• Title/Summary/Keyword: Information Leaks

Search Result 138, Processing Time 0.026 seconds

A Study on Security Container to Prevent Data Leaks (정보 유출 방지를 위한 보안 컨테이너의 효과성 연구)

  • Lee, Jong-Shik;Lee, Kyeong-Ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.6
    • /
    • pp.1225-1241
    • /
    • 2014
  • Recently, Financial companies implement DLP(Data Leaks Prevention) security products and enforce internal controls to prevent customer information leaks. Accidental data leaks in financial business increase more and more because internal controls are insufficient. Security officials and IT operation staffs struggle to plan countermeasures to respond to all kinds of accidental data leaks. It is difficult to prevent data leaks and to control information flow in business without research applications that handle business and privacy information. Therefore this paper describes business and privacy information flow on applications and how to plan and deploy security container based OS-level and Hypervisor virtualization technology to enforce internal controls for applications. After building security container, it was verified to implement internal controls and to prevent customer information leaks. With security policies additional security functions was implemented in security container and With recycling security container costs and time of response to security vulnerabilities was reduced.

A Study on the Information Effluence State and Measure by Peer-to-Peer Programs in Korea and Japan (P2P프로그램을 통한 한국과 일본의 정보유출 현황 및 대책 연구)

  • Kim, Wan-Soo;Kim, Shik
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.9 no.1
    • /
    • pp.67-74
    • /
    • 2009
  • Information Effluence leaks are caused by the wide use of the P2P program in Japan and Korea lead by the increase of internet use and network infrastructure expansion. This research confirms the seriousness of the data collected from the P2P leaks of the two countries and furthers its study by researching how countermeasures are applied. The effectiveness is verified by collecting data according to countermeasure applied periods. Both countries had information leaks, but in the case of Japan, not only personal information leaks but corporation, administrative agency, military, and others in a wide range as well. As a countermeasure against information effluence, Korea is enforcing counter plans mainly against the P2P service businesses and for Japan, various plans are taken such as business guides for each agency, organization management, SW development and supply, HW supply, and ect. The leaks in Japan were more severe than the ones in Korea but they had well planned countermeasures that were applied. Therefore if the Japanese countermeasure on information effluence of P2P programs is taken as a lesson, Korea can prevent the problem of leaks beforehand.

  • PDF

A Study on Industrial Technology Leakage and Effective Industrial Security Measures through analysis of domestic portal article data (국내 포털 기사자료 분석을 통한 산업기술유출 사례와 산업보안 강화 방안 연구)

  • Yang, Hyun Jung;Lee, Chang Moo
    • Convergence Security Journal
    • /
    • v.17 no.2
    • /
    • pp.3-13
    • /
    • 2017
  • In the knowledge-information society, many domestic companies put lots of investment in technical development to possess core technologies and intellectual property. However, in the results of passive investment in security to protect their technologies compared to the active investment in technical development, the technology leaks from many companies and research institutes are rapidly increasing. Such increase of technology leaks not only causes damage to companies, but also has harmful effects on national economy directly and indirectly. Even though it has been perceived that a lot of industrial technology leak crimes are committed by former/current workers of small and medium-sized businesses, it is hard to find researches that mainly compare and analyze them. Therefore, this study aimed to understand the actual status of industrial technology leaks by analyzing cases of industrial technology leaks from 2014 to 2016 based on the type of victimized companies, corporate internal leakers' positions, matter of complicity, tools used for technology leaks, and motivation for technology leaks. Through the analysis in each type, the patterns and characteristics of industrial technology leaks were researched, and also the exploratory research on industrial security for the prevention of industrial technology leaks was conducted.

A study on Improved Convergence Security Monitoring System model (융합보안관제시스템 개선에 관한 연구)

  • Lee, Dong-Hwi;Ha, Ok-Hyun
    • Convergence Security Journal
    • /
    • v.11 no.5
    • /
    • pp.3-12
    • /
    • 2011
  • According to the NIS, damages due to leaking industrial technology are reaching tens of trillion won. The type of damages are classified according to insider leaks, joint research, and hacking, illegal technology leaks and collaborated camouflaged. But 80% of them turned out to be an insider leak about connecting with physical security. The convergence of IT and non IT is accelerating, and the boundaries between all area are crumbling. Information Security Industry has grown continuously focusing Private Information Security which is gradually expanding to Knowledge Information Security Industry, but Information Security Industry hereafter is concentrated with convergence of IT Security Technology and product, convergence of IT Security and Physical Security, and IT convergence Industry Security. In this paper, for preventing company information leaks, logical security and physical security both of them are managed at the same level. In particular, using convergence of physical security systems (access control systems, video security systems, and others) and IT integrated security control system, convergence security monitoring model is proposed that is the prevention of external attacks and insider leaks, blocked and how to maximize the synergy effect of the analysis.

A Study on the Development of Low Power Automatic ON/OFF Valve System for Gas Leak Detection (가스 누출 감지를 위한 저전력 자동 ON/OFF 밸브 시스템 개발에 관한 연구)

  • Choi, Young Gyu
    • The Journal of Korea Institute of Information, Electronics, and Communication Technology
    • /
    • v.14 no.5
    • /
    • pp.369-374
    • /
    • 2021
  • Apartment recently built in kitchen is made is made because the gas hose with built-in ways invisible inside the sink. In this case, if the gas leaks, it is a dangerous method that can accumulate inside the sink and lead to an explosion. In this study, since the hose connected between the gas range and the intermediate valve is inside the sink, it is not possible to test for gas leaks, so a valve system that can easily check for gas leaks using a pressure sensor was studied. As for the pressure measurement method, the pressure of the hose connecting the intermediate valve and the gas range was measured so that data could be collected and analyzed using the I2C communication method. In addition, the calculation of the gas pressure supplied to the home was investigated for the atmospheric pressure error for the value calculated by adding the average value of the gas gauge pressure of 22.46 mbar at the inlet of the gas meter to the atmospheric pressure. A valve system was developed to detect minute gas leaks.

A Study on Insider Behavior Scoring System to Prevent Data Leaks

  • Lim, Young-Hwan;Hong, Jun-Suk;Kook, Kwang Ho;Park, Won-Hyung
    • Convergence Security Journal
    • /
    • v.15 no.5
    • /
    • pp.77-86
    • /
    • 2015
  • The organization shall minimize business risks associated with customer information leaks. Enhance information security activities through voluntary pre-check and must find a way to detect the personal information leakage caused by carelessness and neglect accident. Recently, many companies have introduced an information leakage prevention solution. However, there is a possibility of internal data leakage by the internal user who has permission to access the data. By this thread it is necessary to have the environment to analyze the habit and activity of the internal user. In this study, we use the SFI analytical technique that applies RFM model to evaluate the insider activity levels were carried out case studies is applied to the actual business.

Comparative Study on Improvement of Personal Information (개인 정보 개선 방안에 대한 연구(국내외 비교 분석))

  • Lee, Do-kyun;Kim, Harksoo
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2014.05a
    • /
    • pp.591-594
    • /
    • 2014
  • Due to the spread of personal computers and the development of network, the information age has come and a variety of information has been flooded. Accordingly, individuals and companies have been a lot of attention to information security. However personal information leaks have been happening constantly in Korea. Nevertheless, awareness of security of personal information have been treated carelessly in society. In this paper, we will survey foreign awareness of personal information, specific cases for information leaks, and coping methods.

  • PDF

A Study of Public Library Patrons' Understanding of Library Records and Data Privacy

  • Kim, Dong-Seok;Noh, Younghee
    • International Journal of Knowledge Content Development & Technology
    • /
    • v.4 no.1
    • /
    • pp.53-78
    • /
    • 2014
  • As instances of private information leak increase, taking steps to protect such information becomes a necessity. In this study of public library patrons, we strove for a comprehensive understanding of library usage records to suggest viable solutions for private information safety in public libraries. To this end, we investigated the patrons' understanding of library usage records and determined the relationship between different user characteristics and privacy knowledge or leaks. The results show that a high number of patrons perceived these records as their own private information, but that there was no necessity for legal procedures or consent for the use of these records. Also, even though the understanding of these usage records showed that there was a relationship between the frequency of library visits and leaks of personal information, the correlation was not particularly strong.

Privacy Leakage Monitoring System Design for Privacy Protection (개인정보보호를 위한 개인정보 유출 모니터링 시스템의 설계)

  • Cho, Sung-Kyu;Jun, Moon-Seog
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.1
    • /
    • pp.99-106
    • /
    • 2012
  • Numerous private corporations and public institutions are collecting personal information through the diverse methods for the purpose of sales, promotion and civil services, and using personal information for the profits of the organizations and services. However, due to immaturity of the technical, managerial measures and internal control for the collected personal information, the misuse, abuse and the leaks of personal information are emerged as major social issues, and the government also is promoting implementation of the act on the privacy protection by recognizing the importance of the personal information protection. This research describes on the measures to detect the anomaly by analyzing personal information treatment patterns managed by the organizations, and on the measures to coup with the leaks, misuse, and abuse of personal information. Particularly, this research is intended to suggest privacy leakage monitoring system design, which can be managed by making the elements related to personal information leaks to numeric core risk indexes to be measured objectively.

A Static Analyzer for Detecting Memory Leaks based on Procedural Summary (함수 요약에 기반한 메모리 누수 정적 탐지기)

  • Jung, Yung-Bum;Yi, Kwang-Keun
    • Journal of KIISE:Software and Applications
    • /
    • v.36 no.7
    • /
    • pp.590-606
    • /
    • 2009
  • We present a static analyzer that detects memory leaks in C programs. It achieves relatively high accuracy at a relatively low cost on SPEC2000 benchmarks and several open-source software packages, demonstrating its practicality and competitive edge against other reported analyzers: for a set of benchmarks totaling 1,777 KLOCs, it found 332 bugs with 47 additional false positives (a 12.4% false-positive ratio), and the average analysis speed was 720 LOC/sec. We separately analyze each procedure's memory behavior into a summary that is used in analyzing its call sites. Each procedural summary is parameterized by the procedure's call context so that it can be instantiated at different call sites. What information to capture in each procedural summary has been carefully tuned so that the summary should not lose any common memory-leak-related behaviors in real-world C program. Because each procedure is summarized by conventional fixpoint iteration over the abstract semantics ('a la abstract interpretation), the analyzer naturally handles arbitrary call cycles from direct or indirect recursive calls.