• Journal of Intelligence and Information Systems
• /
• v.20 no.1
• /
• pp.177-193
• /
• 2014

Over the past decade, there has been a rapid diffusion of electronic commerce and a rising number of interconnected networks, resulting in an escalation of security threats and privacy concerns. Electronic commerce has a built-in trade-off between the necessity of providing at least some personal information to consummate an online transaction, and the risk of negative consequences from providing such information. More recently, the frequent disclosure of private information has raised concerns about privacy and its impacts. This has motivated researchers in various fields to explore information privacy issues to address these concerns. Accordingly, the necessity for information privacy policies and technologies for collecting and storing data, and information privacy research in various fields such as medicine, computer science, business, and statistics has increased. The occurrence of various information security accidents have made finding experts in the information security field an important issue. Objective measures for finding such experts are required, as it is currently rather subjective. Based on social network analysis, this paper focused on a framework to evaluate the process of finding experts in the information security field. We collected data from the National Discovery for Science Leaders (NDSL) database, initially collecting about 2000 papers covering the period between 2005 and 2013. Outliers and the data of irrelevant papers were dropped, leaving 784 papers to test the suggested hypotheses. The co-authorship network data for co-author relationship, publisher, affiliation, and so on were analyzed using social network measures including centrality and structural hole. The results of our model estimation are as follows. With the exception of Hypothesis 3, which deals with the relationship between eigenvector centrality and performance, all of our hypotheses were supported. In line with our hypothesis, degree centrality (H1) was supported with its positive influence on the researchers' publishing performance (p<0.001). This finding indicates that as the degree of cooperation increased, the more the publishing performance of researchers increased. In addition, closeness centrality (H2) was also positively associated with researchers' publishing performance (p<0.001), suggesting that, as the efficiency of information acquisition increased, the more the researchers' publishing performance increased. This paper identified the difference in publishing performance among researchers. The analysis can be used to identify core experts and evaluate their performance in the information privacy research field. The co-authorship network for information privacy can aid in understanding the deep relationships among researchers. In addition, extracting characteristics of publishers and affiliations, this paper suggested an understanding of the social network measures and their potential for finding experts in the information privacy field. Social concerns about securing the objectivity of experts have increased, because experts in the information privacy field frequently participate in political consultation, and business education support and evaluation. In terms of practical implications, this research suggests an objective framework for experts in the information privacy field, and is useful for people who are in charge of managing research human resources. This study has some limitations, providing opportunities and suggestions for future research. Presenting the difference in information diffusion according to media and proximity presents difficulties for the generalization of the theory due to the small sample size. Therefore, further studies could consider an increased sample size and media diversity, the difference in information diffusion according to the media type, and information proximity could be explored in more detail. Moreover, previous network research has commonly observed a causal relationship between the independent and dependent variable (Kadushin, 2012). In this study, degree centrality as an independent variable might have causal relationship with performance as a dependent variable. However, in the case of network analysis research, network indices could be computed after the network relationship is created. An annual analysis could help mitigate this limitation.

• The Journal of Society for e-Business Studies
• /
• v.17 no.1
• /
• pp.111-136
• /
• 2012

The global recession has made it more difficult for companies to invest in IT, and they are increasingly aware of the environmental costs of so doing. In these circumstances, cloud computing has emerged as a new paradigm in the business IT sector. Governments, institutes and companies around the world, as well as specifically in Korea since 2009, have turned to this model of providing IT resources. This study is concerned to identify those characteristics of cloud computing that affect its introduction on a company's part; it offers a theoretical framework describing cloud services and seeks to establish causal linkages between antecedent factors and a company's introduction and application of this form of IT provision. The features of cloud computing in particular contexts that the study selected for analysis were its scalability, speed, security, potential compatibility with existing services, efficiency, economic feasibility, dependency and credibility. The study thus related these to whether or not cloud computing was adopted, verifying adjustment effects for cloud services. On the basis of a survey of enterprise IT decision-makers, it emerged through a statistical analysis of correlations that cloud computing's efficiency, economic feasibility and credibility had an effect on its introduction. This study's results should be of use to vendors and potential purchasers of cloud computing services. It is one of the first pieces of research on cloud computing from the customer perspective, based on the perceived characteristics of cloud services as they are seen and valued by users.

• Strategy21
• /
• s.39
• /
• pp.5-46
• /
• 2016

North Korea's 4th nuclear test on Jan. 6 and following developments once again awakened the world into seriousness of the nuclear matters on the Korean peninsula. On March 2, UNSC adopted Resolution 2270 which is complemented by Seoul government's measures such as withdrawal from the Gaesung Industrial Complex (Feb. 9) and announcement of unilateral sanction (March 8). Seoul government also strongly urged the international community to strangle North Korea's 'financial resources.' The U.S., Japan, China, and other countries have issued unilateral sanctions to complement the UNSC measure. South Korea and the U.S. conducted their annual joint military drill (Resolve-Foal Eagle) in the largest-ever scale. North Korea, however, responded with demonstration of its nuclear capabilities and announcement of de facto 'nuclear-first' politics. North Korea test-fired a variety of delivery vehicles, threatened nuclear strikes against South Korea and the U.S., and declared itself as an 'invincible nuclear power armed with hydrogen bombs' at the 7th Workers 'Party Congress held in May, 2016. Considering the circumstantial evidences, the North's 4th nuclear test may have been a successful boosted fission bomb test. North Korea, and, if allowed to go on with its nuclear programs, will become a nuclear power armed with more than 50 nuclear weapons including hydrogen bombs. The North is already conducting nuclear blackmail strategy towards South Korea, and must be developing 'nuclear use' strategies. Accordingly, the most pressing challenge for the international community is to bring the North to 'real dialogue for denuclearization through powerful and consistent sanctions. Of course, China's cooperation is the key to success. In this situation, South Korea has urgent challenges on diplomacy and security fronts. A diplomatic challenge is how to lead China, which had shown dual attitudes between 'pressure and connivance' towards the North's nuclear matters pursuant to its military relations with the U.S, to participate in the sanctions consistently. A military one is how to offset the 'nuclear shadow effects' engendered by the North's nuclear blackmail and prevent its purposeful and non-purposeful use of nuclear weapons. Though South Korea's Ministry of Defense is currently spending a large portion of defense finance on preemption (kill-chain) and missile defense, they pose 'high cost and low efficiency' problems. For a 'low cost and high efficiency' of deterrence, South Korea needs to switch to a 'retaliation-centered' deterrence strategy. Though South Korea's response to the North's nuclear threat can theoretically be boiled down into dialogue, sanction and deterrence, now is the time to concentrate on strong sanction and determined deterrence since they are an inevitable mandatory course to destroy the North' nuclear-first delusion and bring it to a 'real denuclearization dialogue.'

• Journal of Navigation and Port Research
• /
• v.44 no.4
• /
• pp.298-304
• /
• 2020

The purpose of this study was to identify evaluation factors and analyze the relative importance among factors to select a suitable transportation method for transferring the increasing amount of transshipment at multiple terminals at the Busan new port. To accomplish this, the evaluation factors were selected through a literature survey and brainstorming of a group of experts associated with the port operation, and were classified into five major factors and 15 middle factors. The evaluation factors classified hierarchically were surveyed relative to workers in organizations such as shipping companies, port corporations, container terminals, and related ministries. The importance of each factor was calculated using the hierarchical analysis process (AHP). As a result of the importance analysis, priority was assigned in order of safety, productivity, investment efficiency, operational efficiency, and policy conformity. Through this, it was necessary to select a suitable transportation method for the transshipment cargo in terminals while focusing on the cargo and terminal security and preventing accidents. As a result of calculating from six ITT transportation candidates, the priority was determined in order of monorail, Autocon, and so on as ITT transportation suitable for the Busan new port..

• The Korean Journal of Financial Management
• /
• v.24 no.3
• /
• pp.29-62
• /
• 2007

We examine the methods to increase MBS values given parameters of default risks of individual mortgages and their correlation, and analyze the effects of these parameters on the efficiency of the methods. First, the values of MBS can be improved when they are comprised of low-correlation mortgages regardless of specific forms of investors' utility functions. Second, the values of MBS can also be raised even after their components mortgages are determined. More specifically, when investors' utilities are heterogeneous, CMO's of a less risky tranche and a riskier tranche are highly valued compared with pass-through securities of two identical tranches. When investors' utilities are homogeneous(risk averse), however, the latter meets the needs of investors better than the former does. Third, it can be shown that the efficiency of the methods in this paper is an increasing function of default risks of mortgage loans or of the correlation between them, and a decreasing function of the amount of the price fall of MBS when in default.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.23 no.6
• /
• pp.558-564
• /
• 2013

Wireless sensor networks (WSNs) contain limited energy resources and are left in open environments. Since these sensor nodes are self-operated, attacks such as sinkhole attacks are possible as they can be compromised by an adversary. The sinkhole attack may cause to change initially constructed routing paths, and capture of significant information at the compromised node. A localized encryption and authentication protocol (LEAP) has been proposed to authenticate packets and node states by using four types of keys against the sinkhole attack. Even though this novel approach can securely transmits the packets to a base station, the packets are forwarded along the constructed paths without checking the next hop node states. In this paper, we propose the next hop node selection method to cater this problem. Our proposed method evaluates the next hop node considering three factors (i.e., remaining energy level, number of shared keys, and number of filtered false packets). When the suitability criterion for next hop node selection is satisfied against a fix threshold value, the packet is forwarded to the next hop node. We aim to enhance energy efficiency and a detour of attacked areas to be effectively selected Experimental results demonstrate validity of the proposed method with up to 6% energy saving against the sinkhole attack as compared to the LEAP.

• Smart Media Journal
• /
• v.7 no.1
• /
• pp.37-44
• /
• 2018

Utilizing sequence control and numerical computing, embedded devices are used in a variety of automated systems, including those at industrial sites, in accordance with their control program. Since embedded devices are used as a control system in corporate industrial complexes, nuclear power plants and public transport infrastructure nowadays, deliberate attacks on them can cause significant economic and social damages. Most attacks aimed at embedded devices are data-coded, code-modulated, and control-programmed. The control programs for industry-automated embedded devices are designed to represent circuit structures, unlike common programming languages, and most industrial automation control programs are designed with a graphical language, LAD, which is difficult to process static analysis. Because of these characteristics, the vulnerability analysis and security related studies for industry automation control programs have only progressed up to the formal verification, real-time monitoring levels. Furthermore, the static analysis of industrial automation control programs, which can detect vulnerabilities in advance and prepare for attacks, stays poorly researched. Therefore, this study suggests a method to present a discussion on an industry automation control program designed to represent the circuit structure to increase the efficiency of static analysis of embedded industrial automation programs. It also proposes a medium term translation technology exploiting LLVM IR to comprehensively analyze the industrial automation control programs of various manufacturers. By using LLVM IR, it is possible to perform integrated analysis on dynamic analysis. In this study, a prototype program that converts to a logical expression type of medium language was developed with regards to the S company's control program in order to verify our method.

• Journal of Convergence for Information Technology
• /
• v.10 no.11
• /
• pp.55-63
• /
• 2020

The IoT technology is a field that applies and converges the technologies in the existing industrial environment, instead of new technologies. The IoT technology is releasing various application services converged with other industries such as smart home, healthcare, construction, and automobile, and it is also possible to secure the work efficiency and convenience of users of IoT-based technologies. However, the security threats occurring in the IoT-based technology environment are succeeding to the vulnerability of the existing wireless network environment. And the occurrence of new and variant attacks in the combination with the ICT convergence environment, is causing damages. Thus, in the IoT technology-based environment, it would be necessary to have researches on the safe transmission of messages in the communication environment between user and device, and device and device. This thesis aims to design a safe communication protocol in the IoT-based technology environment. Regarding the suggested communication protocol, this thesis performed the safety analysis on the attack techniques occurring in the IoT technology-based environment. And through the performance evaluation of the existing PKI-based certificate issuance system and the suggested communication protocol, this thesis verified the high efficiency(about 23%) of communication procedure. Also, this thesis verified the reduced figure(about 65%) of the issued quantity of certificate compared to the existing issuance system and the certificate management technique.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.9B
• /
• pp.1350-1359
• /
• 2010

Recently many researchers have been proved that general RFID system for proximity authentication is vulnerable to various location-based relay attacks such as distance fraud, mafia fraud and terrorist fraud attacks. The distance-bounding protocol is used to prevent the relay attacks by measuring the round trip time of single challenge-response bit. In 2008, Munilla and Peinado proposed an improved distance-bounding protocol applying void-challenge technique based on Hancke-Kuhn's protocol. Compare with Hancke-Kuhn's protocol, Munilla and Peinado's protocol is more secure because the success probability of an adversary has (5/8)n. However, Munilla and Peinado's protocol is inefficient for low-cost passive RFID tags because it requires large storage space and many hash function computations. Thus, this paper proposes a new RFID distance-bounding protocol for low-cost passive RFID tags that can be reduced the storage space and hash function computations. As a result, the proposed distance-bounding protocol not only can provide both storage space efficiency and computational efficiency, but also can provide strong security against the relay attacks because the adversary's success probability can be reduced by $(5/8)^n$.

• Journal of Navigation and Port Research
• /
• v.35 no.5
• /
• pp.439-444
• /
• 2011

This study is aimed to extract the key role of port operation organizations for the development of region ports and identify the operating efficiency priorities of three ports such as Busan, Incheon and UIsan port operated by PA(port authority). The Factor Analysis(FA) and Fuzzy Method were used as the analysis methodes. As an important role of port authority and regional maritime affairs & port office, thirteen sub-evaluation factors and four top-level evaluation factors were selected using the FA. Among the top-level evaluation factors i.e. 'port security, information management', service for regional society and customers', 'port marketing' and 'customer attraction', the most important factor was identified as 'port marketing'. The total port efficiency was evaluated using these factors and Fuzzy Method. As a result, Busan ranked 1st, followed by Incheon and Ulsan.