• International Journal of Computer Science & Network Security
• /
• 제22권6호
• /
• pp.390-399
• /
• 2022

Cyber security and resilience are phrases that describe safeguards of ICTs (information and communication technologies) from cyber-attacks or mitigations of cyber event impacts. The sole purpose of Risk models are detections, analyses, and handling by considering all relevant perceptions of risks. The current research effort has resulted in the development of a new paradigm for safeguarding services offered online which can be utilized by both service providers and users. customers. However, rather of relying on detailed studies, this approach emphasizes task selection and execution that leads to successful risk treatment outcomes. Modelling intelligent CSGs (Cyber Security Games) using MLTs (machine learning techniques) was the focus of this research. By limiting mission risk, CSGs maximize ability of systems to operate unhindered in cyber environments. The suggested framework's main components are the Threat and Risk models. These models are tailored to meet the special characteristics of online services as well as the cyberspace environment. A risk management procedure is included in the framework. Risk scores are computed by combining probabilities of successful attacks with findings of impact models that predict cyber catastrophe consequences. To assess successful attacks, models emulating defense against threats can be used in topologies. CSGs consider widespread interconnectivity of cyber systems which forces defending all multi-step attack paths. In contrast, attackers just need one of the paths to succeed. CSGs are game-theoretic methods for identifying defense measures and reducing risks for systems and probe for maximum cyber risks using game formulations (MiniMax). To detect the impacts, the attacker player creates an attack tree for each state of the game using a modified Extreme Gradient Boosting Decision Tree (that sees numerous compromises ahead). Based on the findings, the proposed model has a high level of security for the web sources used in the experiment.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2014년도 추계학술대회
• /
• pp.699-700
• /
• 2014

The use of Radio Frequency Identification technology (RFID) in medical context enables not only drug identification, but also a rapid and precise identification of patients, physicians, nurses or any other healthcare giver. The combination of RFID tag identification with structured and secured Internet of Things (IoT) solutions enables ubiquitous and easy access to medical related records, while providing control and security to all interactions. This paper defines a basic security architecture, easily deployable on mobile platforms, which would allow to establish and manage a medication prescription service in mobility context making use of electronic Personal Health Records. This security architecture is aimed to be used with a mobile e-health application (m-health) through a simple and intuitive interface, supported by RFID technology. This architecture, able to support secured and authenticated interactions, will enable an easy deployment of m-health applications. The special case of drug administration and ubiquitous medication control system, along with the corresponding Internet of Things context, is presented.

• Journal of Information Processing Systems
• /
• 제15권4호
• /
• pp.904-919
• /
• 2019

Many security systems rely solely on solutions based on Artificial Intelligence, which are weak in nature. These security solutions can be easily manipulated by malicious users who can gain unlawful access. Some security systems suggest using fingerprint-based solutions, but they can be easily deceived by copying fingerprints with clay. Image-based security is undoubtedly easy to manipulate, but it is also a solution that does not require any special training on the part of the user. In this paper, we propose a multi-factor security framework that operates in a three-step process to authenticate the user. The motivation of the research lies in utilizing commonly available and inexpensive devices such as onsite CCTV cameras and smartphone camera and providing fully secure user authentication. We have used technologies such as Argon2 for hashing image features and physically unclonable identification for secure device-server communication. We also discuss the methodological workflow of the proposed multi-factor authentication framework. In addition, we present the service scenario of the proposed model. Finally, we analyze qualitatively the proposed model and compare it with state-of-the-art methods to evaluate the usability of the model in real-world applications.

• Asia pacific journal of information systems
• /
• 제31권2호
• /
• pp.236-256
• /
• 2021

Online financial technology products are an important consumer finance innovation. While a large body of previous research has focused on initial adoption and consumer willingness to use these products, little research explores the continued use of these products beyond the initial adoption phase. In particular, special attention should be paid to how users' trust and perceptions of privacy and security affect continued use behavior. This paper integrates the expectation confirmation model of information system continuance (ECM-ISC), the information system success model (ISSM) and the security and trust literatures to investigate continued use of online financial technology. To test the research model, we collected 398 valid questionnaires from Ant Credit Pay users. The research results show that system and service quality positively impact users' expectation confirmation, while information quality has no significant impact. Expectation confirmation and perceived usefulness positively affect user satisfaction. Moreover, the user's perception of privacy and security plays a vital role in user satisfaction. Satisfaction and perceived trust jointly promote users' continuance behaviors. Findings of this study indicates the importance of the information system success factors and security factors due to their influence on the continued use of Fintech products. This conclusion has implications for enterprises in improving the product qualities and enhancing the degree of security to meet user needs.

• 유통과학연구
• /
• 제15권2호
• /
• pp.27-36
• /
• 2017

Purpose - This study was intended to find the selection attribution factors and service satisfaction determinants of third party logistics suppliers in Dongdaemun wholesale market. Research design, data, and methodology - A questionnaire survey was performed, and the retailers and wholesalers in Dongdaemun wholesale market were asked to fill in it. Company employees using third party logistics service were selected by a random sampling method. Results - It is easy for both retailers and wholesalers to use third party logistics service. The logistics companies in Dongdaemun wholesale market have paid more heed to the security of freight and the operability. That is, the freight safety and operating service are the most important factors in selecting third party logistics suppliers, and they both have a close relationship with user satisfaction. There is no relation between service level and recognition in selection factors of third party logistics suppliers. All the responsiveness, operability and informativeness of third-party logistics providers has a significant relationship with user satisfaction. Conclusions - Third party logistics service is entirely different from the existing delivery or transport service. The most market vendors' wish for third party logistics suppliers is the stability of freight and robust operating service. They also demand the responsiveness for special or emergency situation with having information strength.

• 한국정보처리학회논문지
• /
• 제5권4호
• /
• pp.975-983
• /
• 1998

최근의 정보통신 환경은 다양한 시스템 및 응용서비스를 지원하는 개방형 분산처리 환경으로 변모하고 있으며, 또한 상속 및 캡슐화, 재사용 등의 다양한 장점을 제공하는 객체지향 기법을 이용한 응용의 개발이 이루어지고 있다. 이러한 이용의 증대는 외부의 보안 위협에 최약한 네트워크 환경에 안전한 정보 교환을 위한 대책을 필요로 한다. 본 논문에서는 분산 객체환경에서 응용의 안전성을 위하여 CORBA의 보안서비스 규격에 기반하여 인증, 보안설정, 접근제어, 보안정보관리의 기능을 갖는 투명한 보안 기반구조를 설계 및 구현하였다. 보안 기반구조는 사용자 인증정보, 데이터 암호화 및 무결성을 위한 키 분배 등을 지원하기 위한 외부 보안서비스로서 SESAME V4를 이용하였다. 또한 응용의 요청에 대한 투명한 보안 서비스를 지원하기 위하여 객체요청중개자(Object Request Broker: ORB)와 인터페이스를 지원하는 필터(filter)와 트랜스포머(transformer)의 기능을 이용하였다. 필터는 메시지의 전송 및 수신 전후에 파라미터 및 메소드를 삽입 또는 제거 할 수 있으며, 트랜스포머는 메시지의 전송전 및 수신후에 암호화 및 복호화를 위해 바이트 스트림에 직접 접근할 수 이것은 CORBA에서 정의한 안전한 객체요청중개자(secure ORB)의 접근제어 및 안전한 호출 인터셉터를 필터와 트랜스포머를 이용하여 구현한 것이다.

• 융합보안논문지
• /
• 제18권3호
• /
• pp.95-103
• /
• 2018

군의 사기침체는 우수 인력의 손실, 전투 의지의 약화, 군의 신뢰감 손상, 업무 능률과 근무 의욕의 저하 등으로 이어져 국방 태세와 국가 안보 및 민족의 생존권 수호의 측면에서 중대한 위협이 아닐 수 없다. 이러한 상황 하에서 보다 건실한 국방 태세를 구축하고 침체된 군의 사기를 극대화하기 위해서는 군의 사기에 영향을 미치는 요인에 관한 철저한 진단과 그 결성으로 인해 근무지를 자주 이동하는 특성을 갖는다. 이런 특성에서 발생하는 문제 중에 주의를 요하는 것이 과에 부합하는 대책을 강구해야 한다. 직업군인은 군대라는 직업의 특수자녀 교육 문제이다. 군의 잦은 근무지 이동은 가족이 동반하여 자주 이사하거나 자녀 교육의 문제로 가족과 별거하는 등 전반적인 군인 자녀교육의 실태를 분석근거로 제도적 개선을 제언하고자 한다.

• 한국방재안전학회논문집
• /
• 제5권1호
• /
• pp.13-19
• /
• 2012

기후변화적응과 재해위험경감 관련 정보 및 기술을 공유하기 위한 글로벌 체계 구축이 연구목적이다. 체계는 아시아태평양국가들의 성과를 모니터링 하는 플랫폼, 예방및경감 기술들을 공유하기 위한 플랫폼, 이러닝 교육 플랫폼과 재해위험경감 주제 관련 정보 제공 플랫폼으로 구성된다. 아울러 플랫폼은 한국 전자정부 표준 기본구조를 채택하여 개발된다.

• International Journal of Computer Science & Network Security
• /
• 제21권7호
• /
• pp.150-158
• /
• 2021

The study identifies the importance of informational and legislative support in ensuring gender equality. It determines the relevance of gender inequality, the main problem, which is confirmed by research and statistical information. The study aims to determine the methods of collecting information and legal regulation of gender issues and the possibility of solving them by public authorities. The main methods of gathering information are census surveys, questionnaires, surveys on public service websites, work with local communities, surveys in nursing homes and orphanages, special survey programs, and election polls. The paper considers the legal regulation of gender inequalities at the international, state, local and organizational levels. According to the analysis of the problem of gender inequality, it is established that the problem is practically eliminated in many developed countries, while countries with low incomes face gender inequality constantly.

• Journal of Communications and Networks
• /
• 제15권1호
• /
• pp.31-37
• /
• 2013

Mobile ad hoc networks (MANET) refers to a network designed for special applications for which it is difficult to use a backbone network. In MANETs, applications are mostly involved with sensitive and secret information. Since MANET assumes a trusted environment for routing, security is a major issue. In this paper we analyze the vulnerabilities of a pro-active routing protocol called optimized link state routing (OLSR) against a specific type of denial-of-service (DOS) attack called node isolation attack. Analyzing the attack, we propose a mechanism called enhanced OLSR (EOLSR) protocol which is a trust based technique to secure the OLSR nodes against the attack. Our technique is capable of finding whether a node is advertising correct topology information or not by verifying its Hello packets, thus detecting node isolation attacks. The experiment results show that our protocol is able to achieve routing security with 45% increase in packet delivery ratio and 44% reduction in packet loss rate when compared to standard OLSR under node isolation attack. Our technique is light weight because it doesn't involve high computational complexity for securing the network.