DOI QR코드

DOI QR Code

Development of Security Metric of Network Access Control

네트워크 접근제어 시스템의 보안성 메트릭 개발

  • Lee, Ha-Yong (Dept. of Fusion Industry, Seoul Venture University) ;
  • Yang, Hyo-Sik (Samil PricewaterhouseCoopers IT Risk & Security)
  • 이하용 (서울벤처대학원대학교 융합산업학과) ;
  • 양효식 (삼일회계법인 IT Risk & Security)
  • Received : 2017.03.16
  • Accepted : 2017.06.20
  • Published : 2017.06.28

Abstract

Network access control should be able to effectively block security threats to the IT infrastructure, such as unauthorized access of unauthorized users and terminals, and illegal access of employees to internal servers. From this perspective, it is necessary to build metrics based on relevant standards to ensure that security is being met. Therefore, it is necessary to organize the method for security evaluation of NAC according to the related standards. Therefore, this study builds a model that combines the security evaluation part of ISO / IEC 15408 (CC: Common Criteria) and ISO 25000 series to develop security metric of network access control system. For this purpose, we analyzed the quality requirements of the network access control system and developed the convergence evaluation metric for security of the two international standards. It can be applied to standardization of evaluation method for network access control system in the future by constructing evaluation model of security quality level of network access control system.

Keywords

Network Access Control;Quality Evaluation Model;Security;Metric;Quality Requirements

References

  1. Byung-Jun Jeon, Deok-Byeong Yoon, Seung-Soo Shin, "Improved Integrated Monitoring System Design and Construction", Journal of Convergence Society for SMB, Vol. 7, No. 1, pp. 25-33, 2017.
  2. Seung-Hyun Paik, Sung-Kwang Kim, Hong-Bae Park, "Design and Implementation of Network Access Control for Security of Campany Network", Journal of the Institute of Electronics Engineers of Korea, Vol. 47, No. 12, p. 91, 2010.
  3. Hyung-Jun Mun, Yooncheol Hwang, Ho-Yeob Kim, "Countermeasure for Prevention and Detection against Attacks to SMB Information System - A Survey", Journal of Convergence Society for SMB, Vol. 5, No. 2, p. 1, 2015.
  4. Kang-Soo Lee, Young-Soo Kim et al.,, "Label-based Access Control System Protection Profile V2.0", Korea Information Security Agency & Hannam University, April, 2008.
  5. ISO/IEC 25010, "Systems and software engineering -- Systems and software Quality Requirements and Evaluation(SQuaRE) -- system and software quality models", 2011.
  6. Garter, "Gartner Market Guide 2016 - Network Access Control", May, 2016.
  7. NIS, MSIP, KCC, MOI, KISA, NSR, "2016, A white paper on national information protection", 2016.
  8. Hyo-Sik Yang, In-Oh Heon, "A Study the Test Methods and Evaluation Practices of Network Access Control System", Journal of Digital Convergence, Vol. 12, No. 9, pp. 159-168, 2014.
  9. Sang-Won Kang, In-Oh Jeon, Hae-Sool Yang, "Reliability Evaluation Model of Network Access Control(NAC) Product", Proceeding of Korea Academia-Industrial Cooperation Society, pp. 159-168, 2011.
  10. Kyong-Ho Choi, Sung-Kwan Kang, Kyung-Yong Chung, Jung-Hyun Lee, "A Study of Network 2-Factor Access Control Model for Prevention the Medical_Data Leakage", Journal of Digital Convergence, Vol. 10, No. 6, pp. 341-347, 2012.
  11. ISO/IEC 25020, "Software product Quality Requirements and Evaluation(SQuaRE) -- Measurement reference model and guide", 2007.
  12. ISO/IEC 25030, "Soiftware product Quality Requirements and Evaluation(SQuaRE) -- Quality requirements", 2007.
  13. ISO/IEC 25051, "Software engineering -- Systems and software Quality Requirements and Evaluation (SQuaRE) -- Requirements for quality of Ready to Use Software Product (RUSP) and instructions for testing", 2014.
  14. ISO/IEC 25041, "Systems and software engineering - - Systems and software Quality Requirements and Evaluation(SQuaRE) -- Evaluation guide for developers, acquirers and independent evaluators", 2012.
  15. ISO/IEC 9126-1(2001), 2(2003), Software engineering -- Product quality, 2001.