Browse > Article
http://dx.doi.org/10.14400/JDC.2014.12.2.563

A Study for Limitations and Improvement of Information Security Management System  

Lee, Sujin (Korea Institute of Science and Technology Information)
Choi, Sang-Yong (Korea Advanced Institute of Science and Technology)
Kim, JaeKyoung (Korea Institute of Science and Technology Information)
Oh, ChungShick (Korea Institute of Science and Technology Information)
Seo, Changho (Kongju National University)
Publication Information
Journal of Digital Convergence / v.12, no.2, 2014 , pp. 563-570 More about this Journal
Abstract
As information security is becoming more important today, efforts in managing information security more efficiently is becoming greater. Each department such as Ministry of Security and Public Administration, Ministry of Science, Ministry of Education, National Intelligence Service, etc. is established screening criteria for information security and conducted the evaluation. Various information security certification and evaluation for public institutions effectively help to improve the level of information security. However, there are limitations of efficient security management because the examination to be performed frequently by each department. In this paper, we analyze screening criteria of the information security management that is being conducted in the public institutions. We also present limitations of information security management and the direction of improving the limitations.
Keywords
Information Security Management System; diagnosis index for information security; security management process; G-ISMS; ISO/IEC 27001;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Park Daewoo, "A study for problems of management security from National Agricultural Cooperative Federation case", KIECS Spring Annual Conference, 2011, 5.1: 25-28.
2 Hauri, "Malicious code analysis report about nateon hacking", August, 2011.
3 Graham Cluley, "DarkSeoul: Sophos-Labs identifies malware used in South Korean internet attack,", March, 2013.
4 ASEC, "detailed Aanlysis for malicious code used 6.25 DDoS attacks", June, 2013
5 KENNING, M. J., "Security management standard -iso 17799/bs 7799", BT Technology Journal, 2001, 19.3: 132-136.   DOI
6 CALDER, Alan; WATKINS, Steve. IT Governanace: A Manager's Guide to Data Security and ISO27001/ISO 27002. 2008.
7 "Information Security Management System(ISMS)", http://blog.naver.com/p1ngp1ng?Redirect-Log&logNo=120040448210
8 KISA, "Manual for G-ISMS cretification", KISA, May, 2011
9 "PIMS(Personal Information management System)", http://privacy.naver.com/80116523634
10 KISA, "Diagnosis manual for personal information security management", KISA, July, 2013