• Journal of Digital Convergence
• /
• v.15 no.12
• /
• pp.303-311
• /
• 2017

As new information technology emerges, companies are introducing an Enterprise Security Management system to cope with new security threats, reducing redundant investments and waste of resources and counteracting security threats. Therefore, it is necessary to construct a security evaluation metric based on related standards to demonstrate that the Enterprise Security Management(ESM) System meets security. Therefore, in order to construct a metric for evaluating the security of the ESM, this study analyzed the security quality related requirements of the ESM and constructed a metric for measuring the degree of satisfaction. This metric provides synergies through the unification of security assessments that comply with ISO/IEC 15408 and ISO/IEC 25000 standards. It is expected that the evaluation model of the security quality level of ESM will be established and the evaluation method of ESM will be standardized in the future.

• Proceedings of the KAIS Fall Conference
• /
• 2005.05a
• /
• pp.108-110
• /
• 2005

Most of the evaluation systems have performed evaluation with an emphasis on information security products so far. However, evaluating information security level for an enterprise needs analysis of the whole enterprise organization, and a synthetic and systematic evaluation system based on it. This study has tried to grasp the information security level of the whole enterprise organization, and develop an evaluation system of information security level for suggesting a more developing direction of information security.

• Korean Security Journal
• /
• no.7
• /
• pp.7-28
• /
• 2004

This paper is to introduce the foreign civil military enterprise system and to suggest a plan to improve the employment rate of the discharged soldiers who served for a long term and the welfare of soldiers highly. At first, Military Professional Resources Inc., Dyncorp Inc. and Cubic Inc. of the United States, Sandline International Inc. of England and ATCO Frontec Inc. and Ednoonton Inc. of Canada are introduced in this paper. And also, this paper is to analyze employment conditions and difficulties of the discharged soldiers and suggest to establish a institute of tentatively named 'Korean Civil Military Enterprise' in terms of the Government and the Department of Defense. This civil military enterprise is to plan and manage military projects, to research and develop drill manuals and military doctrines and policies and to evaluate and manage the military training. As a pattern of civil military enterprises, three types of Military Support, Military Consulting and Military Provider are presented. Moreover, in order to advance the civil military enterprise, diverse training programs(for public civil investigators, guard advisors, special security guards and security staffs) to utilize all sorts of special military fields are developed.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.2
• /
• pp.81-87
• /
• 2004

Very various intrusion by development of systems that is based on network is spread. To detect and respond this intrusion, security solutions such as firewall or IDS are bringing and management of security system that load these becomes more harder. Moreover, because environment of systems that require security is various, hard to manage establishing suitable security policy Therefore, need model about enterprise management of various security system and intrusion detection of each systems and response. In this paper, improve PBNM structure that manage wide network resources and presented suitable model in intrusion detection and response of security system. Also, designed policy-based enterprise security management system for effective intrusion detection and response by applying presented model to enterprise security management system.

• Convergence Security Journal
• /
• v.5 no.2
• /
• pp.9-17
• /
• 2005

Recently It's difficult to deal with about variety of attack. And Simple Security management have a problem. It is that they don't develop system measuring their system envoirment and have efficient attack detector, countermeasure organization about large network. Therefore, need model about enterprise management of various security system and intrusion detection of each systems and response. In this paper, improve PBNM structure that manage wide network resources and presented suitable model in intrusion detection and response of security system. Also, designed policy-based enterprise security management system for effective intrusion detection and response by applying presented model to enterprise security management system.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.33-39
• /
• 2017

In the age of full scale IoT, concept of "security convergence" has been popularized widely. However, it is not clear whether current "security convergence" concept reflects IoT characteristics and traits. In this thesis, a new concept, complementing "security convergence" concept researches up to date, has been suggested considering IoT characteristics. Required governance methodology and key technical factors are suggested for re-establishment of "security convergence" concept and for enterprise security strategy development.

• Convergence Security Journal
• /
• v.11 no.5
• /
• pp.41-51
• /
• 2011

The objective of this study is to generally check the present situation of private security industry by analyzing the current situation of private security industry in Korea so as to find which policy base is reflected to amend law by analyzing the amendment process of private security law in order to suggest policy direction of private security industry in Korea. Viewing through amendment process of private security law, enhancing publicity and enterprise are not judged to form any definite policy base. They are merely interpreted to partially reflect enterprise under the strong base of publicity. Such policy base may cause overall stagnation of private security industry. For sound development of private security industry, it is required to get out of the existing policy direction so as to change policy base to the direction of enhancing enterprise of private security industry. The power of police for instruction and supervision should be largely transferred to Korea Security Association so as to cultivate autonomous purifying function of private security industry. Police should strive to develop policy in the level of joint production of security service.

• Journal of KIISE:Information Networking
• /
• v.30 no.6
• /
• pp.776-786
• /
• 2003

Security Evaluation System is a system that evaluates the security of the entire enterprise network domain which consists of various components and that supports a security manager or a Security Management System in making decisions about security management of the enterprise network based on the evaluation. It helps the security manager or the security management system to make a decision about how to change the configuration of the network to prevent the attack due to the security vulnerabilities of the network. Security Evaluation System checks the “current status” of the network, predicts the possible intrusion and supports decision-making about security management to prevent the intrusion in advance. In this paper we analyze the requirements of the Security Evaluation System that automates the security evaluation of the enterprise network which consists of various components and that supports decision-making about security management to prevent the intrusion, and we propose a design for it which satisfies the requirements.

• The Journal of the Korea Contents Association
• /
• v.5 no.6
• /
• pp.360-367
• /
• 2005

Corporation's computerization developed by diffusion of internet, and dysfunction of Information is increasing greatly with virus, computing network infringement. Therefore, the today, corporation security is more and more emphasized. Security solution by that importance of security rises so is developing together Security solution is developing to ESM system in existing single system and important thing is function of each security solution and optimizing design of policy. Existent security policy taking a serious view security from external invasion but security of interior the importance rise the today. Accordingly, must construct ESM system of new structure for this. This paper proposes and embodied integration security administration system that solidify interior security utilizing IDS. Experiment external IP and ID access and analyzed the result.

• International Journal of Computer Science & Network Security
• /
• v.22 no.9
• /
• pp.89-94
• /
• 2022

The main purpose of the article is to analyze the system of digital management of labor resources in the context of ensuring personnel security and economic development. In the context of the digital transformation of the economy, much attention is paid to the creation of an innovative personnel management system, as the competition between organizations is intensifying, the victory in which guarantees greater economic benefits. Based on the results of the study, the features and key aspects of the digital management system of the enterprise's labor resources were characterized in the context of ensuring personnel security and economic development. Further research will include consideration of the practical aspects of the digital management system of the enterprise's labor resources.