Browse > Article
http://dx.doi.org/10.13089/JKIISC.2017.27.3.705

A Study on the Customized Security Policy for Effective Information Protection System  

Son, Young-hwan (Korea University, Graudate School of Inforamtion Security)
Kim, In-seok (Korea University, Graudate School of Inforamtion Security)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.27, no.3, 2017 , pp. 705-715 More about this Journal
Abstract
Today, the world is evolving into a huge community that can communicate with real-time information sharing and communication based on the rapid advancement of scientific technology and information. Behind this information, the adverse effects of information assets, such as hacking, viruses, information assets, and unauthorized disclosure of information assets, are continually increasing as a serious social problem. Each time an infringement of the invasion and personal information leaks occur, many regulatory policies have been announced, including stricter regulations for protecting the privacy of the government and establishing comprehensive countermeasures. Also, companies are making various efforts to increase awareness of the importance of information security. Nevertheless, information security accidents like the leaks of industrial secrets are continuously occurring and the frequency is not lessening. In this thesis, I proposed a customized security policy methodology that supports users with various business circumstances and service and also enables them to respond to the security threats more confidently and effectively through not a monotonous and technical but user-centered security policy.
Keywords
Security Threat; Information Security; Security Policy; Operation Sympton;
Citations & Related Records
Times Cited By KSCI : 4  (Citation Analysis)
연도 인용수 순위
1 Jun-Taek Lee, "Overview of Information Protection," Dec. 2016.
2 Hu-Eul Kim and Dong-Hyun Baek, "A Study on Categorization of Accident Pattern for Organization's Information Security Strategy Establish," Annual Report of Industrial Management Systems in Korea, 38(4), pp. 193-201, Dec. 2015
3 In-Hwan Cha, "(An)Empirical Research on Developing Personnel Security Management Indicators in Information Security," Thesis for the Degree of Dotor, Gwangun University, Aug. 2009.
4 Security News, "http://www.boannews.com/media/ view.asp?idx=51343," 2016. 7.27.
5 GARTNER,"Strategies for Dealing With Advanced Targeted," Aug. 2011.
6 Seong-Back Han and Sung-Kwon Hong,"Countermeasures against APT Attacks," Journal of the Korea Institute of Information Security & Cryptology, 23(1), pp. 44-53, Feb. 2013
7 Seol-Hwa Im,Jong-Su Kim," APT status and new malicious code countermeasures," Journal of the Korea Institute of Information Security & Cryptology,24(2), pp.64-70, Apr. 2014
8 Song-young Kim, "A study on the security policy improvement using the big data," Journal of the Korea Institute of Information Security & Cryptology, 23(5), pp.969-976, Oct. 2013.   DOI
9 Financial Security Sources,"Status and prospect of using behavioral detection system(FDS)," Jul. 2015.
10 Hye-Won Sin, "Methodology to analyze insider risk for the prevention of corporate data leakage," Korea Information Science Society, Jul. 2012.
11 Wikipedia, "Fourth Industrial Revolution," May. 2017.
12 KISA, "Research on the Development of Information Security Management System (ISMS)," 2009.
13 Financial Security Sources,"Training for Human Resource Surveillance Training Personnel Training(Financial IT Compliance)," Mar. 2017.
14 Security news, " measured but unprotected information protection management system ", 2016.06.02.
15 Byeong-Seol Min, " Limits and Challenges of Human Security Management," Korea Occupational Technology Protection Association, 2011.
16 Financial Supervisory Service," Electronic Financial Supervisory Regulations," 2017.
17 Chang-Woo Byun and Seog Park, "A Role-Based Access Control Model ensuring Confidentiality and Integrity," ournal of the Korea Institute of Information Security & Cryptology, 15(3), pp.13-29, Jun. 2005.