• Convergence Security Journal
• /
• v.3 no.3
• /
• pp.59-66
• /
• 2003

In this paper the CORBA security services is designed and implemented conforming to the CORBA Security Services Specification. We implemented a Security Information Management system for object-oriented distributed systems based onthe CORBA (Common Object Request Broker Architecture) Security specification baseed on Repository.

• Korean Security Journal
• /
• no.8
• /
• pp.155-196
• /
• 2004

In the 1970th, Security industry in Korea based auxiliary measures for confrontation about increase of a crime by Industrialization and Urbanization. However, This based growth of 1980th - 1990th Security industry, On the Study consider expansion step of Security industry in Korea with classification policing conditions in the 1970th and Security Law in the 1976th. In the 1976th, Security industry in Korea play an important part by maintenance of social order and inspire 'Security of one's own accord' into the hearts of the people.

• The Journal of Society for e-Business Studies
• /
• v.4 no.2
• /
• pp.197-208
• /
• 1999

With developing computer and communication technologies, the concept of CALS system has been popular not only to military but also to commercial industries. The security problem is one of the most critical issues to construct CALS infrastructure. The CALS system needs some security functions such that data confidentiality, integrity, authenticity, availability, and non-repudiation. This paper proposes a security architecture model in CALS. The security architecture model is composed of 5 submodels such that network security model, authentication and key management model, operation and audit model, integrated database security model, and risk analysis model.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1995.11a
• /
• pp.41-47
• /
• 1995

This research suggests a criterion, security quality, which is a unifying principle in computer network security that has the lack of a unifying principle. The security quality includes secrecy, integrity, recording, and availability among the factors that represent the security evaluation of the computer system. So, we defined the security quality, which is a basis for determining the security level, as the grand total of evaluation about each factor.

• The Journal of Society for e-Business Studies
• /
• v.25 no.3
• /
• pp.109-130
• /
• 2020

Recently, the importance of research and development for technological innovation is increasing. The rapid development of research and development has a number of positive effects, but at the same time there are also negative effects that accelerate crimes of information and technology leakage. In this study, a research security level measurement model was developed that can safely protect the R&D environment conducted at the organizational level in order to prepare for the increasingly serious R&D result leakage accident. First, by analyzing and synthesizing security policies related to domestic and overseas R&D, 10 research security level evaluation items (Research Security Promotion System, Research Facility and Equipment Security, Electronic Information Security, Major Research Information Security Management, Research Note Security Management, Patent/Intellectual Property Security Management, Technology Commercialization Security Management, Internal Researcher Security Management, Authorized Third Party Researcher Security Management, External Researcher Security Management) were derived through expert interviews. Next, the research security level evaluation model was designed so that the derived research security level evaluation items can be applied to the organization's research and development environment from a multidimensional perspective. Finally, the validity of the model was verified, and the level of research security was evaluated by applying a pilot target to the organizations that actually conduct R&D. The research security level evaluation model developed in this study is expected to be useful for appropriately measuring the security level of organizations and projects that are actually conducting R&D. It is believed that it will be helpful in establishing a research security system and preparing security management measures. In addition, it is expected that stable and effective results of R&D investments can be achieved by safely carrying out R&D at the project level as well as improving the security of the organization performing R&D.

• Journal of the Society of Disaster Information
• /
• v.10 no.4
• /
• pp.536-547
• /
• 2014

With the changing safety services and social order systems accompanied by the economic development and changing public security environment since the Chinese economic reform, the security service industry in China is growing daily and related problems are increasing. For the Chinese security service market to be activated, the monopoly of security services by the public security agencies must be removed. In addition, the research and development, expansion, and applications of safety and crime prevention technologies regarding the safety and protection of exhibition, sales, culture, sports, commerce activities, combinations of safety technologies and crime prevention processes, the provision of relevant technical operations, and the expansion of security service areas are required. Furthermore, the administration rights, property rights, and business management rights of security companies must be separated, the security headquarters must be integrated and coordinated for optimization of various resources solely by market needs, and their rights and affiliation relations must be clear. Besides, the competitiveness of security companies in the security service market must be enhanced by unifying the business management, and optimizing and sharing their resources. The security service ordinances of China that have been implemented now must be applied realistically, methods to activate the true market economy for security services must be researched, and various ordinances related to security services must be realigned in line with the characteristics of security services. Finally, for the mutual cooperation system between public and private security services, the public security agencies must acknowledge the importance of private security services and the status of security service providers in crime prevention and social order maintenance. They must establish partnership relations with each other beyond the unilateral direction and management system for security services and drive with positive attitudes the security service industry which is still in its infancy.

• The KIPS Transactions:PartC
• /
• v.9C no.6
• /
• pp.823-830
• /
• 2002

Enterprise security management system proposed to properly manage heterogeneous security products is the security management infrastructure designed to avoid needless duplications of management tasks and inter-operate those security products effectively. In this paper, we propose the model of generalized security policies. It is designed to help security management build invulnerable security policies that can unify various existing management infrastructures of security policies. Its goal is not only to improve security strength and increase the management efficiency and convenience but also to make it possible to include different security management infrastructures while building security policies. In the generalization process of security policies. we first diagnose the security status of monitored networks by analyzing security goals, requirements, and security-related information that security agents collect. Next, we decide the security mechanisms and objects for security policies, and then evaluate the properness of them on the basis of security goals, requirements and a policy list. With the generalization process, it is possible to integrate heterogeneous security policies and guarantee the integrity of them by avoiding conflicts or duplications among security policies. And further, it provides convenience to manage many security products existing in large networks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.729-741
• /
• 2018

On June 24, 2015, the Financial Services Commission (Financial Services Commission) completely abolished the security review process, and said that it would substitute self-security review obligations with self-security reviews. Security officials at financial institutions conduct security reviews based on CIA security grade when they conduct security reviews for secure electronic financial transactions. However, the recent security review for Internet and mobile electronic financial transactions has carried out a security review, either by checking separate processes or by referring to new technologies and data related to security. This paper proposes the CIAAP security gradesl with the addition of certification and privacy protection indicators to the CIA based security grades, especially through the security review of electronic financial transactions.

• Journal of the Korea Convergence Society
• /
• v.6 no.4
• /
• pp.33-40
• /
• 2015

According to arriving convergence environment which can create new value-added converged between industry and ICT technology, It has made economic growth and improve the quality of life. However this convergence environment provide not only advantage but also various security problems resulting from generating converged security threats. For resolving this security problem, we need to approach to security problem in the integrated view not the fragmentary view which cover only technical approach. So This study developed security governance framework which can manage trustful security governance in multidimensional view which cover strategy, managerial/operational and technical view. Therefore this framework can construct trustful security management system which can help top management team to engage in security management directly and organizational member to perform security activities and have responsibility for themselves as suggesting single standard for security management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.69-79
• /
• 2013

Recently, many enterprises are suffering from advanced types of malware and their variants including intelligent malware that can evade the current security systems. This addresses the fact that current security systems have limits on protecting advanced and intelligent security threats. To enhance the overall level of security, first of all, it needs to increase detection ratio of each security solution within a security system. In addition, it is also necessary to implement internetworking between multiple security solutions to increase detection ratio and response speed. In this paper, we suggest a collaborative security response method to overcome the limitations of the previous Internet service security solutions. The proposed method can show an enhanced result to respond to intelligent security threats.