• Title/Summary/Keyword: Convergence Security Infrastructure

Search Result 197, Processing Time 0.028 seconds

Development of Convergence Security Industry Knowledge Map for the 4th Industrial Revolution Security Infrastructure (4차 산업혁명의 보안 인프라 구축을 위한 융합보안산업 지식 맵 개발)

  • Lee, Daesung
    • Convergence Security Journal
    • /
    • v.19 no.4
    • /
    • pp.173-180
    • /
    • 2019
  • As the 4th Industrial Revolution(Industry 4.0), symbolized as CPS(Cyber Physical System), spreads around the world, it is essential to establish a converged security infrastructure to secure technical stability and reliability of various cyber systems to be implemented in the future. In this study, we will investigate the phenomenon of broad convergence security industry and technology including the concept of life safety in relation to the spread of the 4th industrial revolution, and analyze the possibility of linkage between related knowledge to promote academic-industrial cooperation necessary for the convergence of security. we would like to propose a comprehensive development policy on human resource development, technology development and policy improvement.

Malicious Traffic Protection through MSPI Designing (MSPI설계를 통한 유해 트래픽 차단)

  • Noh, Si-Choon
    • Convergence Security Journal
    • /
    • v.6 no.2
    • /
    • pp.31-42
    • /
    • 2006
  • In this paper, we proposed an integrated infrastructure for optimal information security to resolve these kinds of problems and to implement more powerful protection. The proposed infrastructure presents a security framework, provides a functional mechanism, and implements a scheme for information security based on the design concept of integrated structures. In order to ensure effective malicious traffic blocking, this paper emphasizes that a comprehensive approach through infrastructure improvement and combination of scanning tool is the only measure for preparing against today's environment of virus infiltration. The proposed model is a measure developed at a time when a permanent technological solution to virus is yet to be developed. A performance analysis model is developed and the performance is evaluated through the case studies for the proposed methodology. The effectiveness of the infrastructure for optimal information security needs the continuous diagnostic evaluation and tuning through the users or the organizations.

  • PDF

A study on an Infrastructure for Virus Protection (바이러스 차단 인프라 구조에 관한 연구)

  • Noh, Si-Choon;Kim, Su-Hee;J. Kim, Kui-Nam
    • Convergence Security Journal
    • /
    • v.5 no.1
    • /
    • pp.53-62
    • /
    • 2005
  • Virus protection infrastructure managementis network infrastructure management, traffic route management, virus protection zone expansion, and virus protection management for gateway area. This research paper provides a diagnosis of characteristics and weaknesses of the structure of existing virus protection infrastructure, and recommends an improved multi-level virus protection infrastructure as a measure for correcting these weaknesses. Improved virus protection infrastructure filters unnecessary mail at the gateway stage to reduce the load on server. As a result, numberof transmission accumulation decreases due to the reduction in the CPU load on the Virus wall and increase in virus treatment rate.

  • PDF

A Study on the Security Framework Design for Stable Operation of Critical Infrastructure Service (주요기반시설 서비스의 안정적 운영을 위한 보안 프레임워크 설계에 관한 연구)

  • Lee, Suyeon;Yoo, Jiyeon;Lim, Jongin
    • Journal of Information Technology Services
    • /
    • v.15 no.4
    • /
    • pp.63-72
    • /
    • 2016
  • Critical infrastructure has been operating in a closed environment with a completely separate information system and in the private area. However, with the current ICT environment changes due to convergence and open platforms it has increased the threats and risks to critical infrastructure. The importance of cyber security is increasing in the infrastructure control system, such as the outbreak of Ukraine blackout in 2015 by a malicious code called 'black energy'. This thesis aims to recognize the importance and necessity of protecting the critical infrastructure service, designing a security framework reflecting environmental and characteristic changes, and analyzing the management system suitable for a security framework. We also propose a theoretical basis for constructing a new security framework by comparing and analyzing seven international security management system standards, such as NIST 800-82 and IEC 62443-2-1, which are used in the control system. As a result, the environment surrounding critical infrastructure changes with the characteristics of connectivity, openness, and finality was studied, and as a response to this, many scholars and institutions present critical infrastructure security frameworks as cycle enhancement type structures, risk management structures, and management domain expansion structures. In response, the security framework encompassing these structures, CISF (Critical Infrastructure Security Framework), was designed. Additionally, through the security related international standard and criterion analysis, as a newly designed security standard suitable for CISF, IEC 62443-2-1 is reviewed and suggestions are made.

A Building Method of Infrastructure Efficiency under Ad Hoc-based on Network Infrastructure for Medical Information System (Ad Hoc 기반 의료정보시스템의 네트워크 보안 효율성구조 Infrastructure 설계방법)

  • Noh, Si-Choon;Yoo, Seung-Jae
    • Convergence Security Journal
    • /
    • v.11 no.3
    • /
    • pp.91-98
    • /
    • 2011
  • Medical information system based on ad hoc network designed for general information systems and information networks have different security requirements. Malicious code infiltration and security features are performed on same medical information network architecture along the route. Security domain of medical information systems is the ground of penetration and defense performed over the network architecture and it is also the traffic handling areas separated by a concept of differentiated group. Ad hoc-based medical information systems in the network security domain, set some standards about what should be the methodology of this study. In this paper, medical information system network configuration, the determining factor based on the security domain, the structure selection criteria and blocking positionings are presented according to the traffic route configuration. If you apply this methodology designed to increase security, efficiency can be possible. Health information systems in accordance with the security domain areas requires differentiated protection needs of the security mechanism that is proposed by this study.

A Building Method of Security Architecture Framework on the Medical Information Network Environment (의료정보시스템상에서의 네트워크 보안기능 프레임워크와 보안 아키텍쳐 설계방법)

  • Lee, Dae-Sung;Noh, Si-Choon
    • Convergence Security Journal
    • /
    • v.11 no.4
    • /
    • pp.3-9
    • /
    • 2011
  • On health information network architecture, traffic along the path of traffic and security, blocking malicious code penetration is performed. The medical information system network security infrastructure study, which was whether to be designed based on the structure and methodology is designed to develop the security features. Health informati on system's functionality and capabilities framework for infrastructure is the backbone and structure. The design fea tures a framework for the overall network structure formation of the skeleton and forms the basic structure of the security methodology. Infrastructure capabilities to build the framework and the application functionality is being implemented. Differentiated in accordance with security zones to perform security functions and security mechanisms that operate through this study is to present. u-Healthcare future advent of cloud computing and a new health information environment, the medical information on the preparation of this study is expected to be utilized for security.

An Access Control using SPKI Certificate in Web Environment (웹 환경에서 SPKI 인증서를 이용한 접근 제어)

  • Kim, Jeom-Goo
    • Convergence Security Journal
    • /
    • v.6 no.4
    • /
    • pp.11-19
    • /
    • 2006
  • Web service is giving an equal privilege to all user for sharing their resources. Under this situation, a lot of vulnerability against the various attacks through the Internet is possible, more sophisticated security services are necessary. In this paper, we propose an access control scheme using SPKI (Simple Public Infrastructure). The scheme designates an access control by providing the certificate to users who request a connection for resource sharing and limits the resource usage of information provider according to the access right that is given to their own rights.

  • PDF

A Study on Models for Strengthening Infrastructure Protection through Analysis of Cyber Intrusions (침해사고 분석을 통한 기반시설 보호 강화 모델 연구)

  • Yoon, Oh Jun;Han, Bok Dong;Park, Jeong Keun;Seo, Hyung Jun;Shin, Yong Tae
    • Convergence Security Journal
    • /
    • v.15 no.6_2
    • /
    • pp.29-36
    • /
    • 2015
  • The hacking threats made against the Korea Hydro & Nuclear Power(KNDP) and the leakage of critical information on nuclear power safety raised the public awareness on the importance of protecting and managing national infrastructure necessary for sustaining the state and society. Cyber security activities and relevant institutions in the ROK, however, are still insufficient, because of which there is a possibility that similar incidents would reoccur and cause serious damages. Hence, a grave and direct threat is posed to the national security of the ROK. In this thesis, I would like to give my analysis and assessment on the recent cyber intrusions against infrastructure at home and abroad, measures established in response and their implementation, and the deficiency of the existing infrastructure protection system ; and lastly propose measures to reinforce infrastructure protection of the ROK.

A Study and Analysis on Case Study of Security Evaluation Tool (보안성 평가 도구 사례 분석 연구)

  • Kim, Hyun-il;Park, Kyungyun;Seo, Changho;Moon, Daesung
    • Journal of Digital Convergence
    • /
    • v.17 no.1
    • /
    • pp.347-356
    • /
    • 2019
  • Recently, the liberalization of industrial control systems has been accompanied by a major change in the structural paradigm of information systems in the public and public sectors, and potential cyber security problems in the future major infrastructure control systems that cannot respond to the level of security of existing information systems. To cope with this, a cyber security evaluation tool that can evaluate security vulnerability in three dimensions against various infrastructure control system environment is needed. However, a cyber security evaluation in the domestic environments does not have the concept of the current security status and satisfy settings of the infrastructure. Also, the most of items in that environments have had short-term inspection themselves which makes a limitation by a technical area. In order to overcome this problems, many researches are needed to apply CSET (Cyber Security Evaluation Tool) which is the US cyber security evaluation tool to the control environment of various domestic infrastructure. In this paper, first, we analyze methods to apply to the major domain through the analysis of various case studies on existing security assessement tools. Finally, we discuss future directions.

Smart City Security Management in Three Tier Smart City Management System (쓰리 티어 방식의 스마트시티 관리시스템에서의 보안 관리)

  • Hwang, Eui-Dong;Lee, Yong-Woo
    • Journal of the Korea Convergence Society
    • /
    • v.10 no.1
    • /
    • pp.25-33
    • /
    • 2019
  • The security of the data dealt by the smart city system is important because they have many privacy and public information. Therefore, it is necessary to study security in the smart city system. In this paper, we define the security factors for the smart city system composed of three tiers and describe the technologies for each. In addition, the design and implementation of the security layer in the Smart City middleware for the security management of the urban component in the Smart City Infrastructure and middleware, which is one of the most important issues in the Smart City system, is introduced.