• Korean Security Journal
• /
• no.9
• /
• pp.201-235
• /
• 2005

This study is designed to contribute for development of Private Security Business by fact-finding in instruction and training of private security guard serviced in this realm and domestic and foreign guard service and modeling effective and rational instruction and training program based on drawn problem. For this study, basically I collected and analyzed documents, theses, and papers of the inside and outside of the country. For practical use of data, I used materials of private security related institutes and police agency. And for private security educating training programs of the inside and outside of the country, I collected materials on internet, and with the help of police agency and interpol. For korean private security company's educating training programs, I made a study with the interview of private security company's businessmen. This study's conclusion is as follows. In a domestic private security enterprise, when set theory instruction minimize instruction and training program and must set up instruction and training program as practical affairs center enemy instruction, and theory instruction must be composed for instruction me that it is connected to practical affairs instruction too. The instruction course of private security guard instruction and training program composed with a security outline, a security plan, an information-gathering, civilian expenses, a security way, terror and terrorism, a related law, security trial, electronic security, a security analysis technique, company introduction, instruction and training program about a professional tube with theory instruction. Practical affairs instruction composed with the selection and a preventive security, close contact attendance security, vehicle security, security driving the security martial arts and self-protection liquor, first aid, security equipment, a gun and shooting, a security protocol, customer satisfaction, facilities security and expenses, a fire fighting instruction, teamwork training, explosive and a dangerous substance, physical strength, a documentation practical affairs, service, instruction and training program about foreigh language instruction.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.250-253
• /
• 2017

최근 급증하는 보안 침해 사고와 함께 보다 다양해지고 있는 해킹 기법들에 대한 대응책 마련이 논의되고 있다. 기업의 내부 인프라 자산 보호를 위해 조치를 취할 수 있는 기본적인 1차 대응책으로 네트워크 계층에서의 방어에 대한 중요성이 대두되고 있다. 본 논문에서는 일반 공중망(Public Network)과 분리된 가상의 사설망(VPN: Virtual Private Network)을 구현함으로써 기존의 VPN 모델보다 보안성이 뛰어나며 저렴한 비용으로 외부에서의 접근 및 스누핑(Snooping) 공격과 같은 보안위협에 대비할 수 있는 VPN 모델을 구축하여 실제 현업 망에서의 적용 가능성을 도출하고자 한다.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.6
• /
• pp.625-630
• /
• 2010

With regard to the examples of establishing various sorts of information security, it can be seen that there are gradual, developmental procedures including Firewall and VPN (Virtual Private Network), IDS (Intrusion Detection System), or ESM(Enterprise Security Management). Each of the security solutions and equipments analyzes both defense and attack for information security with the criteria of classifying the problems of security policies by TCP/IP layers or resulted from attack patterns, attack types, or invasion through specialized security technology. The direction of this study is to examine latency time vulnerable to invasion which occurs when L2-stratum or lower grade equipments or policies are applied to the existing network through TCP/IP layer's L3-stratum or higher grade security policies or equipments and analyze security holes which may generate due to the IP preoccupation in the process of establishing policies to limit particular IP area regarding the policies for security equipments to figure out technological problems lying in it.

• Korean Security Journal
• /
• no.20
• /
• pp.179-198
• /
• 2009

This study aims to find out what affects on performance of private security service guards' duty regarding the security service martial arts. To achieve its goal, object of this study was set as private security service guards of private security service enterprise. Here are some conclusions that have been found. First of all, it was revealed that Hapgido, Judo, Taekwondo, kumdo and fencing are in order of the martial arts that help security service the most. Second, the relation of the ability to perform private security service guards' duty between the security service martial art of security guards and the types of them appeared that ones who had been trained were found to be more affirmative than ones who had not, and showed a significant difference. On the other hand, there was no significant difference found on the type of performance of private security service guards' duty. However, ones with a longer career seemed to be more affirmative on the side of work quality and duty, and it also showed a significant difference statistically. complishment relation between the security service martial art of security guards and the types of them appeared that ones who had been trained were found to be more affirmative than ones who had not, and showed a significant difference. Seventh, the relation of mental and the types of them appeared that ones who had been trained were found to be more affirmative than ones who had not, and showed a significant difference. On the other hand, there was no significant difference found on the type of performance of private security service guards' duty.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.109-121
• /
• 2002

As the development of information technology and thus the growth of security incidents, there has been increasing demand on developing a system for centralized security management, also known as Enterprise Security Management(ESM), uniting functions of various security systems such as firewall, intrusion detection system, virtual private network and so on. Unfortunately, however, developers have been suffering with a lack of related standard. Although ISTF recently announced firewall system and intrusion detection system log format, it still needs for truly efficient ESM further development of the related standard including event and control messaging. This paper analyses ISTF standard and further suggests an additional event and control messaging standard for firewall and intrusion detection systems. It is expected that this effort would be helpful for the development of ESM and further related standard.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1435-1447
• /
• 2015

Finance Companies are operating a security solution such as E-DRM(Enterprise-Digital Right Management), Personal information search, DLP(Data Loss Prevention), Security of printed paper, Internet network separation system, Privacy monitoring system for privacy leakage prevention by insiders. However, privacy leakages are occurring continuously and it is difficult to the association analysis about relating to the company's internal and external distribution of private document. Because log system operated in the separate and independent security solutions. This paper propose a systematic chains that can correlatively analyze business systems and log among heterogeneous security solutions organically and consistently based on security documents. Also, we suggest methods of efficient detection for Life-Cycle management plan about security documents that are created in the personal computer or by individual through the business system and distribution channel tracking about security documents contained privacy.

• Disaster and Security
• /
• v.5 no.1
• /
• pp.93-100
• /
• 2015

Although many years passed since 'The Legislative bill on the support of voluntary activities of enterprises for disaster reduction'(hereinafter referred to as 'enterprise disaster reduction act') has been first enacted in 2007, BCMS is still not activated in our society. In contrast, after 911 Terror, importance of BCM is getting magnified and standardization research & institutionalization i s a lso proceeding i all over world. Lately, Disaster preventing activities is urgently needed like the sinking of 'Sewol ferry'. So the purpose of this paper is proposed for establishment of 'BCMS' and activation of the certificate system for Best-Run Business by analyzing the problem of 'enterprise disaster reduction act' and weak of activation as following. First, propel changing the policy of self-regulated participation to mandatory about the certificate system for Best-Run Business from public entity to government ministry and it is able to activate by propelling demo business of the certificate system for Best-Run Business. Second, public entity that has been given the certificate system for Best-Run Business by affiliating with Disaster Management Assessment of government management can be exempted from Disaster Management Assessment or those entity can arrange for connectivity acquisition method of 'Excellent rate'. Third, to publicize the activation of the law mentioned above, makes public entity r ecognizable by incorporating 'BCMS' into National safety management plan and establishment of National critical infrastructures security plan. Fourth, it should be reviewed to improving the related act regarding to inclusion of public organizations as well as private enterprises.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.765-773
• /
• 2006

In ubiquitous environment, private enterprise or public institution's privacy data are sometimes exposed to hackers because of the lack of the sense of information security. We apply secret sharing scheme to solve the privacy problems. But, the existing secret sharing scheme are not suitable for the management of large a quantity of data because that required operation of large capacity. In this paper, We propose new secret sharing scheme for privacy data management. Our scheme makes high-speed operation possible, and it also allows for set weight for each secret pieces depending on weight of participants. The scheme proposed in this paper makes it efficient to collect and manage secure privacy data in ubiquitous environment.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.55-63
• /
• 2016

SOA(service oriented architecture) based ESB(enterprise service bus) model is widely adopted in many companies for the safe processing of enormous data and the integration of business system. The existing web service technologies for the construction of SOA, however, show unsatisfactory in practical applications though the standardization of web service security technologies is in progress due to their limitations in safe exchange of data. Internal end users using a large business system based on such environment are composed of the variety of organizations and roles. Companies might receive more serious damage from insider threat than that from external one when internal end users get unauthorized information beyond the limits of their authority for private profit and bad purposes. In this paper, we propose a security architecture capable of identifying and coping with the security threats of web service technologies arouse from internal end users.

• Journal of the Korean Society of Safety
• /
• v.32 no.4
• /
• pp.122-128
• /
• 2017

Recently, accidents such as human accidents are increasing rapidly due to natural disasters and changes in social conditions due to abnormal weather. As a result, damage has been causing massive damage unlike the past. In the case of small and medium enterprises excluding financial institutions and big company, there is no system for prevention and restoration for stable operation from various risks such as human and natural disasters. As the current disaster continues, public and private companies have raised the need for BCM, and with the introduction of the ISO22301 certification system, the company has been establishing and operating Enterprise Disaster Management Standards in the Ministry of Public Safety and Security since 2007. However, in most SMEs, it is hard to bear the input of internal labor and investment cost, and there is a lack of personnel with expertise to conduct BCM diagnosis. Therefore, in this paper, we will study the diagnosis level of enterprise continuity plan which is commonly used in Korea and abroad. Based on this, we will study the BCM system diagnosis method which can be applied to small and medium enterprises in Korea efficiently.