• 정보보호뉴스
• /
• s.134
• /
• pp.24-25
• /
• 2008

지난달 10월 $12{\sim}17$일 페루 리마에서 제38차 APEC TEL 희의의 일환으로, '사이버 보안 인식제고 워크샵(Cyber Security Awareness Raising Workshop)'이 개최됐다. 이날 회의에서는 우리나라를 비롯해 미국, 호주 등 정보보호 문화운동이 우수한 국가들이 활동현황이 소개되는 한편, 국가간 의견 공유가 이뤄졌다. 그 가운데 우리나라의 정보보호 인식제고 활동이 자세히 소개되면서 APEC 회원국으로부터 집중 관심을 받기도 했다.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.245-251
• /
• 2021

This work aims to focus on the current features and characteristics of Human Element and Artificial intelligence (AI), ask some questions about future information security, and whether we can avoid human errors by improving machine learning and AI or invest in human knowledge more and work them both together in the best way possible? This work represents several related research results on human behavior towards information security, specified with elements and factors like knowledge and attitude, and how much are they invested for ISA (information security awareness), then presenting some of the latest studies on AI and their contributions to further improvements, making the field more securely advanced, we aim to open a new type of thinking in the cybersecurity field and we wish our suggestions of utilizing each point of strengths in both human attributions in software security and the existence of a well-built AI are going to make better future software security.

• Journal of information and communication convergence engineering
• /
• v.5 no.4
• /
• pp.382-388
• /
• 2007

Indoor location system using wireless sensor network technology was applied for the status evaluation and activity monitoring of elderly person or chronic invalid at home. Location awareness application is transparent to the daily activities, while providing the embedded computing infrastructure with an awareness of what is happening in this space. To locate an object, the active ceiling-mounted reference beacons were placed throughout the building. Reference beacons periodically publish location information on RF and ultrasonic signals to allow application running on mobile or static nodes to study and determine their physical location. Once object-carried passive listener receives the information, it subsequently determines it's location from reference beacons. By using only the sensor nodes without any external network infrastructure the cost of the system was reduced while the accuracy in our experiments. was fairly good and fine grained between 7 and 15 cm for location awareness in indoor environments. Passive architecture used here provides the security of the user privacy while at the server the privacy was secured by providing the authentication using Geopriv approach. This information from sensor nodes is further forwarded to base station where further computation is performed to determine the current position of object and several applications are enabled for context awareness.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.13 no.3
• /
• pp.110-116
• /
• 2005

TSA needs to be more transparent with the new passenger screening system and its functioning to build the citizen trust. The system is needed to be not only effective but supported by Congress and the general public. Until this occurs, skepticism will underlie any discussion about its effectiveness in balancing the protection from terrorism with respect to individual liberties. CAPPS II can be a viable system if it is developed appropriately. The objectives of the study are to introduce the security program in the U.S. aviation security policy and to discuss privacy problems when it applies. Korea also needs to study a harmonious plan with the basis of global approach mind in the case of considering the transferring of passenger information from other states for the purpose of security.

• Information Systems Review
• /
• v.20 no.3
• /
• pp.51-71
• /
• 2018

Many studies in the field of information security reveal the need to increase awareness. However, although awareness of information security has been raised to a considerable extent, actual security behavior has been shown to fall short of that. Therefore, we wanted to identify the role of psychological factors in making information security decisions by conducting a experimental study. The results show that there are differences in perception of information security risks according to the probabilistic distance and the degree of relative optimism due to social distance. In relation to their relative optimism and intention of information security, they reduced the level of perceived risk compared to those close to them and found that their influence varied according to their probabilistic distance. This study has made valuable attempt in terms of methodology and it is meaningful that the psychological factor is taken into consideration for the information protection behavior, so that the range of relative optimism that actually affects the perception of risk is narrowed. It is expected to contribute to the improvement of information security level of information technology users and protection of information assets by empirically identifying necessity of various approaches to decision making process for information security.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.19 no.2
• /
• pp.89-102
• /
• 2023

The purpose of this study is to examine what are the important variables for information security compliance and whether the information security investment by the industry is different. To comply with the information security policies, the organization must establish measures to prevent or resolve information security incidents. This research process consists of four stages, and the analysis method was conducted with the categorical regression analysis and the correspondence analysis. The first analysis analyzed the independent variables that affect security regulations compliance. The rest of the analysis was conducted by industry in the order of security compliance regulations, manpower investment, and budget investment. As a result of the first analysis, this had positive effects on an organization and personal information protection awareness, joint operation organization of information protection, manpower and budget investment, corporate size, and industry. The correspondence analysis was conducted from the second analysis to the fourth analysis and it analyzed the differences in information security investment by industry. The second analysis showed that the construction industry, science and technology industry, and finance industry have higher compliance with security regulations than other industries. The third analysis showed that the financial industry and the science and technology industry were higher than other industries. The last analysis showed that the financial industry was higher than other industries. The theoretical contribution of this study provided the basis for updating the information security theory. The practical contribution of this study requires government support to reduce information security deviations by industry.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.269-273
• /
• 2010

7.7 DDoS incident due to recent events and the emerging importance of privacy and Privacy laws are being discussed in the National Assembly. In this study, Legislative Assembly Secretariat support organization focused on using the system, such as the Internet network and the administrative, technical and physical security elements on the status of confidentiality, availability, integrity and security criteria to identify and follow and We are analyzing. In addition, the Internet, including network and use the system primarily for use, Legislative support agency, The National Assembly Secretariat staff awareness about information security and privacy on the survey for compliance with codes of conduct and We are analyzing. Through this analysis of legislative support agencies' security status, and social responsibility as an institution will wish to encourage the role.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.847-857
• /
• 2019

Recently, various cyber threats such as Ransomware and APT attack are increasing by e-mail. The characteristic of such an attack is that it is important to take administrative measures by improving personal perception of security because it bypasses technological measures such as past pattern-based detection The purpose of this study is to investigate the human factors of employees who are vulnerable to spam mail attacks through field experiments and to establish future improvement plans. As a result of sending 7times spam mails to employees of a company and analyzing training report, It was confirmed that factors such as the number of training and the recipient 's gender, age, and workplace were related to the reading rate. Based on the results of this analysis, we suggest ways to improve the training and to improve the ability of each organization to carry out effective simulation training and improve the ability to respond to spam mail by awareness improvement.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.867-875
• /
• 2019

Security awareness and training are becoming more important as cyber security incidents tend to increase in industrial control systems, including nuclear power plants. For effective cyber security awareness and training for the personnel who manage and operate the target facility, a TEST-BED is required that can analyze the impact of cyber attacks from the sensor level to the operation status of the nuclear power plant. In this paper, we have developed an HIL system for nuclear power plant cyber security training. It includes nuclear power plant status simulations and specific system status simulation together with physical devices. This research result will be used for the specialized cyber security training program for Korean nuclear facilities.

• The Journal of the Korea Contents Association
• /
• v.10 no.11
• /
• pp.262-274
• /
• 2010

In Welfare Center for the disabled, under the Government's information acceleration plan, the computer system has been developed starting from work standardization in 2001 but it has been emphasized only on the technical and customer convenience side leaving out preparation for the side effects of them. Therefore this article will seek the necessity of personal information protection, legal basis in the Welfare Center for the disabled. Additionally after analyzing current status for the personal security of Welfare Center for the disabled, establishing an alternative plan for personal security policy's way could be addressed. Increasing education for awareness stress of personal information security, and preparing institutional protection apparatus from applying life cycle of personal information would be an alternative plan for personal information protection for Welfare Center for the disabled. Also frequent monitoring of accessing personal information from the computerized system should be achieved. It is impossible to recover damage caused by leak of personal information although post actions are progressed. From this essay, awareness of personal information protection should be newly revised for both the Social Welfare Organization and the Disabled welfare center, and also technical, institutional strategy's action should be arranged.