• The Journal of Society for e-Business Studies
• /
• v.25 no.3
• /
• pp.109-130
• /
• 2020

Recently, the importance of research and development for technological innovation is increasing. The rapid development of research and development has a number of positive effects, but at the same time there are also negative effects that accelerate crimes of information and technology leakage. In this study, a research security level measurement model was developed that can safely protect the R&D environment conducted at the organizational level in order to prepare for the increasingly serious R&D result leakage accident. First, by analyzing and synthesizing security policies related to domestic and overseas R&D, 10 research security level evaluation items (Research Security Promotion System, Research Facility and Equipment Security, Electronic Information Security, Major Research Information Security Management, Research Note Security Management, Patent/Intellectual Property Security Management, Technology Commercialization Security Management, Internal Researcher Security Management, Authorized Third Party Researcher Security Management, External Researcher Security Management) were derived through expert interviews. Next, the research security level evaluation model was designed so that the derived research security level evaluation items can be applied to the organization's research and development environment from a multidimensional perspective. Finally, the validity of the model was verified, and the level of research security was evaluated by applying a pilot target to the organizations that actually conduct R&D. The research security level evaluation model developed in this study is expected to be useful for appropriately measuring the security level of organizations and projects that are actually conducting R&D. It is believed that it will be helpful in establishing a research security system and preparing security management measures. In addition, it is expected that stable and effective results of R&D investments can be achieved by safely carrying out R&D at the project level as well as improving the security of the organization performing R&D.

• Journal of National Security and Military Science
• /
• s.9
• /
• pp.191-206
• /
• 2011

This study is presented a scheme that information security research institutions located within the central area can be participated actively m national defense information security industry. The many of information security company are located in the central region(Daejeon) and there are many research institutes. However, the participation rate of the Defense Information Security Industry is not high compared to other provinces. Although a variety of reasons, there are no the Defense Privacy Office that could have a role in protocol and the information about the industry. In addition, the Department of Defense related to national defense information security industry have not information about research institutions in the central region and are not well to identify the characteristics of institutional technology and research. So in this paper we presented some of the alternatives. 1) Building Pool involved in information security research according to the characteristics of each agency 2) Constitute the research community between Research institutions and the company 3) Build the technology cooperation between research institutions and the defense research institutes 4) Utilization of industry/university/research institutes related to Information Security Industry 5) Make strategic alliances among research institutes based on technical expertise.

• Journal of the Korean Operations Research and Management Science Society
• /
• v.32 no.2
• /
• pp.149-162
• /
• 2007

In the era of the internet and ubiquitous computing, IS users are still facing a variety of threats. Therefore, a need of more tightened information security service increases unprecedentedly. In this sense, this study is aimed at proposing a new research model in which IT assets (i.e., network, system, and information influence) Security and Information Security Service (i.e., confidentiality, integrity, nonrepudiation, authentication) affect information security quality positively, leading to users' satisfaction eventually. To prove the validity of the proposed research model, PLS analysis is applied with valid 177 questionnaires. Results reveal that both IT assets Security and Information Security Service influence informations security qualify positively, and user satisfaction as well. From the results, it can be concluded that Korean government's recent orchestrated efforts to boost the IT assets Security and Information Security Service helped great improve the information security quality and user satisfaction.

• Nuclear Engineering and Technology
• /
• v.53 no.5
• /
• pp.1479-1482
• /
• 2021

Research reactors are typically well-suited for outreach activities at different levels. However, unplanned seeking to increase the utilization of a research reactor may result in weakening the nuclear security of this facility. Research reactor staff might be in shortage of a functional nuclear security culture; specifically, there might be a conviction that the necessities of research can be given the priority over consistence with security procedural requirements. Research reactors are usually parts of bigger institutes or research labs of different activities. Moreover, the employments of research reactors are usually with the purpose that easy entry to the reactor premises is fundamental. So, they could be co-situated in places with different sorts of activities, mostly under similar security arrangements. The co-area of research reactor offices among different kinds of research labs introduces explicit security issues, the effects of which should be viewed as when building up a nuclear security framework. Notwithstanding potential security vulnerabilities presented in the design, research reactors frequently have devices kept promptly accessible to encourage research and education. The accessibility of these sorts of hardware could be used by an authorized person to commit an unapproved activity or cause harm. This paper aims to present insights to compromise contradicting conditions in new research reactors in which both enhancing utilization and ensuring security are satisfied.

• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.3-11
• /
• 2018

The emerging field of Science of Security (SoS) is a new paradigm that emerged in the field of security as a research field that applied the scientific approach to cyber security. It is a direction to study the formal model and automation field to secure the security of such a network environment in the present that dynamic change of complex, large scale network environment and a lot of protocol and mechanism environment exists. Therefore, this study analyzes the latest cyber security research trends such as SoS and examines the research trends of advanced countries to examine a new approach to cyber security development direction in Korea. We also analyze the current state of domestic scientific research on the scientific security research methods for various cyber security paradigms and present directions for revitalizing domestic cyber security.

• Journal of the Korea Safety Management & Science
• /
• v.13 no.3
• /
• pp.87-96
• /
• 2011

This research is a literature survey on the Supply chain security. International organization and governments have build security regulations to improve the security in the shipment through supply chain. The researches on supply chain security were increasing during last 10 years. We were surveyed 53 research including Korean and international papers. ills study was classified by research subjects, security regulation, and research methods. Korean researches were focused to introducing and reviewing on the security regulation, but the researches on specific security reinforcement were very rare. International researches were concerned with the subject of the airport security scanning problem, transportation security problem, port selection problem.

• 제어로봇시스템학회:학술대회논문집
• /
• 2004.08a
• /
• pp.926-931
• /
• 2004

In this paper, we proposed security management architecture that combines programmable network technology and policy based network management technology to manage efficiently heterogeneous security systems. By using proposed security management architecture, a security administrator can manage heterogeneous security systems using security policy, which is automatically translated into a programmable security policy and executed on programmable middleware of security system. In addition, programmable middleware that has the features of programmable network can reduce excessive management traffic. We showed that the programmable middleware could reduce the load of management traffic by comparing processing time between the proposed architecture and PBNM architecture.

• Korean Security Journal
• /
• no.50
• /
• pp.287-303
• /
• 2017

Industrial security research has shown a rapid increase over the past decade. With the establishment of the Korean Association for Industrial Security in 2008 and the establishment of the departments of industrial security in recent years, academic interests and research on industrial security are also spreading at a rapid pace. Although academic interest and research have grown in quantitative terms, research on theoretical fields that are the basis of academic systematization is extremely limited. There is a focus on the issue of specific issues and practical solutions without worrying about the theoretical basis including conceptualization. Therefore, in most studies, the concept of industrial security remains at the level of accepting the concept applied in the previous research. Most industrial security research focuses on the specific topic of 'industrial technology protection' because it considers the concept of industrial security to be reduced to industrial technology protection. Although industrial security is composed of a wide range of fields, recognizing a specific field as an entirety of industrial security appears to be a serious problem. As a result, the concept of industrial security in industrial security research is being used ambiguously, incorrectly, and conveniently. It is necessary to accurately and recognize the concept of industrial security based on logical clarity and empirical feasibility.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.4
• /
• pp.860-877
• /
• 2013

Cloud computing has become one of the most important technologies for reducing cost and increasing productivity by efficiently using IT resources in various companies. The cloud computing system has mainly been built for private enterprise, but public institutions, such as governments and national institutes, also plans to introduce the system in Korea. Various researches have pointed to security problems as a critical factor to impede the vitalization of cloud computing services, but they only focus on the security threats and their correspondents for addressing the problems. There are no studies that analyze major security issues with regard to introducing the cloud computing system. Accordingly, it is necessary to research the security factors in the cloud computing given to public institutions when adopting cloud computing. This research focuses on the priority of security solutions for the stepwise adoption of cloud computing services in enterprise environments. The cloud computing security area is classified into managerial, physical and technical area in the research, and then derives the detailed factors in each security area. The research derives the influence of security priorities in each area on the importance of security issues according to the identification of workers in private enterprise and public institutions. Ordered probit models are used to analyze the influences and marginal effects of awareness for security importance in each area on the scale of security priority. The results show workers in public institutions regard the technical security as the highest importance, while physical and managerial security are considered as the critical security factors in private enterprise. In addition, the results show workers in public institutions and private enterprise have remarkable differences of awareness for cloud computing security. This research compared the difference in recognition for the security priority in three areas between workers in private enterprise, which use cloud computing services, and workers in public institutions that have never used the services. It contributes to the establishment of strategies, with respect to security, by providing guidelines to enterprise or institutions that want to introduce cloud computing systems.

• The Journal of Information Systems
• /
• v.29 no.4
• /
• pp.57-76
• /
• 2020

Purpose Although examining the antecedents of employees' extra-role behavior (i.e. information security participation behavior) in the information security context is significant for researchers and practitioners, most behavioral security studies have focused on employees' in-role behavior (i.e. information security policy compliance). Thus, this research addresses this gap by investigating how organizational information security climate influences information security participation behavior based on social information processing theory and Griffin and Neal's safety model. Design/methodology/approach We developed a research model by applying Griffin and Neal's safety model to the information security context and then tested our research model by conducting an online survey for employees of organizations with information security policies. Structural equation modeling (SEM) with SmartPLS 3.3.2 is used to test the corresponding hypothesis. Findings Our results show that organizational information security climate, information security knowledge, information security motivation are effective in motivating information security participation behavior. Also, we find that organizational information security climate positively influences both information security knowledge and information security motivation. Our findings emphasize the importance of organizational information security climate because it is capable of affecting employees on information security participation behavior. Our study contributes to the literature on information security by exploring the role of organizational information security climate in enhancing employees' information security participation behavior.