Browse > Article

An Internal Surveillance and Control System for Information Security and Information System Asset Management  

Yoon, Han-Seong (School of Business Admin., Gyeongsang National University)
Publication Information
Information Systems Review / v.9, no.1, 2007 , pp. 121-137 More about this Journal
Abstract
Several security systems(firewall, intrusion detection system, vaccine for malicious codes and so on), whose purposes are to prevent the external information security threat, have gathered more technological concerns. However, they are little effective for the area of defending the internal information security threat which occurs more frequently and results in much more monetary damages. In this paper, a system for internal surveillance and control on the use of information systems is suggested and described with its architecture, features, necessary functions and development methods. And a case system is introduced to show the reality of this paper.
Keywords
Information Security; Internal Security Threat; Surveillance and Control System;
Citations & Related Records
연도 인용수 순위
  • Reference
1 이용준 등, '전산망 보호를 이한 혼합형 방화벽 시스템 구현', 한국정보처리학회지, Vol.5, No.6, pp. 1593-1602, 1998
2 하태용, 신용백, '디지털 생산성 향상을 위한 신경망 사용자 인증모형 연구', 생산성논집, Vol.18, No.3, pp. 1-18, 2004
3 Dale A.L., 'Stability and transparency in bilateral teleoperation', IEEE Transactions on Robotics and Automation, Vol.9, No.5, pp. 624-637, 1993   DOI   ScienceOn
4 Hansman S. and Hunt R., 'A taxonomy of network and computer attacks', Computers and Security, Vol.24, pp. 31-43, 2005   DOI   ScienceOn
5 Microsoft, 'Visual C++ ActiveX Control for hosting Office documents in Visual Basic or HTML', http://search.support.microsoft.com/kb/311765/, 2006
6 Microsoft, 'How RPC works', http://technet2.microsoft.com/WindowsServer/en/library /4dbc4c95-935b-4617-b4f8-20fc947c72881033.mspx?mfr=true, 2006
7 유신근, 이남훈, 심영철, '침입탐지시스템 평가 방법론', 한국정보처리학회지, Vol.7, No.11, pp. 3445-3461, 2000
8 김종원, 최종욱, '기업정보유출방지를 위한 기술', 한국정보처리학회지, Vol.10, No.2, pp. 87-99, 2003
9 Lilian Mitrou and Maria Karyda, 'Employees' privacy vs. employers' security: Can they be balanced?', Telematics and Informatics, Article in press, 2006
10 Karin Hone and J.H.P. Eloff, 'Information security policy - what do international information security standards say?', Computers & Security, Vol. 21, Issue 5, pp. 402-409, 2002   DOI   ScienceOn
11 Microsoft, 'Controls(MFC)', http://msdn2.microsoft.com/ko-kr/library/47xcww9x(VS.80).aspx, 2006
12 Microsoft, 'MDAC(ADO, OLEDB, ODBC)', http://support.microsoft.com/ default.aspx?scid=fh;eus;mdac, 2006
13 Microsoft, 'WMI Window Management Instrument', http://www.microsoft.com/whdc/system/pnppwr/wmi/default.mspx, 2006
14 홍일유, 이종상, '국내기업들의 정보시스템 보안위협에 관한 연구', 한국경영정보학회 '96 추계학술대회 논문집, pp. 143-154, 1996
15 Herbert H. Thompson, James A. WhittakerMike Andrews, 'Intrusion detection: Perspectives on the insider threat', Computer Fraud & Security, Vol. 2004, Issue 1, pp. 13-15, 2004
16 Porter, D., 'Insider fraud: spotting the wolf in sheep's clothing', Computer Fraud & Security, Vol.1, No.4, pp. 12-15, 2003
17 Cert Coordination Center, CERT/CC statistics, http://www.cert.org./stats/cert_stats.html, 2006