• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.553-564
• /
• 2012

Today's security initiatives tend to integrate the physical and information securities which have been run by completely separate departments. That is, the converged security management becomes the core in the security market trend. However, to the best of our knowledge, we cannot find any solutions how to combine these two security events for the converged security. In this paper, we propose an information security object-driven approach which utilizes the physical security events to enhance and improve the information security. For scalability, we also present a systematic method using the analytic hierarchy process finding the meaningful event combinations among the large number of physical security events. In particular, we show the whole implementation processes in detail where we consider the information security object 'illegal computing system access' combined with two physical security devices - access controller and CCTV+video analyzer system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.747-749
• /
• 2017

To protect financial services against danger of financial accidents and customer information leakage caused by malware, injection attack and so on, Financial Services Commission announced "Financial Networks Security Enhancement Comprehensive Plan", which suggests the guideline of protecting customer information and providing secure financial services by separating network topology and then makes the financial company use network partitioning system. In consequence of this policy, financial companies respectively chose between the physical partitioning mechanism or the logical partitioning mechanism according to their IT environment. This paper suggests an efficient infrastructure configuration plan for making the logical network partition, by comparison of a construction of traditional general equipment and an integrated HCI(Hyper Converged Infrastructure) through 'Hyper Converged' which is one of virualization techniques for developing currently, and the case study of the integrated HCI method.

• The Journal of Society for e-Business Studies
• /
• v.20 no.3
• /
• pp.113-125
• /
• 2015

Information Security Incidents that have recently happen rapidly spread and the scale of that incidents' damage is large. In addition, as it proceeds to the era of converged industry in the future environment and the virtual cyber world expands to the physical world, new types of security threats have occurred. Now, it is time to supply security professionals who have a multi-dimensional security capabilities that can manage the strategies of technological security and physical security from the management point of view, rather than the ones who primarily focus on the traditional technologic-centered strategies to solve new types of security threats. In conclusion, in this paper we try to produce the curriculum of information security featured in the occupational classification system and analyze the subjects that are additionally required for those who move to other occupations to cultivate security professionals who suited to the converged-industrial environment. It is expected that multi-dimensional security professionals who suited to the converged-industrial environment will be cultivated by harmoniously integrating information security subjects from technological and business/managerial perspectives, and education training courses will be developed that effectively provide core knowledges per occupational classification when people moves to other occupations in the areas of information security.

• Journal of the Korea Convergence Society
• /
• v.6 no.4
• /
• pp.33-40
• /
• 2015

According to arriving convergence environment which can create new value-added converged between industry and ICT technology, It has made economic growth and improve the quality of life. However this convergence environment provide not only advantage but also various security problems resulting from generating converged security threats. For resolving this security problem, we need to approach to security problem in the integrated view not the fragmentary view which cover only technical approach. So This study developed security governance framework which can manage trustful security governance in multidimensional view which cover strategy, managerial/operational and technical view. Therefore this framework can construct trustful security management system which can help top management team to engage in security management directly and organizational member to perform security activities and have responsibility for themselves as suggesting single standard for security management.

• Korean Security Journal
• /
• no.56
• /
• pp.165-185
• /
• 2018

Because financial industry is closely related to the daily lives of people, internal fraud such as embezzlement by the employees can cause serious damage to the national economy, including credit crunch and contagious bankruptcy, as once demonstrated in the Savings Bank Scandal in 2011. Therefore, the importance of financial industry security is being emphasized and developed into converged security that combines physical, human and cyber security. In this study, to prevent fraud caused by internal employees in Korean financial sector, in-depth semi-structured interviews were conducted with a total of 16 participants including bankers, officials of financial regulators, and security experts, who were in charge of risk management in the industry. The collected data were analyzed at three stratification levels such as individual, organization, and socio-cultural factor. Based on this analysis, policy recommendations were suggested for the development of financial industry security and reducing internal fraud in banking institutions.

• Journal of information and communication convergence engineering
• /
• v.11 no.1
• /
• pp.17-23
• /
• 2013

Cloud computing is a currently developing revolution in information technology that is disturbing the way that individuals and corporate entities operate while enabling new distributed services that have not existed before. At the foundation of cloud computing is the broader concept of converged infrastructure and shared services. Security is often said to be a major concern of users considering migration to cloud computing. This article examines some of these security concerns and surveys recent research efforts in cryptography to provide new technical mechanisms suitable for the new scenarios of cloud computing. We consider techniques such as homomorphic encryption, searchable encryption, proofs of storage, and proofs of location. These techniques allow cloud computing users to benefit from cloud server processing capabilities while keeping their data encrypted; and to check independently the integrity and location of their data. Overall we are interested in how users may be able to maintain and verify their own security without having to rely on the trust of the cloud provider.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.173-180
• /
• 2019

As the 4^th Industrial Revolution(Industry 4.0), symbolized as CPS(Cyber Physical System), spreads around the world, it is essential to establish a converged security infrastructure to secure technical stability and reliability of various cyber systems to be implemented in the future. In this study, we will investigate the phenomenon of broad convergence security industry and technology including the concept of life safety in relation to the spread of the 4^th industrial revolution, and analyze the possibility of linkage between related knowledge to promote academic-industrial cooperation necessary for the convergence of security. we would like to propose a comprehensive development policy on human resource development, technology development and policy improvement.

• Convergence Security Journal
• /
• v.19 no.5
• /
• pp.85-90
• /
• 2019

The purpose of this study is to analyze the trend of exercise intervention applying various devices to increase the physical activity of the disabled, and to suggest the exercise intervention using converged devices that meet the needs of the times due to the increase of elderly people with disabilities. Exercise intervention using converged devices applicable to the disabled is divided into two types: first, exercise intervention using virtual reality-based gamification, and second, exercise intervention based on wearable devices of wearable or body-attached such as bands and watches. For exercise intervention using converged devices that can be enjoyed by the elderly with disability, minimize of environmental limitations, and easy to personalize, there is a need for configuration requirements such as easy operation and simple rules of operation, easy device installation and wearing, a trainer who can complement immature device utilization. In order to maintain and improve the daily living performance of the elderly with disabilities who experience a significant decrease in their cognitive and physical functions, it is necessary to use a physical activity game that can be experienced and can be interested in everyday life or a variety of devices to increase the amount of physical activity.

• Journal of the Korea Convergence Society
• /
• v.8 no.12
• /
• pp.15-22
• /
• 2017

This paper analyzes vulnerability of each service protocol used in ICT convergence industry, smart factory, smart grid, smart home, smart traffic, smart health care, and suggests technologies that can overcome security vulnerabilities. In addition, we design a service-oriented protocol security framework that allows us to quickly and easily develop security functions in an open environment by defining a security element common to protocols and designing a security module for each protocol layer including the corresponding elements. Service protocol independent security module and specialized security module, it will be possible to develop flexible and fast security system in ICT convergence industry where various protocols are used. The overall security level of the ICT service network can be improved by installing the necessary security modules in the operating system, and the productivity can be improved in the industrial security field by reusing each security module.

• Journal of Digital Convergence
• /
• v.12 no.2
• /
• pp.549-554
• /
• 2014

Studies on the intelligent vehicles that are converged with IT and vehicular technologies are currently under active discussion. A variety of communication technologies for safety intelligent vehicle services are support. As such intelligent vehicles use communication technologies, they are exposed to the diverse factors of security threats. To conduct intelligent vehicle security authentication solutions, there are some factors that can be adopted ownership, knowledge and biometrics[6,7]. This paper proposes to analyze the factors to threaten intelligent vehicle, which are usually intruded through communication network system and the security solution using biometric authentication scheme. This study proposed above user's biometrics information-based authentication scheme that can solve the anticipated problems with an intelligent vehicle, which requires a higher level of security than existing authentication solution.