• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.693-696
• /
• 2013

Information protection system (Information protection system)-based IT environment built popularity in public agencies and businesses take advantage of the resources for the integration of the information system one essential environment began to recognize, cloud systems (Cloud System), cloud security (Cloud Security), big data (Big Data), big data security (Big Data Security), industrial security (Security Industry), as well as the issue. Due to the influence of these information protection system (Information protection system) in response to my external security threats based on the analysis plan. In this paper, data protection systems (Information protection system), resulting in the introduction, there are a number of security threats and particularly industrial security aspects and internal and external security threats in response by lighting about aspects of the plan is based on knowledge.

• Journal of Convergence for Information Technology
• /
• v.8 no.6
• /
• pp.117-122
• /
• 2018

In this paper, we review the security issues reported by the organizations every year and analyze the similarities and differences with the concerns that the practitioners engaged in the IT environment are concerned about the necessary security matters. Interviews and questionnaires were collected for practitioners working in various IT work environments such as government agencies, financial companies, general companies, airlines, etc. to gather their opinions on the concerns of future information security. We analyzed the collected opinions and derived key keywords. The results should be compared with the security issue keywords or statistical data reported by the security companies or related organizations in the first half and the second half of each year to find common security trends and to analyze the differences and supplement them I checked whether there was any danger. We will comprehensively analyze key security issues reported by security companies and information security related organizations and future security concerns predicted by IT practitioners to prepare for the security threats of the current era of the fourth industrial revolution.

• Journal of Korea Multimedia Society
• /
• v.19 no.5
• /
• pp.918-923
• /
• 2016

IoT should be considered security risk environments such as various platforms and services including smart devices that can be mounted on household electric appliances, healthcare, car, and heterogeneous networks that are connected to the Internet, cloud services and mobile Apps.. In this paper, we provide analysis of new security threats, caused by open-platform of IoT and sensors via the Internet. Also, we present the key recovery mechanism that is applied to IoT. It results to have compatibility with given research, reduces network overhead, and performs key recovery without depending on key escrow agencies or authorized party.

• Proceedings of the KSR Conference
• /
• 2005.11a
• /
• pp.558-568
• /
• 2005

There are two kinds of police authorities in Korea. One is the Special Judicial Police, under the authority of the Ministry of Construction and Transportation, charged with maintenance of public order on trains, in stations and other places of business operated by the Korea Railway Corporation. The other is the Local Subway Police, belonging to the Local Police Agencies, whose jurisdiction covers trains, station and other areas managed and operated by local governments. The existence of two separate entities for common objective of railway security has given rise to problems including inefficiency in performance and lack of technical knowledge and synergic effects. This study looks at the need for resolving those problems by restructuring and expanding the Special Judicial Police to bring railway security under a single authority and an integrated railway security systems operation.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.748-750
• /
• 2015

지식 정보화 사회의 진입으로 인해 다양한 분야에 걸쳐 핵심기술을 보유하게 됨에 따라 국가경쟁력이 강화되어지고 있다. 국가경쟁력이 강회되어짐에 따라 중요 산업정보나 핵심기술이 발생하였으며 이러한 핵심 산업정보를 지키는 것이 매우 중요해졌다. 이에 따라 정부에서 이러한 산업자산을 보호하기 위해 산업보안 관련 부서를 구성하여 다양한 산업보안활동을 수행하고 있다. 하지만 아직 산업보안의 개념 및 학문의 정체성이 확립되어지지 않아 제대로 된 산업보안 활동이 수행되어지지 않고 있다. 본 연구에서는 정부기관의 산업보안활동을 비교/분석하려고 한다. 그리고 산업보안 개념 분석을 통해 정부기관의 올바른 산업보안활동 방향성을 제언하려고 한다.

• Journal of Convergence Society for SMB
• /
• v.6 no.3
• /
• pp.13-19
• /
• 2016

In various ICBM (IoT, Bigdata, Cloud, Mobile) IT convergence environments, IT technologies have been evolved, new information security threats have been occurred. As information security incidents in major public agencies, financial institutions and companies occurred, it was emphasized that the importance of human security was disclosed. Thus, implementing of information security management system could protect hacks and security breaches and respond quickly to accidents so it minimized the sized of loss. In this paper, comparison of human security controls shown in ISO27001, COBIT, NIST 800-53, K-ISMS, Cyber Security Framework such as the main information security management systems was analyzed, and proposed of the security implications about effective controls of human resources security issues.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.71-76
• /
• 2015

Financial Intelligence Unit Law doesn't include investigation on important cases that could influence the security and existence of the nation that are the core jobs of national intelligence agency. So the agency has a difficulty to investigate the international crime of North Korea and other security incidents. It is also difficult to catch an international crime organization working in Korea. It also produces problems such as difficulty in investigating the illegal leak of strategic materials and investigating people related to illegal funding to international terrorism. So it is urgently needed to revise Financial Intelligence Law as soon as possible. Foreign intelligence agencies use the information of financial intelligence unit in many different ways. National Security Agency of China and Australian Security Intelligence Organization freely use the information of financial intelligence unit based on their own laws and systems. Central Intelligence Agency and Federal Bureau of Investigation of USA and Secret Intelligence Service and Security Service of Britain request financial intelligence units to supply them with the information of financial intelligence unit. But the national intelligence agency of Korea isn't able to approach to FIU and can't share the FIU information with foreign intelligence agencies. To solve the problem, they should revise Financial Intelligence Unit Law so that national intelligence agency can receive or request information from Korean Financial Intelligence Unit.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.133-138
• /
• 2007

As a formal document that expresses a set of security requirements for IT products that meets specific consumer needs in the ISO/IEC 15408(CC, Common Criteria) evaluation, protection profiles are developing by many national agencies and companies recently. Since a protection profile is a criteria for security evaluation when the IT systems and products are introduced, the importance of the protection profile is increasing. However, developing protection profiles are still difficult due to lack of detailed methodology and guidance to analyze security environments or to derive security requirements. In this paper, we analyze foreign instances of developing protection profiles and propose a methodology for deriving security requirements through analyzing the TOE security environment.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.1034-1037
• /
• 2013

ICT infrastructure is electronic control systems or communication network related to national security, public administration, defense, policing, finance. Water resources sector has been building a system of control that can be performed electronically, communications, management, energy, and other work-related. Water resources sector has been a paradigm shift in water management and the control system is integrated into a single network. The control system security vulnerabilities are exposed - other control networks, business networks, linking with outside agencies, etc. Cyber terrorist society can cause a huge mess economically, The importance of security for control systems is becoming. In this paper, ICT infrastructure - the water resources in the field of control systems will analysis security measures.

• Convergence Security Journal
• /
• v.11 no.3
• /
• pp.3-10
• /
• 2011

Recently, due to a series of DDoS attacks, government agencies have enhanced security measures and business-related legislation. However, service attack and large network violations or accidents are most likely to occur repeatedly in the near future. In order to prevent this problem, researches must be conducted to predict the vulnerability in advance. The existing research methods do not state the specific data used for the base of the prediction, making the method more complex and imprecise. Therefore this study was conducted using the vulnerability data used for the basis of machine learning technology prediction, which were retrieved from a reputable organization. Also, the study suggested ways to predict the future vulnerabilities based on the weaknesses found in prior methods, and certified the efficiency using experiments.