Browse > Article
http://dx.doi.org/10.13089/JKIISC.2012.22.3.553

Utilization of Physical Security Events for the Converged Security using Analytic Hierarchy Process: focus on Information Security  

Kang, Koo-Hong (Dept. of Information and Communication Engineering, Seowon University)
Kang, Dong-Ho (Network System Security Team, ETRI)
Nah, Jung-Chan (Network System Security Team, ETRI)
Kim, Ik-Kyun (Network System Security Team, ETRI)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.22, no.3, 2012 , pp. 553-564 More about this Journal
Abstract
Today's security initiatives tend to integrate the physical and information securities which have been run by completely separate departments. That is, the converged security management becomes the core in the security market trend. However, to the best of our knowledge, we cannot find any solutions how to combine these two security events for the converged security. In this paper, we propose an information security object-driven approach which utilizes the physical security events to enhance and improve the information security. For scalability, we also present a systematic method using the analytic hierarchy process finding the meaningful event combinations among the large number of physical security events. In particular, we show the whole implementation processes in detail where we consider the information security object 'illegal computing system access' combined with two physical security devices - access controller and CCTV+video analyzer system.
Keywords
Converged Security; Physical Security; Information Security; Security Event Correlations;
Citations & Related Records
연도 인용수 순위
  • Reference
1 최진묵, 권정옥, "융합보안시장 동향 보고", Samsung SDS Journal of IT Services, 7(2), pp. 13-29, 2010년 9월.
2 H. Debar, M. Sacier, and A. Wespi, "Towards a taxonomy of intrusion-detection system," Computer Networks, vol. 31, no. 8, pp. 805-822, April 1990.
3 한종옥, 조현숙, "영상보안시스템 기술 동향", 정보보호학회지, 19(5), pp. 29-37, 2009년 10월.
4 김정덕, 김건우, 이용덕, "융합보안의 개념 정립과 접근방법", 정보보호학회지, 19(6), pp. 68-74, 2009년 12월.
5 S.K. Chen, J.J. Jeng, and H. Chang, "Complex Event Processing using Simple Rule-based Event Correlation Engines for Business Performance Management," Proceedings of E-Commerce Technology/The 8th IEEE International Conference on and Enterprise Computing, E-Commerce, and E-Services, pp. 100-102, June 2006.
6 이수형, 방효찬, 장범환, 나중찬, "효과적 보안상황 분석을 위한 보안 이벤트 처리", ETRI 전자통신동향분석, 22(1), pp. 59-72, 2007년 2월.
7 Y. Xie, "A Spatiotemporal Event Correlation Approach to Computer Security," Ph.D Dissertation, Dept. of CS, Carnegie Mellone University, May 2005.
8 A. Muller, Event "Correlation Engine," Master's Thesis, Dept. of IT and EE, Swiss Federal Institute of Technology Zurich, Aug. 2009.
9 Thomas L. Saaty and L.G.Vargas, Prediction, Projection and Forecasting, Kluwer Academic Publishers. April 1991.
10 Thomas L. Saaty, "Relative Measurement and Its Generalization in Decision Making Why Pairwise Comparisons are Central in Mathematics for the Measurement of Intangible Factors The Analytic Hierarchy/Network Process," RACSAM (Review of the Royal spanish Academy of Sciences, Series A. Mathematics), vol. 102, no. 2, pp.251-318, Feb. 2008.
11 Suprema Inc., BioStar SDK Reference Manual, http://www.supremainc.com/ 고객지원 다운로드, 2010.