• Title/Summary/Keyword: Enterprise security

Search Result 385, Processing Time 0.029 seconds

A Study Of Mining ESM based on Data-Mining (데이터 마이닝 기반 보안관제 시스템)

  • Kim, Min-Jun;Kim, Kui-Nam
    • Convergence Security Journal
    • /
    • v.11 no.6
    • /
    • pp.3-8
    • /
    • 2011
  • Advanced Persistent Threat (APT), aims a specific business or political targets, is rapidly growing due to fast technological advancement in hacking, malicious code, and social engineering techniques. One of the most important characteristics of APT is persistence. Attackers constantly collect information by remaining inside of the targets. Enterprise Security Management (EMS) system can misidentify APT as normal pattern of an access or an entry of a normal user as an attack. In order to analyze this misidentification, a new system development and a research are required. This study suggests the way of forecasting APT and the effective countermeasures against APT attacks by categorizing misidentified data in data-mining through threshold ratings. This proposed technique can improve the detection of future APT attacks by categorizing the data of long-term attack attempts.

A Study on Application Methodology of SPDL Based on IEC 62443 Applicable to SME Environment (중소기업환경에서 적용 가능한 IEC 62443 기반의 개발 보안 생애주기 프로세스 적용 방안 연구)

  • Jin, Jung Ha;Park, SangSeon;Kim, Jun Tae;Han, Keunhee
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.11 no.6
    • /
    • pp.193-204
    • /
    • 2022
  • In a smart factory environment in a small and medium-sized enterprise (SME) environment, sensors and actuators operating on actual manufacturing lines, programmable logic controllers (PLCs) to manage them, human-machine interface (HMI) to control and manage such PLCs, and consists of operational technology server to manage PLCs and HMI again. PLC and HMI, which are in charge of control automation, perform direct connection with OT servers, application systems for factory operation, robots for on-site automation, and production facilities, so the development of security technology in a smart factory environment is demanded. However, smart factories in the SME environment are often composed of systems that used to operate in closed environments in the past, so there exist a vulnerable part to security in the current environment where they operate in conjunction with the outside through the Internet. In order to achieve the internalization of smart factory security in this SME environment, it is necessary to establish a process according to the IEC 62443-4-1 Secure Product Development Life cycle at the stage of smart factory SW and HW development. In addition, it is necessary to introduce a suitable development methodology that considers IEC 62443-4-2 Component security requirements and IEC 62443-3 System security requirements. Therefore, this paper proposes an application plan for the IEC 62443 based development security process to provide security internalization to smart factories in an SME environment.

A Study for strategic cooperaton of enterprise security and business (기업보안과 비즈니스의 전략적 협력에 관한 연구)

  • Ryu, Hyung-Chang
    • Korean Security Journal
    • /
    • no.28
    • /
    • pp.103-130
    • /
    • 2011
  • This study is the research of enterprise security for raising the profitability and stability of Korean companies in global business environment and strategic cooperation of business. As the scientific technology gets complicated as day goes by and new competitors appear regardless the border in the modern business environment, the situation happens frequently which the huge company hands over their market to the new one armed with the innovative thinking overnight. To survive such new environment, the answer is the change of paradigm regarding business management method at the new point of view. With the low level of security risk management of Korean companies which stick to old habit, the security management which helps the companies secure profits is not affordable. The global village where the population of 7 billions live in 21st century is facing up to the rapid ecological adaptation. The rapid change of climatic environment creates the hundreds of thousands of sufferers in a moment, and we have been watching the millions of livestock are buried alive due to new contagious disease everyday. Such change encourages the humans in global village to change the basic way of living. The business ecosystem which is the basic root for economic life cannot be an exception. To survive the business environment of 21st century, the security risk management at management level is required and the reporting line of companies should be established newly for raising business competing power through security risk management. The companies should bear in mind that they can be disappeared into our old memories overnight if they are not sensitive to the changing environment. Out of new risks for the modern companies, the field especially Korean companies are dealing easily is the security risk. Not like past, the security risk which's size is much more massive and its propagation velocity is very fast is the one of important business risks which the management should take care. Out of security risks which influence on the modern companies significantly, the brand of companies, protection of their reputation, continuity of production and operation and keeping customer's trust are prior to the others. This study offered the suggestion regarding enterprise security and the strategic cooperation of business to deal with such security risk effectively.

  • PDF

Study about the Impact of Information Security Systems on Corporate Performance: Based on IT Relatedness Theory (정보보안체계 수립이 Multibusiness 기업 성과에 미치는 영향에 관한 연구: IT Relatedness 이론 관점에서)

  • Koo, Ja Myon;Park, Joo Seok;Park, Jae Hong
    • Asia pacific journal of information systems
    • /
    • v.23 no.4
    • /
    • pp.129-149
    • /
    • 2013
  • According to the development of new Information Technologies, firms consistently invest a significant amount of money in IT activities, such as establishing internal and external information systems. However, several anti-Information activities-such as hacking, leakage of information and system destruction-are also rapidly increasing, thus many firms are exposed to direct and indirect threats. Therefore, firms try to establish information security systems and manage these systems more effectively via an enterprise perspective. However, stakeholders or some managers have negative opinions about information security systems. Therefore, in this research, we study the relationship between multibusiness firms' performance and information security systems. Information security indicates physical and logical correspondence of information system department against threats and disaster. Studies on information security systems suggested frameworks such as IT Governance Cube and COBIT Framework to identify information security systems. Thus, this study define that information security systems is a controlled system on enterprise IT process and resource on IT Governance perspective rather than independent domain of IT. Thus, Information Security Systems should be understood as a subordinate concept of IT and business processes. In addition, this study incorporates information capability to information security system literature to show the positive relationship between Information Security Systems and Corporate Performance. The concept of information capability suggested that an interaction of human, information, technical and an effect on corporate performance using three types of capability (IT Practice, Information Management Practice, Information Behaviors and Values). Information capability is about firms' capability to manage IT infrastructure and information as well as individual employees who use IT infrastructure and information. Thus, this study uses information capability as a mediating variable for the relationship between information security systems and firms' performance. To investigate the relationship between Information Security Systems and multibusiness firms' performance, this study extends the IT relatedness concept into Information Security Systems. IT relatedness provides understanding of how corporations cope with conflicts between headquarters and business units to create a synergy effect and achieve high performance using IT resources. Based on the previous literature, this study develops the IT Security Relatedness model. IT Security Relatedness is our main independent variable, while Information Capability and Information Security Performance are mediating variables. To control for the common method bias, we collect each multibusiness firm's financial performance and use it as our dependent variable. We find that Information Security Systems influence Information Capability and Information Security Performance positively, and these two variables consequently influence Corporate Performance positively. In addition, this result indirectly shows that corporations under a multibusiness environment can obtain synergy effects using the integrated Information Security Systems. This positive impact of Information Security Systems on multibusiness firms' performance has an important implication to various stakeholders. Therefore, multibusiness firms need to establish Information Security Systems to achieve better financial performance.

A Coherent Model in Upholding General Deterrence Theory and Impact to Information Security Management

  • Choi, Myeong-Gil;Ramos, Edwin R.;Kim, Man-Sig;Kim, Jin-Soo;Whang, Jae-Hoon;Kim, Ki-Joo
    • Journal of Information Technology Applications and Management
    • /
    • v.16 no.3
    • /
    • pp.73-86
    • /
    • 2009
  • To establish an effective security strategy, business enterprises need a security benchmarking tool. The strategy helps to lessen an impact and a damage in any threat. This study analyses many aspects of information security management and suggests a way to deal with security investments by considering important factors that affect security manager's decision. To address the different threats resulting from a major cause of accidents inside an enterprise, we investigate an approach that followed ISO17799. We unfold a criminology theory that has designated many measures against the threat as suggested by General Deterrence Theory. The study proposes a coherent model of the theory to improve the security measures especially in handling and protecting company assets and human lives as well.

  • PDF

A study on The Private Investigator usage for Enterprise Security Activity: Focusing on countermeasure to the Industrial Spy (민간조사원(탐정)을 활용한 기업보안활동의 강화방안: 산업 스파이에 대한 대응방안을 중심으로)

  • Sin, Sung-Gyun;Park, Sang-Jin
    • Korean Security Journal
    • /
    • no.20
    • /
    • pp.199-228
    • /
    • 2009
  • National security of post cold-war since 1990's shift that conception of the national security transfer traditional military strength to economic strength. Accordingly, the national interest about how to protect the of the high-technology industry enterprises has become contentious social issue. The U.S. and advanced countries promote the policy to protect The United State's Economic Espionage Act(EEA). The Korea reaching to high level a field at IT, Shipbuilding, Steel, Automobile Industry and huge capital investment to high-technology & development. But, systematic industry security activity not an unfold. So private investigator collect the evidence and information of business case for prevent danger is efficient. The private investigator system, deal with the matter efficiently, will good system to prevent economic loss of business, state and nation through make a good use in business crime that machinery of law difficult to intervene. This article countermeasure about industry spy through make a good use of private investigator.

  • PDF

Device Identification System for Corporate Internal Network Visibility in IoT Era (IoT 시대 기업 내부 네트워크의 가시성 확보를 위한 단말 식별 시스템 설계)

  • Lee, Dae-Hyo;Kim, Yong-Kwon;Lee, Dong-Bum;Kim, Hyeob
    • Convergence Security Journal
    • /
    • v.19 no.3
    • /
    • pp.51-59
    • /
    • 2019
  • In this paper, we propose a device identification system for network visibility that can maintain the secure internal network environment in the IoT era. Recently, the area of enterprise network is getting huge and more complicated. Not only desktops and smartphones but also business pads, barcode scanners, APs, Video Surveillance, digital doors, security devices, and lots of Internet of Things (IoT) devices are rapidly pouring into the business network, and there are highly risk of security threats. Therefore, in this paper, we propose the device identification system that includes the process and module-specific functions to identify the exploding device in the IoT era. The proposed system provides in-depth visibility of the devices and their own vulnerabilities to the IT manager in company. These information help to mitigate the risk of the potential cyber security threats in the internal network and offer the unified security management against the business risks.

The Security Management Architecture for E504 EJB Container System (E504 EJB 컨테이너 시스템의 보안 관리 방법)

  • 서범수;김수형;박중기;이경호
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2002.10e
    • /
    • pp.190-192
    • /
    • 2002
  • EJB(Enterprise Java Bean)컨테이너에서 보안은 크게 사용자 인증과 빈의 메소드 호출에 대한 접근 제어로 구분된다. 기업이 가지고 운영 중인 다양한 보안 플랫폼 상에 EJB 컨테이너가 구동되기 때문에 EJB 컨테이너는 개별 보안 시스템과 독립적인 방법으로 빈에 대한접근 제어 방법을 정의하고 있다. 본 논문에서는 E504(Enterprise 504) EJB 컨테이너 시스템에서의 사용자 인증 및 접근 제어 방법에 대해 논의한다.

  • PDF

Development of Virtual Private Network VPN Construction Model to Protect Enterprise Infrastructure (기업인프라보호를 위한 가상 사설망 VPN 구축 모델 개발)

  • Kim, Su-Jin;Lee, Seung-Ho;Hwang, Do-Hun;Kang, Seong-Hyo;Jeon, Hyun-Ho
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2017.11a
    • /
    • pp.250-253
    • /
    • 2017
  • 최근 급증하는 보안 침해 사고와 함께 보다 다양해지고 있는 해킹 기법들에 대한 대응책 마련이 논의되고 있다. 기업의 내부 인프라 자산 보호를 위해 조치를 취할 수 있는 기본적인 1차 대응책으로 네트워크 계층에서의 방어에 대한 중요성이 대두되고 있다. 본 논문에서는 일반 공중망(Public Network)과 분리된 가상의 사설망(VPN: Virtual Private Network)을 구현함으로써 기존의 VPN 모델보다 보안성이 뛰어나며 저렴한 비용으로 외부에서의 접근 및 스누핑(Snooping) 공격과 같은 보안위협에 대비할 수 있는 VPN 모델을 구축하여 실제 현업 망에서의 적용 가능성을 도출하고자 한다.

Development of Evaluate Model of Enterprise Security Management (ESM) Product (기업보안관리(ESM) 제품의 평가모델 개발)

  • Kang, Sang-Won;Jeon, In-Oh;Ynag, Hae-Sool
    • Proceedings of the KAIS Fall Conference
    • /
    • 2010.05a
    • /
    • pp.408-411
    • /
    • 2010
  • 보안관리가 진화하고 있다. 보안의 중요성이 강조되면서 도입된 수많은 보안 솔루션은 관리의 어려움을 증가시키고 있고, 각기 다른 장비가 쏟아내는 수많은 정보들로 효율적인 전사적 보안 체계 마련의 필요성이 대두되고 있기 때문이다. 국내에서는 ESM(Enterprise Security Management)이 보안관리를 대표했지만, 이를 더욱 고도화해야 한다는 요구가 증가하고 있다. 본 연구에서는 기업보안관리(ESM) 제품의 질적인 면을 평가하고 품질수준을 파악하여 개선방향을 도출함으로써 품질향상을 지원할 수 있는 보안성 평가모델과 시험 방법론에 대해서 개발하였다.

  • PDF