• Korean Security Journal
• /
• no.62
• /
• pp.347-367
• /
• 2020

Rapid advancement of technology in today's society has allowed for easy access and use of data, promoting the process of informationization. Along with the merits of such development, unintended consequences of security risks involving wiretapping have been increasing as well. The security threats posed by wiretapping technology must be addressed by every organization and individual, as it could be used to leak confidential information about the nation's security, military and diplomatic strategies, industrial technologies, and personal information. Despite increasing threats stemming from the surrounding nations using advanced wiretapping technology, there is a lack of awareness at the government level, and the existing security measures for detecting and counteracting the wiretapping equipment are ineffective. In this research, the authors offered technical suggestions for improving the security strategies against the threats of wiretapping and information leakage by conducting a content analysis. The authors suggested the units of an agency be assigned a security grade based on its importance, and that adequate security equipment should be operated according to the grade. For instance, around-the-clock surveillance is recommended for grade-1 facilities, and portable wiretapping equipment detectors should be used to protect conference rooms and other key sites.

• Journal of Digital Convergence
• /
• v.18 no.6
• /
• pp.53-63
• /
• 2020

Electronic financial transactions are also actively increasing due to the rapid spread of information communication media such as the Internet, smart devices, and IoT, but as a derivative by-product, threats of financial security such as leakage of various personal information and hacking are also increasing. Therefore, the importance of financial security against this is increasing, but in Korea, financial security technology is relatively insufficient compared to advanced countries in the field of financial security, such as Active-X. Therefore, this study aims to present the major development direction in the domestic financial security field by comparing key technology trends with IPC classification frequency analysis, keyword frequency analysis, and keyword network analysis based on domestic and foreign financial security-related patent data. In conclusion, it seems that recent domestic and foreign trends have focused on the development of related technologies according to the development of smart device-based electronic financial services. Accordingly, it is intended to be used as the basis data for technology development of financial security by mapping the trend of financial security research trend and technology trend analysis through thesis data analysis that reflects the research of the preceding aspect as the technology of commercialization in the future.

• Journal of the Korea Convergence Society
• /
• v.8 no.9
• /
• pp.1-7
• /
• 2017

As the network environment develops and speeds up, a lot of smart devices is developed, and a high-speed smart society can be realized while allowing people to interact with objects. As the number of things Internet has surged, a wide range of new security risks and problems have emerged for devices, platforms and operating systems, communications, and connected systems. Due to the physical characteristics of IoT devices, they are smaller in size than conventional systems, and operate with low power, low cost, and relatively low specifications. Therefore, it is difficult to apply the existing security solution used in the existing system. In addition, IoT devices are connected to the network at all times, it is important to ensure that personal privacy exposure, such as eavesdropping, data tampering, privacy breach, information leakage, unauthorized access, Significant security issues can arise, including confidentiality and threats to facilities. In this paper, we investigate cases of security threats and cases of network of IoT, analyze vulnerabilities, and suggest ways to minimize property damage by Internet of things.

• Informatization Policy
• /
• v.27 no.1
• /
• pp.72-91
• /
• 2020

In this study, we classified SNS into open and closed types, and empirically examined in which SNS activity the privacy paradox holds. The idea comes from the argument that privacy paradox may be observed differently in the open SNS, which is more vulnerable to the leakage of personal information due to public profiles, and the closed SNS, which is relatively less vulnerable by limiting the range of acquaintances, The results of the empirical analysis are as follows. First, in case of SNS usage, the privacy paradox holds in the overall SNS activities, but different conclusions are drawn according to open and closed SNS. In particular, it is found that as privacy concerns increase, individuals respond in a reasonable and desirable way to reduce SNS activity in the open SNS, which is more susceptible to infringement. Second, in the case of SNS activity intensity, (i) heavy users are more seriously aware of the probability of privacy infringement than light users, so there is a reasonable response to reducing the intensive margin with increasing privacy concerns, and (ii) this tendency is more clearly observed in open SNS, which is more vulnerable to privacy infringement. Accordingly, insisting that the privacy paradox is empirically established by observing only the overall SNS activities without distinguishing them into open and closed SNS may be interpreted as a "Fallacy of Composition."

• Journal of the Ergonomics Society of Korea
• /
• v.30 no.1
• /
• pp.99-108
• /
• 2011

Almost all companies have paid much attention to the safety management ranging from maintenance to operation even at the stage of designing in order to prevent accidents, but fatal accidents continue to increase throughout the world. In particular, it is essential to systematically prevent such fatal accidents as fire, explosion or leakage of toxic gas at factories in order to not only protect the workers and neighbors but also prevent economic losses and environmental pollution. Though it is well known that accident probability is very low in NPP(Nuclear Power Plants), the reason why many researches are still being performed about the accidents is the results may be so severe. HRA is the main process to make preparation for possibility of human error in designing of the NPP. But those techniques have some problems and limitation as follows; the evaluation sensitivity of those techniques are out of date. And the evaluation of human error is not coupled with the design process. Additionally, the scope of the human error which has to be included in reliability assessment should be expanded. This work focuses on the coincidence of human error and mechanical failure for some important performance shaping factors to propose a method for improving safety effectively of the process industries. In order to apply in these purposes into the thesis, I found 63 critical Performance Shaping Factors of the eight dimensions throughout studies that I executed earlier. In this study, various analysis of opinion of specialists(Personal Factors, Training, Knowledge or Experience, Procedures and Documentation, Information, Communications, HMI, Workplace Design, Quality of Environment, Team Factors) and the guideline for construction of PSF were accomplished. The selected method was AHP which simplifies objective conclusions by maintaining consistency. This research focused on the implementation process of PSF to evaluate the process of PSF at each phase. As a result, we propose an evaluation model of PSF as a tool to find critical problem at each phase and improve on how to resolve the problems found at each phase. This evaluation model makes it possible to extraction of PSF succesfully by presenting the basis of assessment which will be used by enterprises to minimize the trial and error of construction process of PSF.

• Korean Journal of Human Ecology
• /
• v.16 no.6
• /
• pp.1197-1209
• /
• 2007

The advance of digital contents industry shifts the focus of consumptions; from analogue to digital ones. It gives significant impact on individual life as well as overall society and culture, and it leads to the increased consumption of digital contents. Nevertheless, current digital contents industry fails to secure the sufficient consumer protection systems including relevant rules and laws which regulate the distribution, use, and other transaction activities of digital contents and the efforts, on the part of contents providers, to provide information to consumers and to protect them. Digital contents, by its nature, is different from the existing products so that its nature is likely to cause unique consumer problems totally different from the offline transactions and the electrical transactions of existing products. This study, therefore, aims to identify the possible problems which may be incurred by consumers in their use of digital contents, specify the types of consumer damages, and provide the underlying materials to improve the systems related to digital contents and take legally complementary measures for consumer protection. To identify the types of consumer damages, this study analyzed the results from consumer counselling cases, experts opinion survey, and FGI. For consumer damage cases, this study analyzed the consumer complaints received by open consumer counselling sites of the Korea Consumer Agency and Seoul Electronic Commerce Center. For experts opinion survey, it conducted questionnaire survey of the group of experts from digital contents manufacturers or providers, and those who treated consumer damages directly. For FGI analysis, it organized a panel of students and employees who had used digital contents to understand the types of consumer damages. The results of this study can be summed up as follows. Based on the results from consumer counselling cases, experts opinion survey, and FGI analysis, the consumer damages related to digital contents can be classified, in their nature, into economic or financial damages (25 cases), emotional or psychological ones (15 cases), time-related ones (7 cases), physical ones (4 cases), and privacy-related ones (i.e. leakage of personal data)(3 cases). More specifying the types of damages, damages can be subdivided into contract-, charge-, maintenance-, use-, individual-related ones and other ones. Among them, both contract- and charge-related damages appeared only in the economic or financial damages, whereas user-specific individual damages appeared only in physical and emotional or psychological ones. On the other hand, maintenance- and use-related damages and other ones were observed in both categories of economical or financial damages and time-related ones. Use- and privacy-related damages, in particular, caused emotional or psychological damages.

• Journal of Intelligence and Information Systems
• /
• v.25 no.2
• /
• pp.1-23
• /
• 2019

Big data refers to data that is difficult to store, manage, and analyze by existing software. As the lifestyle changes of consumers increase the size and types of needs that consumers desire, they are investing a lot of time and money to understand the needs of consumers. Companies in various industries utilize Big Data to improve their products and services to meet their needs, analyze unstructured data, and respond to real-time responses to products and services. The financial industry operates a decision support system that uses financial data to develop financial products and manage customer risks. The use of big data by financial institutions can effectively create added value of the value chain, and it is possible to develop a more advanced customer relationship management strategy. Financial institutions can utilize the purchase data and unstructured data generated by the credit card, and it becomes possible to confirm and satisfy the customer's desire. CRM has a granular process that can be measured in real time as it grows with information knowledge systems. With the development of information service and CRM, the platform has change and it has become possible to meet consumer needs in various environments. Recently, as the needs of consumers have diversified, more companies are providing systematic marketing services using data mining and advanced CRM (Customer Relationship Management) techniques. KB Kookmin Card, which started as a credit card business in 1980, introduced early stabilization of processes and computer systems, and actively participated in introducing new technologies and systems. In 2011, the bank and credit card companies separated, leading the 'Hye-dam Card' and 'One Card' markets, which were deviated from the existing concept. In 2017, the total use of domestic credit cards and check cards grew by 5.6% year-on-year to 886 trillion won. In 2018, we received a long-term rating of AA + as a result of our credit card evaluation. We confirmed that our credit rating was at the top of the list through effective marketing strategies and services. At present, Kookmin Card emphasizes strategies to meet the individual needs of customers and to maximize the lifetime value of consumers by utilizing payment data of customers. KB Kookmin Card combines internal and external big data and conducts marketing in real time or builds a system for monitoring. KB Kookmin Card has built a marketing system that detects realtime behavior using big data such as visiting the homepage and purchasing history by using the customer card information. It is designed to enable customers to capture action events in real time and execute marketing by utilizing the stores, locations, amounts, usage pattern, etc. of the card transactions. We have created more than 280 different scenarios based on the customer's life cycle and are conducting marketing plans to accommodate various customer groups in real time. We operate a smart offering system, which is a highly efficient marketing management system that detects customers' card usage, customer behavior, and location information in real time, and provides further refinement services by combining with various apps. This study aims to identify the traditional CRM to the current CRM strategy through the process of changing the CRM strategy. Finally, I will confirm the current CRM strategy through KB Kookmin card's big data utilization strategy and marketing activities and propose a marketing plan for KB Kookmin card's future CRM strategy. KB Kookmin Card should invest in securing ICT technology and human resources, which are becoming more sophisticated for the success and continuous growth of smart offering system. It is necessary to establish a strategy for securing profit from a long-term perspective and systematically proceed. Especially, in the current situation where privacy violation and personal information leakage issues are being addressed, efforts should be made to induce customers' recognition of marketing using customer information and to form corporate image emphasizing security.

• Management & Information Systems Review
• /
• v.35 no.2
• /
• pp.99-118
• /
• 2016

With the development of Internet and popularization of smartphones over recent years, social network services are experiencing rapid growth. On top of this, smartphone gaming market is showing a rapid growth and the use of mobile social games is on the significant rise. The occurrence of game data manipulation targeting these services and personal information leakage is highlighting the importance of social gaming security. This study is intended to propose development plans effective and efficient in social game services by figuring out factors putting effects on security dependent behavior of social game users in Korea and carrying out a practical study on the casual relationship between factors influencing security dependent behavior through recognized behavioral control and attitudes for privacy infringement of these factors. To do this, proposed was a study model in which the HBM(Health Belief Model) allowing the social game user to influence security dependent behavior was expanded and applied as a major variable. To verify the study model of this study practically, a survey was conducted among university students in Seoul-based K University and S University who had experienced using social game services. According to the study findings, firstly, the perceived seriousness turned out to provide positive influence to trust. But, the perceived seriousness turned out not to put positive effects on self-efficacy. Secondly, the perceived probability turned out not to put positive effects on self-efficacy and trust. Thirdly, the perceived gain turned out to put positive effects on self-efficacy and trust. Fourthly, the perceived disorder turned out not to put positive effects on self-efficacy and trust. Fifthly, self-efficacy turned out to put positive effects on trust. But, self-efficacy turned out not to put positive effects on security dependent behavior. Sixthly, trust turned out not to put positive effects on security dependent behavior. This study is intended to make a strategic proposal so that social game users can raise awareness of their level of security perception and security willingness through this.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.157-167
• /
• 2009

Recently, the leakage of confidential information and personal information is taking place on the Internet more frequently than ever before. Most of such online security incidents are caused by attacks on vulnerabilities in web applications developed carelessly. It is impossible to detect an attack on a web application with existing firewalls and intrusion detection systems. Besides, the signature-based detection has a limited capability in detecting new threats. Therefore, many researches concerning the method to detect attacks on web applications are employing anomaly-based detection methods that use the web traffic analysis. Much research about anomaly-based detection through the normal web traffic analysis focus on three problems - the method to accurately analyze given web traffic, system performance needed for inspecting application payload of the packet required to detect attack on application layer and the maintenance and costs of lots of network security devices newly installed. The UTM(Unified Threat Management) system, a suggested solution for the problem, had a goal of resolving all of security problems at a time, but is not being widely used due to its low efficiency and high costs. Besides, the web filter that performs one of the functions of the UTM system, can not adequately detect a variety of recent sophisticated attacks on web applications. In order to resolve such problems, studies are being carried out on the web application firewall to introduce a new network security system. As such studies focus on speeding up packet processing by depending on high-priced hardware, the costs to deploy a web application firewall are rising. In addition, the current anomaly-based detection technologies that do not take into account the characteristics of the web application is causing lots of false positives and false negatives. In order to reduce false positives and false negatives, this study suggested a realtime anomaly detection method based on the analysis of the length of parameter value contained in the web client's request. In addition, it designed and suggested a WAF(Web Application Firewall) that can be applied to a low-priced system or legacy system to process application data without the help of an exclusive hardware. Furthermore, it suggested a method to resolve sluggish performance attributed to copying packets into application area for application data processing, Consequently, this study provide to deploy an effective web application firewall at a low cost at the moment when the deployment of an additional security system was considered burdened due to lots of network security systems currently used.

• The Korean Society of Law and Medicine
• /
• v.20 no.1
• /
• pp.109-132
• /
• 2019

Recently, medical accidents related to surgical procedures have increased. In addition, the media reported that some of these accidents were involved in health crimes. Patient-advocate groups have called for mandatory establishment and management of CCTV in operating rooms. There is a lot of discussion among the interested parties, so it is necessary to review the relevant laws and regulations. The purpose of this study is to identify the characteristics of CCTV in operating rooms and to review legislations related to establishment and management of the CCTV in operating rooms. Medical institutions use CCTV for management of facilities and patient safety and install it in operating rooms optionally. The Constitution guarantees the privacy and the privacy of correspondence of every citizen, but it can be limited by the law for public welfare. Currently, however, there is no existing law about establishment and management of the CCTV in operating rooms and it can be defect of legal system. Under the current legislations, it is likely that the Self-determination can be violated due to the characteristic of healthcare provider when CCTV is mandatorily installed in operating room. In addition, the regulations on access and leakage of confidential information known by operator are insufficient. So that, the safety of the visual data might be threatened. Furthermore, unless the period and the place of storage of the visual data are clearly defined, it is highly unlikely to meet the original purpose of patient safety and prevention of medical accidents. This study is meaningful as there is few previous study on this topic although the need for legal review about this is growing and several bills are being proposed. It is expected that the results of this study can be utilized as basic data for enactment or amendment of the laws and regulations about establishment and management of CCTV in operating rooms.