• Title/Summary/Keyword: 소프트웨어 자재명세서

Search Result 2, Processing Time 0.015 seconds

The Effects of information security perceptions of collaborative system managers on intention to use SBOM(Software Bill Of Materials) : Focusing on the Theory of Planned Behavior (협업시스템 담당자의 정보보안 인식이 SBOM(Software Bill Of Materials) 도입 의도에 미치는영향: 계획된 행동이론을 중심으로)

  • Noh Hyeyoung;Lee Sin-Bok
    • The Journal of the Convergence on Culture Technology
    • /
    • v.9 no.5
    • /
    • pp.463-474
    • /
    • 2023
  • Advances in technology have made it easier for organizations to share information and collaborate. However, collaboration systems where multiple entities share and access information are vulnerable to security. The concept of Software Bill Of Materials (SBOM) has emerged as a way to strengthen information security by identifying and transparently managing the components of software programs. To promote the adoption of SBOM in Korea, this study investigated the intention to use of collaboration system managers. This study was based on the theory of planned behavior and the integrated technology acceptance theory. The results of this study confirmed that performance expectations from SBOM adoption were an important variable for intention to use, and positive attitudes toward security also had an indirect effect through performance expectations. We found that SBOM adoption has an important causal relationship with performance due to the fact that it is targeted at enterprises, and that positive attitudes toward security and social climate can have a strong effect on intention to use.

A Study on the Software Supply Chain Security Policy for the Strengthening of Cybersecurity: Based on SBOM Policy Cases (사이버안보 강화를 위한 소프트웨어 공급망 보안 정책 연구: SBOM 정책 추진 사례를 중심으로)

  • Son, Hyo-Hyun;Kim, Dong-Hee;Kim, So-Jeong
    • Journal of Digital Convergence
    • /
    • v.20 no.2
    • /
    • pp.9-20
    • /
    • 2022
  • Supply chain attacks target critical infrastructure, causing large amounts of damage and evolving into a threat to public safety and national security. Accordingly, when establishing cybersecurity strategies and policies, supply chain risk management is specified to enhance security, and the US Biden administration recently issued the Executive Order on Improving the Nation's Cybersecurity, SBOM was mentioned as part of the guidelines for strengthening software supply chain security. If the government mandates SBOM and uses it as a security verification tool for supply chains, it can be affected by the domestic procurement system in the future and can be referenced when establishing a security system for domestic supply chains according to the progress of policy implementation. Accordingly, in this paper, countries that are promoting the SBOM policy as a way to strengthen the security of the software supply chain were selected and analyzed with a focus on related cases. In addition, through comparison and analysis of foreign SBOM policy trends, methods for using domestic SBOM in terms of technology, policy, and law were considered. As the value of using SBOM as a supply chain integrity/transparency verification tool is expected in the future, it is necessary to continuously identify trends in the establishment of international standardization and policy development for SBOM and study the standard format.