• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.39-45
• /
• 2024

The purpose of security control in the public sector is to secure the safety of administrative services for the public by preventing resource loss or information infringement in information systems and information and communication networks. The security control system is a process that performs real-time detection, analysis, response, and reporting through system vulnerability analysis and security system detection pattern optimization. This study aims to objectively identify the current situation of the mismatch between the supply and demand of cyber security control centers currently in operation and specialized security control companies that can be entrusted to operate them, and to derive and propose practical and institutional improvement measures. Considering that the operation of security control centers in the public sector is expected to increase in the future, research on the practical supplementation required for the operation process of security control centers and the improvement of the designation system of security control specialized organizations has fundamental and timely significance, and it is an area that requires continuous research in terms of strategic industrialization.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.44 no.1
• /
• pp.1-8
• /
• 2021

As a nation experiencing rapid economic growth, South Korea and its government have made a continuous effort toward efficient research investments to achieve transformation of the Korean industry for the fourth industrial revolution. To achieve the maximum effectiveness of the research investments, it is necessary to evaluate its funding's worth and default risk. Thus, incorporating the concepts of the Black-Scholes-Merton model and the Greeks, this study develops a default-risk evaluation model in the foundation of a system dynamics methodology. By utilizing the proposed model, this study estimates the monetary worth and the default risks of research funding in the public and private sectors of Information and Communication technologies, along with the sensitivity of the R&D economic worth of research funding to changes in a given parameter. This study finds that the public sector has more potential than the private sector in terms of monetary worth and that the default risks of three types of research funding are relatively high. Through a sensitivity analysis, the results indicate that uncertainty in volatility, operation period, and a risk-free interest rate has trivial impacts on the monetary worth of research funding, while volatility has large impacts on the default risk among the uncertain factors.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.1
• /
• pp.109-122
• /
• 2022

The purpose of information security activities is to reduce large-scale material and human accidents that are concerned about hacking damage to important systems, such as control systems, through periodic preventive activities in addition to finding the cause and taking follow-up measures after damage caused by hacking. For this reason, although each institution is using a security work audit model in accordance with the relevant regulations, it is not easy to conduct company-wide inspection activities due to the constraints of manpower and time. Therefore, in this paper, we will analyze the major vulnerabilities of public institutions over the past 10 years and present a security audit model that can perform efficient security activities compared to the models for domestic and foreign security audits.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.19 no.1
• /
• pp.23-30
• /
• 2023

According to the government's plan for cloud conversion and integration of information resources for administrative and public institutions, work is underway to convert administrative and public institutions to the cloud by 2025. In addition, in the private sector, companies in many fields, including finance, are already using cloud services, and the usage is expected to expand more and more. As a result, changes have occurred in security control activities using security systems, it is required to secure visibility for encrypted traffic when building a cloud control environment. In this paper, an analysis was conducted on the way to provide visibility in the cloud service environment. Ways to provide visibility in the cloud service environment include methods of using load balancer, methods of using security systems, and methods of using equipment dedicated to SSL/TLS decryption. For these methods, Performance comparison was performed in terms of confidentiality, functionality (performance), cost. Through this, the pros and cons of each visibility provision method were presented.

• Journal of Korean Society of Archives and Records Management
• /
• v.24 no.2
• /
• pp.139-163
• /
• 2024

This study aims to analyze classification systems used in the public sector, collected based on legislation, and to improve the classification system for public records. From the Korean Law Information Center, 375 legislative clauses were searched, revealing about 80 classification systems. These systems were initially divided into lists, tables, and hierarchical classifications. Six types of classification system uses were proposed after combining three management types and two system functions. Among these models, classification systems used for core operations in public agencies often had the same entity as both developer and user. While systems adopted from other institutions were often modified as needed, they were predominantly used for reference tasks rather than core operations. However, in records management, crucial tasks such as record classification and disposal commonly use unmodified classification system items developed and managed by other agencies. Consequently, this study proposes that structural improvements are necessary for the record classification system. It suggests developing dedicated classification systems to support core functions or modifying existing systems and also applying records management disposal standards and guidelines to other relevant legislative provisions.

• International Journal of Computer Science & Network Security
• /
• v.23 no.2
• /
• pp.173-182
• /
• 2023

The UAE government has set its sights on creating a smart, electronic-based government system that utilizes AI. The country's collaboration with India aims to bring substantial returns through AI innovation, with a target of over $20 billion in the coming years. To achieve this goal, the UAE launched its AI strategy in 2017, focused on improving performance in key sectors and becoming a leader in AI investment. To ensure public safety as the role of AI in government grows, the country is working on developing integrated cyber security solutions for SCADA systems. A questionnaire-based study was conducted, using the AI IQ Threat Scale to measure the variables in the research model. The sample consisted of 200 individuals from the UAE government, private sector, and academia, and data was collected through online surveys and analyzed using descriptive statistics and structural equation modeling. The results indicate that the AI IQ Threat Scale was effective in measuring the four main attacks and defense applications of AI. Additionally, the study reveals that AI governance and cyber defense have a positive impact on the resilience of AI systems. This study makes a valuable contribution to the UAE government's efforts to remain at the forefront of AI and technology exploitation. The results emphasize the need for appropriate evaluation models to ensure a resilient economy and improved public safety in the face of automation. The findings can inform future AI governance and cyber defense strategies for the UAE and other countries.

• Journal of Information Technology Services
• /
• v.12 no.3
• /
• pp.289-309
• /
• 2013

Korea has been ranked at the top consecutively in UN e-Government Survey. This fact reflects consistent efforts by public institutes in Korea. However, there were some duplicate efforts and inefficiency in the investment into IS(information systems). In other words, management and decision making on e-government have yet to improved. Accordingly, governmental institutes have long been promoting policies for EA in order to carry out and manage effectively IT projects including the e-Government projects. EA is being regarded as a means to facilitate IT Governance for systematic management of IT projects, A major objective is to firmly establish the decision making process for IS investment through EA, since the each institute is a large organization with so complicated and specialized demand for IS. As a result, systematic decision making is becoming quite difficult. Thus, this study attempts to identify different types of IT investment decision making and to figure out the relationship between the decision types and the organizational performance of public institutes where EA was implemented.

• Management & Information Systems Review
• /
• v.13
• /
• pp.127-140
• /
• 2003

Although there have been continual researches in the project scheduling problems since 1960s, the main interest has been how to improve the efficiency of a single project. The minimization problem of the project completion time given a preassigned budget might be an example. This kind of the problem is important, but estimating of the proper budget for a project may also be very important. This research deals with the budget allocation problem for the multiple project. This research is unique in that the project scheduling techniques are used for the budgeting problem. Therefore, this research may be used as a strategic decision model for the multiple large projects in public sector.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.43 no.1
• /
• pp.50-60
• /
• 2020

The omni-channel customer system is the communication system between enterprise and customer via multiple channels such as mail, email, SMS, and mobile. The omni-channel customer system complements each other channel through the integration of each channel. The purpose of this research is to derive key factors and calculate the weights that a financial enterprise considers when adopting the omni-channel customer system. For this research, we analyzed the request for proposal documents used for the omni-channel customer system implementation projects in the financial enterprise. Also, we derived, classified, and stratified the key factors to be considered for the introduction of the omni-channel customer system in the financial enterprise. As a result of analyzing the key factors, customer experience, operations, and security were identified as the components of the top category in introducing the omni-channel customer system in the financial sector. Furthermore, the weight for each key factor was calculated by using ANP. As a result of ANP, operations, customer experience, and security were important in order. Also, the degree of easiness for connecting with other systems and the various abilities for representing the contents of the omni-channels were derived as the important key factors.

• Journal of Intelligence and Information Systems
• /
• v.29 no.1
• /
• pp.353-376
• /
• 2023

The global pandemic and the development of virtual and augmented reality technologies have led a metaverse boom that enables a lot of interactions in virtual worlds, and is being utilized in various fields such as business, government, and education etc. Despite the growing interest in the metaverse, its scope and definition are still unclear and the concept is still evolving, making it challenging to establish its governance. Governmental entities are also investing intensively in public metaverses to make public value and promote social welfare, but they are underutilized due to lack of systematic governance. Therefore, in this study, we propose a public metaverse governance framework and identify the relative importance of the factors. Furthermore, since a public metaverse should be accessible to anyone who wants to use, we explore the factors of shadow work and examine the ways to minimize it. Based on the socio-technical system theory, we derived public metaverse governance factors from previous literature and topic modeling and then generate a framework with 23 factors through expert interviews. We then tested relative priority of the factors using the analytic hierarchical process (AHP) from the experts. As a result, the top five overall rankings are: 'roles and responsibilities', 'standardization/modularization', 'collaboration and communication', 'law and policies', and 'availability/accessibility'. The academic implications of this study are that it provides a comprehensive framework for public metaverse governance, and then the practical implications include suggesting prioritized considerations for metaverse operations in the public sector.