• International Journal of Contents
• /
• v.1 no.2
• /
• pp.22-25
• /
• 2005

Enterprise security management system: Enterprise Security Management (EMS) is centralized integrated management of other kind of security solutions such as intrusion cutoff system, intrusion detection system and virtual private network. With the system, it is possible to establish security policies for entire IT system through interlocking of solutions. A security system of company network is progressing as a ESM(Enterprise Security Management) in existing security solution foundation. The establishment of the security policy is occupying very important area in ESM of the security system. We tried to analyze existing ESM system for this and designed security solution structure for enhancing the inside security. We applied implementing directly IDS system and tested. This test set the focus about inside security

• Journal of information and communication convergence engineering
• /
• v.8 no.5
• /
• pp.544-548
• /
• 2010

The Enterprise Security Management system is a centralized control system based on predefined security policies by organizations. In Korea, there is a Common Criteria security certification according to the strict standards for various features. As the needs of information security product are increasing, the ESM system should be evaluated with quality characteristics. In this paper, we propose evaluation items for functionality and performance of Enterprise Security Management system, and the best practices for evaluation.

• The Journal of the Korea Contents Association
• /
• v.10 no.6
• /
• pp.156-165
• /
• 2010

ESM(Enterprise Security Management) is representing domestic security management, and there is requirement to enhance it. This paper will evaluate quality of ESM products, understand its quality level, and derive method to improvement so as to develop security evaluation model and test methodology which can support quality enhancement. In addition, it presented the performance test cases and evaluation method to measure product's security quality, and to perform research on the judgement method for the results based on appropriate criteria. Developed quality evaluation model is expected perform important role in evaluating and enhancing the quality of intrusion prevention system.

• Journal of Digital Convergence
• /
• v.15 no.12
• /
• pp.303-311
• /
• 2017

As new information technology emerges, companies are introducing an Enterprise Security Management system to cope with new security threats, reducing redundant investments and waste of resources and counteracting security threats. Therefore, it is necessary to construct a security evaluation metric based on related standards to demonstrate that the Enterprise Security Management(ESM) System meets security. Therefore, in order to construct a metric for evaluating the security of the ESM, this study analyzed the security quality related requirements of the ESM and constructed a metric for measuring the degree of satisfaction. This metric provides synergies through the unification of security assessments that comply with ISO/IEC 15408 and ISO/IEC 25000 standards. It is expected that the evaluation model of the security quality level of ESM will be established and the evaluation method of ESM will be standardized in the future.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.109-121
• /
• 2002

As the development of information technology and thus the growth of security incidents, there has been increasing demand on developing a system for centralized security management, also known as Enterprise Security Management(ESM), uniting functions of various security systems such as firewall, intrusion detection system, virtual private network and so on. Unfortunately, however, developers have been suffering with a lack of related standard. Although ISTF recently announced firewall system and intrusion detection system log format, it still needs for truly efficient ESM further development of the related standard including event and control messaging. This paper analyses ISTF standard and further suggests an additional event and control messaging standard for firewall and intrusion detection systems. It is expected that this effort would be helpful for the development of ESM and further related standard.

• Journal of Digital Convergence
• /
• v.12 no.8
• /
• pp.351-359
• /
• 2014

The log data generated by security equipment have been synthetically analyzed on the ESM(Enterprise Security Management) base so far, but due to its limitations of the capacity and processing performance, it is not suited for big data processing. Therefore the another way of technology on the big data platform is necessary. Big Data platform can achieve a large amount of data collection, storage, processing, retrieval, analysis, and visualization by using Hadoop Ecosystem. Currently ESM technology has developed in the way of SIEM (Security Information & Event Management) technology, and to implement security technology in SIEM way, Big Data platform technology is essential that can handle large log data which occurs in the current security devices. In this paper, we have a big data platform Hadoop Ecosystem technology for analyzing the security log for sure how to implement the system model is studied.

• Proceedings of the KAIS Fall Conference
• /
• 2010.05a
• /
• pp.408-411
• /
• 2010

보안관리가 진화하고 있다. 보안의 중요성이 강조되면서 도입된 수많은 보안 솔루션은 관리의 어려움을 증가시키고 있고, 각기 다른 장비가 쏟아내는 수많은 정보들로 효율적인 전사적 보안 체계 마련의 필요성이 대두되고 있기 때문이다. 국내에서는 ESM(Enterprise Security Management)이 보안관리를 대표했지만, 이를 더욱 고도화해야 한다는 요구가 증가하고 있다. 본 연구에서는 기업보안관리(ESM) 제품의 질적인 면을 평가하고 품질수준을 파악하여 개선방향을 도출함으로써 품질향상을 지원할 수 있는 보안성 평가모델과 시험 방법론에 대해서 개발하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.04a
• /
• pp.409-412
• /
• 2009

통합보안관리시스템(Enterprise Security Management)은 기업의 보안 정책을 기반으로 다수의 보안시스템을 중앙에서 통합관제, 운영, 관리를 지원하는 시스템이다. 국내의 경우 정보보호시스템에 대한 보안성 평가는 국제공통평가기준을 근거로 평가 및 인증이 이루어지고 있는 반면, SW 품질관점에서의 ESM에 대한 평가 방안에 대한 연구는 미미한 실정이다. 이에 따라 본 논문에서는 SW 품질관점에서 ESM에 대한 평가항목을 제안하고자 한다.

• Convergence Security Journal
• /
• v.5 no.3
• /
• pp.1-7
• /
• 2005

Today, network is a fragile state in many threat attacks. Especially, the company serviced like internet or e-commerce is exposed to danger and targeted of attacker Therefore, it is realistic that the company use the security solution. It exist various security solution in our school network. For example, Firewall, IDS, VirusWall, VPN, etc. The administrator must manage various security solution. But it is inefficient. Therefore, we need the Management System to controll every security solution. In this paper, we deal with basic contents of security solution to manage the ESM and merits and demerits when use it. Also we suggest method that the Administrator can manage his network more efficiently and systematically by using the ESM in our school network.

• The Journal of the Korea Contents Association
• /
• v.5 no.6
• /
• pp.360-367
• /
• 2005

Corporation's computerization developed by diffusion of internet, and dysfunction of Information is increasing greatly with virus, computing network infringement. Therefore, the today, corporation security is more and more emphasized. Security solution by that importance of security rises so is developing together Security solution is developing to ESM system in existing single system and important thing is function of each security solution and optimizing design of policy. Existent security policy taking a serious view security from external invasion but security of interior the importance rise the today. Accordingly, must construct ESM system of new structure for this. This paper proposes and embodied integration security administration system that solidify interior security utilizing IDS. Experiment external IP and ID access and analyzed the result.