• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.51-59
• /
• 2019

In this paper, we propose a device identification system for network visibility that can maintain the secure internal network environment in the IoT era. Recently, the area of enterprise network is getting huge and more complicated. Not only desktops and smartphones but also business pads, barcode scanners, APs, Video Surveillance, digital doors, security devices, and lots of Internet of Things (IoT) devices are rapidly pouring into the business network, and there are highly risk of security threats. Therefore, in this paper, we propose the device identification system that includes the process and module-specific functions to identify the exploding device in the IoT era. The proposed system provides in-depth visibility of the devices and their own vulnerabilities to the IT manager in company. These information help to mitigate the risk of the potential cyber security threats in the internal network and offer the unified security management against the business risks.

• Journal of Information Technology Applications and Management
• /
• v.13 no.4
• /
• pp.141-153
• /
• 2006

According to supply of super high way internet service, importance of security becomes more emphasizing. Therefore, flawless security solution is needed for blocking information outflow when we send or receive data. large enterprise and public organizations can react to this problem, however, small organization with limited work force and capital can't. Therefore they need to elevate their level of information security by improving their information security system without additional money. No hackings can be done without passing invasion blocking system which installed at the very front of network. Therefore, if we manage.isolation log effective, we can recognize hacking trial at the step of pre-detection. In this paper, it supports information security manager to execute isolation log analysis very effectively. It also provides isolation log analysis module which notifies hacking attack by analyzing isolation log.

• Journal of Advanced Navigation Technology
• /
• v.20 no.1
• /
• pp.72-78
• /
• 2016

MD-5 has been the hash algorithm to encrypt the user's password on Linux from the beginning. Recently the more reliable password management was demanded and SHA-512 algorithm became the hash algorithm on the recent Enterprise Linux which is more reliable than MD-5. This paper researching the characteristics of the hashing and encryption algorithms and find out about Linux User information management. Based on this analysis, and analysis of the security of the hashing algorithm is applied to the user password. In addition, analyzes the cases used hash algorithm applied to the validation of Open Source Software file, such as Apache, PHP, MySQL. Finally, by analyzing the security tool John The Ripper this paper suggests the enhanced security with the administrative management of passwords.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1251-1258
• /
• 2016

Recently, leaks of the personal information of Internet users have been occurring too frequently. Generally, Internet users have email accounts. The use of email as a communications tool in the private and public sectors has increased. Therefore, in email usage, password management to ensure a more secure email service is most important. In this study, we conducted an online survey of email users and analyzed their responses by using structural equation modeling software to find the psychological and behavioral characteristics of their password management. The results of this study provide useful suggestions on information security strategies related to email password management at both the enterprise and individual levels.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1309-1318
• /
• 2014

In the past few years, data leakage of information assets has become a prominent social issue. According to the National Industrial Security Center in South Korea, 71 percent who suffer from technology leakage are small and medium sized enterprises. Hence, establishment and operation of ISMS (Information Security Management System) for small and medium sized enterprises become an important issue. Since it is not easy to obtain ISMS certification for a small or medium sized enterprise by itself, consultation with an expert firm in information security is necessary before the security implementation. However, how to select a proper security consulting company for a small or medium sized firm has not been studied yet. In this study, we analyze empirically the selection factors of ISMS certification consulting company for a small or medium sized firm through exploratory factor analysis (EFA). Our study identified the following four important factors in selecting a security consulting company: expertise of the staffs and human resource management proficiency, market leading capability, competence to make progress during the consultation, and the performance and the size of the physical assets and human resources.

• Convergence Security Journal
• /
• v.15 no.3_1
• /
• pp.107-114
• /
• 2015

Since 2002, information security management system has been implemented (ISMS) certification scheme whilst providing telecommunications services to enhance the level of enterprise information security was ongoing and Prevent accidents and avoid spread of infringement, such as rapid response and there is a lot of it came true. However, this system is the protection of the country or the investment company, as part of the actual information on how management affects the performance came from or how measures are still lacking for. In this study, the companies have their own privacy ISMS certification measures the level of activity continued to improve information security performance measures and methodology are presented. The government is also based on the validity of the certification system to ensure the overall implementation of the ISMS itself is this a step increase effective information security system is to be certified in advance to prevent security incidents and to improve business performance to help.

• Journal of Digital Convergence
• /
• v.10 no.4
• /
• pp.217-222
• /
• 2012

Group communication on the Internet is exploding in popularity. Video conferencing, Enterprise IM, desktop sharing, and numerous forms of e-commerce are but a few examples of the ways in which the Internet is being used for business. The growing use of group communication has highlighted the need for advances in security. There are several approaches to securing user identities and other information transmitted over the Internet. One of the foundations of secure communication is key management, a building block for encryption, authentication, access control, and authorization.

• Journal of Information Technology Services
• /
• v.19 no.5
• /
• pp.33-47
• /
• 2020

In recent years, due to the demand for operating efficiency and cost reduction of industrial facilities, remote access via the Internet is expanding. the control network accelerates from network separation to network connection due to the development of IIoT (Industrial Internet of Things) technology. Transition of control network is a new opportunity, but concerns about cybersecurity are also growing. Therefore, manufacturers must reflect security compliance and standards in consideration of the Internet connection environment, and enterprises must newly recognize the connection area of the control network as a security management target. In this study, the core target of the control system security threat is defined as the network boundary, and issues regarding the security architecture configuration for the boundary and the role & responsibility of the working organization are covered. Enterprises do not integrate the design organization with the operation organization after go-live, and are not consistently reflecting security considerations from design to operation. At this point, the expansion of the control network is a big transition that calls for the establishment of a responsible organization and reinforcement of the role of the network boundary area where there is a concern about lack of management. Thus, through the organization of the facility network and the analysis of the roles between each organization, an static perspective and difference in perception were derived. In addition, standards and guidelines required for reinforcing network boundary security were studied to address essential operational standards that required the Internet connection of the control network. This study will help establish a network boundary management system that should be considered at the enterprise level in the future.

• The Journal of Asian Finance, Economics and Business
• /
• v.7 no.9
• /
• pp.467-475
• /
• 2020

The study aims to investigate factors affecting enterprise's satisfaction and loyalty toward the Social Security's online public services, looking at the case of Thanh Hoa province, Vietnam. This study employs samples with 216 enterprises that use online public system of Thanh Hoa province's Social Security. The research model is closely linked to the SERVQUAL model developed by Parasuraman, Zeithaml and Berry (1988). We propose 23 scales that constitute the quality of service, three scales that constitute Customer Satisfaction and three components that constitute Customer Loyalty. This study use the tool of Exploratory Factor Analysis (EFA), Cronbach's Alpha test, Confirm Factor Analysis (CFA) and Structural Equation Modeling (SEM) in order to address the question of satisfaction and loyalty. The result shows that the factor with the most impact is Reliability, next is Capacity of staffs, Tangibles, Attitude of staffs, and the least impacting factor is Empathy; moreover, the results also show that Satisfaction has a strong impact on Customer Loyalty. The findings of this study suggest that Thanh Hoa province's Social Security should: (i) strengthen the reliability of online service system; (ii) build capacity for staffs; (iii) develop the responsiveness of electronic transactions systems; and (iv) improve the empathy of staffs.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.115-122
• /
• 2021

In the recent past enormous enterprise applications have migrated into the cloud computing (CC). The researchers have contributed to this ever growing technology and as a result several innovations strengthened to offer the quality of service (QoS) as per the demand of the customer. It was treated that management of resources as the major challenge to offer the QoS while focusing on the trade-offs among the performance, availability, reliability and the cost. Apart from these regular key focuses to meet the QoS other key issues in CC are data integrity, privacy, transparency, security and legal aspects (DIPTSL). This paper aims to carry out the literature survey by reflecting on the prior art of the work with regard to QoS in CC and possible implementation of block chain to implement decentralised CC solutions governing DIPTSL as an integral part of QoS.