• Journal of Information Technology Services
• /
• v.12 no.4
• /
• pp.187-204
• /
• 2013

In this study, we developed a comprehensive model to measure the National Information Security Level based on PRM framework. The proposed model reflected a rapidly changing technology environments such as social network service, mobile devices, and etc. This new model consists of three layers:Infrastructure Layer, the Action Layer and the Performance Layer, and there are 16 sub-indexes under the 3 layers. To develop new model and sub-indexes for measuring the National Information Security Level, much amounts of documents related to security indexes or deliberation criteria and security guidelines from international organization were reviewed and then most probable index pool were composed. The Index pool were verified by expert group consisting of professors and specialists. Through five times of screening and having an evaluation review, 16 sub-indexes were deduced and then Delphi and AHP have been conducted to obtain validity and objectiveness of the indexes. Thus the new proposed national information security index will show more exact national information security level and we expect that the indexes give much implications for establishing information protection policy.

• International Journal of Computer Science & Network Security
• /
• v.22 no.5
• /
• pp.284-288
• /
• 2022

The article analyzes the regulations of current criminal law, which ensures the protection and protection of information relations, offers the optimal model of the system of norms of the Criminal Code of Ukraine, which establishes liability for violation of information. The subject of the article is protected information, which should include information or data, the procedure for access to and distribution of which, regardless of the method of submission, storage or organization, are subject to legal regulation in accordance with laws and regulations. For the purposes of criminal law, information as an object of criminal law protection should be classified on the following grounds: depending on the content: personal or family secrets; information constituting a state secret; data included in the official secret; information that constitutes a professional secret; information that constitutes a commercial, tax, banking secret, and, depending on the medium - documented and undocumented.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.2
• /
• pp.73-86
• /
• 2016

The purpose of this study is to examine a security investment for firms experienced in confidential information leak. Information security is an apparatus for protection of secret information. The competence of information security is a competitiveness to avoid information leakage in changing business environment. The type of information security is divided into administrative security, technical security and physical security. It is necessary to improve the incident correspondence competence through information security investment of the three types. Therefore, the investment of information security is to enhance information-asset protection of firms. To reinforce accident response competence, an organization discussed an establishment, security technology development, expand investment and legal system of the security system. I have studied empirically targeting the only information leak of firms. This data is a technical security competence and technology leakage situation of firms happened in 2010. During recovery of the DDos virus damage on countries, company and individual, the collected data signify a reality of information security. The data also identify a security competence of firms worrying information security management. According to the study, the continuous investment of information security has a high competence of accident correspondence. In addition, the most of security accidents showed a copy and stealing of paper and computer files. Firm on appropriate security investment is an accident correspondence competence higher than no security investment regardless of a large, small and medium-sized, and venture firm. Furthermore, the rational security investment should choose the three security type consideration for firm size.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.3 no.4
• /
• pp.210-220
• /
• 2008

Insider threat is becoming a very serious issue in most organizations and management is responsible for security implementation. This study is to develop a personnel security management indicators in the areas of Personnel Assurance, Personnel Competence, and Security Environment and protection against insider threats. In this study, the information security management system and related papers are examined by reviewing the existing researches and cases. Proposed indicators are verified by pilot test, empirically analyzed to expose experts' perception and the validity, importance, and risk level of each indicators through a questionnaire. Result were encouraging, but additional study focused on personnel security management using factor analysis is needed in the future.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.11
• /
• pp.5588-5613
• /
• 2018

Virtualization technology has been widely applied in the area of computer security research that provides a new method for system protection. It has been a hotspot in system security research at present. Virtualization technology brings new risk as well as progress to computer operating system (OS). A multi-level perception security model using virtualization is proposed to deal with the problems of over-simplification of risk models, unreliable assumption of secure virtual machine monitor (VMM) and insufficient integration with virtualization technology in security design. Adopting the enhanced isolation mechanism of address space, the security perception units can be protected from risk environment. Based on parallel perceiving by the secure domain possessing with the same privilege level as VMM, a mechanism is established to ensure the security of VMM. In addition, a special pathway is set up to strengthen the ability of information interaction in the light of making reverse use of the method of covert channel. The evaluation results show that the proposed model is able to obtain the valuable risk information of system while ensuring the integrity of security perception units, and it can effectively identify the abnormal state of target system without significantly increasing the extra overhead.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.1
• /
• pp.71-81
• /
• 2009

To the cause of the development of IT technology and the Internet, information leakage of industry is also facing a serious situation. However, most of the existing techniques to prevent leakage of information disclosure after finding the cause of defense. Therefore, in this paper by adding information about the Hardware to offer a way to protect the information. User authentication information to access the data according to different security policies to reflect a little more to strengthen security. And the security agent for the data by using a log of all actions by the record was so easy to analyze. It also analyzes and apply the different scenarios possible. And the analysis of how to implement and how to block. The future without the use of security agents to be able to control access to data and H/W information will be updated for the study will be done.

• Annual Conference of KIPS
• /
• 2015.10a
• /
• pp.634-636
• /
• 2015

As the expansion of enterprise scale and the increase of staff, the amount of terminal is increasing as well. It is very difficult to the system manager of traditional data protection scheme to manage and maintenance for the large number of terminals. This problem can be solved by desktop virtualization, which use traditional security problems still exist and new security problems occur at the same time. Using desktop virtualization, it needs a method of automatic security protection. In this paper, the desktop virtualization security requirements are discussed.

• Korean Security Journal
• /
• no.16
• /
• pp.161-187
• /
• 2008

The purpose of this study is to suggest a development method of current Korean security system by analyzing the problems shown in the performance of security work in relation to the terrorism, which is enlarging in the word, from various aspects. In order to perform the study, the researcher considered the basic theory concerned to current Korean law concerned to security, principle and methodology of security, terror and new terrorism. The researcher performed the study by selecting qualitative case study focused on Park Geun-Hye case. Through the study, the methods to develop Korean security system are as follows. First, from the legal aspect, it is necessary to establish the law concerned to terrorism prevention and important person security. Moreover, it is necessary to search for the development of private security by revising Security Industry Act, which is a legal ground of private security. Second, it is necessary to improve and reinforce education & training program, which is not still divided in detail from the aspect of private security cultivation. Moreover, it is necessary to activate personal protection work and enlarge market through Security Industry Act and make an effort to change social recognition over security, which is devaluated in the society. From the viewpoint, national license about private security shall be adopted. The department of president security, which is a representative of official security, shall transfer the advanced technology to private security organization. Third, from the aspect of operation, the operation of security based on SCE principle, human shield principle, the nearest person's protection principle, body extension principle, linear protection principle and evacuation priority principle is required. Therefore, the priority shall be given to preventive security and thorough security plan shall be made for the operation.

• Proceedings of the Korean Institute of IIIuminating and Electrical Installation Engineers Conference
• /
• 2004.11a
• /
• pp.375-380
• /
• 2004

This paper presents the basic quench protection idea for the HTS(High-Temperature Superconducting) cable. In Korea power system, the transfer capability of transmission line is limited by the voltage stability, and HTS cable could be one of the countermeasure to solve the transfer limit as its higher current capacity and lower impedance[1]. However, the quench characteristic of HTS cable makes HTS cable to loss its superconductivity, and therefore change the impedance of the line and power system operating condition dramatically. This pheonominum threats not only HTS cable safety but also power system security, therefore a proper protection scheme and security control counterplan have to be established before HTS cable implementation. In this paper, the quench characteristics of HTS cable for the fault current based on heat balance equation was established and a proper protection method by FCL(Fault Current Limiter) was suggested.

• Journal of Electrical Engineering and Technology
• /
• v.9 no.6
• /
• pp.1864-1872
• /
• 2014

Maloperation of protective relays is one of the major causes for cascading tripping in WANS. Another line trip followed by a previous line trip may occur due to overloading of the line, because of the load redistribution or unwanted trip of a backup relay due to change in the flow of fault current. Evaluation of each line is required by considering both of these effects. A new index named Line Security Index (LSI) is proposed in this paper which combines both Vulnerability Index (VI) and Protectability Index (PI) to completely evaluate the security of individual lines and their importance in the power grid. Computer simulations have been performed on the Korean power grid data to establish the feasibility of the proposed idea.