Browse > Article
http://dx.doi.org/10.12673/jant.2011.15.6.1220

A Study on Enterprise and Government Information Security Enhancement with Information Security Management System  

Park, Chung-Soo (Department of Information Security Engineering, Soonchunhyang University)
Lee, Dong-Bum (Department of Information Security Engineering, Soonchunhyang University)
Kwak, Jin (Department of Information Security Engineering, Soonchunhyang University)
Publication Information
Journal of Advanced Navigation Technology / v.15, no.6, 2011 , pp. 1220-1227 More about this Journal
Abstract
According to the development of IT technology, life itself is becoming the change to Knowledge-based systems or information-based systems. However, the development of IT technology, the cyber attack techniques are improving. And DDoS a crisis occurs frequently, such as cyber terrorism has become a major data leakage. In addition, the various paths of attack from malicious code entering information in the system to work for your company for loss and damage to information assets is increasing. In this environment, the need to preserve the organization and users of information assets to perform ongoing inspections risk management processes within the organization should be established. Processes and managerial, technical, and physical systems by establishing an information security management system should be based. Also, we should be introduced information security product for protecting internal assets from the threat of malicious code incoming to inside except system and process establishment. Therefore we proposed enterprise and government information security enhancement scheme through the introduction of information security management system and information security product in this paper.
Keywords
Enterprise Security; Information Security Management System; Information Product; Risk Management;
Citations & Related Records
연도 인용수 순위
  • Reference
1 D. Lenton, "The small screen [TV to Mobile Devices]," IEE Rev., vol. 49, no. 10, pp. 38-41, Oct. 2003.   DOI   ScienceOn
2 Albert, Christopher & Dorofee, Audrey. "Managing Information Security Risks: The OCTAVE Approach.", Addison Wesley, July 2002
3 Carey, Mark. "Enterprise Risk Management: How To Jumpstart Your Implementation Efforts." International Risk Management Institute, 2005
4 Control Objectives for Information and related Technology COBIT 4.1. "Information Systems Audit and Control Association." www.isaca.org
5 Corporate Governance Task Force. "Information Security Governance: A Call to Action." National Cyber Security Partnership, 2004.04
6 David A Chapin and Steven Akridge. "How Can Security Be Measured? Information Systems Audit and Control Association." www.isaca.org 2005
7 ISO(International Standard organization), ISO 27001, 2005.10
8 John Sherwood, Andrew Clark and David Lynas. "Enterprise Security Architecture: A Business-Driven Approach", CPM Books 2005
9 Schneier, Bruce. "Hacking the Business Climate for Network Security." Computer, IEEE, April 2004
10 ISO(International Standard organization), ISO 27001, 2005.10
11 한국인터넷진흥원, ISMS(정보보호관리체계), 2008.05
12 한국인터넷진흥원, PIMS(개인정보보호관리체계), 2010.11
13 한국인터넷진흥원, 개인정보보호관리체계 인증준비 안내서(사업자용), 2010.12
14 행정안전부, G-ISMS(전자정부정보보호관리체계), 2009.12
15 한국정보보호학회, 전자정부 정보보호관리체계(G-ISMS) 적용 정책, 2009.10