• The Journal of Asian Finance, Economics and Business
• /
• v.8 no.10
• /
• pp.373-383
• /
• 2021

This article aims to examine the one-way relationship between corporate social responsibility (CSR) and the financial performance of Vietnamese commercial banks, mainly focusing on the moderating role of ownership structure. Net interest margin (NIM), return on assets (ROA), and return on equity (ROE) are selected to represent the financial performance of the bank. CSR was measured using a multi-method approach that included both quantitative and qualitative methods. Corporate Social Responsibility Expenditure (CSRE) was estimated using financial data. The Corporate Social Responsibility Disclosure (CSRD) index was created using the content analysis method. Using a sample of Vietnamese commercial banks from 2012 to 2019 to perform regressions in the dynamic panel models with the two-step system generalized method of moments (GMM) estimator, the results show a positive effect of both CSRE and CSRD on the financial performance of the bank. Empirical evidence shows that the positive relationship between CSRE and financial performance is more robust in statecontrolled banks than non-state-controlled banks. In contrast, the positive impact of CSRD on the financial performance of state-owned commercial banks is weaker than that of private banks. Finally, the paper points out the limitations and proposes future research directions.

• Journal of Intelligence and Information Systems
• /
• v.22 no.4
• /
• pp.109-122
• /
• 2016

Recently, big data analysis has developed into a field of interest to individuals and non-experts as well as companies and professionals. Accordingly, it is utilized for marketing and social problem solving by analyzing the data currently opened or collected directly. In Korea, various companies and individuals are challenging big data analysis, but it is difficult from the initial stage of analysis due to limitation of big data disclosure and collection difficulties. Nowadays, the system improvement for big data activation and big data disclosure services are variously carried out in Korea and abroad, and services for opening public data such as domestic government 3.0 (data.go.kr) are mainly implemented. In addition to the efforts made by the government, services that share data held by corporations or individuals are running, but it is difficult to find useful data because of the lack of shared data. In addition, big data traffic problems can occur because it is necessary to download and examine the entire data in order to grasp the attributes and simple information about the shared data. Therefore, We need for a new system for big data processing and utilization. First, big data pre-analysis technology is needed as a way to solve big data sharing problem. Pre-analysis is a concept proposed in this paper in order to solve the problem of sharing big data, and it means to provide users with the results generated by pre-analyzing the data in advance. Through preliminary analysis, it is possible to improve the usability of big data by providing information that can grasp the properties and characteristics of big data when the data user searches for big data. In addition, by sharing the summary data or sample data generated through the pre-analysis, it is possible to solve the security problem that may occur when the original data is disclosed, thereby enabling the big data sharing between the data provider and the data user. Second, it is necessary to quickly generate appropriate preprocessing results according to the level of disclosure or network status of raw data and to provide the results to users through big data distribution processing using spark. Third, in order to solve the problem of big traffic, the system monitors the traffic of the network in real time. When preprocessing the data requested by the user, preprocessing to a size available in the current network and transmitting it to the user is required so that no big traffic occurs. In this paper, we present various data sizes according to the level of disclosure through pre - analysis. This method is expected to show a low traffic volume when compared with the conventional method of sharing only raw data in a large number of systems. In this paper, we describe how to solve problems that occur when big data is released and used, and to help facilitate sharing and analysis. The client-server model uses SPARK for fast analysis and processing of user requests. Server Agent and a Client Agent, each of which is deployed on the Server and Client side. The Server Agent is a necessary agent for the data provider and performs preliminary analysis of big data to generate Data Descriptor with information of Sample Data, Summary Data, and Raw Data. In addition, it performs fast and efficient big data preprocessing through big data distribution processing and continuously monitors network traffic. The Client Agent is an agent placed on the data user side. It can search the big data through the Data Descriptor which is the result of the pre-analysis and can quickly search the data. The desired data can be requested from the server to download the big data according to the level of disclosure. It separates the Server Agent and the client agent when the data provider publishes the data for data to be used by the user. In particular, we focus on the Big Data Sharing, Distributed Big Data Processing, Big Traffic problem, and construct the detailed module of the client - server model and present the design method of each module. The system designed on the basis of the proposed model, the user who acquires the data analyzes the data in the desired direction or preprocesses the new data. By analyzing the newly processed data through the server agent, the data user changes its role as the data provider. The data provider can also obtain useful statistical information from the Data Descriptor of the data it discloses and become a data user to perform new analysis using the sample data. In this way, raw data is processed and processed big data is utilized by the user, thereby forming a natural shared environment. The role of data provider and data user is not distinguished, and provides an ideal shared service that enables everyone to be a provider and a user. The client-server model solves the problem of sharing big data and provides a free sharing environment to securely big data disclosure and provides an ideal shared service to easily find big data.

• The Korean Journal of Air & Space Law and Policy
• /
• v.23 no.2
• /
• pp.137-172
• /
• 2008

The earliest safety data programs, the FDR and CVR, were electronic reporting systems that generate data "automatically." The FDR program, originally instituted in 1958, had no publicly available restrictions for protections against sanctions by the FAA or an airline, although there are agreements and union contracts forbidding the use of FDR data for FAA enforcement actions. This FDR program still has the least formalized protections. With the advent of the CVR program in 1966, the precursor to the current FAR 91.25 was already in place, having been promulgated in 1964. It stated that the FAA would not use CVR data for enforcement actions. In 1982, Congress began restricting the disclosure of the CVR tape and transcripts. Congress added further clarification of the availability of discovery in civil litigation in 1994. Thus, the CVR data have more definitive protections in place than do FDR data. The ASRS was the first non-automatic reporting system; and built into its original design in 1975 was a promise of limited protection from enforcement sanctions. That promise was further codified in an FAR in 1979. As with the CVR, from its inception, the ASRS had some protections built in for the person who might have had a safety problem. However, the program did not (and to this day does not) explicitly deal with issues of use by airlines, litigants, or the public media, although it appears that airlines will either take a non-punitive stance if an ASRS report is filed, or the airline may ignore the fact that it has been filed at all. The FAA worked with several U.S. airlines in the early 1990s on developing ASAP programs, and the FAA issued an Advisory Circular about the program in 1997. From its inception, the ASAP program contained some FAA enforcement protections and company discipline protections, although some protection against litigation disclosure and public disclosure was not added until 2003, when FAA Order 8000.82 was promulgated, placing the program under the protections of FAR 193, which had been added in 2001. The FOQA program, when it was first instituted through a demonstration program in 1995, did not contain protections against sanctions. Now, however, the FAA cannot take enforcement action based on FOQA safety data, and an airline is limited to "corrective action" under the program. Union contracts can exclude FOQA from the realm of disciplinary action, although airline practice may be for airlines to require retraining if there is no contract in place forbidding it. The data is protected against disclosure for litigation and public media purposes by FAA Order 8000.81, issued in 2003, which placed FOQA under the protections of FAR 193. The figure on the next page shows when each program began, and when each statute, regulation, or order became effective for that program.

• The Korean Journal of Archival Studies
• /
• no.46
• /
• pp.153-187
• /
• 2015

This study aims to discuss issues about non-existent information of the information disclosure system and to provide alternative strategies for the issues. For the theoretical discussion it reviews the definitions and standards of non-existent information and analyzes legal aspects and statistical changes of non-existent information. Furthemore, in order to discuss a current status and problems of non-existent information at the central administrative agencies, it analyzes the cases of the non-existent information notification. According to analysis results, non-existent information status of the surveyed institutions is a total of 4,421 cases for three years and it shows the continuous increasing trend year after year. The number of institutions that have the number of non-existent information equal to the number of nondisclosures or over it reached about 40%. It means excluding non-existent information from the reasons of nondisclosure influenced disclose rates and nondisclosure rates of many agencies. In the type analysis of the non-existent information reasons, the most main reason, the case of not producing or receiving the requested information by public institutions takes over 75% among the whole reasons. The next reason is the case of collecting or processing information takes over 7-10%. This study found the operational issues, as analyzing notifications of non-existent information. The operational issues are 1) the incomplete explanation of non-existent information, 2) the unclear scope of the collection and processing, 3) the problem of the transfer processing, and 4) the problem of recording management. Therefore, this study suggested some improvements of the perspective and the technical and procedural aspects. First, information disclosure issues including non-existent information are to be understood as an extension of records management. Second, disclosure service should improve overall based on advanced understanding. Third, the management procedures of non-existent information should be improved. Fourth, specific guidelines for handling non-existent information should be developed.

• Proceedings of the IEEK Conference
• /
• 2003.07d
• /
• pp.1359-1362
• /
• 2003

The intrusions appears continuously by new unknown attacks exploiting vulnerabilities of systems or components but there are no perfect solutions to protect this unknown attacks. To overcome this problem, in this paper, we have proposed and implemented a Web service intrusion tolerant system that provides continuous Web services to the end users transparently even after the occurrence of an attack against the Web services, and prevents the disclosure of system's configuration data from server Our system has an N+l node architecture which is to minimize the number of redundant server nodes and to tolerate the intrusion effectively, and it also supports diversity in its design. Experimental result obtained on an implemented system show that our system can cope with intrusion such as DoS, file modification, confidentiality compromise of system properly.

• Journal of The Korean Association of Information Education
• /
• v.1 no.2
• /
• pp.57-66
• /
• 1997

The primary purpose of security mechanisms in a computer systems is to control the access to information. There are two types of access control mechanisms to be used typically. One is discretionary access control(DAC) and another is mandatory access control(MAC). In this study an access control mechanism is introduced for secure access path in security system. The security policy of this access control is that no disclosure of information and no unauthorized modification of information. To make this access control correspond to security policy, we introduce three properties; read, write and create.

• The Korean Journal of Air & Space Law and Policy
• /
• v.16
• /
• pp.65-74
• /
• 2002

The Japanese Aviation Accident Investigation Board has two faces. While the surface of the Board is a one of the very accident investigation organ, its shadow face is a one of the very expert witness drawing up a requested written opinion for the sake of the criminal investigation of the Police under the two secret inter-ministerial accords. This Paper proposes that some evidence obtained by investigation ought to be protected for disclosure and use by privilege derived from on of our most basic legal principles: "Nemo debet se-ipsem accusare-no one is required to incriminate oneself-".

• Asia-Pacific Journal of Business Venturing and Entrepreneurship
• /
• v.7 no.2
• /
• pp.113-127
• /
• 2012

From the end of 1st quarter of 2012, Korean mandatory firms had started releasing financial reports conforming to the K-IFRS(Korean adopted International Financial Reporting Standards). Major characteristics of IFRS, such as 'principles based' features, consolidated reporting, 'fair value' measurement, increased pressure for non-financial disclosures have resulted in brief and various disclosure practices regarding the main body of each statements and vast amount of note description requirements. Meanwhile, a host of previous studies on IFRS disclosures have incorporated regulatory and/or 'compete information' perspectives, mainly focusing on suggesting further enforcement of strengthened requirements and providing guidelines for specific treatments. Thus, as an extension of prior findings and suggestions this study had explored to conduct an integrative approach embracing views of the reporting entities and the users of financial information. In spite of all the state-driven efforts for faithful representation and comparability of corporate financial reports, an overhaul of disclosure practices of fiscal year 2010 and 2011 had revealed numerous cases of insufficiency and discordance in terms of mandatory norms and market expectations. As to the causes of such shortcomings, this study identified several factors from the corporate side and the users of the information; some inherent aspects of IFRS, industry/corporate-specific context, expenditures related to internalizing IFRS system, reduced time frame for presentation. lack of clarity and details to meet the quality of information - understandability, comparability etc. - commonly requested by the user group. In order to improve current disclosure practices, dual approach had been suggested; Firstly, to encourage and facilitate implementation, (1) further segmentation and differentiation of mandates among companies, (2) redefining the scope and depth of note descriptions, (3) diversification and coordination of reporting periods, (4) providing support for equipping disclosure systems and granting incentives for best practices had been discussed. Secondly, as for the hard measures, (5) regularizing active involvement of corporate and user group delegations in the establishment and amendment process of K-IFRS (6) enforcing detailed and standardized disclosure on reporting entities had been recommended.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.2
• /
• pp.21-28
• /
• 2008

There are some problems on the system that uses a password comprising a digital signature to identify the secret key owner under the public key infrastructure. For example, the password can be difficult to remember or easy to be disclosure, and users should make more complex password to protect it. A number of studies have been proceeded in order to overcome these defects using the fingerprint identification technologies, but they need to change the current standard of public key infrastructure. On the suggested private key escrow system, the private key can be withdrawn only through the enrollment and identification of a fingerprint template after it is saved to a reliable third system. Therefore, this new private key escrow system can remove previous inconveniences of managingthe private key on current public key infrastructure, and it exhibited superior results in terms of the evaluation items when compared with the integrated method of the existing fingerprint identification and public key infrastructure.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.2
• /
• pp.580-599
• /
• 2021

Software-Defined Networking (SDN) has three key features: separation of control and forwarding, centralized control, and network programmability. While improving network management flexibility, SDN has many security issues. This paper systemizes the security threats of SDN using spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE) model to understand the current security status of SDN. First, we introduce the network architecture and data flow of SDN. Second, we analyze security threats of the six types given in the STRIDE model, aiming to reveal the vulnerability mechanisms and assess the attack surface. Then, we briefly describe the corresponding defense technologies. Finally, we summarize the work of this paper and discuss the trends of SDN security research.