• Strategy21
• /
• s.42
• /
• pp.258-292
• /
• 2017

This paper is designed to make a national strategic concept for the ROK's maritime security and to explore cooperation directions for the ROK Navy and Coast Guard in order to implement the newly-made maritime security strategic concept. As strategy is composed of three main categories(goals, ways, means), the goal of the ROK's maritime security strategy is 'Safe and Affluent Sea' and the way to realize the goal is the principle of cooperative leverage, and the means as tasks to implement the strategic concept are maritime safety, maritime security, and maritime stewardship. The concept of national fleet as used in the US is applied to promoting the cooperation between the ROK Navy and Coast Guard. Thus, under the newly-established maritime security strategic concept along with the national fleet model, followings are suggested as policy proposals for facilitating mutual cooperation between the ROK Navy and Coast Guard in dealing with not only traditional threats but also non-traditional treats at sea and from the sea as well. First, the ROK Navy and Coast Guard has been making efforts to enhance interoperability between the two sea services. However, the mutual cooperations have been focused mainly on areas on operational level rather than policy level. Therefore, the two sea services are recommended to enlarge exchanges and cooperation in policy areas. Second, there are still demands for further cooperation areas between the two sea services in command and communications. The interoperability in C2 between the two needs to be upgraded even to the areas of anti-terrorist activities ar sea, ASUW, ASW, maritime interdiction, etc. Third, mutual comparability between the two needs to be reflected in the maritime forces development to ensure the comparability in UNREP and other logistics areas. Fourth, the standardization of logistical materials and equipments is needed as a way of sustaining operational capability and logistical capacity for the ROK Navy and Coast Guard as well. Fifth, the ROK Navy and Coast Guard are recommended to participate more actively in international maritime cooperation activities such as PASSEX. Sixth, Complementary laws and regulations need further to be revised and to be newly made for collectively managing swiftly maritime accidents and natural disasters at sea.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1189-1206
• /
• 2020

Recently, ICT companies do not directly design, develop, produce, operate, maintain, and dispose of products and services, but are outsourced or outsourced companies are increasingly in charge. Attacks arising from this are also increasing due to difficulties in managing vulnerabilities for products and services in the process of consignment and re-consignment. In order to respond to this, standards and systems for security risk management of ICT supply chain are being established and operated overseas, and various case studies are being conducted. In addition, research is being conducted to solve supply chain security problems such as Software Bill of Materials (SBOM). International standardization organizations such as ISO have also established standards and frameworks for security of ICT supply chain. In this paper, we presents ICT supply chain security management items suitable for domestic situation by comparing and analyzing ICT supply chain security standards and systems developed as international standards with major countries such as the United States and EU, and explains the necessity of cyber security framework for establishing ICT supply chain security system.

• Informatization Policy
• /
• v.25 no.1
• /
• pp.99-114
• /
• 2018

In the past, organizations tended to focus on physical and technical aspects of managing corporate's information security (IS), rather than the aspect of human resources related to IS. Recently, increasing security incidents caused by organization members raise the issue of how to improve employees' compliance with security policies. This study conducted a field experiment to examine the effect of security awareness training and technical security services on employee's security behaviors. In Study 1, the number of spam opening cases were measured right after the IS training and re-measured three months later. In Study 2, a spam warning message was provided and then the number of employees' spam opening cases were counted to find out the effect of security services. It was found that both the IS training and the technical IS service were effective; they significantly decreased spam opening rates. However, the training effect did not last longer than three months. These findings suggest that organizations need to consider providing regular training programs and supplementary technical services to improve employees' compliance with security policies.

• International journal of advanced smart convergence
• /
• v.12 no.3
• /
• pp.40-50
• /
• 2023

Blockchain is a technology designed to prevent tampering with digital documents or information, safeguarding transaction data and managing it in a structured manner. This proves beneficial in addressing issues of trust and data protection in B2B, B2C, and C2B transactions. Blockchain finds utility not only in financial transactions but also across diverse industrial sectors. This study outlines significant cases and responses that jeopardize the security of blockchain networks and cryptocurrency technology. Additionally, it analyzes safety and risk factors related to blockchain and proposes effective testing methods to preemptively counter these challenges. Furthermore, this study presents key security evaluation metrics for blockchain to ensure a balanced assessment. Additionally, it provides evaluation methods and various test case models for validating the security of blockchain and cryptocurrency transaction services, making them easily applicable to the testing process.

• Convergence Security Journal
• /
• v.8 no.2
• /
• pp.79-85
• /
• 2008

Our paper deals with a method for supporting multiple call/sessions in a mobile terminal. The different identifier for each protocol layer is assigned to each session when a mobile terminal sets SDP for multimedia services. In particular, QoS based tasks are used for managing the traffics in radio interface. Also, queuing, admission control, load control, resource allocation and scheduling are done based on the priority of sessions. The various multimedia services which is different in the requirement of resource allocation are able to be serviced simultaneously because a mobile terminal can provide the various services based on this scheme.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.297-307
• /
• 2021

In the vibrant environment, documentation and managing systems are maintained autonomously through education foundations, book materials and libraries at the same time as information are not voluntarily accessible in a centralized location. At the moment Libraries are providing online resources and services for education activities. Moreover, libraries are applying outlets of social media such as Facebook as well as Instagrams to preview their services and procedures. Librarians with the assistance of promising tools and technology like analytics software are capable to accumulate more online information, analyse them for incorporating worth to their services. Thus Libraries can employ big data to construct enhanced decisions concerning collection developments, updating public spaces and tracking the purpose of library book materials. Big data is being produced due to library digitations and this has forced restrictions to academicians, researchers and policy creator's efforts in enhancing the quality and effectiveness. Accordingly, helping the library clients with research articles and book materials that are in line with the users interest is a big challenge and dispute based on Taibah university in Saudi Arabia. The issues of this domain brings the numerous sources of data from various institutions and sources into single place in real time which can be time consuming. The most important aim is to reduce the time that lapses among the authentic book reading and searching the specific study material.

• Journal of Information Technology Services
• /
• v.23 no.1
• /
• pp.1-10
• /
• 2024

The IT environment is changing due to the acceleration of digital transformation in enterprises and organizations. This expansion of the digital space makes centralized cybersecurity controls more difficult. For this reason, cyberattacks are increasing in frequency and severity and are becoming more sophisticated, such as ransomware and digital supply chain attacks. Even in large organizations with numerous security personnel and systems, security incidents continue to occur due to unmanaged and unknown threats and vulnerabilities to IT assets. It's time to move beyond the current focus on detecting and responding to security threats to managing the full range of cyber risks. This requires the implementation of asset Inventory for comprehensive management by collecting and integrating all IT assets of the enterprise and organization in a wide range. IT Asset Management(ITAM) systems exist to identify and manage various assets from a financial and administrative perspective. However, the asset information managed in this way is not complete, and there are problems with duplication of data. Also, it is insufficient to update of data-set, including Network Infrastructure, Active Directory, Virtualization Management, and Cloud Platforms. In this study, we, the researcher group propose a new framework for automated 'Comprehensive IT Asset Management(CITAM)' required for security operations by designing a process to automatically collect asset data-set. Such as the Hostname, IP, MAC address, Serial, OS, installed software information, last seen time, those are already distributed and stored in operating IT security systems. CITAM framwork could classify them into unique device units through analysis processes in term of aggregation, normalization, deduplication, validation, and integration.

• Journal of the Korea Society of Computer and Information
• /
• v.5 no.4
• /
• pp.161-165
• /
• 2000

In the past, the mutual saving finance service was managed by the Packages which consisted of the softwares managing data under the text mode environment. The data was mostly managed at only one place. So it becomes very important things that we efficiently deal various services and systematically support public-relation activities and efficient managements of a security mortgage. Therefor. we develope the system which efficiently manages customer service and management of a security mortgage by using GIS under the Client/server environment.

• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.371-382
• /
• 2022

The trend of Bring Your Own Device (BYOD) is gaining popularity all over the world with its innumerable benefits such as financial gain, greater employee satisfaction, better job efficiency, boosted morale, and improved flexibility. However, this unstoppable and inevitable trend also brings its own challenges and risks while managing and controlling corporate data and networks. BYOD is vulnerable to attacks by viruses, malware, or spyware that can reach sensitive data and disclose information, modify access policies, disrupt services, create financial issues, minimise productivity, and entail some legal implications. The key focus of this research is how Saudi Arabia has approached BYOD with the help of their 5-step solution model and quantitative research methodology. The result of this study is a statement about what users know about this trend, their opinions about it, and suggestion to increase the employee awareness.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12spc
• /
• pp.383-390
• /
• 2021

The main purpose of the study is to determine the features of the functioning of the university as a part of the state structure in the context of marketing management n the context of storing information technologies. Students were obtained due to the following theoretical methods: systems of analysis and synthesis, induction and deduction, comparison, classification, generalization and systematization, idealization and abstraction. It is advisable to study the essence and nature of educational services, as well as the role of education in economic development, relying on the methodology of institutional theory, the theory of stakeholders, which makes it possible to assess the contribution of education to the harmonization of public and individual interests, the formation of appropriate structures and subjects of development, ensuring the building of intellectual potential and quality of life. The specificity of the functioning of the university as a part of the state structure in terms of managing marketing activities was characterized.