• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.29 no.4
• /
• pp.142-152
• /
• 2021

The International Civil Aviation Organization (ICAO) and the World Customs Organization (WCO) emphasize securing supply chain security through mutual cooperation between aviation security and customs by establishing a standardized security system by regulations, procedures and practices of international air cargo. Accordingly, in accordance with the Aviation Security Act, the known consignors system aims to secure cargo security before loading air cargo into the aircraft, while the customs AEO system is a public-private cooperation program that focuses on simplification of customs clearance procedures. These systems basically have the same purpose of effectively identifying high-risk cargo through a risk-based approach in international air cargo transportation and preventing risks in advance, and the content that a common basic standard for cargo security must be established is also similar. Therefore, it is necessary to establish a cooperation system by simplifying problems such as cumbersome and redundant authentication procedures and on-site verification through coordination of security requirements for mutual recognition between the two systems. As a result, it is necessary to establish a process for coordinating security and customs' supply chain security program and maximize the effect of harmonizing supply chain security by strengthening the linkage between known consignors and AEO.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.309-327
• /
• 2022

As ICT convergence is progressing in all industrial fields and creating the global ecosystem of the supply chain is accelerating, supply chain risk related with cyber area are also increasing. In particular. the supply chain of ICT products is very complex in terms of technical and environmental factors to be managed, so it is vert difficult to transparently manage the entire life cycle. Accordingly, the US, UK, and EU, etc. are conducting and establishing cyber supply chainsecurity-related research and policies for ICT product supply chains. Korea also has the plan to establish management system to secure the supply chain of major ICT equipment as a task in the basic plan of the national cybersecurity strategy announced in 2019, but there is no concrete policy yet. So, In this paper, we review the cyber supply chain security management system in the United States and present a supplementary way to the National Information Security Manual in Korea from the perspective of cyber supply chain security. It is expected that this will serve as a reference material for cyber supply chain measures that can be introduced in domestic information security field.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.54
• /
• pp.45-80
• /
• 2012

Since the 9.11 terror attack, the event which caused supply chain disruption, supply chain security has become more important than ever before. With this as a momentum, a customs supply chain security paradigm emerged intended to guarantee secure flow of cargo across boarder. Under this circumstances Incoterms(R) 2010 rules have allocated obligations between the buyer and seller to obtain or to render assistances in obtaining security clearances. Thus, security related obligations such as providing advance manifest information is the mandatory requirements for any export and import. The impact on the seller and buyer of security related obligations under the Incoterms(R) 2010 rules environment is obvious. Assistance to provide the security information in advance has become indispensable obligations to the seller and buyer. As such assistances is at the cost and risk of the party responsible for the clearances of the goods, the choice of recognised partner and compliance with the relevant security program, in order to enjoy the relevant benefits, becomes paramount.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.793-805
• /
• 2015

Due to the rise of automotive security problems following automotive safety and the progress of the internet technology leading to a hyper-connected society, guaranteeing the safety of automotive requires security plans in the supply chain assurance and automotive software, and risk management plans for identifying, evaluating, and controlling the risks that may occur from the supply chain since the modern automotive is a Safety Critical system. In this paper, we propose a study on Automotive Supply Chain Risk Management (A-SCRM) procedures by person interested within the automotive Life-Cycle.

• International Commerce and Information Review
• /
• v.15 no.2
• /
• pp.83-106
• /
• 2013

The purpose of this paper is to investigate the perceptions that ports and port users in the supply chain have on the variables of Supply Chain Security Orientation construct. This paper also aims to provide directions and insights to the perceptional issues on supply chain security that have emerged as an independent area of research within SCM and logistics. Starting from the explanation on Supply Chain Security Orientation research model, this paper mainly explored and analyzed the different perceptions of variables in the research model between port group and port user group. Primarily, it explores the descriptive statistics from the questionnaire, and does not analyze the causal relationships of proposed research model. It aims to serve as a guide to the supply chain security managers who are interested in policy issues related to security measures to better performance of the organization.

• Journal of Digital Convergence
• /
• v.20 no.2
• /
• pp.9-20
• /
• 2022

Supply chain attacks target critical infrastructure, causing large amounts of damage and evolving into a threat to public safety and national security. Accordingly, when establishing cybersecurity strategies and policies, supply chain risk management is specified to enhance security, and the US Biden administration recently issued the Executive Order on Improving the Nation's Cybersecurity, SBOM was mentioned as part of the guidelines for strengthening software supply chain security. If the government mandates SBOM and uses it as a security verification tool for supply chains, it can be affected by the domestic procurement system in the future and can be referenced when establishing a security system for domestic supply chains according to the progress of policy implementation. Accordingly, in this paper, countries that are promoting the SBOM policy as a way to strengthen the security of the software supply chain were selected and analyzed with a focus on related cases. In addition, through comparison and analysis of foreign SBOM policy trends, methods for using domestic SBOM in terms of technology, policy, and law were considered. As the value of using SBOM as a supply chain integrity/transparency verification tool is expected in the future, it is necessary to continuously identify trends in the establishment of international standardization and policy development for SBOM and study the standard format.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.101-107
• /
• 2019

Our military's cyberspace is under constant threat from the enemy. These cyber threats are targeted at the information service assets held by the military, and securing the security of the organization's information service assets is critical. However, since Information assets can not be 100% selt-sufficient in any organization as well as the military, acquisition of information assets by the supply chain is an inevitable. Therefor, after reviewing supply chain protection measures to secure the safety of the military supply chain, we proposed a method for securing supply chain companies through the citation of partnership based on the validated trust model.

• Journal of Navigation and Port Research
• /
• v.37 no.6
• /
• pp.709-718
• /
• 2013

In this study, AHP analysis was conducted through a survey that was organized by 9 job categories. The results show that sustainable operation risks have the highest priority level among all criteria with management interest having the highest priority level within sustainable operation risks related attributes. The most important risk attributes among stakeholder risks appeared to be asset security and cargo and conveyance security, with education and training being the most important among regulatory risks. Effective management and response to the risks from export controls on strategic trade require an understanding of supply chain security and compliance programs, effective training programs, investments for development of security systems that meet international standards. In addition, the government needs to focus on developing professionals and providing support for companies with compliance programs, working closely with businesses.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.37-50
• /
• 2022

Modern supply chains include multiple activities from collecting raw materials to transferring final products. These activities involve many parties who share a huge amount of valuable data, which makes managing supply chain systems a challenging task. Current supply chain management (SCM) systems adopt digital technologies such as the Internet of Things (IoT) and blockchain for optimization purposes. Although these technologies can significantly enhance SCM systems, they have their own limitations that directly affect SCM systems. Security, performance, and scalability are essential components of SCM systems. Yet, confidentiality and scalability are one of blockchain's main limitations. Moreover, IoT devices are lightweight and have limited power and storage. These limitations should be considered when developing blockchain-based IoT-SCM systems. In this paper, the requirements of efficient supply chain systems are analyzed and the role of both IoT and blockchain technologies in providing each requirement are discussed. The limitations of blockchain and the challenges of IoT integration are investigated. The limitations of current literature in the same field are identified, and a secure and scalable blockchain-based IoT-SCM system is proposed. The proposed solution employs a Hyperledger fabric blockchain platform and tackles confidentiality by implementing private data collection to achieve confidentiality without decreasing performance. Moreover, the proposed framework integrates IoT data to stream live data without consuming its limited resources and implements a dualstorge model to support supply chain scalability. The proposed framework is evaluated in terms of security, throughput, and latency. The results demonstrate that the proposed framework maintains confidentiality, integrity, and availability of on-chain and off-chain supply chain data. It achieved better performance through 31.2% and 18% increases in read operation throughput and write operation throughput, respectively. Furthermore, it decreased the write operation latency by 83.3%.

• Electronics and Telecommunications Trends
• /
• v.38 no.4
• /
• pp.81-94
• /
• 2023

The increased adoption of open source security management in supply chains is gaining worldwide attention. In particular, as security and threatening situations, such as solar winds, Kaseya ransomware, and Log4j vulnerability, are becoming more common in supply chains using software (SW)-defined networks, SW bills of materials (SBOMs) for SW products should be prepared to protect major countries like the United States. An SBOM provides SW component information and is expected to become required for SW supply chain management. We focus on SW supply chain management policies and SBOM trends in major countries and private organizations worldwide for safe SW use and determine the current status of Korea and ETRI's open source SW supply chain management trends.