• Strategy21
• /
• s.42
• /
• pp.318-346
• /
• 2017

Currently, security environmental instability is getting worse than ever in the East Asia including to Republic of Korea(ROK). Unlike several conventional issues such as maritime dispute -sometimes with islands- and competitions for getting natural resources, contemporary security dilemma issues followed by arms races among states deepens the power gap between strong and weak state within the region. It is notable that the arms races is the East Asia are mainly focused on naval power. As navy is the very possible force that influences neighboring states, submarine power is usually valued for its nature of stealth, mobile and aggression. Moreover, the submarine power is believed to be one of the highest valued weapon system since it shows actual effectiveness for influencing the other states while avoiding direct military conflicts compared to surface power. As a result, all states within the region are accelerating for getting such power these days. Japan, Most of all, is one of the leading state that aims to ensure self-survival and enlarge military influences under the US-Japan alliance by decisively supporting its power to the American containment strategy against China. In this regard, such movement surely sill influence on ROK both directly and indirectly as we sue the common field, the sea. Though, it has lots of restrictions for us to confront them with military forces as such confrontations within US-led alliances is not desirable upon considering current China and nK threats. As a result, ROK needs to limit the realm of alliance within the region while maintaining ROK-US alliance for getting national interests with both legal and justice superiority against Japan. This paper, as a result, is focused on suggesting the way to utilize submarines as a mean of naval power for both current security environments and the rising maritime threats in the East Asia. I concluded to participate ROK submarines in US-led military strategy against China by dispatching them into the East-China Sea and the North-East area of the Korean peninsula to protect both national interests and justice at the same tome. It should be one of the preemptive measure for confronting with neighboring states by utilizing strategic benefits of submarines while strengthening ROK-US alliances upon participating American Containment Strategy against China.

• Journal of Information Technology Applications and Management
• /
• v.22 no.2
• /
• pp.171-199
• /
• 2015

This study proposes the practical information security measures that help IT personnel of banks comply the information security policy. The research model of the study is composed of independent variables (clarity and comprehensiveness of policy, penalty, dedicated security organization, audit, training and education program, and top management support), a dependent variable (information security policy compliance intention), and moderating variables (age and gender). Analyses results show that the information security measures except 'clarity of policy' and 'training and education program' are proven to affect the 'information security policy compliance intention.' In case of moderating variables, age moderated the relationship between top management support and compliance intention, but gender does not show any moderating effect at all. This study analyzes information security measures based solely on the perception of the respondents. Future study may introduce more objective measurement methods such as systematically analyzing the contents of the information security measures instead of asking the respondents' perception. In addition, this study analyzes intention of employees rather than the actual behavior. Future research may analyze the relationship between intention and actual behavior and the factors affecting the relationship.

• The Journal of Information Systems
• /
• v.29 no.1
• /
• pp.23-50
• /
• 2020

Purpose As information management grows in importance around the world, organizations are investing in information security technology. However, the higher the level of information security technology in an organization, the higher the techno-stress of employees. The purpose of this study is to suggest stress factors related to information security technology that affect the reduction of employees' intention to comply with information security and to suggest ways to alleviate stress. Design/methodology/approach The research presented a model for mitigating technical stress related to information security based on technical stress theory and person-organization fit theory. 346 questionnaire data were analyzed from the members of the organization who applied the information security technology, and the research hypothesis was verified through the structural equation modeling. Findings The hypothesis test confirms that security-related techno-stress reduces the information security compliance intention of employees, organizational technical support mitigates technical stress, and person-organization fitness mitigates the negative relationship between techno-stress and compliance intention. The results of the study contribute to the organization's strategy for minimizing the reduction of the information security compliance intention of employees, and are meaningful in that the theoretical basis for mitigating techno-stress is provided in the field of information security.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.11
• /
• pp.75-84
• /
• 2018

Social engineering attack means to get information of Social engineering attack means to get information of opponent without technical attack or to induce opponent to provide information directly. In particular, social engineering does not approach opponents through technical attacks, so it is difficult to prevent all attacks with high-tech security equipment. Each company plans employee education and social training as a countermeasure to prevent social engineering. However, it is difficult for a security officer to obtain a practical education(training) effect, and it is also difficult to measure it visually. Therefore, to measure the social engineering threat, we use the results of social engineering training result to calculate the risk by system asset and propose a attack graph based probability. The security officer uses the results of social engineering training to analyze the security threats by asset and suggests a framework for quick security response. Through the framework presented in this paper, we measure the qualitative social engineering threats, collect system asset information, and calculate the asset risk to generate probability based attack graphs. As a result, the security officer can graphically monitor the degree of vulnerability of the asset's authority system, asset information and preferences along with social engineering training results. It aims to make it practical for companies to utilize as a key indicator for establishing a systematic security strategy in the enterprise.

• Journal of the Semiconductor & Display Technology
• /
• v.23 no.2
• /
• pp.123-128
• /
• 2024

Major countries are trying to expand the construction of smart factories by introducing ICT such as the Internet of Things, cloud, and big data into the manufacturing sector to secure national-level manufacturing competitiveness in the era of the 4th industrial revolution. In addition, Germany is pushing for Industry 4.0 to build a fully automatic production system through the Internet of Things, and China is pushing for the expansion of smart factories to enhance the country's industrial competitiveness through Made in China 2025, Japan's intelligent manufacturing system, and the Korean government's manufacturing innovation 3.0. In this study, considering the increasing security connectivity of smart factories, we would like to identify security threats in the external connection part of smart factories and suggest security enhancement measures based on domestic and international standard security models to respond to the identified security threats. Eventually the proposed method can be applied by accurately identifying the smart factory security status, diagnosing vulnerabilities, establishing appropriate improvement plans, and expanding security strategies to respond to security threats.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.309-327
• /
• 2022

As ICT convergence is progressing in all industrial fields and creating the global ecosystem of the supply chain is accelerating, supply chain risk related with cyber area are also increasing. In particular. the supply chain of ICT products is very complex in terms of technical and environmental factors to be managed, so it is vert difficult to transparently manage the entire life cycle. Accordingly, the US, UK, and EU, etc. are conducting and establishing cyber supply chainsecurity-related research and policies for ICT product supply chains. Korea also has the plan to establish management system to secure the supply chain of major ICT equipment as a task in the basic plan of the national cybersecurity strategy announced in 2019, but there is no concrete policy yet. So, In this paper, we review the cyber supply chain security management system in the United States and present a supplementary way to the National Information Security Manual in Korea from the perspective of cyber supply chain security. It is expected that this will serve as a reference material for cyber supply chain measures that can be introduced in domestic information security field.

• Journal of Information Technology Applications and Management
• /
• v.11 no.2
• /
• pp.45-64
• /
• 2004

Many researchers have proved that information systems auditing is a very effective tool for improving information systems quality. However, information system auditing in Korea still includes many subjective judgements. This study deals with applying a quantitative model to improve information system auditing quality on security domain. First of all, we have looked at previous researches on information systems audit, especially on security audit. Based on this survey, we have come up with solutions to improve the evaluation efficiency on security audit. We have merged the security audit guidelines of NCA and KISA, and developed a quantified evaluation scheme. We have proved the validity of this model by interviews with experts and by case studies.

• Proceedings of the KIEE Conference
• /
• 2006.07a
• /
• pp.177-178
• /
• 2006

The enhancement of system security is one of the most important objectives of UPFC operation. To describe the system security, the index related to line flows and bus voltages are used. For the enhancement of security, the operation point of UPFC is set to minimize the index. This paper proposes the minimization algorithm using the Marquardt method. Moreover, the coefficients minimizing iteration number will be derived. For verification of the proposed operation scheme, numerical simulations have been performed on power system in Kwanju area, Korea with a UPFC.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.9 no.1 s.24
• /
• pp.80-88
• /
• 2006

The purpose of this thesis is to research and propose a practical Information Security Technical Architecture on Primary Defense Information Infrastructure with regard to requirement of information security. The scope of this research is limited to national defense information master plan & security rule, and U.S. DoD's IATF is used to plan a detailed structure. The result of this research can be used as a guide book for providing security for Army IT infrastructure now and in the future as well as to devise a plan for research and development in information protection technology.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12spc
• /
• pp.689-695
• /
• 2021

The study is based on the elaborated normative and legal documentation regulating the national security of modern Ukraine and the normative and legal documents adopted by NATO in the responding policy to the challenges that arose after 2014. The main advantages of cooperation with NATO are ensuring military security, developing army standards, improving the country's investment climate, and reducing expenditures on the army. The disadvantages of cooperation with NATO in hostilities with Russia are not highlighted. Still, defined obstacles show that Ukraine is not ready to realize entry into NATO in the short term. Such factors include weak information support, corruption, and unclear diplomatic decisions.