Browse > Article
http://dx.doi.org/10.3745/KTCCS.2014.3.8.271

An Study on the Impact of N/A Check Item on the Security Level Result through Empirical Verification  

Lee, Jun Ho ((주)코스콤 인프라본부)
Sung, Kyung Sang (Infosec 컨설팅 사업부)
Oh, Hea Seok (가천대학교 IT대학)
Publication Information
KIPS Transactions on Computer and Communication Systems / v.3, no.8, 2014 , pp. 271-276 More about this Journal
Abstract
This study analyzed that N/A check items affect the results of the security level degree, when performing vulnerability analysis evaluation. For this, we were used vulnerability analysis evaluation range, check items and quantitative calculation method. Furthermore, were applied grade and weight for the importance of the items. In addition, because technology develop rapidly, the institution is always exposed risk. therefore, this study was carried out empirical analysis by applying RAL(Risk Acceptabel Level). According to the analyzed result N/A check items factors affecting the level of security has been proven. In other words, this study found that we shall exclude inspection items irrelevant to the institution characteristics, when perform vulnerability analysis evaluation. In this study suggested that security level evaluation shall performed, after that exclude items irrelevant to the institution characteristics based on empirical verification. And also, it proposed that model research is required for establish check items for which analysis-evaluate vulnerability based on empirical verification.
Keywords
Vulnerability Analysis.Evaluation; Empirical Verification; Security Level; Check Item; Quantitative Calculation Method;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 ICT News, "Cyber Security level improving for National critical infrastructure", 2008.
2 Korea Communication Commission, "A Study on Solutions for the Advancement of Security Legislation", Dec., 2011.
3 Ministry of Science, ICT and Future Planning, "The main information and communication infrastructure, vulnerability analysis and ratings", 2013.
4 Ministry of Security and Public Administration(MOSPA), "Vulnerability Analysis Score Equation", 2013.
5 Ajunews.com, "Information and communication infrastructure, expanding into 400 to 2017", 2013.
6 Kang. J. M. etc. 5, "A Study on National Cyber Capability Assessment Methodology", The Journal of KIISC, Vol.22, No.5, pp.1039-1055, 2012.   과학기술학회마을
7 Kim H. G., "A study on National Information Policies", KISA, 2010.
8 Kim, Y. J., Lee, J. H., Lim, J. I., "A Study on the Secure Plan of Security in SCADA Systems", The Journal of KIISC, Vol.19, No.6, pp.145-152, 2009.   과학기술학회마을
9 Park, J. S., Kim, K. K., Lee, K. J., Jung, J. H., "The main information and communication infrastructure, sophisticated research on information security level evaluation", The Journal of The NIPA, 2009.
10 Lee, Y. R., Jo, J. W., "A Study on the Evaluation Consulting Methodology of Important Information Communication Base Facility", The Journal of the SDPM, Vol.5, No.1, pp.55-68, 2007.   과학기술학회마을
11 Kang, D.J., Lee, J.J., Lee, Y., Lee, I.S., Kim, H.K., "Quantitative Methodology to Assess Cyber Security Risks of SCADA system in Electric Power Industry", The Journal of the KIISC, Vol.23, No.3, pp.53-58, 2013.