Skip to main content

Advertisement

SpringerLink
Log in

A study on strengthening security awareness programs based on an RFID access control system for inside information leakage prevention

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

Systematic security policies and plans of many organizations or enterprises can be degraded due to user’s inattention and unconcern. Therefore, it is very important to guide establishing security policies through the education for users. However, existing security awareness program has problems that is not reflect for different user’s security level and not evaluation of the security policy that is established and implemented, because it use educating for users in the form of a cluster education on uniform contents. Thus in this study, we proposed a strengthening security awareness program using an intensive training method for users based on detecting violations of the established security policy. For detecting violation of established security policy, we use a physical access control method by RFID that protects data from an information system accessed by unauthorized persons through physical ways for visual checking. The strengthening security awareness program proposed in this study increases security levels for the users who have low security awareness levels and can intercept potential leakage paths of important information through improving minimum security levels in organizations or enterprises.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Andress J (2011) The basics of information security. Elsevier

  2. Broderick JS (2006) ISMS, security standards and security regulations. Inf Secur Tech Rep 11:26–31

    Article  Google Scholar 

  3. Choi KH, Kim JM, Lee D (2012) Network 2-Factor Access Control system based on RFID security control system. J Inf Secur 12(3):53–58

    Google Scholar 

  4. Colwill C (2009) Human factors in information security: the insider threat—who can you trust these days? Inf Secur Tech Rep 14(4):186–196

    Article  Google Scholar 

  5. Cone BD, Irvine CE, Thompson MF, Nguyen TD (2007) A video game for cyber security training and awareness. Comput Secur 26(1):63–72

    Article  Google Scholar 

  6. Drevin L, Kruger HA, Steyn T (2007) Value-focused assessment of ICT security awareness in an academic environment. Comput Secur 26(1):36–43

    Article  Google Scholar 

  7. Eminağaoğlu M, Uçar E, Eren Ş (2009) The positive outcomes of information security awareness training in companies—a case study. Inf Secur Tech Rep 14(4):223–229

    Article  Google Scholar 

  8. Goucher W (2011) Look behind you: the dangers of shoulder surfing. Comput Fraud Secur 2011(11):17–20

    Article  Google Scholar 

  9. Huang W, Mille A (2006) ConKMeL: a contextual knowledge management framework to support multimedia e-learning. Multimed Tools Appl 30:205–219

    Article  Google Scholar 

  10. Huber J, Ding Y (2013) Adapting web pages using graph partitioning algorithms for user-centric multi-device web browsing. Multimed Tools Appl 62:209–231

    Article  Google Scholar 

  11. Kapsalis V, Hadellis L, Karelis D, Koubias S (2006) A dynamic context-aware access control architecture for e-services. Comput Secur 25(7):507–521

    Article  Google Scholar 

  12. Kim JM, Choi KH, Lee D-H (2012) Network Group Access Control system using piggy-backing prevention technique based on infrared-ray. J Inf Secur 12(4)

  13. Kim MS, Lee D-H (2012) A way of securing the access by using PCA. J Inf Secur 12(3):3–10

    Google Scholar 

  14. Lee D-H, Kim B, Kim KJ (2010) PCA in ERP environment using the misuse detection system design and implementation of RBAC permissions. Multimed Tools Appl. doi:10.1007/s11042-010-0675-z

    Google Scholar 

  15. Long J, Pinzon S, Wiles J, Mitnick KD (2008) No tech hacking. SYNGRESS

  16. Montoliu R, Blom J, Gatica-Perez D (2013) Discovering places of interest in everyday life from smartphone data. Multimed Tools Appl 62:179–207

    Article  Google Scholar 

  17. Preda S, Cuppens F, Cuppens-Boulahia N, Garcia-Alfaro J, Toutain L (2011) Dynamic deployment of context-aware access control policies for constrained security devices. J Syst Softw 84(7):1144–1159

    Article  Google Scholar 

Download references

Acknowledgments

This work was supported by a grant from Kyonggi university advanced Industrial Security Center of Korea Ministry of Knowledge Economy

Author information

Authors and Affiliations

  1. Center for Industry, Kyonggi University, San 94-6, Iui-Dong, Yeongtong-Gu, Suwon-Si, Gyeonggi-Do, South Korea

    Kyong-Ho Choi

  2. Department of Industrial Security, Kyonggi University, San 94-6, Iui-Dong, Yeongtong-Gu, Suwon-Si, Gyeonggi-Do, South Korea

    DongHwi Lee

Authors
  1. Kyong-Ho Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. DongHwi Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to DongHwi Lee.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Choi, KH., Lee, D. A study on strengthening security awareness programs based on an RFID access control system for inside information leakage prevention. Multimed Tools Appl 74, 8927–8937 (2015). https://doi.org/10.1007/s11042-013-1727-y

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-013-1727-y

Keywords

Search

Navigation