DOI QR코드

DOI QR Code

아제르바이잔 정보시스템에 대한 사이버보안 정책과 전략의 실행모델 구축

The Model to Implement the Cyber Security Policy and Strategy for Azerbaijan Information System

  • ;
  • 황기현 (숭실대학교 국제처/정보과학대학원)
  • Aliyeva, Leyla Mehdi (Ministry of Communications and High Technologies) ;
  • Hwang, Gee-Hyun (Office of International Affairs/Graduate School of Information Science, Soongsil University)
  • 투고 : 2019.02.28
  • 심사 : 2019.05.20
  • 발행 : 2019.05.28

초록

본 논문은 아제르바이잔 정보 시스템에 대한 사이버보안 정책 및 전략의 우선순위를 평가하는 실행모델을 구축하는 것을 목적으로 한다. 이를 위하여 ITU 국가 이익 모델로부터 사이버보안 정책 및 전략의 4개 요인을 구성하고, 사이버보안 분야를 선도하는 8 개 선진국의 우수사례를 바탕으로 5개 사이버보안 대안을 도출한 AHP 연구모델이 제안되었다. 연구모델을 바탕으로 작성된 설문지를 사용하여 24명의 정보보안 전문가들이 각 요인 및 대안의 전략적 우선순위를 평가하였다. AHP 분석용 소프트웨어를 통해 분석한 결과 아제르바이잔 정보시스템의 사이버보안 핵심요인은 국토방위와 경제복지이지만, 이들을 구현하는 중요한 대안은 역량개발과 기반시설 분야로 판명되었다. 본 연구는 각 요인 및 대안의 중요도 분석을 통하여 아제르바이잔 정부가 채택할 수 있는 사이버보안 정책 및 전략적 우선순위를 제시하였다. 본 연구는 아제르바이잔이 국가 사이버보안을 강화할 수 있는 실행 가이드를 수립하는데 기여할 수 있다.

This study aims to build an AHP model that evaluates the priority of cyber security policies for the Azerbaijan information system. For this, 4 factors were constructed from components of ITU National Interest Model, whereas 5 alternatives were based on the best practices of the eight developed countries leading the cyber security field. Using the questionnaire, 24 security experts evaluated the strategic priority of such factors or alternatives. The analysis results using the AHP software showed that homeland defense and economic well-being were the dominant aspects of cyber security policy, whereas capacity building and infrastructure were the main concern of cyber security elements for Azerbaijan. This study presents the strategic priority of cyber security policies that can be adopted by Azerbaijan government. This study can contribute to developing the national cyber security guide of Azerbaijan.

키워드

DJTJBT_2019_v17n5_23_f0001.png 이미지

Fig. 1. Proposed NCSPS evaluation model.

DJTJBT_2019_v17n5_23_f0002.png 이미지

Fig. 2. AHP evaluation model in in Expert Choice

DJTJBT_2019_v17n5_23_f0003.png 이미지

Fig. 3. The Questionnaire in Expert Choice

DJTJBT_2019_v17n5_23_f0004.png 이미지

Fig. 4. Four main criteria in Expert Choice

DJTJBT_2019_v17n5_23_f0005.png 이미지

Fig. 5. Prioritization of alternatives w.r.t. Homeland Defense

DJTJBT_2019_v17n5_23_f0006.png 이미지

Fig. 6. Prioritization of alternatives w.r.t. Economic Well Being

Table 1. Global weight Value

DJTJBT_2019_v17n5_23_t0001.png 이미지

참고문헌

  1. S. T. K. Myo & G. H. Hwang. (2017). Effect of Mobile Devices on the Use Intention and Use of Mobile Banking Service in Myanmar. Journal of Digital Convergence, 15(6), 71-82. https://doi.org/10.14400/JDC.2017.15.6.71
  2. K. Makili-Aliyev & Rehman. (2013). A. Cyber-Security Objective: Azerbaijan in the Digitalized World. SAM Review, 5-27.
  3. CERT.az(2017). About us. Retrieved from Cyber Security Center. DOI : https://www.cert.az/en/about-us
  4. H. J. Mun, Y. C. Hwang, & H. Y Kim. (2015). Countermeasure for Prevention and Detection against Attacks to SMB Information System - A Survey. Journal of IT Convergence Society for SMB, 5(2), 1-6.
  5. K. B. Kim & J. Y. Yun(2015). Comparison and Analysis on Mobile Payment in terms of Security : Survey. Journal of IT Convergence Society for SMB, 5(3), 15-20.
  6. I. Syamsuddin & J. Hwang. (2008). The Application of AHP to Evaluate Information Security Policy Decision Making. IJSSST, 10(4), 46-50.
  7. UMUC. (n.d.). Cyber Security Primer. DOI : http://www.umuc.edu/cybersecurity/about/cybersecurity-basics.cfm#
  8. K. K. Seo(2016). Analysis of use intention of mobile cloud service using a convergence technology acceptance model. Journal of Digital Convergence, 14(12), 105-110. https://doi.org/10.14400/JDC.2016.14.12.105
  9. S. H. Kim & J. S. Han. (2014). Smart Cold-Chain Monitoring Automation System Architecture based on Internet of Things. Journal of digital convergence, 12(12), 351-356. https://doi.org/10.14400/JDC.2014.12.12.351
  10. J. H. Cho &, H. J. Lee(2018). A Study on the Real-time Cyber Attack Intrusion Detection Method. Journal of the Korea Convergence Society, 9(7), 55-62. https://doi.org/10.15207/JKCS.2018.9.7.055
  11. S. H. Hong & J. A. Yu(2018). Ransomware attack analysis and countermeasures of defensive aspects. Journal of Convergence for Information Technology, 8(1), 139-145. https://doi.org/10.14801/JAITC.2018.8.2.139
  12. R. Filipek. (2007). Information security becomes a business priority. Internal Auditor, 64(1), 18.
  13. N. Orujova. (2014). Information Society Strategy to be implemented in two stages.. DOI : https://www.azernews.az/business/65843.html
  14. C. H. Yoon & G. D. Choi. (2014). The Effects of National Culture on Ethical Decision-Making in the Internet Context : An Exploratory Analysis. Journal of digital convergence, 12(12), 23-36. https://doi.org/10.14400/JDC.2014.12.12.23
  15. F. Wamala. (2011). The ITU National Cybersecurity Strategy Guide. ITU.
  16. S. H. Lee & D. W. Lee. (2014). A Study on Internet of Things in IT Convergence Period. Journal of digital convergence. 12(7), 267-272. https://doi.org/10.14400/JDC.2014.12.7.267
  17. L. Aliyeva. (2018). Developing An Effective National Cyber Security Strategy For The Republic of Azerbaijan. Master Thesis, Soongsil University, Seoul.
  18. ISACA. (2015). State of Cybersecurity : Implications for 2015. CyberSecurity Nexus, 22.
  19. L. S Kim. (2015). Convergence of Information Technology and Corporate Strategy. Journal of the Korea Convergence Society, 6(6), 17-26. https://doi.org/10.15207/JKCS.2015.6.6.017
  20. OECD(2012). Non-governmental Perspectives on a New Generation of National Cybersecurity Strategies. OECD Digital Econmy Papers, 212.
  21. L. S. Kim. (2015). Convergence of Information Technology and Corporate Strategy. Journal of the Korea Convergence Society, 6(6), 17-26. https://doi.org/10.15207/JKCS.2015.6.6.017
  22. Z. Yunos, R. S. A. Hamid & M. Ahmad. (2016). Development of a cyber security awareness strategy using focus group discussion. SAI Computing Conference (SAI), 1063-1067.
  23. L. Saaty. (1990). The Analytic Hierarchy Process, RWS Publications, Pittsburgh, PA.
  24. F. Zahedi. (1986). The analytic hierarchy process-a survey of the method and its applications. Interfaces, 16(4), 96-108. https://doi.org/10.1287/inte.16.4.96
  25. H. T. Choi. (2018). Analysis of policy priorities for strengthening the capacity of local public officials. Journal of the Korea Convergence Society, 9(11), 345-351. https://doi.org/10.15207/JKCS.2018.9.11.345
  26. C. J. Yoon, C. G. Hwang, H. G. Kwon & M. Y. Won. (2018). Study on Political Factors for Innovating Textile and Fashion Industry in Northern Gyeonggi Province. Journal of Convergence for Information Technology, 8(1), 253-263. https://doi.org/10.22156/CS4SMB.2018.8.1.253
  27. H. F. Ernest, T. L. Saaty, A. Mary & W Rozann. (1983). Expert Choice - Decision Support Software, McLean, VA,
  28. B. C. Kim. (2015). A Internet of Things(IoT) based exploration robot design for remote control and monitoring. Journal of digital convergence, 13(1), 185-190. https://doi.org/10.14400/JDC.2015.13.1.185