• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.31-38
• /
• 2024

Recent expansion in cloud service usage has heightened the importance of cloud security. The purpose of this study is to analyze current research trends in the field of cloud security and to derive implications. To this end, R&D project data provided by the National Science and Technology Knowledge Information Service (NTIS) from 2010 to 2023 was utilized to analyze trends in cloud security research. Fifteen core topics in cloud security research were identified using LDA topic modeling and ARIMA time series analysis. Key areas identified in the research include AI-powered security technologies, privacy and data security, and solving security issues in IoT environments. This highlights the need for research to address security threats that may arise due to the proliferation of cloud technologies and the digital transformation of infrastructure. Based on the derived topics, the field of cloud security was divided into four categories to define a technology reference model, which was improved through expert interviews. This study is expected to guide the future direction of cloud security development and provide important guidelines for future research and investment in academia and industry.

• Journal of Korea Multimedia Society
• /
• v.16 no.1
• /
• pp.87-99
• /
• 2013

The demands of IC card payment system has been increased according to the rapid advancement of the IT convergence application technologies. Recently IC card payment systems are in demands of the usage space at anytime and anywhere by developing the wireless communication technology and its related multimedia processing technology. Therefore the security of IC card payment system becomes more important and necessary. There are many fault analysis methods to evaluate the security and safety of information systems according to their characteristics and usages. However, the only assessment method to evaluate the security of information systems is not enough to analyse properly on account of the various types and characteristics of information systems by the progress of IT convergence and their applications. Therefore, this paper proposes an integrative method of the Fault Tree Analysis (FTA) and Fault Modes and Effect Analysis/Criticality (FMEA/C) based on criticality to evaluate and improve the security of IC card payment system as an illustration.

• International Journal of Computer Science & Network Security
• /
• v.21 no.11
• /
• pp.1-10
• /
• 2021

Cyberbullying has become a severe issue and brought a powerful impact on the cyber world. Due to the low cost and fast spreading of news, social media has become a tool that helps spread insult, offensive, and hate messages or opinions in a community. Detecting cyberbullying from social media is an intriguing research topic because it is vital for law enforcement agencies to witness how social media broadcast hate messages. Twitter is one of the famous social media and a platform for users to tell stories, give views, express feelings, and even spread news, whether true or false. Hence, it becomes an excellent resource for sentiment analysis. This paper aims to detect cyberbully threats based on Naïve Bayes, support vector machine (SVM), and k-nearest neighbour (k-NN) classifier model. Sentiment analysis will be applied based on people's opinions on social media and distribute polarity to them as positive, neutral, or negative. The accuracy for each classifier will be evaluated.

• Journal of Information Technology Services
• /
• v.23 no.1
• /
• pp.11-25
• /
• 2024

In the field of information security management systems, one of the representative certifications in Korea is ISMS-P certification, and internationally, ISO/IEC 27001 certification is recognized. When companies acquire both ISMS-P (or ISMS) and ISO/IEC 27001 certifications, budget and manpower are duplicated in similar areas. Therefore, it is necessary for the company to choose and invest in a certification that is suitable for its conditions. This paper proposes a strategy for obtaining information security management system certification that is suitable for the characteristics of the company, allowing for effective information security management based on the company's conditions. To achieve this, data were collected from the Ministry of Science and ICT's Information Security Disclosure System (ISDS), the Korea Internet & Security Agency (KISA), and the Financial Supervisory Service's Data Analysis, Retrieval and Transfer System (DART), and Probit regression analysis was conducted. During the Probit regression analysis, the relationships between seven independent variables and five cases of ISMS-P (or ISMS) acquisition, ISMS-P acquisition, ISMS acquisition, ISO/IEC 27001 acquisition, and both ISMS-P (or ISMS) and ISO/IEC 27001 acquisition were analyzed. The analysis results revealed the relationship between company characteristics, including industry, and certification acquisition in the ISMS field. Through this, strategies for certification acquisition based on company types could be suggested.

• Industrial Engineering and Management Systems
• /
• v.13 no.1
• /
• pp.87-100
• /
• 2014

Risk management is recognized as a significant element in Information Security Management while the failure mode and effects analysis (FMEA) is widely used in risk analysis in manufacturing industry. This paper aims to present the development work of the Information Security FMEA Circle (InfoSec FMEA Circle) which is used to support the risk management framework by modifying traditional FMEA methodologies. In order to demonstrate the "appropriateness" of the InfoSec FMEA Circle for the purposes of assessing information security, a case study at Hong Kong Science and Technology Parks Corporation (HKSTP) is employed. The "InfoSec FMEA Circle" is found to be an effective risk assessment methodology that has a significant contribution to providing a stepwise risk management implementation model for information security management.

• International Journal of Internet, Broadcasting and Communication
• /
• v.15 no.1
• /
• pp.23-32
• /
• 2023

Since NFTs can be used like certificates due to the nature of blockchain, their use in various digital asset trading markets is expanding. This is because NFTs are expected to be actively used as a core technology of the metaverse virtual economy as non-transferable NFTs are developed. However, concerns about NFT security threats are also growing. Therefore, the purpose of this study is to investigate and analyze NFT-related infringement cases and to clearly understand the current security status and risks. As a research method, we determined NFT security areas based on previous studies and analyzed infringement cases and threat types for each area. The analysis results were systematically mapped in the form of domain, case, and threat, and the meaning of the comprehensive results was presented. As a result of the research, we want to help researchers clearly understand the current state of NFT security and seek the right research direction.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.8
• /
• pp.1911-1919
• /
• 2009

Currently, the evaluation technology for the security systems of risk analysis level measurement is maintained by only the developed countries including U.S and U.K, and the evaluation technology and its infrastructure are insufficient for the evaluation technology of security threat analysis level measurement in Korea. Therefore this paper presents the development of the security control items and the evaluation tool(ISSPET) for the security level performance. It is expected to evaluate the security management level of the current system and its security environment through analyzing the security management level of security systems using ISSPET.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.635-637
• /
• 2021

Cybersecurity assessment is the process of assessing the risk level of a system through threat and vulnerability analysis to take appropriate security measures. Accurate security evaluation models are needed to prepare for the recent increase in cyberattacks and the ever-developing intelligent security threats. Therefore, we present a risk assessment model through a matrix-based security assessment model analysis that scores by assigning weights across security equipment, intervals, and vulnerabilities. The factors necessary for cybersecurity evaluation can be simplified and evaluated according to the corporate environment. It is expected that the evaluation will be more appropriate for the enterprise environment through evaluation by security equipment, which will help the cyber security evaluation research in the future.

• Journal of the Korea Safety Management & Science
• /
• v.16 no.1
• /
• pp.53-68
• /
• 2014

The purpose of this study is to verify the relationships among innovative behavior, turnover intention, and job security. An additional purpose was to examine partial mediating effects on psychological ownership. The baseline of analyzing those relationships in this study is that the role of psychological ownership will be a mediator between job security and turnover intention as well as innovative behavior in the organization. To accomplish these purposes, a model was built among job security as predictor variable, the psychological ownership as mediating variable and turnover intention, and innovative behavior as criteria variables based on the studies conducted in the various areas. The 248 questionnaires surveyed from the area of DaeGu and Kyungbuk were used in the statistical analyses. The detail statistical techniques are such as descriptive analysis, reliability analysis, factor analysis, correlation analysis, and multi regression analysis. The results of the study show that job security had positively significant effect on turnover intention and innovative behavior. In addition, only the psychological ownership of organization-level thinking have partial mediating effects between job security and innovative behavior also job security and turnover intention. The results may indicate that the psychological ownership of organization-level thinking be a key factor to alleviate the turnover intention of employees and to encourage the innovative behavior during their works for the small-medium size companies showing the unstable job security.

• The Journal of the Korea Contents Association
• /
• v.13 no.11
• /
• pp.894-901
• /
• 2013

This study is aim to research trend of private security and to suggest direction of improvement to sector of private security. This study has been to analyzed to be useful social network analysis(particularly Degree Centrality and Clossness Centrality) for using typical research method about trend of academic subject. As a result of Degree Centrality and Clossness Centrality, Individual factors such as Job Stress and Job satisfaction of private security are more keyword than institutional factors and policy factors such as Security Services Industry Act and training for Private Security guards. It means that research trend of private security are to study Individual factors rather than institutional factors and policy factors. But, this study is a limit as follows; First, An object of study is only to searching article in National Assembly Liberary. A follow-up studies are need to expand the range of an object of study for private security.