• Proceedings of the Korean Society of Computer Information Conference
• /
• 2014.07a
• /
• pp.83-84
• /
• 2014

식별 및 인증은 어플리케이션 보안 요건에서 분석단계의 보안 요건의 한 영역이다. 어플리케이션은 개별 ID를 유일하게 식별해야 한다. 패스워드는 길이 제한을 두어서 관리하고 패스워드 조합 표준을 적용해서 저장해 두어야 한다. 패스워드는 일정한 주기적인 변경을 수행해야 한다. ID/PW 이외의 강화된 인증 방식을 제공하여 관리를 해야 하는 것은 당연하다. 이러한 인증 프로세스는 정의된 보안 요건을 충분히 총족해야 한다.

• Journal of Digital Convergence
• /
• v.8 no.4
• /
• pp.177-184
• /
• 2010

Mobile phones users are not only able to use smart phone services in real time whenever and wherever they desire, but also they can acquire appropriate information that they need. The features of smart phone services and users are examined in this study because there are not enough studies on such unique features of smart phone services. In accordance with the results of the study the features of smart phone services and users can be categorized as follows: 1) the requisite features of smart phone services are immediate connectivity and. 2) The requisite features for smart phone users are user friendliness and user innovation. 3) The requisite features of smart phone technology are security and linkage.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1233-1245
• /
• 2017

Cyber risk is rapidly increasing due to the hyperconnectivity of the IoT in the intelligent information society. Therefore cyber insurance has been attracting attention as a new risk management countermeasure by transferring cyber risk. However, cyber insurance is still a new concept in South Korea. The purpose of this study is to propose the concept of cyber insurance suitable for domestic demand by deriving the priority of cyber insurance coverage. Research results suggest that the most requisite cyber insurance types are business interruption and liability.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.319-331
• /
• 2022

The latest global COVID-19 pandemic has made the use of facial masks an important aspect of our lives. People are advised to cover their faces in public spaces to discourage illness from spreading. Using these face masks posed a significant concern about the exactness of the face identification method used to search and unlock telephones at the school/office. Many companies have already built the requisite data in-house to incorporate such a scheme, using face recognition as an authentication. Unfortunately, veiled faces hinder the detection and acknowledgment of these facial identity schemes and seek to invalidate the internal data collection. Biometric systems that use the face as authentication cause problems with detection or recognition (face or persons). In this research, a novel model has been developed to detect and recognize faces and persons for authentication using scale invariant features (SIFT) for the whole segmented face with an efficient local binary texture features (DLBP) in region of eyes in the masked face. The Fuzzy C means is utilized to segment the image. These mixed features are trained significantly in a convolution neural network (CNN) model. The main advantage of this model is that can detect and recognizing faces by assigning weights to the selected features aimed to grant or provoke permissions with high accuracy.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2014.07a
• /
• pp.87-88
• /
• 2014

접근통제는 주체가 객체와 상호작용하는 방법의 관리에 대한 것이다. 객체에서 주체로의 정보전송을 접근 이라고 한다. 주체는 접근을 통하여 수동적 실재 즉, 객체에 대한 정보 또는 객체로부터 데이터를 요구하는 능동적 실재이다. 주체는 항상 객체에 대한 정보 또는 객체로부터 데이터를 수신하는 실재이며, 또한 객체에 대한 정보 또는 객체로부터 데이터를 수신하는 실재이며 또한 객체에 대한 정보 또는 객체 내에 보관되어 있는 데이터를 변경하는 실재이다. 객체는 항상 정보 혹은 데이터를 제공하거나 유지하는 실재이다. 업무수행자(사용자)의 역할(Role)과 데이터 사용행위에 기반한 접근 및 권한 통제가 이루어져야 한다. 중요 정보의 대량 조회 및 변경 작업은 사전 결재를 득해야 한다. 일정 시간 무행위 세션에 대해 통제를 해야 한다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2014.07a
• /
• pp.85-86
• /
• 2014

암호화란 데이터 전송할 때 타 기관 및 타인에 의한 위법적이고 불법적인 방법에 의하여 데이터 일부가 손실되거나 완전히 변경되는 것을 방지하기 위해 데이터를 기술적으로 변환하여 전송하는 방법이다. 본 논문에서는 중요한 데이터나 정보를 전송하거나 이를 저장 할 때는 반드시 이 정보의 기밀성과 무결성을 보장하여 처리해야 한다는 것을 강하게 나타내고 있다. 이러한 암호화는 전송하는 방항에 따라서 단방향 및 양방향 암호화를 적용한다. 또한 암호화 키는 안전성이 확보 되어야 하며 쉽게 해독되어서는 안된다.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.49 no.3
• /
• pp.34-45
• /
• 2012

In this paper, we proposed and modeled a video contents protection system based on the infectious information hiding(IIH) technique as using characteristics of biological viruses. Our proposed IIH System considered the requisite important information for video contents protection as the infectious virus, and suggested a new paradigm about video contents protection that transmitted infectious information from contents(host) or video CODECs(viral vector). Also, we modeled the Pathogen, Mutant and Contagion virus as the infectious information and defined technical tools about verification of infectious information, kernel based IIH, contents based IIH and creation/regeneration of infectious information as main techniques for our IIH system. Finally, through simulations that carried the infectious information by using conventional information hiding algorithms as kernel based and contents based IIH techniques, we verified possibilities of our proposed IIH system.

• The Journal of Society for e-Business Studies
• /
• v.19 no.3
• /
• pp.1-21
• /
• 2014

Personal information is a requisite for financial transactions as well as a core asset of financial companies. However, as a side effect of the information society, personal information infringements have emerged as significant social risks, causing realized loss to individuals and companies. This study analyzes results of financial and emotional loss in terms of consumer loss and also presents usefulness of insurance in order to minimize such actual damages as a means of risk transfer. In addition, this study investigates components and premium calculation principles of compensation insurance against personal information invasion and finally presents policies to activate these insurance product. As a method of risk management, insurance not only is a useful tool to guarantee consumer protection and companies' financial soundness simultaneously but also provides a basis of quantitative measurement of IT risks.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.19 no.3
• /
• pp.609-618
• /
• 2024

The escalating demand for organized information resource management within organizations necessitates increased investment in information security (IS), as a single error can lead to information exposure incidents, underscoring the importance of IS compliance by insiders. The research aims to elevate IS compliance within the organization by examining the influence of the shared goal of information security policy (ISP), perceived ISP value and individual's fits on an insider's intention to comply with the ISP. Antecedent research in organizational behavior and IS led to a proposed hypothesis, tested using 366 obtained samples. The ISP shared goal's positive influence on ISP compliance intentions was evident from the test results, primarily through the perceived ISP value. Furthermore, the person-organization and demand-ability fit moderated the antecedent factors associated with ISP compliance intentions. Our findings suggest the methods for sustaining organizational IS levels by examining the requisite conditions from the viewpoints of the organizational environment, ISP values, and fits.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.191-202
• /
• 2021

This research was conducted with the aim to appraise the level of satisfaction of students and faculty members with the services of the Deanship of e-Learning and Distance Education at Umm Al-Qura University. In addition, it investigated any differences arising between the evaluation of students and faculty members for these services owing to their gender..To achieve these goals, a descriptive analysis methodology was used in this research. The sample comprised 1357 students (704 male and 653 female) and 372 faculty members (208 male and 164 female) from Umm Al-Qura University in the academic year 2020-2021. To collect the requisite data, the study participants were asked to complete a 5-point Likert scale questionnaire, and the validity and reliability of the data were then assessed. The findings revealed the existence of a high level of satisfaction of students and faculty members with the services of Deanship of e-Learning and Distance Education at Umm Al-Qura University. There are no statistically significant differences between the mean scores of students (male/female) at Umm Al-Qura University in evaluating the said services. Furthermore, there are no statistically significant differences between the mean scores of faculty members (male/female) at Umm Al-Qura University in evaluating these. There exist statistically significant differences between the mean scores of faculty members and students in the evaluation of the services of the Deanship for the benefit of faculty members.