• Management & Information Systems Review
• /
• v.31 no.4
• /
• pp.397-432
• /
• 2012

The purpose of this study is Big Five personality factors of personality type on career behavior, that is, entry to the unsafe first job in Korean university students. To accomplish this research objective, this study collected data from 500 students in three universities and two colleges located in the Chungcheong region. Among 350 questionnaires, 342 copies were used for a final analysis. In order to analyze the survey data, statistical package program SPSS/WIN 18.0 was utilized and statistical techniques such as basic statistical analysis, factor analysis, Cronbach's alpha, correlation analysis, and multiple regression analysis were used. The results obtained in this study can be summarized as follows. The extraversion personality and agreeableness personality of college students has a significant effect on the entry to the unsafe first job in the positive direction. On the other hand, the neurotic personality and openness to experience has a significant effect on the entry to the unsafe first job in the negative direction. However, the integrity personality of college students was not statistically significant. Finally, based on the empirical results we suggested several theoretical and practical implications.

• Management & Information Systems Review
• /
• v.35 no.4
• /
• pp.185-211
• /
• 2016

This study examined the impact of learning organization activities on burnout and the moderating effect of supervisor trust in a learning organization. The results of the study shows that among the activities of a learning organization, independent variables in this study, promoting inquiry and dialogue as well as encouraging collaboration and team learning affect burnout. In other words, the dedication of an organization to creating a culture in which various learning approaches are experimented through questioning and giving feedback as well as collaborative learning that can reinforce the effective use of team resources have an impact on reducing emotional exhaustion, which is considered to be at the core of burnout. Plus, these factors reduce impersonalization, which is activated to prevent further emotional exhaustion by dealing with customers, colleagues and jobs in a cold, negative and perfunctory way. In this study, the dimensions of promoting inquiry and dialogue as well as encouraging collaboration and team learning were found to reduce the decline in personal sense of achievement of an employee with a negative assessment of himself or herself derived from a lack of achievement in his or her job. Supervisor trust (integrity, benevolence and ability) had a moderating effect on the relationship between strategic learning leadership and impersonalization/emotional exhaustion. This suggests that the trust of supervisor helps mediate and moderate the emotional exhaustion and impersonalization of organizational members by encouraging leaders to drive change and take the organization to a new direction. The study has provided implications that communication plays an important role in reducing burnout in the learning context such as positive, appreciative inquiry and feedback analysis to identify strength, and that supervisor trust is critical in order to ensure strategic learning leadership exerts greater influence on the organization.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.10C
• /
• pp.1015-1026
• /
• 2002

As per increasing research interest in the field of collaborative computing in recent year, the importance of security issues on that area is also incrementally growing. Generally, the persistency of collaborative system is facilitated with conventional authentication and cryptography schemes. It is however, hard to meet the access control requirements of distributed collaborative computing environments by means of merely apply the existing access control mechanisms. The distributed collaborative system must consider the network openness, and various type of subjects and objects while, the existing access control schemes consider only some of the access control elements such as identity, rule, and role. However, this may cause the state of security level alteration phenomenon. In order to handle proper access control in collaborative system, various types of access control elements such as identity, role, group, degree of security, degree of integrity, and permission should be taken into account. Futhermore, if we simply define all the necessary access control elements to implement access control algorithm, then collaborative system consequently should consider too many available objects which in consequence, may lead drastic degradation of system performance. In order to improve the state problems, we propose a novel access control framework that is suitable for the distributed collaborative computing environments. The proposed scheme defines several different types of object elements for the accessed objects and subjects, and use them to implement access control which allows us to guarantee more solid access control. Futhermore, the objects are distinguished by three categories based on the characteristics of the object elements, and the proposed algorithm is implemented by the classified objects which lead to improve the systems' performance. Also, the proposed method can support scalability compared to the conventional one. Our simulation study shows that the performance results are almost similar to the two cases; one for the collaborative system has the proposed access control scheme, and the other for it has not.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1351-1364
• /
• 2019

When SCADA is exposed to cyber threats and attacks, serious disasters can occur throughout society. This is because various security threats have not been considered when building SCADA. The bigger problem is that it is difficult to patch vulnerabilities quickly because of its availability. Digital forensics procedures and techniques need to be used to analyze and investigate vulnerabilities in SCADA systems in order to respond quickly against cyber threats and to prevent incidents. This paper addresses SCADA forensics taxonomy and research trends for effective digital forensics investigation on SCADA system. As a result, we have not been able to find any research that goes far beyond traditional digital forensics on procedures and methodologies. But it is meaningful to develop an approach methodology using the characteristics of the SCADA system, or an exclusive tool for SCADA. Analysis techniques mainly focused on PLC and SCADA network protocol. It is because the cyber threats and attacks targeting SCADA are mostly related to PLC or network protocol. Such research seems to continue in the future. Unfortunately, there is lack of discussion about the 'Evidence Capability' such as the preservation or integrity of the evidence extracting from SCADA system in the past researches.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.779-787
• /
• 2018

As security problems of the paper ballot have been emerged on and on, electronic voting with enhanced security and convenience has been introduced in several countries. However, it has not been adopted most of countries because of the problems that come from interdependence and security flaws. Meanwhile, the blockchain technology has high reliability due to the mechanism of mining that miners verify and preserve blocks independently by using P2P formation which does not have a central authority. Furthermore, because each block refers to the hash of the previous block. if any one block is changed, it is very difficult to forge and modify the blockchain because all blocks must be changed. If this technology is applied to the E-voting, integrity, and transparency about the result of the ballot is guaranteed. In this paper, we propose and implement an electronic voting system based on blockchain that improves interdependence, the reliability of excessive TTP and single point of failure come from original electronic voting. Also, we analyze the security and advantage of the proposal system compared with the existing bitcoin-based electronic voting system.

• Journal of KIISE:Information Networking
• /
• v.30 no.1
• /
• pp.75-81
• /
• 2003

User authentication, including confidentiality, integrity over untrusted networks, is an important part of security for systems that allow remote access. Using human-memorable Password for remote user authentication is not easy due to the low entropy of the password, which constrained by the memory of the user. This paper presents a new password authentication and key agreement protocol suitable for authenticating users and exchanging keys over an insecure channel. The new protocol resists the dictionary attack and offers perfect forward secrecy, which means that revealing the password to an attacher does not help him obtain the session keys of past sessions against future compromises. Additionally user passwords are stored in a form that is not plaintext-equivalent to the password itself, so an attacker who captures the password database cannot use it directly to compromise security and gain immediate access to the server. It does not have to resort to a PKI or trusted third party such as a key server or arbitrator So no keys and certificates stored on the users computer. Further desirable properties are to minimize setup time by keeping the number of flows and the computation time. This is very useful in application which secure password authentication is required such as home banking through web, SSL, SET, IPSEC, telnet, ftp, and user mobile situation.

• The KIPS Transactions:PartC
• /
• v.14C no.5
• /
• pp.431-438
• /
• 2007

RFID system is core technology that construct ubiquitous environment for replacement of barcode technology. Use ratio of RFID system rapidly increase because the technology has many good points such as identification speed, storage space, convenience etc. But low-cost tag operates easily by query of reader, so the system happened user privacy violent problem by tag information exposure. The system studied many ways for security application, but operation capability of low-cost tag is about $5K{\sim}10K$ gates, but only $250{\sim}3K$ gates allocated security part. So it is difficult to apply security to the system. Therefore, this scheme uses dividing 64 bits and reduces arithmetic, so proposed scheme provide mutual authentication that can apply to low-cost RFID system. Existing methods divide by 4 and used 96 bits. However, that reduces 32 bits length for lightweight and reduced from communication number of times of 7 times to 5 times. Also, because offer security by random number than existing scheme that generate two random numbers, that is more efficient. However, uses hash function for integrity that was not offered by XOR arithmetic and added extension of proposed scheme. Extended scheme is not offered efficiency than methods that use XOR arithmetic, but identification distance is mode that is proposed secure so that can use in for RFID system.

• The KIPS Transactions:PartC
• /
• v.9C no.6
• /
• pp.823-830
• /
• 2002

Enterprise security management system proposed to properly manage heterogeneous security products is the security management infrastructure designed to avoid needless duplications of management tasks and inter-operate those security products effectively. In this paper, we propose the model of generalized security policies. It is designed to help security management build invulnerable security policies that can unify various existing management infrastructures of security policies. Its goal is not only to improve security strength and increase the management efficiency and convenience but also to make it possible to include different security management infrastructures while building security policies. In the generalization process of security policies. we first diagnose the security status of monitored networks by analyzing security goals, requirements, and security-related information that security agents collect. Next, we decide the security mechanisms and objects for security policies, and then evaluate the properness of them on the basis of security goals, requirements and a policy list. With the generalization process, it is possible to integrate heterogeneous security policies and guarantee the integrity of them by avoiding conflicts or duplications among security policies. And further, it provides convenience to manage many security products existing in large networks.

• Journal of KIISE:Information Networking
• /
• v.30 no.3
• /
• pp.377-386
• /
• 2003

In this paper, we present an application layer protocol to support secure wireless Internet services, called Application Layer Security(ALS). The drawbacks of the two traditional approaches to secure wireless applications motivated the development of ALS. One is that in the conventional application-specific security protocol such as Secure HyperText Transfer Protocol(S-HTTP), security mechanism is included in the application itself. This gives a disadvantage that the security services are available only to that particular application. The other is that a separate protocol layer is inserted between the application and transport layers, as in the Secure Sockets Layer(SSL)/Transport Layer Security(TLS). In this case, all channel data are encrypted regardless of the specific application's requirements, resulting in much waste of network resources. To overcome these problems, ALS is proposed to be implemented on top of HTTP so that it is independent of the various transport layer protocols, and provides a common security interface with security applications so that it greatly improves the portability of security applications. In addition, since ALS takes advantages of well-known TLS mechanism, it eliminates the danger of malicious attack and provides applications with various security services such as authentication, confidentiality integrity and digital signature, and partial encryption. We conclude this paper with an example of applying ALS to the solution of end-to-end security in a present commercial wireless protocol stack, Wireless Application Protocol.

• Journal of the Korean Institute of Traditional Landscape Architecture
• /
• v.35 no.4
• /
• pp.43-55
• /
• 2017

The purpose of this study is to investigate conservation and management methods of the Joseon Royal Tombs in the Middle District. Urbanization has damaged many of the original terrains as many buildings and facilities have entered the inner and outer area of Joseon Royal Tombs. Land purchase, relocation and demolition of the building are required for the recovery of the Royal Tombs area, and then it is necessary to recover the original terrain. In the case of land use and pathways, there were many land use which harmed the sacred atmosphere of the area, and many disconnection of the ritual circulation, they should be maintained to remind the sacred atmosphere of the royal tomb. The water system should be changed to natural type canal, and it is necessary to collect accurate information on the lost buildings and stoneworks through literature survey and excavation investigation, and then lead to the exposure or restoration of the ruins. Historical forests require periodic and ongoing monitoring and management, and it is necessary to establish a historical and cultural museum that can provide to visitors information about Joseon Royal Tombs. These works should be classified into short, medium and long-term projects with a long perspective to implement continuous and systematic projects.