• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.3
• /
• pp.525-532
• /
• 2013

Recently. smartphones have been popularized rapidly and now located deep in our daily life, providing a variety of services from banking, SNS (Social Network Service), and entertainment to smart-work mobile office through apps. Such smartphone apps can be easily downloaded from what is known as app store which, however, bears many security issues as software developers can just as easily upload to it. Military apps will be exposed to a myriad of security threats if distributed through internet-basis commercial app store. In order to mitigate such security concerns, this paper suggests a security guidelines for establishing a military-excusive app store and security verification system which prevent the security hazards that can occur during the process of development and distribution of military-use mobile apps.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.7 no.2
• /
• pp.199-208
• /
• 2017

IoT, Cloud, Bigdata, Mobile, AI, and 3D print, which are called as the main axis of the 4th Industrial Revolution, can be predicted to be changed when the technology is applied to the military. Especially, when I think about the purpose of battle, I think that IoT, Cloud, Bigdata, Mobile, and AI will play many role. Therefore, in this paper, Smart Military is defined as the future military that incorporates these five technologies, and the architecture is established and the appropriate information security model is studied. For this purpose, we studied the existing literature related to IoT, Cloud, Bigdata, Mobile, and AI and found common elements and presented the architecture accordingly. The proposed architecture is divided into strategic information security and tactical information security in the Smart Military environment. In the case of vulnerability, the information security is divided into strategic information security and tactical information security. If a protection system is established, it is expected that the optimum information protection can be constructed within an effective budget range.

• Journal of the military operations research society of Korea
• /
• v.37 no.1
• /
• pp.71-85
• /
• 2011

The most important factors of Electronic approval system of battle management system are availability and reliability. Therefore, the electronic approval system uses a SAN(storage area network) to construct the reliable server and storage. In this paper, we analyze the security vulnerabilities of the SAN storage that stores the critical military information in the electronic approval system of battle management system. Based on the analysis, we verify the possibility of information leakage by the inside attackers through the scenario-based experiment. And we finally propose a new storage encryption algorithm on the basis of user's role that can prevent the leakage of information by the inside attackers.

• Journal of Multimedia Information System
• /
• v.7 no.1
• /
• pp.55-72
• /
• 2020

As the IT service environment grows, it is critical in terms of IT service quality to minimize the occurrence of failures due to changes in applications and to diagnose and recover in a short period of time how failure will affect the business. Thus, the Defense Acquisition Program Administration (DAPA) has been building and operating ITSMs to implement IT service management in a leading manner. Information Technology Service Management (ITSM) is divided into events, obstacles, changes, versions and setup management to ensure flexibility and stability in service delivery. It is also operated separately from service level, availability, capacity, financial and IT service continuity management to ensure service quality and cost efficiency. Based on ITSM military service history, this study looks at the impact of quality of service on value, satisfaction, and trust. The results of the analysis are highly valuable for future ITSM implementation and operation.

• Journal of Information Technology Services
• /
• v.12 no.4
• /
• pp.77-90
• /
• 2013

As Cyber threats are rising, the scope of information Security (IS) is extending from technical protection of a single information system to organizational comprehensive IS capability. The ministry of National Defense (MND) has established the IS evaluation for defense organization in 'the Directive for Defense Informatization Affairs.' However, no information about an evaluation method, process and organization is provided. We surveyed information security management system (ISMS) and related best practices in public sector and other countries, and analysed the military information security affairs. Thus, this paper recommends the IS evaluation method and process. The trial IS evaluation is in progress this year and the MND will expand this IS evaluation to the entire organization.

• Convergence Security Journal
• /
• v.20 no.5
• /
• pp.75-80
• /
• 2020

Damage caused by ransomware has continued to increase since last year, but cyber operations are managed without any separate classification of ransomware types in the military's guidelines for carrying out cyber operations. However, unlike other malware, ransomware is a threat that could paralyze all defense operations in one moment, and the military should reevaluate ransomware and take countermeasures. Accordingly, this paper aims to analyze the assets, vulnerabilities, and threats related to defense information service based on information security risk management, and propose alternatives to ensure continuity of defense work from ransomware threats.

• Journal of National Security and Military Science
• /
• s.8
• /
• pp.421-465
• /
• 2010

Passwords are used in many ways to protect data, systems, and networks. Passwords are also used to protect files and other stored information. In addition, passwords are often used in less visible ways for authentication. In this article, We provides recommendations for password management, which is the process of defining, implementing, and maintaining password policies throughout an enterprise. Effective password management reduces the risk of compromise of password-based authentication systems. Organizations need to protect the confidentiality, integrity, and availability of passwords so that all authorized users - and no unauthorized users - can use passwords successfully as needed. Integrity and availability should be ensured by typical data security controls, such as using access control lists to prevent attackers from overwriting passwords and having secured backups of password files. Ensuring the confidentiality of passwords is considerably more challenging and involves a number of security controls along with decisions involving the characteristics of the passwords themselves.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.49-58
• /
• 2022

As military service members are fully permitted to use mobile phones for sickness after work, it is time to minimize the direct collection of personal information from telecommunication companies when opening mobile phones to secure the safety of military service personnel's personal information. Prior to introducing the use of mobile phones by soldiers after work, the Ministry of National Defense established a security control system such as blocking the mobile phone shooting function to prevent security accidents and concerns about some adverse functions such as illegal cyber gambling, game addiction, and viewing pornography. come. Mobile telecommunications companies entrust personal information processing tasks, such as opening mobile phones, to telecommunications agencies and carry out management and supervision, such as checking the status of personal information protection measures. When a military service member opens a mobile phone, a personal information management agency is newly established using the right to portability of personal information, and a system for requesting the transmission of personal information from the military service member is proposed.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.7 no.2 s.17
• /
• pp.65-73
• /
• 2004

In general, weapon system design/configuration data consist of system structure information which is linked to Part information, documents and drawings. For configuration management, version and revision control are necessary and access control of users to information should be managed for information security. Configuration data of weapon systems have various kinds of different meta data which are contained in the structure as well as attributes of parts and documents information. If neutral types of meta data models be used for building configuration management system, they can be applied to many different kinds of weapon systems with a little customization. In this paper, five meta data models are supposed and implementation results of them by using CBD(component based design) methodology are presented.

• Journal of Information Processing Systems
• /
• v.16 no.2
• /
• pp.246-260
• /
• 2020

IT Service Management (ITSM) achieves consolidated management for the IT services supporting the acquisition system, and no outside connections can be established with such ITSM. Issues pertaining to the D2B can be addressed to System Q&A or a Call Center for problem-solving. In other words, internal staff can take the necessary measures for problems by directly connecting with ITSM. Currently, diverse innovative technologies are being used in electronics and ubiquitous computing environments. This allows us to create a better world by providing the backbone for remarkable development in our human society in the fields of electronics, devices, computer science, and engineering. Following the expansion of IT services in the military acquisition sector such as Defense Electronic Procurement, military export/import support system, etc., customers' dependence on IT for conducting business with the military or related companies is increasing, including the military's dependence on the same technology for services to the public. Nonetheless, issues pertaining to the simplified/integrated management of complex IT service management systems, including slow system recovery, lack of integrated customer service window, and insufficient information sharing, have become the priority problems that IT managers are required to solve. Therefore, this study conducted research on the integrated management of IT services provided by Korea's national defense acquisition system, which was developed based on the existing system IT Infrastructure Library (ITIL) v2, and investigated the level of satisfaction with services with focus on ensuring that it can be used for understanding the necessity of the system and its advancement in the future.