• Journal of Korea Multimedia Society
• /
• v.23 no.3
• /
• pp.430-439
• /
• 2020

The government of the Republic of Korea has introduced SNI blocking method since February 2019 to block illegal sites. Currently, this policy has been considered as a controversial policy in South Korea therefore, about 270,000 South Koreans have been calmed down by and the presidential office petition because people believe that blocking https by SNI would invasion of privacy and freedom of use of the Internet. As soon as the SNI blocking method was used, the bypass method was opened to the Internet, causing side effects. In this study, identifies the development of Internet blocking technology and the development of new technology that bypasses the technology. It also examines Internet censorship in other countries and identifies problems in blocking technology. Through this study would present policy suggestions and technical methodologies for sound Internet use.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.923-939
• /
• 2012

In the information society, to serve the normal economic activity and to delivery the public service is to secure the privacy information. The government endeavors to support with the privacy protection laws and public organizations. This paper is to study the privacy protection policy in the major countries by analyzing the laws and organizations. At last, The study is to examine the policy tasks to support the privacy protection policy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.271-288
• /
• 2010

In this paper, we study the dysfunctions of cryptography as dual-use goods and national domestic encryption control policies like key recovery system and decryption order. And we examine risks of the breach of the peoples' constitutional rights like the right to privacy in these policies and analyze these policies by applying the principle of the ban on the over-restriction. Finally, we propose the direction and requirements of our national domestic encryption control policy that maintains the balance of peoples' constitutional rights and investigatory powers.

• Journal of Digital Convergence
• /
• v.17 no.5
• /
• pp.23-31
• /
• 2019

This study aims to build an AHP model that evaluates the priority of cyber security policies for the Azerbaijan information system. For this, 4 factors were constructed from components of ITU National Interest Model, whereas 5 alternatives were based on the best practices of the eight developed countries leading the cyber security field. Using the questionnaire, 24 security experts evaluated the strategic priority of such factors or alternatives. The analysis results using the AHP software showed that homeland defense and economic well-being were the dominant aspects of cyber security policy, whereas capacity building and infrastructure were the main concern of cyber security elements for Azerbaijan. This study presents the strategic priority of cyber security policies that can be adopted by Azerbaijan government. This study can contribute to developing the national cyber security guide of Azerbaijan.

• Journal of Information Technology Services
• /
• v.12 no.4
• /
• pp.187-204
• /
• 2013

In this study, we developed a comprehensive model to measure the National Information Security Level based on PRM framework. The proposed model reflected a rapidly changing technology environments such as social network service, mobile devices, and etc. This new model consists of three layers:Infrastructure Layer, the Action Layer and the Performance Layer, and there are 16 sub-indexes under the 3 layers. To develop new model and sub-indexes for measuring the National Information Security Level, much amounts of documents related to security indexes or deliberation criteria and security guidelines from international organization were reviewed and then most probable index pool were composed. The Index pool were verified by expert group consisting of professors and specialists. Through five times of screening and having an evaluation review, 16 sub-indexes were deduced and then Delphi and AHP have been conducted to obtain validity and objectiveness of the indexes. Thus the new proposed national information security index will show more exact national information security level and we expect that the indexes give much implications for establishing information protection policy.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.961-964
• /
• 2007

인터넷의 발달에 따라 보안에 위협적인 요소 또한 크게 증가하고 있으며, 이를 극복하기 위한 방법으로 운영체제 수준의 보안 운영체제 연구가 활발히 진행되고 있다. 그 대표적인 연구로는 SELinux 가있지만 SELinux는 정책의 복잡성으로 인하여 사용자가 이용하기 어렵다는 단점이 존재한다. 본 논문에서는 이와같은 문제점을 해결하기 위해 SELinux 정책 템플릿(SELT)을 이용하여 SELinux의 TE형태로 쉽게 변환하기 위한 SELinux 정책 템플릿 컨버터를 제안한다.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.264-268
• /
• 2021

In the context of globalization of information processes, the prevalence of information wars and terrorism, there are new threats to national interests in the information sphere, which actualizes providing the information sovereignty of modern states. Therefore, the purpose of the article is an in-depth analysis of the features and content of information sovereignty as a component of state sovereignty, its relationship with freedom of information and information security, as well as a characterization of the bases and directions of providing information sovereignty. The information sovereignty of the modern state includes its activities to determine national interests in the information sphere, the formation and implementation of information policy, providing information security, regulation and control of information processes. The realization of information sovereignty should be based on real freedom of information, information privacy and the state obligation to provide them. Ensuring information sovereignty also requires solving the problems of formation of modern information legislation, which would comprehensively establish the bases and directions of providing information sovereignty, exceptional cases of restriction of freedom of information.

• Journal of Digital Convergence
• /
• v.16 no.6
• /
• pp.205-212
• /
• 2018

This Study aims to propose a new information security governance model design method for streamlining security governance at national strategic level. The research method of this study is to diagnose our operational experience and to derive a new model design method. In the meantime, national information security activities were perceived to be focused on knowledge transfer, and motivation of activities and securing of executive power were weak. As a result, security blind spots and frequent occurrence of large security incidents have become unresolved challenges. National cyber security governance should be grouped together as a whole systematically from the upper policy to the lower level of performance under the responsibility of the national leader. Based on this approach, this study presented the comprehensive framework of Korean security governance model and embodied it into four architectural designs such as vision, goal, process, and performance, thus deriving the foundation for future national governance model design. Further research is needed to diagnose problems in life cycle flow, security policies based on environmental changes, and new frameworks in which all subjects participate.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.961-973
• /
• 2023

With the changes in the modern computing landscape, securing containerized workloads and addressing the complexities of container networking have become critical issues. In particular, the complexity of network policy settings and the lack of cloud security architecture cause various security issues. This paper focuses on the importance of network security and efficiency in containerized environments, and analyzes the security features and performance of various container network interface plugins. In particular, the features and functions of Cilium, Calico, Weave Net, and Kube-router were compared and evaluated, and the Layer 3/4 and Layer 7 network policies and performance features provided by each plugin were analyzed. We found that Cilium and Calico provide a wide range of security features, including Layer 7 protocols, while Weave Net and Kube-router focus on Layer 3/4. We also found a decrease in throughput when applying Layer 3/4 policies and an increase in latency due to complex processing when applying Layer 7 policies. Through this analysis, we expect to improve our understanding of network policy and security configuration and contribute to building a safer and more efficient container networking environment in the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.1037-1055
• /
• 2016

After the enactment of the Personal Information Protection Act, policies and activities for the personal information protection have been actively promoted. However the people are showing negative attitudes about personal information, as the ongoing personal data leakages. Therefore, authors tried to empirical analysis of the effectiveness of national policy on the protection of personal information, using SERVQUAL model, focused on the people's perception, in order to identify that how the people recognized current policy. Authors find that the public has perceived the effectiveness of the policy positively, but the level of their awareness is low. And we identify that the people are highly aware of the policy's effectiveness for Immediacy, Convenience and Responsibility, while they have the lowest effectiveness for Efficiency. The policy's improvement focused on the public's low expectations/perceptions and effectiveness awareness, is required in order to develop people-oriented national privacy policy that are satisfied by the people.