• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.551-558
• /
• 2016

The recent convergence in ICT industry has created new businesses as well as other opportunities. However, it entails new convergence threat accompanied by security risks. Even though there are security professionals who are dealing with the situation, there is not enough human resource in risk management. Moreover, the amount of research that studies quality of education and training security personnel is not sufficient. This paper explores the curriculum of information security education in the private sector and reasons out fifteen standard curriculums in four professional fields categorized by job classification. In addition, it provides a weighted score table based on the evaluation indicator for the effective security education certificates in the private sector.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.441-449
• /
• 2016

Today, as a daily routine such as administration/finance is operated under information system and various cyber crime against national, public, and private institutions happen, demand for information security manpower is increasing. Hence, Ministry of Education has formed an Institute of Information Security Education for the Gifted to early discover talent in the field of information security and train professional personnel with specialty and ethics in 4 universities of country in 2014. But the nascent Institute of Information Security Education for the Gifted lack systematic analyses compared to Institute of Mathematics and Science Education for the Gifted that has existed from a long time ago. In this paper, we analyze the state of the Institute of Information Security Education for the Gifted in three parts: operation, selection, education and suggest an improvement to build a practical program for effective operations and education.

• International Journal of Internet, Broadcasting and Communication
• /
• v.15 no.3
• /
• pp.149-159
• /
• 2023

Web application security education that can provide practical experience is needed to reduce damage caused by the recent increase in web application vulnerabilities and to strengthen security. In this paper, we proposed a scenario-based web application education method, applied the proposed method to classes, and analyzed the results. In order to increase the effectiveness of scenario-based education, a real-life practice environment to perform scenarios and instructions to be performed by learners are needed. As an example of the proposed method, instructions to be performed by learners from the viewpoint of the attacker and the victim were shown in a practice environment to teach XSS and SQL injection vulnerabilities. After applying the proposed method to the class for students majoring in cyber security, when the lecture evaluation results were analyzed, it was shown that the learner's interest, understanding, and major ability all improved.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.12
• /
• pp.315-320
• /
• 2020

The purpose of this study is to analyze and interpret the current situation of private security companies·guards for the past three years, security companies by size, general·special (new education), and qualification system provided by the Police Agency, Security Association, etc. It provides a theoretical foundation for private security and provides a new perspective for interpreting private security. As a result, through the current situation, this private security has a concentration of metropolitan area and facility security, an abnormal personal protection company contrast, the number of personal protection institutes, there is a special security shift to regular jobs, and the current continuous education On the other hand, the education of special security guards has been shown to be limited. In the qualification system, the utilization of security instructor qualifications and the utilization and public relations of personal probation officer qualifications will appear. The current state of typical private security is as follows. The first is the balanced development of private security and the clarity of business divisions. Second, the quality of private security education and educational institutions must be high. Third is the recognition of the qualification system and active public relations.

• Journal of The Korean Association of Information Education
• /
• v.1 no.2
• /
• pp.57-66
• /
• 1997

The primary purpose of security mechanisms in a computer systems is to control the access to information. There are two types of access control mechanisms to be used typically. One is discretionary access control(DAC) and another is mandatory access control(MAC). In this study an access control mechanism is introduced for secure access path in security system. The security policy of this access control is that no disclosure of information and no unauthorized modification of information. To make this access control correspond to security policy, we introduce three properties; read, write and create.

• Journal of The Korean Association of Information Education
• /
• v.14 no.2
• /
• pp.157-164
• /
• 2010

This study proposed the information security integrated learning model-based KASP. By analyzing the teaching materials regarding information security in the regular curriculum, and by investigating preliminary studies, the information security contents were examined in terms of knowledge, attitudes, skills and ways to practice(KASP). And, the KASP-information security learning model integrating knowledge, attitudes, and ways to practice was developed, and the teaching plan and learning material hand-out were accordingly made out. Moreover, the developed model was tested in an experimental group, and common information security learning content centered on ethics in the comparison group in order to compare the results of two groups. As the test result analysis, it was verified that the developed KASP-information security integrated learning model was effective to help the students learn the knowledge, attitudes, skills and ways to practice.

• International Journal of Computer Science & Network Security
• /
• v.22 no.2
• /
• pp.145-152
• /
• 2022

One of the impacts of Covid-19 on education systems has been the shift to online education. This shift has changed the way education is consumed and perceived by students. However, the exact nature of student perception about online education is not known. The aim of this study was to understand the perceptions of Saudi higher education students (e.g., post-school students) about online education during the Covid-19 pandemic. Various aspects of online education including benefits, features and cybersecurity were explored. The data collected were analysed using statistical techniques, especially artificial neural networks, to address the research aims. The key findings were that benefits of online education was perceived by students with positive experience or when ensured of safe use of online platforms without the fear cyber security breaches for which recruitment of a cyber security officer was an important predictor. The issue of whether perception of online education as a necessity only for Covid situation or a lasting option beyond the pandemic is a topic for future research.

• Journal of Digital Convergence
• /
• v.12 no.2
• /
• pp.27-37
• /
• 2014

While organizations are making a considerable effort to leverage formal and informal control mechanisms (e.g., policies, procedures, organizational culture) to improve security, their impact and effectiveness is under scrutiny as employees seldom comply with information security procedures. The best way to ensure the viability of a security policy is to make sure users understand it and accept necessary precautions. From an organization's perspective, a lack of security knowledge and awareness on the part of employees is a major problem. However, previous studies suggest that effect of security awareness education is inconsistent. Thus, this study is to find the answer why security awareness education is not effective. Conclusions and implications are discussed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.1055-1062
• /
• 2021

As face-to-face education becomes difficult due to the spread of COVID-19, the use of e-learning content and virtual training is increasing. In the case of information security education, practice to learn response techniques is important, so simulation hacking and vulnerability analysis activities have been supported as virtual training for a long time. In order to increase the educational effect, contents should be designed similar to real situation, and learning activities to achieve the learning goals should be designed. In addition, excellent functions and scalability of the system supporting learning activities are required. The researcher developed an LMS evaluation index that supports non-face-to-face education by considering the key elements of non-face-to-face education and training. The developed evaluation index was applied to the information security education platform to verify its practical utility.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.445-451
• /
• 2014

The related-key attack is regarded as one of the important cryptanalytic tools for the security evaluation of block ciphers. This is due to the fact that this attack can be effectively applied to schemes like block-cipher based hash functions whose block-cipher keys can be controlled as their messages. In this paper, we improve the related-key attack on lightweight block cipher PRINCE proposed in FSE 2013. Our improved related-key attack on PRINCE reduces data complexity from $2^{33}$ [4] to 2.