• Title/Summary/Keyword: information security system

Search Result 6,598, Processing Time 0.034 seconds

An Information Security Evaluation Indices for an enterprise organization (기업조직을 위한 정보보호 평가 척도)

  • Ko Il Seok;Ko Gwang Uk;Na Dae Kyung;Na Heui Seong
    • Proceedings of the KAIS Fall Conference
    • /
    • 2005.05a
    • /
    • pp.108-110
    • /
    • 2005
  • Most of the evaluation systems have performed evaluation with an emphasis on information security products so far. However, evaluating information security level for an enterprise needs analysis of the whole enterprise organization, and a synthetic and systematic evaluation system based on it. This study has tried to grasp the information security level of the whole enterprise organization, and develop an evaluation system of information security level for suggesting a more developing direction of information security.

  • PDF

Establishment of Cyber Security Countermeasures amenable to the Structure of Power Monitoring & Control Systems (전력계통 제어시스템 구조에 따른 사이버 보안대책 수립)

  • Woo, Pil Sung;Kim, Balho H.
    • The Transactions of The Korean Institute of Electrical Engineers
    • /
    • v.67 no.12
    • /
    • pp.1577-1586
    • /
    • 2018
  • The emergence of the Smart Grid is an integrated solution for the next generation power system that combines IT technology in the power system to create optimal energy utilization and various services. However, these convergence technologies (power systems and information communications) are not only improving the related technologies but also producing various problems especially exposure to cyber risk. In particular, the intelligent power grid has security vulnerabilities through real-time information sharing among various organically linked systems, and it is more complicated than the cyber risk problem in the existing IT field and is directly connected to national disaster accidents. Therefore, in order to construct and operate a more stable smart grid, this paper analyzes the system of power system control system in Korea, and proposes a cyber security element definition and a countermeasure establishment method of power monitoring & control systems based on security standards of smart grid (No. SPS-SGSF-121-1-1).

Design of FPGA Hardware Accelerator for Information Security System (정보보호 시스템을 위한 FPGA 기반 하드웨어 가속기 설계)

  • Cha, Jeong Woo;Kim, Chang Hoon
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.18 no.2
    • /
    • pp.1-12
    • /
    • 2013
  • Information Security System is implemented in software, hardware and FPGA device. Implementation of S/W provides high flexibility about various information security algorithm, but it has very vulnerable aspect of speed, power, safety, and performing ASIC is really excellent aspect of speed and power but don't support various security platform because of feature's realization. To improve conflict of these problems, implementation of recent FPGA device is really performed. The goal of this thesis is to design and develop a FPGA hardware accelerator for information security system. It performs as AES, SHA-256 and ECC and is controlled by the Integrated Interface. Furthermore, since the proposed Security Information System can satisfy various requirements and some constraints, it can be applied to numerous information security applications from low-cost applications and high-speed communication systems.

Operation Plan for the Management of an Information Security System to Block the Attack Routes of Advanced Persistent Threats (지능형지속위협 공격경로차단 위한 정보보호시스템 운영관리 방안)

  • Ryu, Chang-Su
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2016.05a
    • /
    • pp.759-761
    • /
    • 2016
  • Recent changes in the information security environment have led to persistent attacks on intelligent assets such as cyber security breaches, leakage of confidential information, and global security threats. Since existing information security systems are not adequate for Advanced Persistent Threat; APT attacks, bypassing attacks, and attacks on encryption packets, therefore, continuous monitoring is required to detect and protect against such attacks. Accordingly, this paper suggests an operation plan for managing an information security system to block the attack routes of advanced persistent threats. This is achieved with identifying the valuable assets for prevention control by establishing information control policies through analyzing the vulnerability and risks to remove potential hazard, as well as constructing detection control through controlling access to servers and conducting surveillance on encrypted communication, and enabling intelligent violation of response by having corrective control through packet tagging, platform security, system backups, and recovery.

  • PDF

Risk Scoring System for Software Vulnerability Using Public Vulnerability Information (공개 취약점 정보를 활용한 소프트웨어 취약점 위험도 스코어링 시스템)

  • Kim, Min Cheol;Oh, Sejoon;Kang, Hyunjae;Kim, Jinsoo;Kim, Huy Kang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.6
    • /
    • pp.1449-1461
    • /
    • 2018
  • As the number of software vulnerabilities grows year by year, attacks on software are also taking place a lot. As a result, the security administrator must identify and patch vulnerabilities in the software. However, it is important to prioritize the patches because patches for all vulnerabilities are realistically hard. In this paper, we propose a scoring system that expands the scale of risk assessment metric by taking into consideration attack patterns or weaknesses cause vulnerabilities with the vulnerability information provided by the NIST(National Institute of Standards and Technology). The proposed scoring system is expanded based on the CWSS and uses only public vulnerability information to utilize easily for any company. In this paper, we applied the automated scoring system to software vulnerabilities, and showed the expanded metrics with consideration for influence of attack pattern and weakness are meaningful.

Efficient security solution structure design for enterprise security management system (통합 보안 관리 시스템 구축을 위한 효율적인 보안 솔루션 구조 설계)

  • Kang Min-gyun;Han Kun-Hee;Ha Kyung-Jae;Kim Seok-soo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.9 no.4
    • /
    • pp.824-831
    • /
    • 2005
  • Past corporaion's network security system is single security solution, or mixed several ways, but there was inefficient system because doing not get into organic link But, constructed more strong security system by ESM enterance on. ESM uses way to integrate of each agent to manage easily various kinds security solution. That is, it is system that connect system of existent VPN, FireWall, IDS and so on configurationally depending on security policy and manage. ESM is security system that is developed more than existent security system. But, practical use of network and the development speed of technology being increasing with the mon faster speed, is heightening the level more as well as dysfunction of information crime and so on. Many improvements are required at ESM system, this research wished to make up for the weak-point in the ESM system about interior security. Studied on structure of security solution that is basis of security policy. VPN, Firewall, IDS's link that is main composition of existing security system analysis, reconstructed. And supplemented security of ESM system itself. Establish imaginary intrusion and comparative analysis access data that apply each Telnet Log analysys IDS existent ESM system and proposed ESM system comparative analysis. Confirm the importance of interior security and inspected security of proposed system.

Proposal of Security Requirements for the Cloud Storage Virtualization System (클라우드 저장장치 가상화 시스템을 위한 보안 요구사항 제안)

  • Yeo, Youngmin;Lee, Chanwoo;Moon, Jongsub
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.6
    • /
    • pp.1247-1257
    • /
    • 2013
  • The security vulnerabilities of cloud storage virtualization environments are different from those of the existing computer system and are difficult to be protected in the existing computer system environment. Therefore we need some technical measures to address this issue. First of all, the technology used in cloud storage virtualization environment needs to be thoroughly analyzed, and also, we should understand those security requirements of various stakeholders in the view of cloud storage service and perform the research on security guidelines of the research security requirements. In this paper, we propose security requirements based on layers and roles of cloud storage virtualization. The proposed security requirements can be a basement for development of solution of cloud storage virtualization security.

Research for Construction Cybersecurity Test and Evaluation of Weapon System (무기체계의 사이버보안 시험평가체계 구축방안 연구)

  • Lee, Ji-seop;Cha, Sung-yong;Baek, Seung-soo;Kim, Seung-joo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.3
    • /
    • pp.765-774
    • /
    • 2018
  • As the IT technology develops, the military information system develops to the current IT environment for efficient operation and rapid communication, and the threat of cyber attack against the advanced weapon system using network technology is increasing simultaneously. In order to prevent and mitigate these problems, the United States has applied the cybersecurity test evaluation system from the beginning to the beginning of weapon system development. However, in Korea, the evaluation process of cyber security test is weak, and there is concern about the damage due to cyber attack. In this paper, we analyze cybersecurity test evaluation status of U.S. and domestic weapon systems and propose a solution to the problem of cybersecurity test evaluation system.

Intrusion Detection Methodology for SCADA system environment based on traffic self-similarity property (트래픽 자기 유사성(Self-similarity)에 기반한 SCADA 시스템 환경에서의 침입탐지방법론)

  • Koh, Pauline;Choi, Hwa-Jae;Kim, Se-Ryoung;Kwon, Hyuk-Min;Kim, Huy-Kang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.2
    • /
    • pp.267-281
    • /
    • 2012
  • SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. The SCADA system has been operated in a closed network, but it changes to open network as information and communication technology is developed rapidly. As the way of connecting with outside user extends, the possibility of exploitation of vulnerability of SCADA system gets high. The methodology to protect the possible huge damage caused by malicious user should be developed. In this paper, we proposed anomaly detection based intrusion detection methodology by estimating self-similarity of SCADA system.

Novel VNFI Security Management Function Block For Improved Security Framework For SDN/NFV Networks

  • Alruwaili, Rahaf Hamoud;Alanazi, Haifa Khaled;Hendaoui, Saloua
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.10
    • /
    • pp.303-309
    • /
    • 2022
  • Software Defined Networking (SDN) is a novel approach that have accelerated the development of numerous technologies such as policy-based access control, network virtualization, and others. It allows to boost network architectural flexibility and expedite the return on investment. However, this increases the system's complexity, necessitating the expenditure of dollars to assure the system's security. Network Function Virtualization (NFV) opens up new possibilities for network engineers, but it also raises security concerns. A number of Internet service providers and network equipment manufacturers are grappling with the difficulty of developing and characterizing NFVs and related technologies. Through Moodle's efforts to maintain security, this paper presents a detailed review of security-related challenges in software-defined networks and network virtualization services.