• Journal of Digital Convergence
• /
• v.14 no.4
• /
• pp.209-220
• /
• 2016

Although organizations are providing information security policy, education and support to guide their employees in security policy compliance, accidents by non-compliance is still a never ending problem to organizations. This study investigates the factors that influence employees' information security policy compliance behavior using elements of Triandis model. We analyzed the relationships among Triandis model's factors using PLS(Partial Least Squares). The result of the hypothesis tests shows that organization can induce individual's information security policy compliance intention and behavior by information security policy and facilitating conditions that support it, and proves the importance of members' expected value, habit and affect about information security compliance. This study is significant in a way that it applies Triandis model in the field of information security, and presents direction for members' information security behavior, and will be able to provide measures to establish organization's information security policy and increase members' compliance behavior.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.109-127
• /
• 2011

Mobile Office is a new type of working method in the workplace that can be used at any time or anywhere by connecting to the network with mobile devices. This allows people to do their jobs without their physical presence in their offices to use computers. The elements in mobile office environment are advancing. They include the widespread distribution of the smart phones, the network enhancing strategy in a ubiquitous environment and expansion of the wireless internet; however, there are not enough security guidelines or policies against these threats on the new environment, the mobile office, although there is the revitalization policy of smart work supported by the government. CERT and ISAC, the known security system as of now, could be used for the secure mobile office, In this paper, suggestions are to be provided for strengthening the security of smart mobile office by analysing the functions of CERT and ISAC.

• Proceedings of the KIEE Conference
• /
• 2005.11b
• /
• pp.46-48
• /
• 2005

This paper discusses a probabilistic method for power system security assessment. The security analysis relates to the ability of the electric power systems to survive sudden disturbances such as electric short circuits or unanticipated loss of system elements. It consists of both steady state and dynamic security analyses, which are not two separate issues but should be considered together. In steady state security analysis including voltage security analysis, the analysis checks that the system is operated within security limits by OPF (optimal power flow) after the transition to a new operating point. Until now, many utilities have difficulty in including dynamic aspects due to computational capabilities. On the other hand. dynamic security analysis is required to ensure that the transition may lead to an acceptable operating condition. Transient stability, which is the ability of power systems to maintain synchronism when subjected to a large disturbance. is a principal component in dynamic security analysis. Usually any loss of synchronism may cause additional outages and make the present steady state analysis of the post-contingency condition inadequate for unstable cases. This is the reason for the need of dynamic studies in power systems. Probabilistic criterion can be used to recognize the probabilistic nature of system components while considering system security. In this approach. we do not have to assign any predetermined margin of safety. A comprehensive conceptual framework for probabilistic static and dynamic assessment is presented in this paper. The simulation results of the Western System Coordinating Council (WSCC) system compare an analytical method with Monte-Carlo simulation (MCS).

• Journal of applied mathematics & informatics
• /
• v.31 no.3_4
• /
• pp.425-441
• /
• 2013

In literature, several strong designated verifier signature (SDVS) schemes have been devised using elliptic curve bilinear pairing and map-topoint (MTP) hash function. The bilinear pairing requires a super-singular elliptic curve group having large number of elements and the relative computation cost of it is approximately two to three times higher than that of elliptic curve point multiplication, which indicates that bilinear pairing is an expensive operation. Moreover, the MTP function, which maps a user identity into an elliptic curve point, is more expensive than an elliptic curve scalar point multiplication. Hence, the SDVS schemes from bilinear pairing and MTP hash function are not efficient in real environments. Thus, a cost-efficient SDVS scheme using elliptic curve cryptography with pairingfree operation is proposed in this paper that instead of MTP hash function uses a general cryptographic hash function. The security analysis shows that our scheme is secure in the random oracle model with the hardness assumption of CDH problem. In addition, the formal security validation of the proposed scheme is done using AVISPA tool (Automated Validation of Internet Security Protocols and Applications) that demonstrated that our scheme is unforgeable against passive and active attacks. Our scheme also satisfies the different properties of an SDVS scheme including strongness, source hiding, non-transferability and unforgeability. The comparison of our scheme with others are given, which shows that it outperforms in terms of security, computation cost and bandwidth requirement.

• Journal of Digital Convergence
• /
• v.11 no.4
• /
• pp.279-284
• /
• 2013

Improve the global environment for low carbon emissions and green energy, and the growing interest in IT technology, combined with the existing power grid to achieve this, to achieve more efficient and environment-friendly smart grid smart grid projects around the world actively being deployed. A smart grid is expected to be a modernization of the legacy electricity network. Therefore, this research provides a secure smart grid model so that it provides better monitoring, protecting and optimizing automatically to operation of the interconnected elements.

• Journal of Digital Contents Society
• /
• v.16 no.1
• /
• pp.1-12
• /
• 2015

In this paper, we analyze the research trend and problems of the existing virtualization technology and present the most applicable virtualization technology in order to apply the technology to the operation of novel reliable networks. By using the virtualization technology, there is advantage in that the utilization of resource becomes higher and maintenance cost goes down. While, from the security perspective, there exist advantage in using the virtualization, it also introduces new vulnerabilities due to the adoption. Thus it is necessary to analyze the problem and establish the strategy to solve it. Therefore we derive threat elements to the virtualized system, analyze and describe the virtualization security policy.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2007.05a
• /
• pp.84-102
• /
• 2007

Security is crucial for the successful deployment of large distributed systems. Many of these systems provide services to people across different administrative domains. The traditional identity-based access control mechanisms are un scalable and difficult to manage. Unlike the closed systems, open systems provide services to people from different security domains. Healthcare systems need to be highly available in order for the patients to get a timely treatment. The health care information should be available to authorized users both inside the administrative domain and outside the domain, such as pharmacies and insurance companies. In this paper, we first analyzed the necessities and advantages of importing attribute-based trust-management models into open distributed systems. Then we reviewed traditional access-control models and presented the basic elements of the new trust-management model.

• Proceedings of the Korea Contents Association Conference
• /
• 2005.05a
• /
• pp.101-106
• /
• 2005

According to the IT839 strategy which was announced by the Ministry of Information and Communication(MIC) in 2004, the convergence trend of the broadcasting and the communication would be much more promoted. Thus, the methods for protecting the broadcasting contents will be indispensible elements for the successful IPTV service achievement. This paper describes the characteristics of IPTV and the related contents protection techniques. To evaluate several security issues, we suggest a security model for IPTV, and speculate the most widespread, two security technologies for IPTV such as CAS and DRM.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.6
• /
• pp.1982-2004
• /
• 2014

Wireless Mesh Networks (WMNs) are emerging as promising, convenient next generation wireless network technology. There is a great need for a secure framework for routing in WMNs and several research studies have proposed secure versions of the default routing protocol of WMNs. In this paper, we propose a security framework for Hybrid Wireless Mesh Protocol (HWMP) in WMNs. Contrary to existing schemes, our proposed framework ensures both end-to-end and point-to-point authentication and integrity to both mutable and non-mutable fields of routing frames by adding message extension fields to the HWMP path selection frame elements. Security analysis and simulation results show that the proposed approach performs significantly well in spite of the cryptographic computations involved in routing.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2001.05a
• /
• pp.55-63
• /
• 2001

IMT-2000 mobile system will serve many application services such as mobile internet, wireless electronics commerce applications using high data rate air interface. These applications require high data integrity, data confidentiality, user authentication, user identity confidentiality and non-repudiation. In this study, we analyze air interface performance fur network access security services in IMT-2000 mobile systems. Signal traffic for network access security services increase all link between IMT-2000 system elements. Our study focus on air interface, which is very sensitive signal traffic increase.