• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.2
• /
• pp.73-86
• /
• 2016

The purpose of this study is to examine a security investment for firms experienced in confidential information leak. Information security is an apparatus for protection of secret information. The competence of information security is a competitiveness to avoid information leakage in changing business environment. The type of information security is divided into administrative security, technical security and physical security. It is necessary to improve the incident correspondence competence through information security investment of the three types. Therefore, the investment of information security is to enhance information-asset protection of firms. To reinforce accident response competence, an organization discussed an establishment, security technology development, expand investment and legal system of the security system. I have studied empirically targeting the only information leak of firms. This data is a technical security competence and technology leakage situation of firms happened in 2010. During recovery of the DDos virus damage on countries, company and individual, the collected data signify a reality of information security. The data also identify a security competence of firms worrying information security management. According to the study, the continuous investment of information security has a high competence of accident correspondence. In addition, the most of security accidents showed a copy and stealing of paper and computer files. Firm on appropriate security investment is an accident correspondence competence higher than no security investment regardless of a large, small and medium-sized, and venture firm. Furthermore, the rational security investment should choose the three security type consideration for firm size.

• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.57-68
• /
• 2022

As the importance and awareness of security have recently expanded, companies and governments are making continuous efforts and investments for security management. However, there are still many security threats in the organization, especially security incidents caused by internal staff. Therefore, it is very important for members to comply with security policies for organizational security management. Therefore, this study classified industrial security management into technical security, physical security, and managerial security, and applied the theory of planned behavior to investigate the impact relationship on the intention to comply with security policies. SPSS 25 and AMOS 25 were used for statistical analysis, and the study found that technical security had a positive(+) effect on subjective norms, physical security had a positive(+) effect on perceived behavior control, and attitude and perceived behavior control had a positive(+) effect on security policy compliance intention.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.9 no.5
• /
• pp.1271-1278
• /
• 2008

As the collaboration of WFMS(workflow management systems) in enterprises increases, security protocols could be considered a critical factor affecting secure operation of WMFS. The security protocol of WFMS could not reflect the nature of collaboration in WFMS, resulting to collaboration of WFMS on Internet causing the operation problems of WFMS. This study suggests collaboration based security protocols based on the collaboration of WFMS on Internet. To reflect the nature of collaboration in WFMS, this study analyzes security requirements for WFMS. Based on security requirements, this study suggests a security architecture and security protocols for WFMS using security agents.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.63-68
• /
• 2023

In this study, in relation to blockchain protocol and network security, we study the configuration of blockchain and encryption key management methods on smart contracts so that we can have a strong level of response to MITM attacks and DoS/DDoS attacks. It is expected that the use of blockchain technology with enhanced security can be activated through respond to data security threats such as MITM through encryption communication protocols and enhanced authentication, node load balancing and distributed DDoS attack response, secure coding and vulnerability scanning, strengthen smart contract security with secure consensus algorithms, access control and authentication through enhanced user authentication and authorization, strengthen the security of cores and nodes, and monitoring system to update other blockchain protocols and enhance security.

• Maritime Security
• /
• v.6 no.1
• /
• pp.57-81
• /
• 2023

This study aims to review Russia's annexation of Crimea from a maritime security perspective. Based on a comprehensive analysis of Russia's national security perception, this study analyzed Russia's maritime security strategy and the security importance of the Black Sea and the Sea of Azov, and reviewed the annexation of Crimea from a maritime security perspective. The main argument of this study is as follows. Russia's annexation of Crimea was necessary for the successful fulfillment of Russia's maritime security strategy in the Black and Azov Seas. Russia's annexation of Crimea guarantees the activities of the Black Sea Fleet militarily from a maritime security point of view, secures a passage to the Atlantic Ocean to counter NATO's expansion. From a economic security point of view, Russia's annexation of Crimea was based on the strategic considerations to secure influence within the Black Sea economic bloc which guarantees stable production and transportation of natural resources and shipping.

• Convergence Security Journal
• /
• v.3 no.3
• /
• pp.7-18
• /
• 2003

Under database system environment, to accomplish database security is to ascertain the security threats and to choose the policy and mechanism of treating them. This study suggests the type and character of security threat and general method of prevention and cutting off the threats. Also, this study suggests the method of realization of Oracle security and additionally shows the method of Oracle security framework implemention. As an example, the verification method of Oracle security implementions are shown.

• Convergence Security Journal
• /
• v.13 no.5
• /
• pp.207-213
• /
• 2013

As the axis of the private security maintain social order in order to achieve the original purpose of all society must move in the direction of motion, and so in order to be a private security based philosophical values and ideological composition should be based. In this process, to be followed by private security value or direction, philosophy private security is the norm. In this regard, this study pursued by the private security justification ever truly normative principles are intended to establish. The public nature of the ideology of private security, public, efficiency, legality, responsiveness and the like. Conflict occurs between the value of these ideals, although complementary are in harmony.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.39-46
• /
• 2020

In order to protect the business information of the enterprise, the company is engaged in various information security activities, such as establishing an information security management system, establishing and operating an information security system, checking vulnerabilities and security controls. It is an enterprise information security governance that organizes various information security activities for enterprise business, and it needs to be systematized to operate them effectively. In this study, to systematize the enterprise information security governance, we would like to explore the existing Enterprise Information Portal(EIP) model and propose an Enterprise Information Security Portal(EISP) model based on it. The Enterprise Information Security Portal(EISP) model provides an integrated environment for supporting the activities of the information security departments by systemizing the enterprise information security governance, which is a variety of information security activities of the enterprises, so that the information security activities of the enterprises can participate directly from CEO to executives and employees, not just from the information security departments.

• Journal of Platform Technology
• /
• v.11 no.5
• /
• pp.126-135
• /
• 2023

Demand for NFT is expanding along with Blockchain. And cyber security threats are also increasing. Therefore, this study derives security level inspection items by analyzing status related to NFT security such as NFT features, security threats, and compliance for the purpose of strengthening NFT security. Based on this, the relative importance was confirmed by applying it to the AHP model. As a result of the empirical analysis, the priority order of importance was found in the order of Security management system establishment and operation, encryption, and risk management, etc. The significance of this study is to reduce NFT security incidents and improve the NFT security management level of related companies by deriving NFT-related security level check items and demonstrating the research model. And If you perform considering relative importance of the NFT check items, the security level can be identified early.

• Convergence Security Journal
• /
• v.16 no.2
• /
• pp.55-62
• /
• 2016

Recently, research outcome is frequently leaked in the process of progressing domestic R&D. Security system such as research security law and manual is implemented to prepare these leakage. However piecemeal solutions, simply technological measures, have a limit. Consequently, this study organizes a integrated research security framework by designing multidimensional security measures based on the R&D life cycle perspective. Concretely, this study constructs various control items predicated on law, moreover reviews the applicability of research security assessment items.