• Journal of The Korean Association of Information Education
• /
• v.14 no.2
• /
• pp.157-164
• /
• 2010

This study proposed the information security integrated learning model-based KASP. By analyzing the teaching materials regarding information security in the regular curriculum, and by investigating preliminary studies, the information security contents were examined in terms of knowledge, attitudes, skills and ways to practice(KASP). And, the KASP-information security learning model integrating knowledge, attitudes, and ways to practice was developed, and the teaching plan and learning material hand-out were accordingly made out. Moreover, the developed model was tested in an experimental group, and common information security learning content centered on ethics in the comparison group in order to compare the results of two groups. As the test result analysis, it was verified that the developed KASP-information security integrated learning model was effective to help the students learn the knowledge, attitudes, skills and ways to practice.

• The Journal of Society for e-Business Studies
• /
• v.19 no.2
• /
• pp.109-124
• /
• 2014

As the emerged importance and awareness for information security, It is being implemented by each industrial sector to protect information assets. In this paper, we analyze the information security checklists or security ratings criteria to derive similarity and difference in context which used to knowledge network analysis method. The analyzed results of all checklists (ISMS, PIMS, 'FSS', 'FISS', 'G') are as follows : First, It is common factors that the protection of information systems and information assets, incident response, operations management. Second, It deals with relatively important factors that IT management, the adequacy of audit activities in the financial IT sector including common factors. Third, the criteria of ISMS contains the majority of the contents among PIMS, 'FSS', 'FISS'and 'G'.

• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.221-232
• /
• 2021

In recent years, with the existence of huge amounts of data stored in huge databases, the need for developing accurate tools for analyzing data and extracting information and knowledge from the huge and multi-source databases have been increased. Hence, new and modern techniques have emerged that will contribute to the development of all other sciences. Knowledge discovery techniques are among these technologies, one popular technique of knowledge discovery techniques is data mining which aims to knowledge discovery from huge amounts of data. Such modern technologies of knowledge discovery will contribute to the development of all other fields. Data mining is important, interesting technique, and has many different and varied algorithms; Therefore, this paper aims to present overview of data mining, and clarify the most important of those algorithms and their uses.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.19-28
• /
• 2022

The study aimed to identify the impact of Applications of Internet of things on practice of knowledge management in organizations: the mediating role of employees' Engagement. A quantitative questionnaire survey is conducted. The study population consisted of all senior and middle administrations in small and medium enterprises in Jordan. The study sample consisted of (350) senior and middle administrations. The study sample was selected by random stratified method. The results revealed that There is an impact of Applications of Internet of things on the practice of knowledge management at (α ≤ 0.05) in the small and medium enterprises in Jordan. Furthermore, there is an impact of Applications of Internet of things on the employees' Engagement. The current study provided some important insights into an issue that requires further research. Understanding the applications of the Internet of Things and their impact on improving knowledge management is of paramount importance in raising the quality of products and improving the company's image, as shown in this research.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.4
• /
• pp.59-69
• /
• 2016

We proposed a specialized model of performance measurement to measure the training performance of the trainees in cyber practical training. Cyber security professionals are cultivating their expertise, skills, and competencies through cyber practical training in specialized education and training institutions. The our proposed process of trainee evaluation is consisted of an evaluation component discovery, evaluation item selection, evaluation index catalog, ratings and criteria decision, and calculation formula. The trainee evaluation is consisted of a formative evaluation during the training and an overall evaluation after finished training. Formative evaluation includes progress evaluation and participation evaluation, and overall evaluation includes practice evaluation and learning evaluation. The evaluation is weighted according to the importance of evaluation type. Because it is evaluated actual skills and abilities, competencies are assigned a high weight, while knowledge and attitudes are assigned a low weight. If cyber security trainees are evaluated by the proposed evaluation model, cyber security professionals can be cultivated by each skill and knowledge level and can be deployed by importance of security task.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.327-341
• /
• 2021

The knowledge management was considered as the inevitable result of the rule of knowledge in this era, and its importance became clear in being the main source for achieving success, the need to consider and manage knowledge as an independent field that must be addressed with a clear scientific methodology has become intangible - they are very valuable and a strategic asset. On the other hand, the innovation process relates to all parts of the organization, and helps to improve the behavioral patterns of individuals and their attitudes towards adopting modern and innovative ideas, it is a purposeful process adopted by the senior management and works to provide the capabilities and requirements for embodying the innovative behavior in it. In the field of dealing with the market, it is a product of the organization's innovative approach, which aims at advancement, change, and intended and organized renewal. The main objective of this article is to determine the most appropriate ways to integrate knowledge management mechanisms to employ innovation factors within universities based on the role of universities in supporting innovation. This was achieved through reviewing many relevant research and listing the most prominent concepts of knowledge management, its importance, objectives, and processes determining the stages of knowledge management application, the requirements for applying knowledge management, and the obstacles that impede its application; Then the statement "Innovation in universities, through which it addressed the concept of innovation, its importance, stages, and requirements for its application, as well as identifying the most prominent models of innovation, and obstacles to innovation, in addition to that the role of universities in supporting innovation will be identified. From the surveyed study done in this article, we concluded that the relationship among organizational culture, knowledge management and innovation capability can provide useful insights for managers regarding developing a strong culture, promote knowledge management practices effectively and eventually enhance the whole organization's innovation capability. Also, we found that different components of Knowledge Management as Knowledge activities, Knowledge types, transformation of knowledge and technology have a significant positive effect in bringing innovation through transformation of knowledge into knowledge assets in universities.

• The Journal of the Korea Contents Association
• /
• v.14 no.1
• /
• pp.386-399
• /
• 2014

Following the heightened facilitation of information system in the education field, educational institutions encounter frequent information security infringement accidents. However there is insufficient education for persons in charge of information security duties in educational institutions. This study aims to analyze differences of knowledge and skills required for information security professionals in educational institutions by institution type, service area and duty. Based on the results of multidimensional scaling on survey data, this study presents the information security education framework for educational institutions.

• Journal of Information Processing Systems
• /
• v.12 no.4
• /
• pp.688-710
• /
• 2016

Our approach permits to capitalize the expert's knowledge as business rules by using an agent-based platform. The objective of our approach is to allow experts to manage the daily evolutions of business domains without having to use a technician, and to allow them to be implied, and to participate in the development of the application to accomplish the daily tasks of their work. Therefore, the manipulation of an expert's knowledge generates the need for information security and other associated technologies. The notion of cryptography has emerged as a basic concept in business rules modeling. The purpose of this paper is to present a cryptographic algorithm based approach to integrate the security aspect in business rules modeling. We propose integrating an agent-based approach in the framework. This solution utilizes a security agent with domain ontology. This agent applies an encryption/decryption algorithm to allow for the confidentiality, authenticity, and integrity of the most important rules. To increase the security of these rules, we used hybrid cryptography in order to take advantage of symmetric and asymmetric algorithms. We performed some experiments to find the best encryption algorithm, which provides improvement in terms of response time, space memory, and security.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.30 no.4
• /
• pp.117-131
• /
• 2022

Human rights education is to acquire understanding and knowledge about human rights, to develop values, attitudes and character that respect human rights, to develop the ability to overcome human rights violations and discriminatory acts, and to protect and promote the human rights of others. In order to prevent human rights violations of the transportation vulnerable, such as the disabled, it is necessary to develop specialized human rights education plans for aviation security personnel to practice human rights perspectives. Therefore, in accordance with the 「National Civil Aviation Security Education and Training Guidelines」, specialized human rights education should be included in the initial aviation security education and regular education courses. The point is that there is a need to reexamine the aviation security education program for aviation security personnel based on the essential knowledge and educational contents for aviation security personnel to perform security screening tasks in the aviation security education course. When this happens, various efforts must be made to improve the human rights of the transportation vulnerable, such as the disabled, during the security screening process, so that human rights violations will be significantly reduced. In particular, it is necessary to enhance the ability to detect dangerous terrorist items such as weapons or explosives that can be used for illegal sabotage through practical security screening training. For aviation security and aircraft safety, efforts to improve the quality of aviation security personnel training, such as human rights training, must be continuously made while thoroughly preparing for terrorism in advance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1293-1300
• /
• 2012

With the rapid evolution of mobile devices and the development of wireless networks, users of mobile social network service on smartphone have been increasing. Also the security of personal information as a result of real-time communication and information-sharing are becoming a serious social issue. In this paper, a framework that can be linked with a social network services platform is designed using OpenAPI. In addition, we propose an authentication and detection mechanism to enhance the level of personal information security. The authentication scheme is based on an user ID and password, while the detection scheme analyzes user-designated input patterns to verify in advance whether personal information protection guidelines are met, enhancing the level of personal information security in a social network service environment. The effectiveness and validity of this study were confirmed through performance evaluations at the end.