• Journal of Digital Convergence
• /
• v.11 no.11
• /
• pp.435-441
• /
• 2013

This paper review about kerberos security authentication scheme and policy for big data service. It analyzed problem for security technology based on Hadoop framework in big data service environment. Also when it consider applying problem of kerberos security authentication system, it analyzed deployment policy in center of main contents, which is occurred in commercial business. About the related applied Kerberos policy in US, it is researched about application such as cross platform interoperability support, automated Kerberos set up, integration issue, OPT authentication, SSO, ID, and so on.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2002.11a
• /
• pp.72-81
• /
• 2002

Management for security product and application is becoming more difficult because they became more specialized. Most of research is focused on combining policies for information security management policy, security standard, and security tools. However, there are no researches for total solution for both application and security policy. Thereby, the purpose of this research is to propose a remote integrated management system based on linux. The system could efficiently manage data update for application and policy update for a server supporting the distinct configuration of each server. By using the remote integrated management system, system manager with poor secure knowledge also could easily manage their system securely.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.89-97
• /
• 2020

Recently, security issues on industrial technology are undergoing rapid changes around the world. Developed countries are establishing response strategies to protect their own core technologies while creating conflicts with global value chains and foreign capital movement. Also in Korea, we are approaching industrial security issues in the mid- to long-term industrial competitiveness. The purpose of this study is to survey on the awareness of the industrial security ecosystem and derive key policy issues. Based on a three round survey, four policies were suggested as followings : systemization of industrial security control tower, enhancement of security company's technical skills and training of security specialists, improvement of technology leakage prevention system through retirement personnel and M&A, reinforcement of research security in R&D process and proactive technology protection. It is hoped that this study will serve as a basis for policy-making as an evidence-based study reflecting the policy demands of industrial security.

• Nuclear Engineering and Technology
• /
• v.51 no.6
• /
• pp.1696-1707
• /
• 2019

This paper conducts a qualitative policy analysis of current challenges to safety culture and security culture in Southeast Asia and emerging best practices in Northeast Asia that are aimed at strengthening both cultures. It analyses lessons, including strengths and limitations, that can be derived from Northeast Asian states, given the long history of nuclear energy in South Korea, China and Japan. It identifies and examines best practices from Northeast Asia's Nuclear Security Centres of Excellence in terms of boosting nuclear security culture and their relevance for Southeast Asia. The paper accentuates the important role of the State in adopting policy and regulatory frameworks and in institutionalising nuclear education and training programmes to deepen the safety-security cultures. Best practices in and challenges to developing a nuclear safety culture and a security culture in East Asia are examined using three frameworks of analysis (i) a comprehensive nuclear policy framework; (ii) a proactive and independent regulatory body; and (iii) holistic nuclear education and training programmes. The paper argues that Southeast Asian states interested in harnessing nuclear energy and/or utilising radioactive sources for non-power applications must develop a comprehensive policy framework on developing safety and security cultures, a proactive regulatory body, and holistic nuclear training programmes that cover both technical and human factors. Such measures are crucial in order to mitigate human errors that may lead to radiological accidents and nuclear security crises. Key lessons from Japan, South Korea and China such as best practices and challenges can inform policy recommendations for Southeast Asia in enhancing safety-security cultures.

• Journal of Convergence for Information Technology
• /
• v.10 no.11
• /
• pp.332-339
• /
• 2020

This study aims to analyze problems and deduce improvement plans for information security support policies for SMEs in Korea. To this end, an effective support policy necessary for reinforcing cyber safety nets to enhance the level of information security of domestic SMEs based on the analysis results by analyzing the status and problems of the previous research review and analysis, the current status of information security of SMEs and the information security support policies of major SMEs at home and abroad. I would like to suggest improvement measures. Reinforcement of awareness, legal basis, voluntary capacity building, joint response system, professional manpower and budget support, cyber security construction, untact era support, and regional strategic industry security internalization were suggested. This can be used as the government's information security support policy to raise the level of information security of SMEs in preparation for the post Covid19.

• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.467-472
• /
• 2002

Recently, Networks are required to adopt the security system and security consulting because of security threats and vulnerabilities of systems. Enterprise Security Management (ESM) is a system which establishes the security zone composed of security systems and Firewalls and applies the security policy to each security system. A relevant ESM is based on the effective policy and the proper security system. Particularly, multiple firewalls in ESM are concerned with the security policy about each traffic. In this paper, we describe the problems that can be occurred when we select the firewalls to apply security policy of access control in ESM composed of multiple firewalls and propose the FALCON algorithm, which is able to select the firewalis to apply the policy. We expect that FALCON algorithm offers stability, scalability and compactness for selecting firewall set.

• Journal of Korea Multimedia Society
• /
• v.23 no.3
• /
• pp.430-439
• /
• 2020

The government of the Republic of Korea has introduced SNI blocking method since February 2019 to block illegal sites. Currently, this policy has been considered as a controversial policy in South Korea therefore, about 270,000 South Koreans have been calmed down by and the presidential office petition because people believe that blocking https by SNI would invasion of privacy and freedom of use of the Internet. As soon as the SNI blocking method was used, the bypass method was opened to the Internet, causing side effects. In this study, identifies the development of Internet blocking technology and the development of new technology that bypasses the technology. It also examines Internet censorship in other countries and identifies problems in blocking technology. Through this study would present policy suggestions and technical methodologies for sound Internet use.

• International journal of advanced smart convergence
• /
• v.7 no.4
• /
• pp.66-74
• /
• 2018

While new information technology advances have made information access and acquisition methods much more diverse and easier, there are side effects that allow illegal access using diverse and high-performance tools. In order to cope with such threats, there are access control methods in database technology, and various studies are being conducted to extend traditional access control to cope with new computing environments. In this paper, we propose an extended access control with uncertain context-awareness. It enables appropriate security policy enforcement even if the contextual constraints specified by the security policy does not match those accompanied by access request query. We extract semantic implications from context tree, and define the argument that can quantitatively measure the semantic difference between two nodes in the context tree. It is used to semantically enforce the security policy, and to prevent the excessive authorization caused by the implication.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.42 no.2
• /
• pp.36-48
• /
• 2019

As the importance of Knowledge Management System (KMS) in the military increases, Republic of Korea Army (ROK Army) developed Army Knowledge Portal. Although the members in the military are encouraged to use the portal, few members currently use it. This study was conducted to find variables to predict the user's intention to use the portal, which contributes to activating the use of Army Knowledge Portal in the army. On the basis of Technology Acceptance Model (TAM), ten variables such as perceived ease of use, general information security awareness, information security awareness, expectation for external rewards, expectation for relationships, sense of self-worth, attitude toward compliance with security policy, attitude toward knowledge sharing, intention of non-combat knowledge sharing, and intention of combat knowledge sharing were considered as independent variables. 105 participants on active duty who currently use or have experience to use the portal participated in this study. The results indicated that general information security awareness and information security awareness increases compliance with the information security policy. In addition, the attitude toward knowledge sharing is enhanced by expectations for relationship and sense of self-worth. Based on the results, the authors propose the need for policy alternatives to reinforce the reward system and security policy, which activates the use of Knowledge Portal Service for ROK Army.

• Convergence Security Journal
• /
• v.18 no.3
• /
• pp.19-25
• /
• 2018

Endpoint security is a method of ensuring network security by thoroughly protecting multiple individual devices connected to the network. In this study, we survey the functions and features of various commercial products of endpoint security. Also we emphasizes the importance of endpoint security to respond to the increasingly intelligent and sophisticated security threats against the cloud, mobile, artificial intelligence, and IoT based sur-connection era. and as a way to improve endpoint security, we suggest the ways to improve the life cycle of information security such as preemptive security policy implementation, real-time detection and filtering, detection and modification.