• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.12
• /
• pp.265-270
• /
• 2019

In order to protect the advancement of defense technology that has a tremendous e?ect on both the national security and the economy, the Republic of Korea established the Defense Technology Security Act in 2015. As the new enactment brought changes to the landscape of the defense industry and defense industrial security, a new examination of the concept of the defense industrial security has now become necessary. Even after taking into consideration the undisclosed nature of defense industrial security research, and the fact that only the limited number of firms participates in the subject matter, scientific studies related to the topic have not been active. However, with the new enactment of the Defense Technology Security Act, it is necessary to expand the scope of security and to redefine the concept of defense industrial security. In this paper, we analyzed the research works on related technology protection policies and our environment of the defense industry in order to conceptualize defense industrial security. The established concepts are expected to provide a systematic way to protect the confidential and defense technology.

• Review of KIISC
• /
• v.28 no.6
• /
• pp.45-49
• /
• 2018

방위산업기술보호법 및 방위산업보안업무훈령에 따라 체계종합업체는 협력업체 보안관리 업무를 수행하고 있으며, 비정형 상태의 불특정한 다수의 협력업체를 효율적으로 관리하기 위한 협력업체 등급 분류 기준, 등급별 보안점검 지표 마련을 위한 방법 및 PDCA 모델 적용을 통한 지속적 발전 방향에 대하여 알아본다.

• Korean Security Journal
• /
• no.22
• /
• pp.91-111
• /
• 2010

Around the middle of the ninth century the strict bone-rank system of Silla frustrated many people who had political ambition but lacked nobility. They had to seek other ways, including maritime trade. Such an undertaking reflected and also increased their economic and military power. Trade prospered with T'ang China and with Japan as well. The threat of piracy to Silla's thriving maritime trade caused to create a succession of garrisons at important coastal points. Chonghae Jin (Chonghae garrison) was regarded as the most important of these. It was established in 828 by Chang Pogo. Chonghae Jin was on Wando, an island just east of the southwestern tip of Korea and a key place at this time in the trade between China, Korea, and Japan. From this vantage point Chang Pogo became a merchant-prince with extensive holdings and commercial interests in China and with trade contacts with Japan. Although piracy was rampant in East Asia at that time, either the Chinese or Silla government was not able to control it due to inner political strife and lack of policing resources. Infuriated by the piracy and the government's inability to control it, Chang Pogo came back to Silla to fight against the pirates and to protect maritime trade. He persuaded the king of Silla and was permitted to control the private armed forces to sweep away the pirates. In 829 he was appointed Commissioner of Chonghae-Jin with the mission of curbing piracy in that region. Chang's forces were created to protect people from pirates, but also developed into traders among Silla Korea, T'ang China, and Japan in the 9th century. This was geographically possible because the Chonghae Garrison was situated at the midpoint of Korea, China, and Japan, and also because Chang's naval forces actually dominated the East Asia Sea while patrolling sea-lanes. Based on these advantages, Chang Pogo made a great fortune, which might be collected from a charge for protecting people from pirates and the trades with China and Japan. Chang's forces could be termed the first private security company in the Korean history, at least in terms of historical documents. Based on historical documents, the numbers of private soldiers might be estimated to exceed tens of thousands at least, since Chang's forces alone were recorded to be more than ten thousand. Because local powers and aristocratic elites were said to have thousands of armed forces respectively, the extent of private forces was assumed to be vast, although they were available only to the privileged class. In short, the domination of Chang's forces was attributable to the decline of central government and its losing control over local powers. In addition it was not possible without advanced technologies in shipbuilding and navigation.

• Korean Security Journal
• /
• no.42
• /
• pp.155-178
• /
• 2015

This study surveyed the subject of companies' industrial security on priorities of the government policy for the confidentiality of corporate and the necessity of expanding the government support for the industrial security. In determining the priority, we should consider all opinions of companies, individuals, societies, and governments that associated with the confidentiality. Especially in industrial security, companies are the most significant beneficiaries and consumers of security policy and it would be the basis for supporting on policy-making. As a result, we analyzed the 50 valid questionnaires collected from security personnel of Korean corporations and 'Enhance support for education and promotion of human resource (On/Off-Line)', 'Establish Security management and Security measures', and 'Enhance Security professionals status via qualifications/certifications' are shown as 1st, 2nd, 3rd priority of government policy to protect Corporate confidential information including its customer information. All respondents of the study says that the Government support for Industrial Security should be enlarged.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.11a
• /
• pp.409-412
• /
• 2020

주요기반시설 산업제어시스템의 폐쇄 망 운영 환경에 따라 내부자 사이버 보안 위협으로 인한 피해가 다수 발생하고 있다. 따라서 이에 대응하기 위한 내부 보안 대책이 요구된다. 이에 본 논문은 산업제어시스템의 안전한 운용을 위한 SW 보안 무결성 관리 프로그램을 제안한다. 자산의 구매, 설치, 운영, 유지보수를 통합 관리함으로써 전반적인 라이프 사이클의 흐름 내에서 정보보안 강화를 확립하는 것을 목표로 한다. 이를 통하여 산업제어시스템의 특성을 반영한 효과적인 내부 보안 관리 프로그램으로 활용될 수 있을 것이다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.757-770
• /
• 2020

Industrial Control System(ICS) is a system that measures, monitors, and controls various distributed assets, and is used in industrial facilities such as energy, chemical, transportation, water treatment, and manufacturing plants or critial infrastructure. Because ICS system errors and interruptions can cause serious problem and asset damage, research on prevention and minimization of security threats in industrial control systems has been carried out. Previously wireless communication was applied in limited fields to minimize security risks, but the demand for industrial wireless communication devices is increasing due to ease of maintenance and cost advantages. In this paper, we analyzed the security threats of industrial wireless communication devices supporting WirelessHART and ISA100.11a. Based on the analysis results, we proposed the security requirements for adopting and operating industrial wireless communication devices. We expect that the proposed requirements can mitigate security threats of industrial wireless devices in ICS.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.397-400
• /
• 2019

주요기반시설 산업제어시스템의 운영환경 변화에 따라 보안 위협의 양상이 다양해지고 있다. 따라서 이를 반영한 보안 관리체계가 새로이 요구된다. 이에 본 논문은 미국 과 을 참조한 산업제어시스템의 정보보안 관리체계 프로그램을 제안한다. 프로그램의 기능은 다음과 같다. 첫째, 산업제어시스템 자산 관리 기능, 둘째, 보안상태 평가 기능, 셋째, 보안조치 관리 기능이다. 해당 프로그램을 통해 국내 산업제어시스템의 보안 수준 향상을 기대한다.

• Review of KIISC
• /
• v.17 no.2
• /
• pp.57-65
• /
• 2007

게임 산업에서 Vista 출시가 의미하는 보안 환경의 변화와 위험요소에 대해 설명을 하고 어떤 위험이 존재하고 있는지 인지하는 것이 필요하다. 현재의 게임 산업이 처한 보안상의 위험요소들을 먼저 확인을 하며 Vista로 인해 달라지는 보안상의 위험요소에 대해 명시하도록 한다. Vista에서 강화된 보안기능으로는 ActiveX의 실행제한과 UAC(User Access Control) 기능을 들 수 있는데 온라인 게임에 미치는 영향과 보안상의 이슈에 대해서 관계를 확인하여 보고 향후 방향에 대해 조망한다.

• Korean Security Journal
• /
• no.22
• /
• pp.197-230
• /
• 2010

This study examined the institutional improvement directions of industrial security programs, particularly focusing upon policies and practices in the U.S., to enhance the effectiveness of industrial security programs in Korea. This study also aimed to investigate the significance of institutional and/or policy implementations in preventing economic espionage attempt. Data leakage and/or loss of trade secrets in corporations has been a scary proposition and a serious headache to both the CEOs and the CSOs(Chief Security Officers). Security professionals or practitioners have always had to deal with data leakage issues that arise from e-mail, instant messaging(IM), and other Internet communication channels. In addition, with the proliferation of wireless and mobile technology, it's now much easier than ever for loss by data breaches to occur, whether accidentally or maliciously or even by an economic espionage attempt. The researcher in this study used both a case study and a comparative research to analyze the different strategies and approaches between the U.S. and Korea in regard of implementing policies to mitigate damages by economic espionage attempts and prevent them from occurring. The researcher first examined the current policies and practices in the U.S. in terms of federal government's and agencies' approach and strategies on industrial security programs and their partnerships with private-commercial-sectors. The purpose of this paper is to explain and suggest selected findings, and a discussion of actions to be taken on implementing a proactive and tactical approach to enhance the effectiveness of industrial security programs to fight against information loss or data leaks. This study used case reviews, literatures, newspapers, articles, and Internet resources relating to the subject of this study for triangulation of data. The findings during this research are as follows. This research suggests that both the private and the governmental sector should closely cooperate in the filed of industrial security to strengthen its traditional prevention strategies and reduce opportunities of economic espionage as well. This study finally recognizes both the very importance of institutional development led by the Government in preventing economic espionage attempts and its effectiveness when properly united with effective industrial security programs.

• Journal of the Korea Convergence Society
• /
• v.8 no.12
• /
• pp.15-22
• /
• 2017

This paper analyzes vulnerability of each service protocol used in ICT convergence industry, smart factory, smart grid, smart home, smart traffic, smart health care, and suggests technologies that can overcome security vulnerabilities. In addition, we design a service-oriented protocol security framework that allows us to quickly and easily develop security functions in an open environment by defining a security element common to protocols and designing a security module for each protocol layer including the corresponding elements. Service protocol independent security module and specialized security module, it will be possible to develop flexible and fast security system in ICT convergence industry where various protocols are used. The overall security level of the ICT service network can be improved by installing the necessary security modules in the operating system, and the productivity can be improved in the industrial security field by reusing each security module.