• 정보보호학회논문지
• /
• 제20권2호
• /
• pp.91-108
• /
• 2010

대학은 국가적으로 연구개발비 및 연구인력 측면에서 큰 비중을 차지하고 있는 핵심연구기관임에도 불구하고 연구정보보안에 대한 투자가 소홀하여 연구정보 유출이 우려되고 있는 것이 현실이다. 이와 관련, 본 논문에서는 연구정보 유출을 예방하기 위한 노력의 일환으로 대학 구성원의 보안 인지수준과 실천수준을 분석하고 대학내 연구정보보안 수준 제고를 위한 구체적 방안을 제시한다. 이를 위해 먼저 대학 구성원을 대상으로 실시한 설문조사 결과를 분석하여 연구정보보안 및 보안의식에 관련된 현황을 파악한다. 이를 바탕으로 상관관계분석, 일원배치 분산분석, 다중회귀분석 등 통계분석을 실시하여 정보보안의식 및 보안실천수준, 전임교원 보안수준, 연구실 정보보안 관리절차와 같은 문제점들이 존재함을 보인다. 마지막으로 분석결과를 기반으로 교육 홍보를 통한 보안지식 및 의식 개선, 연구책임자 의무사항을 포함하는 연구실 보안관리 규정 제정, 정보유출방지 출입자 통제 솔루션 등의 보안수준 향상을 위한 대책들을 제시한다.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2012년도 춘계학술대회
• /
• pp.471-474
• /
• 2012

정부의 행정기관과 사법기관들은 정보보안을 위해서 네트워크 분리와 CERT를 구축하여 활용하고 있다. 하지만 입법부는 기본적인 보안시스템만을 갖추고 있어, 상대적으로 보안 취약점이 많다. 본 논문에서는 입법부인 국회와 국회사무처, 국회도서관에 대한 정보보안을 위한 연구를 한다. 국회 정보보안을 위한 네트워크 구성을 외부의 인터넷과 직접 연결된 인터넷 네트워크와 내부 업무 네트워크로 분리하는 것이다. 네트워크 분리에 따른 자료의 이동은 보안USB 메모리를 이용하는데, 사용자가 불편한 문제점을 가지고 있다. 문제점 분석과 보안USB 메모리 사용에 대한 보안 취약성 문제를 연구를 한다. 이를 개선하기 위한 사용자의효율성 및 대책과 보안성을 강화하는 방안에 대해 연구한다.

• International Journal of Computer Science & Network Security
• /
• 제21권5호
• /
• pp.73-83
• /
• 2021

The information space, the main components of which are information resources, means of information interaction, and information infrastructure, is a sphere of modern social life in which information communications play a leading role. The objective process is the gradual but stable entry of the national information space into the European and world information sphere, in the context of which there is a legitimate question of its protection as one of the components of the national security of Ukraine. However, the implementation of this issue in practice immediately faces the need to respect the rights and fundamental freedoms guaranteed by international regulations and the Constitution of Ukraine, especially in the field of cybersecurity. The peculiarity of the modern economy is related to its informational nature, which affects the sharp increase in cyber incidents in the field of information security, which is widespread and threatening and affects a wide range of private, corporate, and public interests. The problem of forming an effective information security system is exacerbated by the spread of cybercrime as a leading threat to information security both in Ukraine and around the world. The purpose of this study is to analyze the state of cybersecurity and on this basis to identify new areas of the fight against cybercrime in Ukraine. Methods: the study is based on an extensive regulatory framework, which primarily consists of regulatory acts of Ukraine. The main methods were inductions and deductions, generalizations, statistical, comparative, and system-structural analysis, grouping, descriptive statistics, interstate comparisons, and graphical methods. Results. It is noted that a very important component of Ukraine's national security is the concept of "information terrorism", which includes cyberterrorism and media terrorism that will require its introduction into the law. An assessment of the state of cybersecurity in Ukraine is given. Based on the trend analysis, further growth of cybercrimes was predicted, and ABC analysis showed the existence of problems in the field of security of payment systems. Insufficient accounting of cybercrime and the absence in the current legislation of all relevant components of cybersecurity does not allow the definition of a holistic system of counteraction. Therefore, the proposed new legal norms in the field of information security take into account modern research in the field of promising areas of information technology development and the latest algorithms for creating media content.

• International Journal of Computer Science & Network Security
• /
• 제21권12호
• /
• pp.316-322
• /
• 2021

The problem of corruption and the spread of corruption crime today is not only one of the main social problems, but also an obstacle to the implementation of reforms in Ukraine. Given the complexity, scale and diversity of the impact of corruption, it is an undisputed threat to national security. At the state level, corruption threatens, firstly, state security as a result of its spread in public authorities and the combination of political and business spheres; secondly, in the domestic political sphere as a result of non-compliance and violation by officials of public authorities and local governments of the laws of Ukraine; thirdly, in the economic sphere as a result of the dominance of personal interests of civil servants over national ones; fourthly, in other spheres, namely, military, social, ecological, informational, foreign policy, etc. The origins of corruption are diverse and are formed not only in the country but also abroad. The current corruption threat is the result of the country's ineffective domestic and foreign anticorruption policies. Acceleration of the spread and manifestation of external corruption threats is associated with a number of unresolved foreign policy issues against the background of the development of globalization and integration processes, in particular: economic and financial dependence of the country on international financial institutions and organizations; as well as from foreign countries that pose a potential threat due to their ambitious plans to expand our country; unresolved issues regarding the international legal consolidation of borders, etc. It is noted that the current conditions for the development of state security, due to new challenges and threats, need to improve and implement new measures to prevent corruption as a negative impact of the main threats to national economic security. As a result of the study, the main measures to counter the main threats to the economic security of the state were identified.

• Strategy21
• /
• 통권45호
• /
• pp.148-187
• /
• 2019

본 논문은 '국가해양안보전략서'의 필요성과 발전방향을 분석하기 위한 것이다. 이를 위해 한국의 해양안보전략서의 필요성, 해양안보전략관련 한국의 실태와 주요선진해양국의 사례, 한국의 '해양안보전략'의 비전·목표·전략·수행체계를 살펴본 후 결론을 도출해본 것이다. '세계 5대 해양강국(Ocean G5)' 등과 같은 국가해양전략 비전의 달성은 우리나라가 국민의 해양안전과 해양안보를 유지·강화해 나갈 수 있을 때 가능함은 물론이다. 세월호사건은 우리에게도 해양선진국처럼 '국가해양안보전략서'가 절실히 필요하다는 것을 잘 일깨워주고 있다. 선진해양국가처럼 국가해양안보전략이 효율적으로 수행되기 위해서는 해군·해경의 협력을 포함한 관련기관의 협력을 결집시키기에 충분한 권한과 위상을 보유한 전담부서를 두어야 한다. 국가안보회의 예하에 장관급으로 구성된 의결기구인 가칭 해양안보위원회와 관련부처 실무자로 구성된 집행기구인 가칭 해양안보수행단을 설치하면 좋을 것으로 판단된다. 미국이나 영국처럼 우리도 국민의 해양안전·해양안보를 위한 국가해양안보전략을 성공적으로 수행해 나가기 위해서는 보다 더 긴밀한 국내의 범정부적 협조체제와 국제적 협력체제, 그리고 해당 분야별 해양안보능력을 더욱 보강해 나가야 할 것이다. 이를 위해 해군에 의한 해양안보전략의 수립·추진; 해군·해경 간의 작전적 연계강화; 국가차원의 해양감시능력의 강화 및 민간영역과의 공유의 활성화 등을 모색·추진해 나가야 할 것이다.

• International Journal of Computer Science & Network Security
• /
• 제21권12spc호
• /
• pp.719-725
• /
• 2021

The main purpose of the study is to determine the main aspects of information support for anti-crisis management in the context of ensuring national security. In modern conditions, under the influence of COVID-19, it becomes important to develop a modern paradigm for the transformation of anti-crisis management, based on the determination of the laws of state development on the basis of the imperative of national interests and territorial integrity. These are, firstly, the patterns of development of the state system of public administration, secondly, the patterns of development of a complex of state interests, and thirdly, patterns of development of the modern model of the country's territorial integrity. As a result of the study, the key aspects of the anti-crisis management system were identified in the context of ensuring the security of national interests.

• 해양환경안전학회:학술대회논문집
• /
• 해양환경안전학회 2006년도 춘계학술발표회
• /
• pp.7-13
• /
• 2006

국내 연안 여객선 관련 종사자들에 대한 보안의식에 대한 설문조사를 통하여 보안환경과 여객선의 보안취약성 을 분석하였다. 이러한 연안 여객선의 보안위협에 능동적인 예방과 체계적인 대응시스템 구축을 목적으로 연안 여객 선 보안강화 프로그램을 제안하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권2호
• /
• pp.580-599
• /
• 2021

Software-Defined Networking (SDN) has three key features: separation of control and forwarding, centralized control, and network programmability. While improving network management flexibility, SDN has many security issues. This paper systemizes the security threats of SDN using spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE) model to understand the current security status of SDN. First, we introduce the network architecture and data flow of SDN. Second, we analyze security threats of the six types given in the STRIDE model, aiming to reveal the vulnerability mechanisms and assess the attack surface. Then, we briefly describe the corresponding defense technologies. Finally, we summarize the work of this paper and discuss the trends of SDN security research.

• International Journal of Computer Science & Network Security
• /
• 제22권8호
• /
• pp.123-128
• /
• 2022

The main purpose of the study is to determine the features of the implementation of public authority in the context of modern international security challenges. The fact that public authority is a necessary regulator of the life of society ensures its development, unity, and manageability, which is an important factor in the organization and orderliness of society adds to the actualization of the research topic. The research methodology includes a set of theoretical methods of analysis. Based on the results of the study, key aspects of the implementation of public authority in the context of modern international security challenges were identified. The study has limitations, and they relate to the practical aspect of the implementation of public authority in the context of modern international security challenges.

• 한국멀티미디어학회논문지
• /
• 제19권1호
• /
• pp.51-59
• /
• 2016

Physical security protecting people from physical threats, such as a person or vehicle, has received a great attention. However, it has many risks of hacking and other security threats because it is highly dependent on automated management systems. In addition, a representative system of physical security, a CCTV control system has a high risk of hacking, such as video interceptions or video modulation. So physical security needs urgent security measures in accordance with these threats. In this paper, we examine the case of security threats that have occurred in the past, prevent those from threatening the physical security, and analyze the security problem with the threats. Then we study the countermeasures to prevent these security threats based on the problems found in each case. Finally we study for the method to apply these countermeasures.