• Korean Security Journal
• /
• no.25
• /
• pp.63-87
• /
• 2010

Our society nowadays sees the increase in damage from crime on lives and properties by leaps and bounds in line with the economic take-off, and as a result, the raise of individual income. When considering such a hike in crime, it is desirable that the police framework be enhanced. However, thanks to the failure to correspond to this, it could be safely said that a good portion of accountability was shifted to the private security industry in regard to security for the people. Accordingly, the request for escort security business is on the increase regarding expansion and improvement about this industrial sector. As such, it is necessary to get the related system rearranged for authority on the part of escort guards, who are directly exposed to numerous crimes. On top of this, dispersion is required for the escort security businesses centralized in the metropolitan area. It is also necessary for the security guard system to be strengthened and disintegrated into details so that the escort security services are available to people in more safe and easily manners than ever before. When the qualification regime is operated based on this refreshed system, the efficient escort security work would be realized. The dichotomy into act on Special Security Guard and act on Security Business should be dealt with once again for integration as an issue on the front burner in the academic area, and through which the escort security market could be fit for the globalization as well. This paper would provide the solution that leads to more professional and efficient results from comprehension of progress situations in reality by starting from the concept on private security to the analysis of the conditions in this industrial sector.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.3 no.1
• /
• pp.8-11
• /
• 2008

There are multiple reasons that caused the present serious status of network security, including Internet itself having a weak basis. However security is usually discarded when it contends with performance. As the world becomes more tightly interconnected, security technology continues to mature, organizations are feeling a greater need to rediscover network security. Network security technology generally concentrates on protection of the network infrastructure and, by implication, the protection of the user. This is a paper, describe current problems of network security and propose solutions.

• 한국IT서비스학회:학술대회논문집
• /
• 2003.11a
• /
• pp.809-821
• /
• 2003

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.638-640
• /
• 2021

The network separation environment is a network security design system that separates the internal business network from the external Internet network. It separates the internal business network from the external Internet by separating it into a business network that is not connected to the network to which the Internet is connected. The network is separated, and it is a relatively secure network structure compared to Danilman in terms of security. However, there are frequent cases of infecting internal networks by using vulnerabilities in internal systems, network devices, and security devices. In this paper, we analyze the vulnerability of IT security threats in such a network isolation environment and provide technical measures for effective security monitoring.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.147-162
• /
• 2017

With the advent of various services and devices in the change of IT environment, increasing the complexity of the data, and increasing scale of IT, Many organizations are experiencing the difficulty of analyzing and processing with a large amounts of data for security situations awareness. Therefore, propose the enhancement of security situational awareness through visualization in order to solve the problems of slow response and security situational awareness in organizational risk management. In this paper, we selected the evaluation factors and alternatives for effective visualization by considering user type, situational awareness step, and information visualization attributes through various studies on visualization. And established AHP layer model. Based on this, by using the AHP method for solving the problem of multi-criteria decision making, by calculating the factors for effectively visualizing and the importance of alternative by factor, try to propose a visualization method that can improve the effectiveness of the security situational awareness according to the purpose of visualization and the type of user.

• Journal of Digital Convergence
• /
• v.15 no.5
• /
• pp.197-205
• /
• 2017

To achieve web application security goals effectively by providing web security features such as information leakage prevention, web application firewall system must be able to achieve the goal of enhancing web site security and providing secure services. Therefore, it is necessary to study the security evaluation of web application firewall system based on related standards. In this paper, we analyze the requirements of the base technology and security quality of web application firewall, and established the security evaluation criteria based on the international standards for software product evaluation. Through this study, it can be expected that the security quality level of the web application firewall system can be confirmed and the standard for enhancing the quality improvement can be secured. As a future research project, it is necessary to continuously upgrade evaluation standards according to international standards that are continuously changing.

• Journal of the Korea Convergence Society
• /
• v.12 no.1
• /
• pp.1-9
• /
• 2021

Recently, new types of security crimes have been steadily occurring in Korea due to environmental changes such as the development of IT technology, and responding to these threats has become a key national task for the establishment of a safe society as well as individuals and businesses. Meanwhile, as the Zero-Contact Era has arrived since the COVID-19 Pandemics, a new convergence security threat that combines the characteristics of the Zero-Contact Era with the existing IT development is threatening our society. Research to prevent and correct these new levels of threats is continuously required in this study. Chapter 1 examined the causes of new convergence security threats and Chapter 2 discussed cybersecurity, fake news, remote voting·work and video security threats as five major threats.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.8
• /
• pp.1205-1212
• /
• 2022

Cyber threat targeting ICS (Industrial Control System) has indicated drastic increases over the past decade and Cyber Incident in Critical Infrastructure such as Energy, Gas Terminal and Petrochemical industries can lead to disaster-level accidents including casualties and large-scale fires. In order to effectively respond to cyber attacks targeting ICS, a multi-layered defense-in-depth strategy considering Control System Architecture is necessary. In particular, the centralized security log system integrating OT (Operational Technology) and IT (Information Technology) plays an important role in the ICS incident response plan. The paper suggests the way of implementing centralized security log system that collects security events and logs using OPC Protocol from Level 0 to Level 5 based on IEC62443 Purdue Model to integrate ICS security logs with SIEM (Security Information Event Management) operated in IT environment.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.109-115
• /
• 2023

The future outlook for defense faces various and challenging environments such as the acceleration of uncertainty in the global security landscape and limitations in domestic social and economic conditions. In response, the Ministry of National Defense seeks to address the problems and threats through defense innovation based on scientific and technological advancements such as artificial intelligence, drones, and robots. To introduce advanced AI-based technology, it is essential to integrate and utilize data on IT environments such as cloud and 5G. However, existing traditional security policies face difficulties in data sharing and utilization due to mainly system-oriented security policies and uniform security measures. This study proposes a paradigm shift to a data value-based security policy based on theoretical background on data valuation and life-cycle management. Through this, it is expected to facilitate the implementation of scientific and technological innovations for national defense based on data-based task activation and new technology introduction.

• Journal of Platform Technology
• /
• v.12 no.2
• /
• pp.3-11
• /
• 2024

In the trend of digital transformation and the increase in non-face-to-face services triggered by the Fourth Industrial Revolution, the demand for cloud computing services is being sharply stimulated. Currently, the cloud is being introduced in various industrial sectors including public, IT, and finance, and the manufacturing industry is also adopting the cloud to secure future sustainability and is promoting innovation through smart manufacturing. However, it has been found that there are constraints in the adoption of cloud by manufacturing companies due to concerns about security. Existing studies that have identified cloud security risks have been limited to presenting general cloud security risks or technical security risks rather than focusing on the manufacturing industry. Therefore, this study aimed to identify cloud security risks in the manufacturing industry based on the actual concerns in the field. For this, expert interviews and literature research were conducted to newly identify cloud security risks in the manufacturing industry, and the adequacy and urgency of the selected security risks were verified through surveys. Based on this study, if a cloud security management system for the manufacturing industry is designed in the future, it is expected that the adoption of cloud in the manufacturing industry will be more activated.