• Journal of the Korea Safety Management & Science
• /
• v.7 no.3
• /
• pp.47-61
• /
• 2005

Many researchers have proved that risk measurement of information systems is a very effective tool for improving confidence of information systems. However, information system risk in Korea still includes many subjective judgements. This study deals with applying a quantitative model to improve risk measurement of information system quality. First of all, we have come up with solutions to improve the evaluation efficiency on risk measurement. We have merged the risk guidelines of COBIT and CMM, and developed a quantified evaluation scheme that call by risk point. We have proved the validity of this model by interviews with experts and by case studies.

• Asia Marketing Journal
• /
• v.19 no.4
• /
• pp.1-14
• /
• 2018

Social networking service(SNS) helps users manage, share and delivery a vast information as a communication tool. When users read crisis news in SNS, they communicate the information with others by considering not only their belief (i.e., cognitive risk perception) but also emotion (i.e., affective risk perception). However, few researches have been interested in the construct of communication behaviors of crisis in SNS. This study aimed to explore the role of risk perception (cognitive and affective risk perception) between crisis responsibility and communication behavior through dual processing theory. As a result of the empirical analysis, crisis responsibility had a positive effect on cognitive risk perception and affective risk perception. In addition, cognitive risk perception had no significant effect on communication behavior whereas affective risk perception had influence on communication behavior positively. Thus, our findings may predict that the affective risk perception through crisis responsibility is more potentially important to communication behavior such as sharing information rather than cognitive risk perception. The results give insightful ideas why marketer should reduce perceived emotion caused by risk to strengthen prospective SNS users understanding of communication behavior intention.

• The Journal of Natural Sciences
• /
• v.10 no.1
• /
• pp.111-122
• /
• 1998

This study was performed to investigate the type perceived risk of clothing consumers and the types of information seeking, the relationship between perceived risk and information seeking, and the defferences according to the demographic variables. The surveyed data from 376 college students were analized using Person's correlation, factor analysis, t-test, and ANOVA. The risk perception of clothing consumers was classified into five types: economic and performance risk, loss of time risk, social risk, and loss of fashionability risk. The information seeking was classified into four types: advertisement, observation in shops, information in memory, and opinions of neighbors. The type of risk perception and the types of information seeking were correlated positively and were different according to expenditure on clothing.

• Journal of Applied and Pure Mathematics
• /
• v.4 no.5_6
• /
• pp.287-297
• /
• 2022

In this paper, we consider a risk-minimization hedging problem for a special European contingent claims. The existence and uniqueness of strategy are given constructively. Firstly, a non-standard European contingent is demonstrated as stochastic payment streams. Then the existence of the risk minimization strategy and also the uniqueness are proved under two kinds market information by using Galtchouk-Kunita-Watanabe decomposition and constructing a 0-achieving strategy risk-minimizing strategies in full information. And further, we have proven risk-minimizing strategies exists and is unique under restrict information by constructing a weakly mean-selffinancing strategy.

• Asian Journal for Public Opinion Research
• /
• v.1 no.3
• /
• pp.217-231
• /
• 2014

This study begins with a review of commonly discussed dimensions of public risk perception that may influence public opinion toward risks. Factors that have been revealed by the literature to have substantial impact on risk perception, such as demographic background, trust, and media environment, are also discussed. Meanwhile, we evaluate two well-known research models in the realm of risk analysis: 1) the psychometric paradigm, and 2) the social amplification of risk framework (SARF). Based on a literature review, this study suggests that, besides the psychological and social approach, models of risk perception and risk communication research should shift to a more comprehensive one by considering the interrelations between laypeople and the environment. This study proposes a research model from the perspective of social cognitive theory (SCT) as a potential framework for future studies: 1) in the societal environment, individuals' risk perception and information seeking behavior, which is determined by risk perception will be influenced by trust in regulators and interpersonal trust; 2) in the media environment, individuals' risk perception and information seeking behavior will be influenced by individuals' perceived information characteristics. Knowledge about risk accumulated through information seeking will change risk perception in a longitudinal process.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.7
• /
• pp.39-47
• /
• 2018

This paper confirms the risk of using smartphone through the analysis of collected usage pattern and proposes the smartphone intervention system in risk situations. In order to check the risk of smartphone usage, we made information collecting application and collected smartphone usage pattern from 11 experiment participants for two months. By analyzing smartphone usage pattern, we confirmed that about 12% of smartphone usage is being used in driving, walking, and on the street. In addition, we analyzed the response rate of smartphone notification in risk situations and confirmed that user responds the smartphone notifications in real-time even in risk situations. Therefore, it is required to present a system that intervenes the use of smartphone in order to protect smartphone users in risk situations. In this paper, we classify risk situations of using smartphone. Also, the proposed smartphone intervention system is designed to periodically detect risk situations. In risk situations, smartphone function can be restricted according to user setting of smartphone. And smartphone can be used normally when safe situation is restored.

• Journal of Information Processing Systems
• /
• v.16 no.1
• /
• pp.61-82
• /
• 2020

The security risk management used by some service providers is not appropriate for effective security enhancement. The reason is that the security risk management methods did not take into account the opinions of security experts, types of service, and security vulnerability-based risk assessment. Moreover, the security risk assessment method, which has a great influence on the risk treatment method in an information security risk assessment model, should be security risk assessment for fine-grained risk assessment, considering security vulnerability rather than security threat. Therefore, we proposed an improved information security risk management model and methods that consider vulnerability-based risk assessment and mitigation to enhance security controls considering limited security budget. Moreover, we can evaluate the security cost allocation strategies based on security vulnerability measurement that consider the security weight.

• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.73-78
• /
• 2024

COVID-19 pandemic outbreak increased the use of Internet of Medical Things (IoMT), but the existing IoMT solutions are not free from attacks. This paper proposes a secure and resilient framework for IoMT, it computes the risk using Risk Impact Parameters (RIP) and Risk is also calculated based upon the Threat Events in the Internet of Medical Things (IoMT). UICC (Universal Integrated Circuit Card) and TPM (Trusted Platform Module) are used to ensure security in IoMT. PILAR Risk Management Tool is used to perform qualitative and quantitative risk analysis. It is designed to support the risk management process along long periods, providing incremental analysis as the safeguards improve.

• Journal of Distribution Science
• /
• v.14 no.6
• /
• pp.89-98
• /
• 2016

Purpose - This article tackles risk communication issues and aims to address the characteristics of MERS risk information distribution in South Korea, and secondly to examine the communicative behavior of the public health authority in terms of the quality of communication strategies. Thirdly, the study attempts to figure out the risk communication to cope with MERS through the applications of SMCRE model in chronological order. We employ the social amplification of risk framework for analyzing the emergent public response as one of the main approaches. Research Design, Data and Methodology - The main framework of this study is theoretically based on the social amplification of risk, which describes signals about risk transmitted and processed by individuals and social groups. The model also reflects the interactions between social groups and institutes about disaster-related risk issues, which are potential amplifiers or attenuators of communication signals. S-M-C-R-E Model is methodologically employed to examine the social amplification for MERS risk information in each period, which we defined operationally. The proposed methodology allows the assessment of effectiveness and ineffectiveness on risk communication to be conceptualized as a countermeasure against disasters. The paper focuses on exploring how social risk amplification can be applied and organized in each stage. Results - The SMCRE model describes the exchange of risk information and is also applied to all forms of communication between stakeholders including public health authority, local government and media. Each factor of risk communication includes source, message, channel, receiver and effect. The results support that the effective risk communication involves not only the improved reliability of public health authority as a key factor of risk communication, but also a close cooperation and good collaboration with local governments. It does not seem to be possible that the government-initiated risk communication based on controllability and management cope effectively with infectious disease in early stage. The results of this study imply that the shared risks between local, regional and national authorities can enhance risk communication system. Conclusions - The study supports that the disparities in how disaster-related risk information is interpreted and coded, have made effective risk communication and public sense-making impeded. Our findings support a more communicative discussion about the role of risk information sharing between governments for the improvement of emergency management and underline the importance of social elements in the risk communication, such as relationship and trust building. Findings suggest that trust building between stakeholders could be added to help explain the processes of social amplification and attenuation of risk. It would be recommended that the continuous risk communication with all the involved stakeholders will be able to help national health promotion policy to be improved regarding emergency management. Furthermore, risk communication has to be a scientific approach for the communication pertaining to potentially sensitive or controversial situations with public concerns and low public trust.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1595-1606
• /
• 2015

Risk analysis is utilized in devising measures to manage information security risk to an acceptable level. In this risk management decision-making, the visualization of risk is important. However, the pre-existing risk visualization method is limited in visualizing risk factors three-dimensionally. In this paper, we propose an improved risk visualization method which can facilitate the identification of risk from the perspective of confidentiality, integrity, and availability respectively or synthetically. The proposed method is applied to an enterprise's risk analysis in order to verify how effective it is. We argue that through the proposed method risk levels can be expressed three-dimensionally, which can be used effectively for information security decision-making process for internal controls.