• Korea Journal of Hospital Management
• /
• v.15 no.2
• /
• pp.84-106
• /
• 2010

Ensuring the confidentiality of patient records is critical requirement for quality of care and in fulfilling legal obligation of healthcare organizations. This study analyzed the behavior of hospital employees who are dealing with confidential patient information in a hospital. Theory of Planned Behavior(TPB) model and TPB expanded models that add habit concept to TPB are tested for the validity in explaining the predisposing factors that affect the behavior of hospital employee in ensuring the confidentiality of patient records. Data were collected by administrating a survey to the 350 employee of a tertiary care hospital. Of the 350 questionaries distributed, 321 were responded resulting 92% of response rate. The mean differences among the groups classified by age, years of experience, gender, and occupation were analysis using ANOVA. The relationships among the concepts suggested in the models were analysed by applying the Structural Equations Modeling method. The results of ANOVA indicated significant mean differences in the frequency of confidentiality ensuing behavior. Administrative staff and medical technicians show higher frequency of ensuing behavior compared to the physicians and the nurses. And more experienced employee show more confidentiality ensuring behavior. The results of Structural Equations analysis showed that the strong effect of habit and attitude in predicting the behavior. However, the effect of perceived behavioral control was not significant. Based on the results the theoretical and practical implications are discussed.

• Proceedings of the IEEK Conference
• /
• 2002.06c
• /
• pp.165-168
• /
• 2002

This paper has been designed and implemented of web security system using RF card A security mechanism that was proposed in this paper provides web services on card reader reads RF card of user only. In this paper, user authentication and server authentication was provided by challenge/response mechanism. Also, this system was provides confidentiality of communication messages.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.2
• /
• pp.217-224
• /
• 2011

Existing wire based physical security system solutions show limitations in time and space. In order to solve these deficiencies, a remote physical security system has been implemented using smart phone based on mobile cloud computing technique. The security functions of mobile cloud computing technique include mobile device user authentication, confidentiality of communication, integrity of information, availability of system, and target system access control, authority management and secure hand off etc. Proposed system has been constructed as remote building management system using smart phone, and also has been efficient to reduce energy cost (5~30%), result of system average access and response time 7.082 second. This systems are evaluated to have high efficiency compared to performance.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.6
• /
• pp.1320-1326
• /
• 2011

National institutions on the importance of information security is being recognized, information security laws are being discussed in Congress 3.4 DDoS incident and Nonghyup hacking, etc. However, National Assembly Secretariat when the results of the Information Security Consulting has been assessed very low 61.2 points, evaluation of hardware and software in secure areas were vulnerable. This paper, the legislative support agencies National Assembly and National Assembly Secretariat on the network and computer systems, and managerial, technical and physical security elements are analyzed for the status. And network should have the legislative support agencies and system for the physical network separation, DDoS attack response, Virus attack response, hacking attacks response, and Cyber Emergency Response Team/Coordination Center for Cyber infringing design and research through the confidentiality, integrity, availability, access control, authentication and security analysis is based on the evaluation criteria. Through this study, the legislative support agencies to strengthen the security of data and security laws enacted to provide the basis for.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.4
• /
• pp.1032-1040
• /
• 2010

This paper describes implementation of electonic seal (E-Seal) of a container based on ISO 18185 standard and development of monitoring systems checking E-Seal device and cargo states in the container for secure transportation from departure to destination. For lack of definition on confidentiality support in ISO 18185-4 standard, it is vulnerable to security attack such as sniffing. To cope with this, we developed encryption/decryption functions implementing RC5 and AES-128 standards and compared their performance. Experimental results showed that RC5 outperformed AES-128 in terms of time delay. In addition, RC5 had an advantage under the condition of large sized messages as well as CPUs with low performance. However, the portion of encryption/decryption processing time was less than 1 percent of response time including communication delay between E-Seal tags and readers. Hence, the performance difference between RC5 and AES-128 standards was trivial, which revealed that both specifications were allowable in developed systems.

• Journal of rehabilitation welfare engineering & assistive technology
• /
• v.4 no.1
• /
• pp.71-80
• /
• 2010

This study developed the perspective model of behavior of physical therapists(PTs) and occupational therapists(OTs) who are dealing with confidential patient medical information in hospitals. Theory of planned Behavior(TpB) model, expanded models 1 and 2 that add habit, social pressure, and work convenience concept to TpB are tested for the validity in explaining the preposing factors that affect the behavior of PTs and OTs in ensuring the confidentiality of patient medical records. Data were collected by administrating a survey to the 120 PTs and OTs in A city. Of the 120 questionaries distributed, 110 were responded resulting 91.6% of response rate. There were not significantly different among the group classified by age, 'clinical career, gender, work family, and education level were analysis using with Independent t test and one-way ANOVA. The relationships on the concepts suggested in the models were analysed by applying the Structured Equations Modeling methods. The results of Structured Equations analysis showed that expanded model 2 was more effective model than TpB model and expanded model 1.

• Journal of Korea Society of Industrial Information Systems
• /
• v.17 no.6
• /
• pp.25-30
• /
• 2012

Passwords are a common method of identifying and authenticating a user who wishes to log on to a secure system. Password-based authentication techniques, however, do not provide strong security and recognized as being an poor form of protection. It is not all the responsibility of the user to control password and to protect its confidentiality. In this paper, confirm an appropriate response time and I propose a new and improved method of implementing two factor authentication using SMS via receiving apparatus(mobile and email).

• Convergence Security Journal
• /
• v.6 no.3
• /
• pp.87-95
• /
• 2006

An intrusion can be defined as any set of actors that attempt to compromise the integrity, confidentiality and availability of computer resource and destroy the security policy of computer system. The Intrusion Detection System that detects the intrusion consists of data collection, data reduction, analysis and detection, and report and response. It is important for feature selection to detect the intrusion efficiently after collecting the large set of data of Intrusion Detection System. In this paper, the feature selection method using Genetic Algorithm and Decision Tree is proposed. Also the method is verified by the simulation with KDD data.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.6
• /
• pp.151-156
• /
• 2011

The Korean domestic cloud market will reach a value of 2 trillion Korean won by 2014. The domestic market is expected to grow rapidly in size despite the fact that there exist activation barriers in mobile cloud services, concerns about the reliability of service, and concerns about security and confidentiality of data. Under these circumstances, existing IT security technologies may be be utilized to provide sufficient response characteristics. Despite this, they must be optimized for mobile cloud computing and enhanced to mitigate inherent security flaws. In this study, mobile cloud security is covered along with use cases that cover the cases where mobile devices are particularly vulnerable and suggest ways to mitigate security vulnerabilities.

• Journal of Information Processing Systems
• /
• v.12 no.4
• /
• pp.688-710
• /
• 2016

Our approach permits to capitalize the expert's knowledge as business rules by using an agent-based platform. The objective of our approach is to allow experts to manage the daily evolutions of business domains without having to use a technician, and to allow them to be implied, and to participate in the development of the application to accomplish the daily tasks of their work. Therefore, the manipulation of an expert's knowledge generates the need for information security and other associated technologies. The notion of cryptography has emerged as a basic concept in business rules modeling. The purpose of this paper is to present a cryptographic algorithm based approach to integrate the security aspect in business rules modeling. We propose integrating an agent-based approach in the framework. This solution utilizes a security agent with domain ontology. This agent applies an encryption/decryption algorithm to allow for the confidentiality, authenticity, and integrity of the most important rules. To increase the security of these rules, we used hybrid cryptography in order to take advantage of symmetric and asymmetric algorithms. We performed some experiments to find the best encryption algorithm, which provides improvement in terms of response time, space memory, and security.