information Technology (정보사회에 있어서 '안전국가' 법규의 정립방향에 관한 소고)

  • Kim, Hyun-Kyung
    • Journal of Information Technology Services
    • /
    • v.12 no.3
    • /
    • pp.151-163
    • /
    • 2013
  • It is no doubt that information technology is the key factor of national safety. Information technology is positively useful for national security such as crime prevention and detection, criminal investigation, disaster management, and national defense. However, it might be a threat to the security as we saw in the examples such as '3.4 DDoS attacks' and 'Nong-hyup Computer Network Failure.' Although the effect that information technology makes upon the national security is immense, the current legal system does not reflect these changes well. National security should be kept during 'prevention-response-recovery' process regardless it is in the online on offline. In addition, public administration for national security should be based on laws. However, the current legal system is lack of legislative basis on cyber and physical disaster, and the laws on the response to disaster might cause confusing. Therefore, this study examines the limitation of the current legal system on national security, and suggests directions for the development of the system based on the new establishment of the legal concept for 'national security'.