• 제목/요약/키워드: Security Management

검색결과 5,474건 처리시간 0.039초

Construction of Security MIB for EDI System

  • Park Tae-Kyou
    • 정보보호학회논문지
    • /
    • 제8권1호
    • /
    • pp.23-37
    • /
    • 1998
  • This paper considers the design and management of security MIB for EDI system. EDI system has to establish various securety wervices and mechanisms to protect against security threats. Hence, the EDIsystem requires appropriate security management to monitor and control the security obhects for its security services and mechanisms. In this paper, I identify security objects for management of secueity services defined in the EDIsystem, and propose the design of a security MIB and describe the use of SNMPnetwork management protocol in its management.

전사적 정보보호 아키텍처에 근거한 금융 정보보호 모델 설계 (Design of Financial Information Security Model based on Enterprise Information Security Architecture)

  • 김동수;전남재;김희완
    • 디지털산업정보학회논문지
    • /
    • 제6권4호
    • /
    • pp.307-317
    • /
    • 2010
  • The majority of financial and general business organizations have had individual damage from hacking, worms, viruses, cyber attacks, internet fraud, technology and information leaks due to criminal damage. Therefore privacy has become an important issue in the community. This paper examines various elements of the information security management system and discuss about Information Security Management System Models by using the analysis of the financial statue and its level of information security assessment. These analyses were based on the Information Security Management System (ISMS) of Korea Information Security Agency, British's ISO27001, GMITS, ISO/IEC 17799/2005, and COBIT's information security architecture. This model will allow users to manage and secure information safely. Therefore, it is recommended for companies to use the security management plan to improve the companies' financial and information security and to prevent from any risk of exposing the companies' information.

The Proposal of Security Management Architecture using Programmable Networks Technology

  • Kim, Myung-Eun;Seo, Dong-Il;Lee, Sang-Ho
    • 제어로봇시스템학회:학술대회논문집
    • /
    • 제어로봇시스템학회 2004년도 ICCAS
    • /
    • pp.926-931
    • /
    • 2004
  • In this paper, we proposed security management architecture that combines programmable network technology and policy based network management technology to manage efficiently heterogeneous security systems. By using proposed security management architecture, a security administrator can manage heterogeneous security systems using security policy, which is automatically translated into a programmable security policy and executed on programmable middleware of security system. In addition, programmable middleware that has the features of programmable network can reduce excessive management traffic. We showed that the programmable middleware could reduce the load of management traffic by comparing processing time between the proposed architecture and PBNM architecture.

  • PDF

정보보호 활동이 정보경영성과에 미치는 영향에 관한 실증분석 (Empirical analysis on Information Management Performance Impact of Information Security activities)

  • 손태현;박정선
    • 대한안전경영과학회지
    • /
    • 제17권3호
    • /
    • pp.205-213
    • /
    • 2015
  • This study aims to verify the structural correlation empirically between information security performance and information management performance. To verify the correlation, three factors such as managerial controlled activity, technical controlled activity, and physical controlled activity are divided for the information security activities variable. the security performance are divided into accident prevention and accident response variables. As a result, security organization activity is a unique factor being positively significant to information security and management performance. And three activities such as human security, security training, development security do not affect at all on both information security and management performance.

A Study on the Security Management System for Preventing Technology Leakage of Small and Medium Enterprises in Digital New Deal Environment

  • Kim, Sun-Jib
    • International Journal of Advanced Culture Technology
    • /
    • 제9권4호
    • /
    • pp.355-362
    • /
    • 2021
  • Through the Korean version of the New Deal 2.0, manufacturing-oriented SMEs are facing a new environmental change called smart factory construction. In addition, SMEs are facing new security threats along with a contactless environment due to COVID-19. However, it is practically impossible to apply the previously researched and developed security management system to protect the core technology of manufacturing-oriented SMEs due to the lack of economic capacity of SMEs. Therefore, through research on security management systems suitable for SMEs, it is necessary to strengthen their business competitiveness and ensure sustainability through proactive responses to security threats faced by SMEs. The security management system presented in this study is a security management system to prevent technology leakage applicable to SMEs by deriving and reflecting the minimum security requirements in consideration of technology protection point of view, smart factory, and remote access in a non-contact environment. It is also designed in a modular form. The proposed security management system is standardized and can be selectively used by SMEs.

보안관리수준 평가 체계에 대한 분석 및 개선안 연구 (Research of Improvement, and System of the Information Security Management Evaluation)

  • 민병길;이도훈
    • 융합보안논문지
    • /
    • 제6권4호
    • /
    • pp.101-112
    • /
    • 2006
  • 정보통신시스템에 대한 기술적 보안만으로는 안전한 정보통신시스템 운영을 보장할 수 없다. 따라서, 안전한 정보통신시스템 운영을 위한 정보보안관리시스템(ISMS)에 대한 연구와 표준화가 활발히 전개되고 있다 우리나라는 2005년 "국가사이버안전관리규정"을 제정하고, "국가사이버안전매뉴얼"의 "보안관리 기준"에 의하여 국가 공공기관이 자체적으로 "보안관리수준 평가"를 수행토록 함으로써 체계적인 정보보안관리 활동이 이루어지도록 하고 있다. 본 논문은 관련 표준들과 호주, 미국의 보안관리 체계에 대하여 조사하고, "보안관리수준 평가" 체계를 효율적인 보안관리 측면에서 분석하고, 이를 통하여 "보안관리수준 평가"의 개선방향에 대하여 연구하였다. 기존의 체계에 추가항목(A/C ; Additional Control), 선택적 보안관리 기준(Selective Controls)구성을 도입하고 평가 준비 절차의 개선을 통하여 각 기관에 최적화된 보안관리 기준을 작성할 수 있도록 함으로써, 기관에 적합한 효율적 보안관리의 수행이 가능하고, 급변하는 정보통신 환경에 유연하게 대응할 수 있도록 하였다.

  • PDF

스마트그리드 전력망의 NSM 기반 보안관리시스템 설계 및 구현 (Design and Implementation of NSM based Security Management System in Smart Grid)

  • 장범환
    • 디지털산업정보학회논문지
    • /
    • 제9권3호
    • /
    • pp.107-117
    • /
    • 2013
  • In this paper, we designed the security management system based on IEC 62351-7 in the Smart Grid environment. The scope of IEC 62351-7 focuses on network and system management (NSM) of the information infrastructure as well as end-to-end security through abstract NSM data objects for the power system operational environment. However, it does not exist that security management system based on IEC 62351-7 manages the security of the power system in the Smart Grid environment, because power equipment or SNMP agents providing NSM data do not exist yet. Therefore, we implemented the security management system to manage the information infrastructure as reliably as the power system infrastructure is managed. We expect that this system can perform the security management of IEC 61850 based digital substation and can be a prototype of the security system for the Smart Grid in the future.

A Continuous Evaluation Processes for Information Security Management

  • Choi, Myeonggil
    • Journal of Information Technology Applications and Management
    • /
    • 제23권3호
    • /
    • pp.61-69
    • /
    • 2016
  • Growing information threats have threatened organization to lose information security controls in these days. Many organizations have accepted the various information security management systems does mention necessity of a continuous evaluation process for the executions of information security management in a theoretical aspect. This study suggests a continuous evaluation process for information security management reflecting the real execution of managers and employees in organizations.