• Korean Security Journal
• /
• no.28
• /
• pp.103-130
• /
• 2011

This study is the research of enterprise security for raising the profitability and stability of Korean companies in global business environment and strategic cooperation of business. As the scientific technology gets complicated as day goes by and new competitors appear regardless the border in the modern business environment, the situation happens frequently which the huge company hands over their market to the new one armed with the innovative thinking overnight. To survive such new environment, the answer is the change of paradigm regarding business management method at the new point of view. With the low level of security risk management of Korean companies which stick to old habit, the security management which helps the companies secure profits is not affordable. The global village where the population of 7 billions live in 21st century is facing up to the rapid ecological adaptation. The rapid change of climatic environment creates the hundreds of thousands of sufferers in a moment, and we have been watching the millions of livestock are buried alive due to new contagious disease everyday. Such change encourages the humans in global village to change the basic way of living. The business ecosystem which is the basic root for economic life cannot be an exception. To survive the business environment of 21st century, the security risk management at management level is required and the reporting line of companies should be established newly for raising business competing power through security risk management. The companies should bear in mind that they can be disappeared into our old memories overnight if they are not sensitive to the changing environment. Out of new risks for the modern companies, the field especially Korean companies are dealing easily is the security risk. Not like past, the security risk which's size is much more massive and its propagation velocity is very fast is the one of important business risks which the management should take care. Out of security risks which influence on the modern companies significantly, the brand of companies, protection of their reputation, continuity of production and operation and keeping customer's trust are prior to the others. This study offered the suggestion regarding enterprise security and the strategic cooperation of business to deal with such security risk effectively.

• International Journal of Computer Science & Network Security
• /
• v.22 no.10
• /
• pp.201-206
• /
• 2022

The main purpose of the study is to analyze the features of innovation and project management in the system of improving the performance of personnel as a factor in ensuring competitiveness and investment security. For the successful operation of enterprises, regardless of their form of ownership and field of activity, in order to carry out effective activities, they turn to innovative methods related to the formation of the potential of the workforce, and increasing the level of education and qualifications of staff and establishing their potential ability to make independent decisions. Based on the results of the study, the key features of innovation and project management in the system of improving the performance of personnel as a factor in ensuring competitiveness and investment security are characterized.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.6
• /
• pp.625-630
• /
• 2010

With regard to the examples of establishing various sorts of information security, it can be seen that there are gradual, developmental procedures including Firewall and VPN (Virtual Private Network), IDS (Intrusion Detection System), or ESM(Enterprise Security Management). Each of the security solutions and equipments analyzes both defense and attack for information security with the criteria of classifying the problems of security policies by TCP/IP layers or resulted from attack patterns, attack types, or invasion through specialized security technology. The direction of this study is to examine latency time vulnerable to invasion which occurs when L2-stratum or lower grade equipments or policies are applied to the existing network through TCP/IP layer's L3-stratum or higher grade security policies or equipments and analyze security holes which may generate due to the IP preoccupation in the process of establishing policies to limit particular IP area regarding the policies for security equipments to figure out technological problems lying in it.

• Journal of the Korea Society of Computer and Information
• /
• v.7 no.3
• /
• pp.74-79
• /
• 2002

In this paper, we designed the Policy-based ESM(Enterprise Security Management) for network security in Internet. First, we consider the existed network management and present ESM. And then analyze existent systems and drew consideration items at system design. This paper applied to PBNM technology in order to improve security network management.

• Journal of Internet Computing and Services
• /
• v.7 no.3
• /
• pp.93-105
• /
• 2006

The instant messenger is not only a wonderful tool for individuals. It is also a great tool which provides real-time dialogue and file transfers for individuals via the Internet and improves an enterprise productivity. However, it has many security risks that may have significant impact in corprate environments. This paper provides an overview of the security risks of the instant messenger with a risk analysis method and the controls that can be used to make it secure. It's hard to eliminate the instant messenger from enterprise environments because of its benefits. If we cannot avoid using it, we must make it secure and reap the full benefits of it.

• Convergence Security Journal
• /
• v.11 no.6
• /
• pp.3-8
• /
• 2011

Advanced Persistent Threat (APT), aims a specific business or political targets, is rapidly growing due to fast technological advancement in hacking, malicious code, and social engineering techniques. One of the most important characteristics of APT is persistence. Attackers constantly collect information by remaining inside of the targets. Enterprise Security Management (EMS) system can misidentify APT as normal pattern of an access or an entry of a normal user as an attack. In order to analyze this misidentification, a new system development and a research are required. This study suggests the way of forecasting APT and the effective countermeasures against APT attacks by categorizing misidentified data in data-mining through threshold ratings. This proposed technique can improve the detection of future APT attacks by categorizing the data of long-term attack attempts.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1585-1594
• /
• 2018

In recent years The importance of information security management for securing information collection and analysis, production and distribution is increasing. Companies are assured of confidence in information security through authentication of information Security Management System. However, level assessment and use of domains that make up the management system is limited. On the other hand, the security maturity model is able to diagnose the level of information protection of the enterprise step by step. It is also possible to judge the area to be improved urgently. It is a tool to support goal setting according to the characteristics and level of company. In this paper, C2M2, which is an example of security maturity model, is compared and analyzed with Korea Information Security Management System certification. Benchmark the model to check the level of information security management and derive the priority among the items that constitute the detailed area of information security measures of ISMS certification. It also look at ways to check the level of information security management step by step.

• Journal of the Korea Society for Simulation
• /
• v.18 no.2
• /
• pp.1-8
• /
• 2009

Enterprise security management system proposed to properly manage heterogeneous security products is the security management infrastructure designed to avoid needless duplications of management tasks and inter-operate those security products effectively. In this paper, we defined the security policies using Z-Notation and the detection algorithm of policy conflict for managing heterogeneous firewall systems. It is designed to help security management build invulnerable security policies that can unify various existing management infrastructures of security policies. Its goal is not only to improve security strength and increase the management efficiency and convenience but also to make it possible to include different security management infrastructures while building security policies. With the process of the detection and resolution for policy conflict, it is possible to integrate heterogeneous security policies and guarantee the integrity of them by avoiding conflicts or duplications among security policies. And further, it provides convenience to manage many security products existing in large networks.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.35-43
• /
• 2024

The development and integration of Enterprise Resource Planning (ERP) systems have consistently attracted attention from software engineering researchers. Many studies have examined the factors that influence successful ERP integration, while others have focused on introducing integration models that address issues and challenges that affect the successful integration of ERP. However, it is crucial to recognize that the key player in successful integration is the individual involved. This paper aims to investigate how individuals based on departmental attachments and experiences have viewed the factors that affected the success of ERP integration. A case study was conducted at one large organization namely Umm Al Qura University, Saudi Arabia. Five departments were involved namely: Financial management, purchasing management, warehouse management, human resources management, and the Deanship of Information Technology. The results of 78 participants were collected and analyzed. Furthermore, it was different how individuals from different departments involved in the ERP integration viewed the factors that affected the success of integration. In addition, it was noticed that individuals with different experiences have various views on the factors. Moreover, it was evident that departmental attachments and individual experience might play a role in the successful integration of ERP.

• The KIPS Transactions:PartC
• /
• v.11C no.4
• /
• pp.485-496
• /
• 2004

The wide spread of Internet makes susceptible to the attacks via communication Web from hackers using the vulnerability of both computer and network systems. In this paper, we design and implement an integrated security system, named as LISS(Linux-based Integrated Security System) in which an integrated security management is possible. This system is based on the open operating system, Linux and consists of open security tools, which is effective in security management of Linux based-servers. We also construct a test-bed in order to testify the performance of the LISS. It is revealed that the implemented system captures all the attack Patterns generated from Network Mapper.