• Korean Security Journal
• /
• no.7
• /
• pp.61-93
• /
• 2004

The terrorism threat against aviation industry is increasing after 9/11 incidents. As the way of preventing the future threat, this study is to review current status and make practical suggestions on Incheon International Airport security screening. The Library research method is utilized for this study. Chapter 1 is an introduction part and describes the general instruction. Chapter 2 describes the importance of aviation security and cases of aviation terrorism. Screening history is described in chapter 3 detailing operations and equipment. Status of IIAC(Incheon International Airport Corporation) security screening and prevention measures are described in chapter 4 and chapter 5 describes the final conclusion. In conclusion, if the introduction of state-of-the-art security equipment and modification of inadequate regulations come in first, whatever the threat exists, aviation terrorism can be prevented with the positive prevention efforts.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.1
• /
• pp.107-113
• /
• 2019

Along with the development of IOT, the number of people using IOT devices has enormously increased and the IOT era has come. Especially, people using the IP cameras among Internet devices have been drastically increasing. It is because the IP cameras are well networked and comparatively cheap compared with CCTVs, and they can also be monitored and controlled in real time through PCs and smart phones for the purposes of general theft prevention and shop surveillance. However, due to the user's serious lack of security awareness and the fact that anyone can easily hack only with simple hacking tools and hacking sites information, security crimes that exploit those have been increasing as well. Therefore, this paper describes how easily the IP cameras can be hacked in the era of IOT, what kind of security incidents occurred, and also suggests possible government measures and new technical solutions to those problems.

• Korean Security Journal
• /
• no.1
• /
• pp.351-370
• /
• 1997

This study concerns possible measures to prevent separatists' terrorist acts against overseas Korean businessmen. Of late, many Korean enterprises are helping a number of foreign countries develop their economy, by building factories and manning regional offices in those countries. But recent development of terrorism especially against Korean businessmen is alarming. This report discusses the need for Korean enterprises heading overseas to prepare themselves with awareness of terrorism and possible protective measures against it, besides their routine pursuance of profits; and for the government and prospective enterprises to refrain from investing in those countries having active separatist movements. If an investment has become inevitable, a careful survey of the region in conflict should be conducted and self-protective measures should be put in place through security information exchange, emergency coordination and training of personnel, etc. This study will first review the past terrorist incidents involving employees of overseas Korean enterprises, and then will focuss on seeking effective measures on the basis of the reported incidents. In carrying out the study, related literature from both home and abroad have been used along with the preliminary materials reported and known on the Internet from recent incidents. 1. The separatist movements of minority groups Lately, minority separatist groups are increasingly resorting to terrorism to draw international attention with the political aim of gaining extended self rule or independence. 2. The state of terrorism against overseas Korean enterprises and Koreans Korean enterprises are now operating businesses, and having their own personnel stationed, in 85 countries including those in South East Asia and Middle East regions. In Sri Lanka, where a Korean enterprise recently became a target of terrorist bombing, there are 75 business firms from Korea and some 700 Korean employees are stationed as of August 1996. A total of 19 different terrorist incidents have taken place against Koreans abroad since 1990. 3. Terrorism preventive measures Terrorism preventive measures are discussed in two ways: measures by the government and by the enterprises. ${\blacktriangleleft}$ Measures by the government - Possible measures at governmental level can include collection and dissemination of terrorist activity information. Emphasis should be given to the information on North Korean activities in particular. ${\blacktriangleleft}$ Measures by individual enterprises - Organizational security plan must be established by individual enterprises and there should also be an increase of security budget. A reason for reluctant effort toward positive security plan is the perception that the security budget is not immediately linked to an increment of profit gain. Ensuring safety for overseas personnel is a fundamental obligation of an enterprise. Consultation and information exchange on security plan, and an emergency support system at a threat to security must be sought after and implemented. 4. Conclusion Today's terrorism varies widely depending on reasons and causes, and its means has become increasingly informationalized and scientific as well while its method is becoming more clandestine and violent. Terrorist organizations are increasingly aiming at enterprises for acquisition of budgets needed for their activities. Korean enterprises have extended their business realm to foreign countries since 1970, exposing themselves to terrorism. Enterprises and their employees, therefore, should establish their own security measures on the one hand while the government must provide general measures, on the other, for the protection of the life and property of Korean residents abroad from terrorist attacks. In this regard, set-up of a counter terrorist organization that coordinates the efforts of government authorities in various levels in planning and executing counter terrorist measures is desired. Since 1965, when the hostile North Korea began to step up its terrorist activities against South Koreans, there have been 7 different occasions of assassination attempt on South Korean presidents and some 500 cases of various kidnappings and attempted kidnappings. North Korea, nervous over the continued economic growth and social stabilization of South Korea, is now concentrating its efforts in the destruction and deterioration of the national power of South Korea for its earlier realization of reunification by force. The possibility of North Korean terrorism can be divided into external terrorist acts and internal terrorist acts depending on the nationality of the terrorists it uses. The external terrorist acts include those committed directly by North Korean agents in South Korea and abroad and those committed by dissident Koreans, hired Korean residents, or international professionals or independent international terrorists bought or instigated by North Korea. To protect the life and property of Korean enterprises and their employees abroad from the threat of terrorism, the government's administrative support and the organizational efforts of enterprises should necessarily be directed toward the planning of proper security measures and training of employees. Also, proper actions should be taken against possible terrorist acts toward Korean business employees abroad as long as there are ongoing hostilities from minority groups against their governments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.359-367
• /
• 2016

As taking pictures by using smartphones has become more common in society, there are many incidents which are unexpected manipulation of images and leak of confidential information. Because of those incidents, demands that identify forgery/alteration of image file and proves of the original copy is constantly increasing. In general, smartphone saves image file as JPEG form and it has DQT which determines a compression rate of image in a header part of image. There is also DQT in Thumbnail image which inside of JPEG. In previous research, it identified a smartphone which take image by only using DQT, However, the research has low accuracy to identify the devices. There are two main purposes in this research. First, this research will analogize a smartphone and an application that takes a picture, edits and save an image file by testing not only about a DQT information but also a information of Thumbnail image. Second, the research will build a database of DQT and Thumbnail information in JPEG file to find more accurate image file's origin.

• Review of KIISC
• /
• v.15 no.1
• /
• pp.33-40
• /
• 2005

사이버 공간이라는 새로운 국가 영역이 창조되었고, 고 영역에서의 각종활동이 국내는 물론 국제사회의 경쟁력에서 가장 중요한 국가 영역이 되고 있다. 반면에 사이버 공간에서의 침해사고 내지는 공격행위가 사이버 공간에서의 활동을 방해하고 사회의 혼란을 초래할 뿐 아니라 사이버 공간을 통해 국가 안보를 위협하는 테러, 정보전 양상이 뚜렷하게 증가하고 있다. 또 민주화와 인터넷의 개방 구조로 개인과 기업, 조직의 정보보호와 기밀 보호의 요구가 높아지고 있다. 이를 보호하고 국가 안보를 강화하는 사이버 공간의 안보체계를 제시한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.897-912
• /
• 2017

This paper focuses on how the protection of information security incident is effective in via Information security awareness when conducting information security activities of enterprises. Research models have theorized that the information security activity and the information security awareness will reduce the incidence of information security. The general characteristics of analysis targets have been carried out in the frequency analysis, and the reliability of the measuring tool has been utilized to calculate the coefficient of Cronbach's information protection. Evidence has been demonstrated regarding the relationship between information security activities and information security awareness and information security incidents.

• The Journal of Information Systems
• /
• v.15 no.1
• /
• pp.145-168
• /
• 2006

Current computer viruses are one of the most serious problems in information age due to their potential demage and impact on use of information systems. To make the problem worse, virus development technology has been advanced rapidly, and use of network systems has expanded widely. Therefore computer viruses are much more complex and use of anti-virus software(AV S/W) is not enough to prrevent virus incidents. It implies that computer viruses as well as other information security matters are not solely a technical problem but also a managerial one. This study emphasized on computer virus controls from managerial perspective of information security and investigated factors influencing the effectiveness of computer virus controls. Organization's comprehensive security policies provide guidelines on how organization or individual can protect themselves from computer viruses. Especially, user's education has positive impact on user's security related characteristics. Based on the analysis of research model using structural equation modeling technique, security policies were influencing security controls and improving user's computer viruses related awareness. Also security controls had positive impact on security effectiveness. However, no significant relationship was found between user's security related characteristics and security effectiveness.

• Journal of Information Technology Applications and Management
• /
• v.18 no.2
• /
• pp.91-108
• /
• 2011

Enormous losses of shareholders and consumers caused by the risks threatening today's business (e.g., accounting fraud and inside trading) have ignited the necessity of international regulations on corporate ethics and internal control, such as Basel II and SOX. Responding to these regulations, companies are establishing governance system, applying it consistently to the core competency of the company, and increasing the scope of the governance system. Recently occurred security related incidents require companies to take more strict accountability over information security. One of the results includes strengthening of legislation and regulations. For these reasons, introduction of information security governance is needed. Information security governance governs the general information security activities of the company (establishment of information security management system, implementation of information security solutions) in the corporate level. Recognizing that the information security is not restricted to IT domain, but is the issue of overall business, this study develops information security governance framework based on the existing frameworks and systems of IT governance. The information security governance framework proposed in the study include concept, objective, and principle schemes which will help clearly understand the concepts of the information security governance, and execution scheme which will help implement proper organization, process and tools needed for the execution of information security governance.

• Information Systems Review
• /
• v.12 no.1
• /
• pp.23-42
• /
• 2010

Although organizations are given various benefits with information technologies, they sometimes have suffered fatal damages due to information security incidents now such as computer virus, hacking, counterfeiting, plagiarizing, etc. The fundamentalcauses of information security incidents are closely related to individuals who do not comply with information security policy or rules. The spontaneous self-control of individuals and monitoring for individuals could be the most essential solution for the ongoing observance of information security policy. Thus, the purpose of this study is to analyze effects of punishment and ethics training on compliance of information security policy of individuals in organizations, to determine individual divide among security propensity depending on organization types, and to find the more fundamental solution which leads change of organizational members’ behaviors and self-control. Regardless of the type of organizations, the results of the study suggest that there exist positive effects of punishment and ethics training in all types of organization on compliance of information security rules or regulations. A member of unitary form organization has higher cognition of punishment than a member's cognition of the multi-divisional form organization, while relatively lower awareness of ethics training. Also, a member of public organization has higher awareness of ethics training than a member’s awareness of private organization, while lower cognition of punishment. Finally, the result shows that punishment and ethics training may be major factors which affect information security. It also suggests that organizational security managers have to understand and consider organization member’s propensity relying on organization form and organization characteristics for establishment and enforcement of information security policy.

• Convergence Security Journal
• /
• v.16 no.4
• /
• pp.35-41
• /
• 2016

Recently, the awareness of the domestic information security is very higher due to cyber war and hacking incidents. Yet, the information security professional is very scarce situation. In these circumstances are increasing of a opening the information security related departments of the domestic universities. And the Educational institutions are developed various curriculums. However, the domestic information security curriculum is different depending on the university or department. And there tends to be concentrated on the practical education rather than theoretical education. Therefore, in this paper will be analyzed to the Information security curriculum situation of the domestic Information Security related universities. This is expected to be utilized in a systematic curriculum development of the domestic information security education in a future.