• 한국인터넷방송통신학회논문지
• /
• 제13권1호
• /
• pp.171-180
• /
• 2013

데이터의 보안은 항상 중요한 문제이다. 특히 현재 각광받고 있는 클라우드 컴퓨팅 시스템은 필연적으로 데이터 보안의 문제가 제기되고 있다. 그러나 단순한 보안방법으로는 더 이상 데이터가 안전하지 않으며, 데이터 보안을 위해서 보다 진보된 방법을 요구하고 있다. 본 논문에서는 기존의 텍스트 기반의 암호 방식보다 더 높은 레벨의 보안방식을 제시하기 위해 이미지 정보 기반의 데이터 내용 접근 제어 방식에 관하여 연구하였다. 원본 이미지에서 히스토그램 값을 이용하여 칼라키를 생성하고 이미지를 변환시켜 위치정보와 색상정보를 추출하여 보안 키를 생성하여 보안처리된 데이터 내용을 접근한다. 끝으로 본 몬문은 제안한 기법를 평가하기 위해 데이터 내용의 접근을 제어할 수 있는 인터페이스를 설계하고 구현하였다.

• 한국멀티미디어학회논문지
• /
• 제15권11호
• /
• pp.1349-1357
• /
• 2012

오늘날의 소프트웨어는 인터넷 환경에서 데이터를 교환하기 때문에 해커에 의해 악의적인 공격을 받을 가능성이 항상 존재한다. 이러한 보안약점은 심각한 경제적 손실을 발생시키는 소프트웨어 보안 침해사고의 직접적인 원인이다. 최근에는 보안 약점을 해소하기위해 외부환경에 대한 보안시스템을 견고히 하는 것보다 프로그래머가 견고한 소프트웨어를 개발하는 것이 보안 수준을 향상시킬 수 있는 본질적이고 가장 효과적인 방법이라는 인식이 늘어나고 있다. 이러한 가운데 코딩 단계에서부터 소프트웨어에 대한 취약점을 해소하여 보안 침해사고를 예방하기 위한 코딩 안내서를 제시하는 것이 전 세계적으로 주요한 보안 이슈로 떠오르고 있다. 시큐어 코딩을 개발자나 관리자 입장에서 효과적으로 사용하기 위해서는 전체 시큐어 코딩 집합과 보안약점을 구조적으로 체계화하고 관리해야 하며 새로운 정보의 갱신이 지속적으로 필요하지만, 기존의 시큐어 코딩 및 보안약점은 구조적으로 체계화되어 있지 못하다. 본 논문에서는 Java 언어를 대상으로 기존 시큐어 코딩 자료와 검사 도구의 코딩 룰 조사를 통해 보안 약점을 구조화하고 모바일 애플리케이션을 위한 구조적 보안 약점을 그 결과로 소개한다.

• 한국항공운항학회지
• /
• 제13권4호
• /
• pp.29-42
• /
• 2005

The passenger security screening is a mandatory procedure for boarding the aircraft according to ICAO standard as well as national law of each country. The enhanced threat of terrorism have had the security procedure strengthened since 9/11 events. However the effectiveness of passenger screening is not satisfactory and the service level for passenger is getting worse because of tightened security measurements. This research studied the responsibility issue for the enhancement of the effectiveness and service quality in passenger security screening. The study concluded that a desirable responsibility assignment for passenger screening is to the airport authority at normal time and to the government authority at the time of high threat.

• Nuclear Engineering and Technology
• /
• 제46권4호
• /
• pp.461-466
• /
• 2014

Security of radioactive sources has been an issue since the earliest days of safety regulation of such materials. Since the events of September 11 2001, some governments and regulatory bodies have been much more focussed on these issues and have introduced extensive and enhanced security arrangements. International organisations like the IAEA and WINS have worked hard to help States in this regard. However, only a minority of States have implemented statutory security systems for radioactive source security. Why have so many States still to take action? What can be done to encourage and support these changes? This paper will offer some possible explanations for the lack of action in so many States and some potential answers to these questions.

• 디지털융복합연구
• /
• 제8권4호
• /
• pp.97-108
• /
• 2010

최근 정보보호 거버넌스는 기업 거버넌스의 일부로서 기업의 가치 있는 비즈니스 정보자산을 보호하기 위한 중요한 이슈로 부각되고 있다. 현재 국내외에서 정보보호 거버넌스에 대한 활발한 연구가 진행되고 있지만, 그 개념이 추상적이기 때문에 실질적으로 정보보호 거버넌스를 구현한 조직은 드물다. 따라서 본 논문에서는 정보보호 거버넌스의 개념을 보다 구체화하기 위하여 ISO/IEC27014를 기반으로 최고 경영층 및 이사회가 수행 가능한 구체적인 활동을 식별하고, 조직의 목표 및 정보보호 거버넌스 목표를 달성하기 위한 핵심성공요인을 도출하였다.

• International Journal of Computer Science & Network Security
• /
• 제22권6호
• /
• pp.241-245
• /
• 2022

The main purpose of the study is to determine the main factors influencing the economic environment of the region and its financial and economic security. Ukraine aspires to become a full member of the European Union, but the events of 2022 have changed everything. Full-scale military operations on the territory of Ukraine significantly affect its socio-economic situation Today, the issue of studying the negative impact of military operations on the economic environment is very relevant. Based on the results of the study, we have identified the main negative factors of the military impact on the economic environment of the region and its financial and economic security.

• International Journal of Computer Science & Network Security
• /
• 제24권9호
• /
• pp.50-62
• /
• 2024

The decision to integrate mobile cloud computing (MCC) in higher education without first defining suitable usage scenarios is a global issue as the usage of such services becomes extensive. Consequently, this study investigates the security determinants of the educational use of mobile cloud computing among universities' students. This study proposes and develops a theoretical model by adopting and modifying the Protection Motivation Theory (PMT). The study's findings show that a significant amount of variance in MCC adoption was explained by the proposed model. MCC adoption intention was shown to be highly influenced by threat appraisal and coping appraisal factors. Perceived severity alone explains 37.8% of students "Intention" to adopt MCC applications, which indicates the student's perception of the degree of harm that would happen can hinder them from using MCC. It encompasses concerns about data security, privacy breaches, and academic integrity issues. Response cost, perceived vulnerability and response efficacy also have significant influence on students "intention" by 18.8%, 17.7%, and 6.7%, respectively.

• International Journal of Computer Science & Network Security
• /
• 제24권8호
• /
• pp.105-118
• /
• 2024

The decision to integrate mobile cloud computing (MCC) in higher education without first defining suitable usage scenarios is a global issue as the usage of such services becomes extensive. Consequently, this study investigates the security determinants of the educational use of mobile cloud computing among universities students. This study proposes and develops a theoretical model by adopting and modifying the Protection Motivation Theory (PMT). The studys findings show that a significant amount of variance in MCC adoption was explained by the proposed model. MCC adoption intention was shown to be highly influenced by threat appraisal and coping appraisal factors. Perceived severity alone explains 37.8% of students "Intention" to adopt MCC applications, which indicates the student's perception of the degree of harm that would happen can hinder them from using MCC. It encompasses concerns about data security, privacy breaches, and academic integrity issues. Response cost, perceived vulnerability and response efficacy also have significant influence on students "intention" by 18.8%, 17.7%, and 6.7%, respectively.

• 인터넷정보학회논문지
• /
• 제17권5호
• /
• pp.25-32
• /
• 2016

There has been a rapid growth in the development of mobile application resulting from its wide usage for online transaction, data storage and exchange of information. However, an important issue that has been overlooked is the lack of emphasis on the security issues at the early stage of the development. In fact, security issues have been kept until the later stage of the implementation of mobile apps. Requirements engineers frequently ignore and incorrectly elicit security related requirements at the early stage of mobile application development. This scenario has led to the failure of developing secure and safe mobile application based on the needs of the users. As such, this paper intends to provide further understanding of the real challenges in extracting security attributes for mobile application faced by novice requirements engineers. For this purpose, two experiments on eliciting security attributes requirements of textual requirements scenario were conducted. The performance related to the correctness and time taken to elicit the security attributes were measured and recorded. It was found that the process of eliciting correct security attributes for mobile application requires effort, knowledge and skills. The findings indicate that an automated tool for correct elicitation security attributes requirement could help to overcome the challenges in eliciting security attributes requirements, especially among novice requirements engineers.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권7호
• /
• pp.2667-2682
• /
• 2015

Due to the wide application of face recognition (FR) in information security, surveillance, access control and others, it has received significantly increased attention from both the academic and industrial communities during the past several decades. However, partial face occlusion is one of the most challenging problems in face recognition issue. In this paper, a novel method based on linear regression-based classification (LRC) algorithm is proposed to address this problem. After all images are downsampled and divided into several blocks, we exploit the evaluator of each block to determine the clear blocks of the test face image by using linear regression technique. Then, the remained uncontaminated blocks are utilized to partial occluded face recognition issue. Furthermore, an improved Distance-based Evidence Fusion approach is proposed to decide in favor of the class with average value of corresponding minimum distance. Since this occlusion removing process uses a simple linear regression approach, the completely computational cost approximately equals to LRC and much lower than sparse representation-based classification (SRC) and extended-SRC (eSRC). Based on the experimental results on both AR face database and extended Yale B face database, it demonstrates the effectiveness of the proposed method on issue of partial occluded face recognition and the performance is satisfactory. Through the comparison with the conventional methods (eigenface+NN, fisherfaces+NN) and the state-of-the-art methods (LRC, SRC and eSRC), the proposed method shows better performance and robustness.