• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.1
• /
• pp.31-39
• /
• 2011

VoIP service uses packet network of ip-based because that has eavesdropping, interception, illegal user as vulnerable elements. In addition, PSTN of existing telephone network is subordinate line but VoIP service using the ip packet provide mobility. so The user authentication and VoIP user's account service using VoIP has emerged as a problem. To solve the vulnerability of SIP, when you use VoIP services with SIP, this paper has made it possible to authenticate user's terminal by using proxy server and proxy server by using authentication server. In conclusion, sender and receiver are mutually authenticated. In the mutual authentication process, the new session key is distributed after exchanging for the key between sender and receiver. It is proposed to minimize of service delay while the additional authentication. The new session key is able to authenticate about abnormal messages on the phone. This paper has made it possible to solve the vulnerability of existing SIP authentication by using mutual authentication between user and proxy server and suggest efficient VoIP service which simplify authentication procedures through key distribution after authentication.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.4
• /
• pp.205-218
• /
• 2018

The purpose of this study is to examine the factors that the characteristics of Protection Motivation Theory affects the addiction of social game users in Korea and then, to verify how these factors make an impact on the addiction through the immersion. The characteristics of protection motivation theory are vulnerability, severity, efficiency, and disability, and we want to study the influence of each characteristic on social game flow and the relationship leading to addiction. The results of this research can be useful for 'social game addiction prevention education'. This study was conducted to survey the users who had experienced using the social game to verify the suggested hypothesis. As the results of the survey, first of all, vulnerability appeared to have a positive effect on the flow. Secondly, severity appeared not to have a positive impact on the flow. Thirdly, efficiency turned out to affect the flow. Fourthly, disability turned out to have a positive impact upon the flow. Lastly, flow was revealed to make a positive impact on the addiction. The results of this study will help to construct the content of 'social game addiction prevention education program'.

• Journal of Information Processing Systems
• /
• v.2 no.2
• /
• pp.95-100
• /
• 2006

While conventional business administration-based information technology management methods are applied to the risk analysis of information systems, no security risk analysis techniques have been used in relation to information protection. In particular, given the rapid diffusion of information systems and the demand for information protection, it is vital to develop security risk analysis techniques. Therefore, this paper will suggest an ideal risk analysis process for information systems. To prove the usefulness of this security risk analysis process, this paper will show the results of managed, physical and technical security risk analysis that are derived from investigating and analyzing the conventional information protection items of an information system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.961-974
• /
• 2015

With the advancement of SIEM from ESM, it allows deep correlated analysis using huge amount of data. By collecting software's vulnerabilities from assessment with certain classification measures (e.g., CWE), it can improve detection rate effectively, and respond to software's vulnerabilities by analyzing big data. In the phase of monitoring and vulnerability diagnosis Process, it not only detects predefined threats, but also vulnerabilities of software in each resources could promptly be applied by sharing CCE, CPE, CVE and CVSS information. This abstract proposes a model for effective detection and response of software vulnerabilities and describes effective outcomes of the model application.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.885-895
• /
• 2019

As seen in recent cases of hacking in financial services, attackers are attempting to hacking trustee with poor security management, rather than directly hacking a financial company. As a result, the consignor is strengthening the security check and control of the trustee, but small trustee has difficulties to invest in information security with the lack of computer facilities and the excessive cost of security equipment. In this paper I investigate the vulnerability of personal information processing life cycle standards in order to enhance the security of small consignee that receive personal information form the credit card company. To solve the vulnerability the company should use litigation management system constructed on cloud computing service and install VPN to secure confidentiality and intergrity in data transfer section. Also, to enhance the security of users, it is suggested to protect personal credit information by installing PC firewall and output security on user PC.

• Journal of Advanced Navigation Technology
• /
• v.12 no.4
• /
• pp.384-391
• /
• 2008

These days, along with the information society, the value of information has emerged as a powerful factor for a company's development and sustainability, and therefore, the importance of the Information Security and Management System (ISMS) has emerged and become an integral part of all areas of business. In this paper, ISMS evaluation methods from around the world are compared and analyzed with the standards of various management guidelines, definitions, management of threats and vulnerability, approaches to result calculations, and the evaluation calculation indexes for domestic to propose the best method to evaluate the Information Security Management System that will fit the domestic environment.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.7
• /
• pp.109-116
• /
• 2019

In this study, a GIS-based park safety assessment index was developed to enable objective park vulnerability assessment through data-based GIS analysis, a safety assessment was conducted by selecting a target site where various parks are operated and applying the park safety assessment index. In addition, a facility management system was developed for efficient management of the park safety assessment to update the park safety and provide a foothold for indirect PPGIS. In the case of the assessment index of the safety rating of the park, it was possible to conclude that the accurate quantitative performance was given to the calculation of the safety grade of the park based on the fact that the facilities are different depending on the environment and the size of the park. In addition, the marking the safety grade of parks, as well as the function to show the safety facilities of parks, a common living area for citizens, the management system is expected to have an impact on promoting the use of parks. In the future, in functions such as reporting of facility failures and verifying civil information are implemented by applying civic group participation programs and crowd-sourcing technologies, it is believed that all facilities as well as parks managed by the local government can be managed more efficiently.

• Journal of Korea Multimedia Society
• /
• v.18 no.2
• /
• pp.218-232
• /
• 2015

According to the development of information processing technology and mobile communication technology, the utilization of mobile banking systems is drastically increasing in banking system. In the foreseeable future, it is expected to increase rapidly the demands of mobile banking in bank systems with the prevalence of smart devices and technologies. However, the keeping 'security' is very important in banking systems that handles personal information and financial assets. But it is very difficult to improve the security of banking systems only with the vulnerabilities and faults analysis methods of information security. Hence, in this paper, we accomplish the analysis of security risk factor and security vulnerability that occur in mobile banking system. With analyzed results, we propose the information security control and management processes for assessing and improving security based on the mechanisms which composes mobile banking system.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.447-452
• /
• 2013

Berkley Media Access Control (B-MAC) protocol is one of the well-known MAC protocols, which uses adaptive preamble sampling scheme and is designed for wireless sensor networks (WSN). In this paper, we are reviewed about security vulnerability in B-MAC, and analyzed the power which is consumed at each stage of B-MAC protocol according to vulnerability of denial of sleep(DoS) and replay problem. From our analytical results, it can be considered the need of power efficient authentication scheme which provides the reliability, efficiency, and security for a general B-MAC communication. This is the case study of possible DoS vulnerability and its power consumption in B-MAC.

• Journal of Digital Convergence
• /
• v.11 no.10
• /
• pp.31-45
• /
• 2013

The purpose of this study is to investigate the relationships among causes and effect of technostress creators and technostress creators. Rooted in the person-technology fit model, this research suggests cause of technostress creators such as system quality and system vulnerability. Furthermore, the research suggests outcome of technostress such as organizational commitment. The research found that system vulnerability has significant effects on the technostress creators. In addition, technostress creators influence significantly an organizational commitment. The conclusions and implications are discussed.