DOI QR코드

DOI QR Code

A study on a security model for the establishment of a non-face-to-face smart work working environment in a physical network separation environment of public institutions

공공기관 물리적 망분리 환경에서의 비대면 스마트워크 근무 환경구축을 위한 보안 모델 연구

  • Park, Sang-Kil (Warebiz) ;
  • Kim, Gi-Bong (Soongsil University, Department of IT Policy Management) ;
  • Son, Gyeong-Ja (Soongsil University, Department of IT Policy Management) ;
  • Lee, Won-Suk (Soongsil University, Department of IT Policy Management) ;
  • Park, Jae-Pyo (Soongsil University, Graduate School of Information Science)
  • 박상길 (웨어비즈) ;
  • 김기봉 (숭실대학교 IT정책경영학과) ;
  • 손경자 (숭실대학교 IT정책경영학과) ;
  • 이원석 (숭실대학교 IT정책경영학과) ;
  • 박재표 (숭실대학교 정보과학대학원)
  • Received : 2020.09.14
  • Accepted : 2020.10.20
  • Published : 2020.10.28

Abstract

Due to the recent COVID 19 pandemic, public institutions are increasingly working from home. Working in public institutions is rapidly changing into a smart work environment where time and space constraints disappear. However, many public institutions currently lack a security model for an efficient smart work environment due to the physical network separation system that separates the Internet network and the business network. Therefore, in this paper, we describe the current limitations for implementing smart work in a physical network separation environment of public institutions, and propose a security model necessary for a work environment to supplement them. As a related study, explain SSL VPN and explain smart work business model through security model research of SDP (Software Defined Perimeter), RDP (Remote Desktop Protocol), and VDI (Virtual Desktop Infrastructure) to overcome the security limitations of SSL VPN. As a result, we intend to propose a security model for a smart work environment suitable for public institutions while complying with the physical network separation security guide.

최근 COVID 19 팬데믹 현상으로 공공기관의 재택근무가 활성화 되고 있는 상황으로 공공기관에서의 업무는 시간과 공간의 제약이 사라지는 스마트워크 업무 환경으로 급변하고 있다. 하지만 현재 상당수의 공공기관은 인터넷망과 업무망을 분리하는 물리적 망분리 시스템으로 인해서 효율적인 스마트워크 업무환경을 위한 보안모델이 미흡한 상황이다. 이에, 본 논문에서는 공공기관의 물리적 망분리 환경에서 스마트워크를 구현하기 위한 현재의 한계를 기술하고 이를 보완하기 위한 업무환경에 필요한 보안 모델을 제안하고자 한다. 관련 연구로 SSL VPN에 대하여 설명하고 SSL VPN의 보안 한계를 극복하기 위한 SDP(Software Defined Perimeter), RDP(Remote Desktop Protocol), VDI(Virtual Desktop Infrastructure)의 보안 모델 연구를 통해서 스마트워크 업무 모델을 설명함으로써 물리적 망분리 보안 가이드를 준수하면서 공공기관에 적합한 스마트워크 환경 보안모델 방안을 제시하고자 한다.

Keywords

References

  1. Ministry of Public Administration and Security. (2016). Smart Work Center Usage and Operation Guidelines, Seoul.
  2. Ministry of Science and Technology, Korea Information Society Agency. (2019). 2019 informatization statistics collection.
  3. Ministry of Public Administration and Security. (2019). The use of non-face-to-face business systems in public sectors exploded on the occasion of Corona. [Online], https://www.mois.go.kr/
  4. B. H. Lim. (2014). A Study on the Deployment of an Partitioned-Network for Information Security. Electronic Trade Research, 12(4), 1-10. DOI : 10.17255/etr.12.4.201411.1
  5. Korea Communications Commission. (2013). Standards for technical and managerial protection measures for personal information.
  6. K. Y. Lee. (2019). Study on the effectiveness of network separation policy. Master's Thesis. Korea University, Seoul.
  7. H. Y. Woo. (2005). The Study of SSL VPN Benchmarking with Network Analysis. Master's Thesis. DongKuk University, Seoul.
  8. J. H. Yoon & T. K. Kwon. (2003). Analysing the SSL VPN model compared with IPSec VPN. Journal of the Korean Information Science Society, 30(21), 760-762.
  9. J. K. Jeong, S. G. Lee & Y. M. Kim. (2019). Improved Single Packet Authentication and Network Access Control Security Management in Software. Journal of the Korea Contents Association, 19(12), 407-415. DOI : 10.5392/JKCA.2019.19.12.407
  10. Digital Daily. (2020.02.26.). Financial Services Commission, Financial Network Separation Exception Measures'... Expanding Telework in the Corona 19 Financial Industry. [Online], http://www.ddaily.co.kr/news/article/?no=192288
  11. Ministry of Trade, Industry and Energy. (2018.08.17). Ministry of Trade, Industry and Energy Information Business Regulations. Directive No. 132, 1-33.
  12. H. H Lee. (2012). A Study of Effective Streaming on Cloud Computing Using RDP. Master's Thesis. Chungnam National University, Daejeon.
  13. C. S. Kim. (2014) Design and Implementation Smart Office System Based on Remote Desktop Protocol (RDP), The journal of the institute of internet, broadcasting and communication, 14(2), 153-159. https://doi.org/10.7236/JIIBC.2014.14.2.153
  14. D. S. Yoo. (2020). A Study on the Effective Ransomware response of Endpoint Level. Master's Thesis. Korea University, Seoul.
  15. C. W. Jae, J. I. Shin, D. B. Lee, H. Kim & D. H. Lee. (2018). Proposal of Network Security Solution based on Software Definition Perimeter for Secure Cloud Environment. Journal of the Korean Convergence Society, 9(12), 61-68. DOI : 10.15207/JKCS.2018.9.12.061
  16. Brent Bilger et al. (2014). SDP Specification 1.0, CSA.
  17. J. K. Jung. (2020). A Dynamic Access Control Procedure Considering User's Device Situation in Software Defined Perimeter Environment. Doctoral dissertation, Chonnam National University, Gwangju.
  18. D. C. (2017). Software-Defined Perimeters : An Architectur al View of SDP. IEEE Softwarization. [Online], https://sdn.ieee.org/newsletter/march-2017/softwaredefinedperimeters-an-architectural-view-of-sdp.
  19. H. S. Lee. (2105). Research of Security Enhancement Using VDI-Based Network Separation Architecture. Master's Thesis. Korea University, Seoul.
  20. Y. H. Lee & S. J. Yoo. (2014). The Construction of Logical, Physical Network Separation by Virtualization. Convergence security journal, 14(2), 25-33.