• Review of KIISC
• /
• v.31 no.4
• /
• pp.45-53
• /
• 2021

공통평가기준(CC, Common Criteria)의 국제 표준인 ISO/IEC 15408, ISO/IEC 18045는 정보보호제품에 구현되어 있는 보안 기능의 보증과 안전성을 시험하기 위한 평가 기준을 제시하는 국제 표준으로 정보보호제품에 대한 국제적인 신뢰성을 보장할 수 있도록 기준을 제시하고 있다. 특히 ISO/IEC 15408, ISO/IEC 18045는 ISO/IEC 27000, ISO/IEC 19790과 함께 ISO/IEC JTC 1/SC 27을 대표하는 국제 표준이다. 본 논문에서는 ISO/IEC JTC 1/SC 27/WG 3 작업반에서 개정을 진행하고 올해 말에 출판 예정인 ISO/IEC 15408 및 ISO/IEC 18405의 주요 변경 내용 및 신규 개념에 대해 설명하고, 최근 WG 3 작업반에서 추진하고 있는 국제 표준화 활동 현황 및 주요 현황을 소개하고자 한다.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.6
• /
• pp.153-160
• /
• 2007

Recently, the demand against the system risk analysis and security management from the enterprises or the agencies which operate a information system is increasing even from domestic. The international against the standardization trend of information protection management system it investigates from the dissertation which it sees. It analyzed and against information property information protection management system integrated it will be able to manage a danger modeling it did it proposed. Having analyzed as well as compared the matureness of security-measurement models in regard to the global standard of proposal system, the administrative presentation for various IT technology resources. which have been managed singly so far, is now well applied under the united control of the company itself, and enabled the automated management of authentication support and renewal for ISO 27001, ISO 9000, ISO 14000, resulting in much advanced operation for both material and human resources.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1231-1238
• /
• 2013

In the background of rapidly increasing domestic cloud service demand, worries about security and privacy incidents can hinder the promotion of cloud service industry. Thus, it is crucial that the independent 3rd party assures the reliability for using the cloud service. This paper compares several external and internal cloud service certification cases, for example CSA certification, FedRAMP certification, KCSA certification, and concludes that insufficient security and privacy controls are prevailing. As a consequence, several enhanced countermeasures by using ISO/IEC 27017, KISA's ISMS considering manageability and expertise are proposed in the cloud service certification system.

• Product Safety
• /
• s.55
• /
• pp.20-22
• /
• 1997

• 방재와보험
• /
• s.59
• /
• pp.22-24
• /
• 1993

• Monthly Duck's Village
• /
• s.26
• /
• pp.44-49
• /
• 2001

• The Monthly Technology and Standards
• /
• s.58
• /
• pp.51-53
• /
• 2006

• The Monthly Technology and Standards
• /
• s.71
• /
• pp.49-51
• /
• 2007

• 월간 기계설비
• /
• s.40
• /
• pp.34-43
• /
• 1993

• IE interfaces
• /
• v.7 no.2
• /
• pp.53-59
• /
• 1994