• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2003.05a
• /
• pp.991-998
• /
• 2003

우리나라 전자정부 추진 과정 중에 드러난 문제점들은 정보화 투자의 비효율성, 일관성 결여 및 중복성, 정보화 수요의 폭발적 증가에 따른 양적인 대응의 한계, 전산환경 운영의 비효율성 등으로 요약될 수 있다. 이러한 문제점들은 범정부적인 정보자원에 대한 일관된 관리운용체계의 확보를 통해 해결될 수 있다. 점차 경량화되는 정부가 혁신된 정보자원 관리운용체계를 효과적으로 유지하기 위해서는 이를 뒷받침하는 지원 기능이 강화되어야 한다. 본 연구에서는 우리나라 차세대 전자정부 추진 목표로 완전 통합 단계의 달성을 상정하고, 그 방안으로 국가정보기술원의 역할모형을 제시하였다. 국가정보기술원은 정부가 추진하는 모든 정보화사업이 일관성있고, 효율적으로 진행될 수 잇도록 국가정보화에 필요한 전반적인 기능들을 섭렵하여 지원하는 전담기관으로, 정보화기획, 정보화사업관리, 정보자원 운영, 국가표준관리, 감리 및 평가 동의 기능을 수행한다. 특히, 본 연구에서는 범정부적 정보인프라의 통합운영을 담당하는 국가정보센터의 모형을 제시하였는데 국가정보기술원은 이를 통해 정보자원 운영 기능을 수행하게 된다. 본 연구에서 제시된 국가정보기술원의 역할 모형은 정부의 정보자원 관리운용체계를 혁신하고, 유지하는데 필요한 기능을 충분히 수행할 수 있을 것으로 기대된다.

• Korea Information Processing Society Review
• /
• v.23 no.1
• /
• pp.34-52
• /
• 2016

클라우드(Cloud)가 ICT 패러다임으로 등장하면서 구글(Google), 아마존(Amazon), 애플(Apple) 등 글로벌 클라우드와 KT, LG 등 국내 클라우드 서비스가 급증하고 있으며, 공공에서도 정부통합전산센터, 교과부 등으로 클라우드가 빠르게 확산 중이다. 하지만, 국내 클라우드 서비스는 대부분 인프라 서비스(IaaS)로 클라우드 응용프로그램을 개발 운영하는 환경(플랫폼)이 없어 IoT나 모바일처럼 풍성한 응용이 핵심인 글로벌 클라우드 생태계 구축에 한계가 있다. 본 연구는 개발자나 응용 소프트웨어 제공업체들이 응용 애플리케이션들을 개방형 플랫폼에 개발 배포 운영 관리할 수 있는 기반을 마련하고, 전자정부 표준 프레임워크를 기반으로 정보시스템들을 구축 운영하던 공공기관들과 민간 기업들이 별도 비용 없이 혹은 적은 비용으로 이식이 가능하게 함으로써 개별적인 서비스를 클라우드 플랫폼에서의 서비스로 전환하려고 하는 응용 소프트웨어 제공업체들에게 전략을 제시하며, 이를 기반으로 성공적인 구축을 위한 실행 전략도 함께 제시하였다. 본 연구에서 제시한 실제 어플리케이션 적용 사례는 국내의 전자정부 프레임워크에 능통한 개발자 또는 개발사에서 단일 서비스 플랫폼에서 클라우드 플랫폼으로의 개발역량을 향상시키는 전환점을 제공할 것으로 예상된다.

• Journal of Digital Convergence
• /
• v.8 no.4
• /
• pp.185-204
• /
• 2010

This case study quantifies the savings that can be realized through integration in National Computing & Information Agency (NCIA) of the Korea Government. It is based on the process of the NCIA development project that consolidating and integrating distributed 24 agencies. And it used the widely accepted Gartner TCO (Total Cost of Ownership) Solution and applies that methodology consistently before and after integration. Specific measurement items for examining the information system integration saving cost are developed pilot test for 2 agencies through compare TCO before integration and TCO after integration. The results of measuring on information system integration in NCIA are showed lots of economic cost reduction in TCO by integrating and consolidating each computing environment in agency. Especially in detail, NCIA realized the most savings in IT Capital Cost including development of hardware, software and recovery system. Also IT Support Cost and IT Administration Cost examined more savings than before IT integration.

• Journal of Digital Convergence
• /
• v.6 no.3
• /
• pp.23-34
• /
• 2008

Progressing of Web2.0 and social digitalization are lead to changing citizens participation and citizen centric service of civic service. To meet this trends that is online collaboration and sharing, citizen's service that provides our government, also need to changing web2.0 style. This paper argues that government could now grasp the opportunities that are emerging in terms of web2.0 Current policy and action is not yet adequate to grasp these opportunities. So this study focused on strategies of civil services based on web2.0 using NCIA(National Computerization Integrated Agency) cases. For the purpose, we analyze former researches related with civil service. And then, we propose web2.0 adaptation strategies for NCIA.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.147-153
• /
• 2015

Since the DoS(Denial of Service) attack is still an important vulnerable element in many web service sites, sites including public institution should try their best in constructing defensive systems. Recently, DDoS(Distributed Denial of Service) has been raised by prompting mass network traffic that uses NTP's monlist function or DoS attack has been made related to the DNS infrastructure which is impossible for direct defense. For instance, in June 2013, there has been an outbreak of an infringement accident where Computing and Information Agency was the target. There was a DNS application DoS attack which made the public institution's Information System impossible to run its normal services. Like this, since there is a high possibility in having an extensive damage due to the characteristics of DDoS in attacking unspecific information service and not being limited to a particular information system, efforts have to be made in order to minimize cyber threats. This thesis proposes a method for using TTL (Time To Live) value in IP header to detect DDoS attack with IP spoofing, which occurs when data is transmitted under the agreed regulation between the international and domestic information system.

• Journal of Digital Convergence
• /
• v.9 no.3
• /
• pp.213-223
• /
• 2011

Today, information resource management is key task in the data-centre as like as NCIA(National computing integration Agency of Korea). In IRM, the server's performance is one of the core elements, it must be importantly managed during whole of system life cycle. As first step of such management is in purchase phase, it is very important that the optimum specification is determined. The server's specification contains such as performance of core, criteria for performance verification, minimum cores, etc. There is constant controversy concerning the minimum cores. In this article, we present criteria for determination of the minimum cores that considered three aspects: (1) Costly aspect as TCO(Total Cost of Ownership, (2) Environmental aspect as Green IT (3) Technical aspect as RAS(Reliability, Availability, Serviceability) functionality. Finally, we propose scheme to ideally determinate the minimum cores.

• Korean Security Journal
• /
• no.18
• /
• pp.169-190
• /
• 2009

Today, the rapid advance of scientific technologies has brought about fundamental changes to the types and levels of terrorism while the war against the world more than one thousand small and big terrorists and crime organizations has already begun. A method highly likely to be employed by terrorist groups that are using 21st Century state of the art technology is cyber terrorism. In many instances, things that you could only imagine in reality could be made possible in the cyber space. An easy example would be to randomly alter a letter in the blood type of a terrorism subject in the health care data system, which could inflict harm to subjects and impact the overturning of the opponent's system or regime. The CIH Virus Crisis which occurred on April 26, 1999 had significant implications in various aspects. A virus program made of just a few lines by Taiwanese college students without any specific objective ended up spreading widely throughout the Internet, causing damage to 30,000 PCs in Korea and over 2 billion won in monetary damages in repairs and data recovery. Despite of such risks of cyber terrorism, a great number of Korean sites are employing loose security measures. In fact, there are many cases where a company with millions of subscribers has very slackened security systems. A nationwide preparation for cyber terrorism is called for. In this context, this research will analyze the current status of Korea's cyber security systems and its laws from a policy perspective, and move on to propose improvement strategies. This research suggests the following solutions. First, the National Cyber Security Management Act should be passed to have its effectiveness as the national cyber security management regulation. With the Act's establishment, a more efficient and proactive response to cyber security management will be made possible within a nationwide cyber security framework, and define its relationship with other related laws. The newly passed National Cyber Security Management Act will eliminate inefficiencies that are caused by functional redundancies dispersed across individual sectors in current legislation. Second, to ensure efficient nationwide cyber security management, national cyber security standards and models should be proposed; while at the same time a national cyber security management organizational structure should be established to implement national cyber security policies at each government-agencies and social-components. The National Cyber Security Center must serve as the comprehensive collection, analysis and processing point for national cyber crisis related information, oversee each government agency, and build collaborative relations with the private sector. Also, national and comprehensive response system in which both the private and public sectors participate should be set up, for advance detection and prevention of cyber crisis risks and for a consolidated and timely response using national resources in times of crisis.