• Informatization Policy
• /
• v.23 no.4
• /
• pp.76-94
• /
• 2016

Recently in Korea, the importance of information security awareness has been receiving a growing attention. Attacks such as social engineering and ransomware are hard to be prevented because it cannot be solved by information security technology. Also, the profitability of information security industry has been decreasing for years. Therefore, many companies try to find a new growth-engine and an entry to the foreign market. The main purpose of this paper is to draw out some information security issues and to analyze them. Finally, this study identifies issues and suggests how to improve the situation in Korea. For this, topic modeling analysis has been used to find information security issues of each country. Moreover, the score of sentiment analysis has been used to compare them. The study is exploring and explaining what critical issues are and how to improve the situation based on the identified issues of the Korean information security industry. Also, this study is also demonstrating how text mining can be applied to the context of information security awareness. From a pragmatic perspective, the study has the implications for information security enterprises. This study is expected to provide a new and realistic method for analyzing domestic and foreign issues using the analysis of real data of the Twitter API.

• Journal of Korea Multimedia Society
• /
• v.20 no.12
• /
• pp.1928-1939
• /
• 2017

Fog computing is another paradigm of the cloud computing, which extends the ubiquitous services to applications on many connected devices in the IoT (Internet of Things). In general, if we access a lot of IoT devices with existing cloud, we waste a huge amount of bandwidth and work efficiency becomes low. So we apply the paradigm called fog between IoT devices and cloud. The network architecture based on cloud and fog computing discloses the security and privacy issues according to mixed paradigm. There are so many security issues in many aspects. Moreover many IoT devices are connected at fog and they generate much data, therefore light and efficient security mechanism is needed. For example, with inappropriate encryption or authentication algorithm, it causes a huge bandwidth loss. In this paper, we consider issues related with data encryption and authentication mechanism in the network architecture for cloud and fog-based M2M (Machine to Machine) IoT services. This includes trusted encryption and authentication algorithm, and key generation method. The contribution of this paper is to provide efficient security mechanisms for the proposed service architecture. We implemented the envisaged conceptual security check mechanisms and verified their performance.

• International journal of advanced smart convergence
• /
• v.5 no.3
• /
• pp.27-31
• /
• 2016

High-tech industries in a state well enough to troubleshoot hacking information introduction a big barrier to delay the growth of the market related to IoT(Internet of Things) as is likely to be on the rise. This early on, security issues introduced in the solution, a comprehensive solution, including the institutional laws/precautions needed. Recent examples of frequent security threats while IoT is the biggest issue of introducing state-of-the-art industry information due to the vulnerable security hacking. This high-tech industries in order to bridge the information responsible for the target attribute, target range, and the protection of security and how to protect the subject, IoT environment (domestic industrial environment) considering the approach is needed. IoTs with health care and a wide variety of services, such as wearable devices emerge. This ensures that RFID/USN-based P2P/P2M/M2M connection is the implementation of the community. In this study, the issue on the high-tech industrial information and the vulnerable security issues of IoT are described.

• International Journal of Internet, Broadcasting and Communication
• /
• v.4 no.2
• /
• pp.17-21
• /
• 2012

As an acronym for Supervisory Control and Data Acquisition, SCADA is a concept that is used to refer to the management and procurement of data that can be used in developing process management criteria. The use of the term SCADA varies, depending on location. Conventionally, SCADA is connected only in a limited private network. In current times, there are also demands of connecting SCADA through the internet. The internet SCADA facility has brought a lot of advantages in terms of control, data generation and viewing. With these advantages, come the security issues regarding web SCADA. In this paper, we discuss web SCADA and its connectivity along with the issues regarding security and suggests a web SCADA security solution using asymmetric-key encryption.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.111-119
• /
• 2017

As of March 2017, fake news is largely focused on political issues. Outside the country, main issues of the fake news have been a hot topic in the US presidential election in 2016 and emerged as a new political and social problem in countries like Germany and France. In Korea, issues of the fake news are also linked with political issues such as presidential impeachment and prosecution, impeachment quota, early election, etc. This phenomenon has recently led to the production and spread of fake news related to safety and security issues as well as political issues in connection with various methods of generating articles and sharing information. As a result, there is a high possibility that the information will be transformed into information that can cause considerable confusion to the public. Therefore, the recognition of such problems means that it is important at this point to consider the related situation analysis and effective countermeasures. To do this, we tried to make accurate and meaningful analysis for the diagnosis, analysis, forecasting and management of issues utilizing Big Data. As a result, it is found that the fake news is continuously generated in relation to the safety and security issue as well as the political issue in the South Korea, and differs from the general form occurring outside the country.

• Journal of Digital Convergence
• /
• v.9 no.4
• /
• pp.29-40
• /
• 2011

This research suggests the effective countermeasures for the security threats on 'Smart Work 2.0'. It is important to discuss the Smart Work 2.0 security issues and threats at the point of evolving form Smart Work 1.0 into 2.0. In this research, first, the security issues, threats and countermeasures of telecommunication working, mobile office and smart work center are discussed. Second, we explore the security issues derived from co-working or creativity as major concepts of Smart Work 2.0.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.17 no.4
• /
• pp.95-102
• /
• 2021

As social interest in the metaverse increases, various metaverse platforms and services are appearing, and various security issues are emerging accordingly. In particular, since all activities are performed in a variety of virtual spaces, and the metaverse utilizes sensing data using various hardware devices, more information is accumulated than other Internet services, and more damage can occur if information security is not guaranteed. Therefore, in this paper, we propose a metaverse security model that considers the major issues mentioned in previous papers and the necessary evaluation factors for the security functions required in the metaverse platform. As a result of performing the performance evaluation of the proposed model and the existing attribute information collection model, the proposed model can provide security functions such as anonymity and source authentication, which were not provided by the existing models.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.6057-6078
• /
• 2018

Smart home systems provide a safe, comfortable, and convenient living environment for users, whereby users enjoy featured home services supported by the data collected and generated by smart devices in smart home systems. However, existing smart devices lack sufficient protection in terms of data security and privacy, and challenging security and privacy issues inevitably emerge when using these data. This article aims to address these challenging issues by proposing a private blockchain-based access control (PBAC) scheme. PBAC involves employing a private blockchain to provide an unforgeable and auditable foundation for smart home systems, that can thwart illegal data access, and ensure the accuracy, integrity, and timeliness of access records. A detailed security analysis shows that PBAC could preserve data security against various attacks. In addition, we conduct a comprehensive performance evaluation to demonstrate that PBAC is feasible and efficient.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.89-97
• /
• 2020

Recently, security issues on industrial technology are undergoing rapid changes around the world. Developed countries are establishing response strategies to protect their own core technologies while creating conflicts with global value chains and foreign capital movement. Also in Korea, we are approaching industrial security issues in the mid- to long-term industrial competitiveness. The purpose of this study is to survey on the awareness of the industrial security ecosystem and derive key policy issues. Based on a three round survey, four policies were suggested as followings : systemization of industrial security control tower, enhancement of security company's technical skills and training of security specialists, improvement of technology leakage prevention system through retirement personnel and M&A, reinforcement of research security in R&D process and proactive technology protection. It is hoped that this study will serve as a basis for policy-making as an evidence-based study reflecting the policy demands of industrial security.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.4
• /
• pp.89-96
• /
• 2016

Before an IT product is used, there is a sequence of the process such as the components supply-demand of the product, their assembly and production, their logistics and delivery, and then finally, the product can be used by a user. During this sequence of the process, there can be many security exposures and risks. In this paper, we show, by examining security cases of various IT products, that there are many security exposures in the process of IT products from their production to their delivery to end users and in their use, and also show how critical the security exposures are. Even though there are various security theories, technologies and security controls, there is still weak link from the production of an IT product to its use, and this weak link can lead to security vulnerabilities and risks. This paper tries to call attention to the importance of the execution of the security control and the control components. We examine the practical cases to find out how the security control is paralyzed, and to show how it is compromised by asymmetric security resources. Lastly, from the cases, we examine and review the possible domestic security issues and their countermeasures.