• Title, Summary, Keyword: 자료보안기술

Search Result 314, Processing Time 0.041 seconds

Technical development of physical unidirectional data transfer using PI agent on power control system environment (발전제어시스템 환경에서 PI에이전트를 이용한 물리적 일방향자료연계 기술 구현)

  • Kim, Soo-Ho;Kim, Ji-Hee;Kim, Jin-Cheol
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • /
    • pp.220-221
    • /
    • 2016
  • 전력제어시스템은 외부망으로부터 보호하기 위하여 망분리를 해야 하지만 부득이하게 외부망과 연결을 필요로한다. 이러한 이유때문에 망연계 구간에서 보안을 강화할 수 있는 다양한 보안솔루션들이 개발되고 있다. 이 논문에서는 제어시스템에서 사용하고 있는 PI시스템과 제어망으로의 접속을 원천적으로 차단하는 물리적 일방향자료전달시스템 연계를 위한 구성과 그에 따른 에이전트 구현방법을 소개한다.

A Study on the Influence of Organizational Justice on the Industrial Security Supervisors' Compliance Motivations towards Security Policies: With a Focus on Organizational Attachment and Empowerment (조직공정성이 산업보안담당자의 보안정책 준수의지에 미치는 영향 : 조직애착과 임파워먼트를 중심으로)

  • Shin, Hyun-Goo;Lee, Ju-Lak
    • Korean Security Journal
    • /
    • no.39
    • /
    • pp.241-268
    • /
    • 2014
  • This paper is a study on the industrial security specialists of organizations in possession of industrial technology and their compliance motivations towards security policies. The focus is on organizational justice, organizational attachment and empowerment based on our hypothesis that compliance motivations are shaped, not only by the organization itself but, also by the attitude and principle of the organization's members. The objective is to propose a direction for administrative security policy to increase prevention of industrial technology leakage by identifying the factors' significance through hypothesis testing and thereafter investigating the influencing relationship. Survey questionnaires are collected from the participants of a regular educational program provided by the Korean Association for Industrial Technology Security (KAITS) and analyzed using SPSS 21.0 and AMOS 21.0 software. Through various statistical analyses, following results are acquired. First, procedural fairness and organizational attachment are found to motivate security supervisors to comply with security policies. Particularly, the relationship between procedural fairness and compliance motivations towards security policies is fully mediated by organizational attachment, suggesting that improved fairness at the organizational level will lead to an increase in organizational attachment, which will encourage the individuals to comply with security policies. Additionally, empowerment of the individuals in organizations partially mediates the relationship between procedural fairness and organizational attachment, confirming that procedural fairness empowers each individual and increases his organizational attachment. Specifically, in order to maximize compliance of security policies, businesses should demonstrate procedural fairness when compensating their employees for their work to empower them and increase their organizational attachment, which can increase their will to comply with existing security policies. This research provides insights into how to encourage security supervisors to comply with security policies by increasing their empowerment and organizational attachment.

  • PDF

방위산업기술 자료의 외부 반출 시 보호 방안

  • Jang, Kyung Jun
    • Review of KIISC
    • /
    • v.28 no.6
    • /
    • pp.50-55
    • /
    • 2018
  • 방산업체는 물리적 망분리를 의무적으로 구축하고 군사기밀 및 방위산업기술을 보호하는 정보보호체계를 운용 중이다. 그러나, 물리적 망분리를 운용하더라도 다양한 경로로 방위산업기술 자료가 외부로 반출되어 불법적인 유출이 발생할 수 있다. 본 논문에서는 물리적 망분리 시스템의 문제점을 진단해 보고 방위산업기술 자료가 협력업체 등 외부로 반출되는 경우와 출력물에 의해 유출되는 경우에 대해 유출 방지 방안을 제시하였다.

Light Weight Authentication and Key Establishment Protocol for Underwater Acoustic Sensor Networks (수중 음파 센서 네트워크 환경에 적합한 경량화된 인증 및 키 발급 프로토콜)

  • Park, Minha;Kim, Yeog;Yi, Okyoen
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.39B no.6
    • /
    • pp.360-369
    • /
    • 2014
  • Underwater Acoustic Sensor Networks(UASN) enables varied study from collected data of underwater environments such as pollution monitoring, disaster prevention. The collected data is transmitted from underwater to terrestrial communication entity by acoustic communication. Because of the constraints of underwater environments include low data rate and propagation delay, it is difficult to apply cryptographic techniques of terrestrial wireless communication to UASN. For this reason, if the cryptographic techniques are excluded, then collected data will be exposed to security threats, such as extortion and forgery, during transmission of data. So, the cryptographic techniques, such as the authentication and key establishment protocol which can confirm reliability of communication entities and help them share secret key for encryption of data, must need for protecting transmitted data against security threats. Thus, in this paper, we propose the light weight authentication and key establishment protocol.

The Research on Security Cognition and Management Status of Technology Outflow about Small-medium Companies in New IT Environment (신정보화 환경에서 중소기업 기술유출에 대한 인식과 관리 실태에 관한 연구)

  • Kim, Ki Ho;Ha, Kyu Soo
    • Journal of Digital Convergence
    • /
    • v.11 no.11
    • /
    • pp.305-312
    • /
    • 2013
  • This research suggests the security countermeasures for solving technology outflow of small-medium companies in New IT Environment through level comparison of security cognition and security management between small-medium companies and major big companies. According to analysis results, it is poor for small-medium companies' level of security cognition and security management compared with major big companies. Small-medium companies need to manage technology outflow to major big companies' level in New IT Environment. Small-medium companies has started to build New IT Environment recently and it must build the appropriate security system for small-medium companies at the same time. Small-medium company has more problem with budget and proffessionals to maintain the security of technology outflow. Therefore government has to support systematic management for the security of technology outflow to Small-medium companies

A Study on Industrial Technology Leakage and Effective Industrial Security Measures through analysis of domestic portal article data (국내 포털 기사자료 분석을 통한 산업기술유출 사례와 산업보안 강화 방안 연구)

  • Yang, Hyun Jung;Lee, Chang Moo
    • Convergence Security Journal
    • /
    • v.17 no.2
    • /
    • pp.3-13
    • /
    • 2017
  • In the knowledge-information society, many domestic companies put lots of investment in technical development to possess core technologies and intellectual property. However, in the results of passive investment in security to protect their technologies compared to the active investment in technical development, the technology leaks from many companies and research institutes are rapidly increasing. Such increase of technology leaks not only causes damage to companies, but also has harmful effects on national economy directly and indirectly. Even though it has been perceived that a lot of industrial technology leak crimes are committed by former/current workers of small and medium-sized businesses, it is hard to find researches that mainly compare and analyze them. Therefore, this study aimed to understand the actual status of industrial technology leaks by analyzing cases of industrial technology leaks from 2014 to 2016 based on the type of victimized companies, corporate internal leakers' positions, matter of complicity, tools used for technology leaks, and motivation for technology leaks. Through the analysis in each type, the patterns and characteristics of industrial technology leaks were researched, and also the exploratory research on industrial security for the prevention of industrial technology leaks was conducted.

DRM 입체분석

  • Yang, Gi-Seok
    • Digital Contents
    • /
    • no.2
    • /
    • pp.39-49
    • /
    • 2006
  • 직장인들의 연말정산시 인터넷을 통해서 관련 자료를 다운로드 받고자할 때 일종의 보안프로그램이 작동한다. 바로 DRM(Digital Rights Management)이다. DRM은 각종 문서 등 콘텐츠의 생성부터 관리, 유통까지를 통괄적으로 지원하는 보안 솔루션. 그간에는 주로 공공기관과 일반기업들을 중심으로 시장이 확대되어 왔으나 최근 들어서는 일반인들에게도 매우 친숙한 SW가 돼 가면서 관심도 크게 높아지고 있다. DRM시장 및 최신 기술동향에 대해서 살펴봤다.

  • PDF

A Study on Improvement of Construction Project Management Data Sharing System under Separated Network environment. (망분리 환경에서의 건설사업관리 자료공유체계 개선방안 연구)

  • Kim, SeongJin;Kim, NamGon
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • /
    • pp.1053-1054
    • /
    • 2013
  • 과거 건설사업관리업무를 수행하는 건설사 업무담당자들은 방대한 보고자료를 발주기관으로 전송할 경우 주로 웹하드를 이용하였다. 그러나, 최근 개인정보 유출 등 각종 인터넷 보안사고가 빈번히 발생함에 따라 발주기관별로 기관 내부망과 외부망으로 분리하여 네트워크 보안을 강화하는 추세에 있다. 이에 따라, 건설사에서 발주기관으로 대용량 파일을 전송하지 못함으로서 발주청의 건설사업관리 업무처리에 어려움이 발생하였다. 이러한 문제를 해결하기 위하여 본 연구는 망분리 환경하에서 특정 사용자만을 위한 자료 공유체계를 마련하였다.

  • PDF

Eexpected Attack and Security Measures for the Korea Smart Grid through (Smart Grid 해외 공격사례 및 한국 Smart Grid에 대한 예상 공격분석과 보안대책)

  • Chun, Woo-Sung;Park, Dea-Woo
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • /
    • pp.71-74
    • /
    • 2011
  • 2030년까지 한국에 Smart Grid를 구축할 계획을 가지고 추진하고 있다. Smart Grid는 지능형 전력망으로 기존의 전력망에 IT를 접목시켜 통신을 실시하여 양방향성을 가지게 된다. 기존의 전력망에 부가될 IT전기기기들은 기존에 IT가 지니고 있는 취약점들이 있어 기존의 Smart Grid공격에 노출되어 있다. 본 논문에서는 한국보다 먼저 구축되어서 활용되고 있는 미국의 Smart Grid에 대한 공격사례를 분석한다. 그리고 한국 Smart Grid에 대한 전기IT기기의 취약점을 분석하여, 한국 Smart Grid에 대한 예상 공격을 분석하고, 보안 대책을 제시한다. 본 논문은 한국 Smart Grid에 안정성과 보안성을 갖춘 기술 자료로 활용할 것이다.

  • PDF

Design of a Policy-based Security Mechanism for the Secure Grid Applications (안전한 그리드 응용을 위한 정책기반의 보안 기능 설계)

  • Cho, Young-Bok;You, Mi-Kyung;Lee, Sang-Ho
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.12 no.2
    • /
    • pp.901-908
    • /
    • 2011
  • For the available grid environmental realization, the resource supply PC must have to provide an appropriate security function of their operation environments. SKY@HOME is a kind of the grid computing environments. If this has not supervised by administrator handling smoothly, it is inherently vulnerable state to the security level of the grid environments, because the resource supply PC is not update a security function without delay. It is also have the troublesome problems which have to install of an additional security program for support the appropriate security. This paper proposes an integration security model on the policy-based that provides an update each level according to the situation of the resource supply PC for improving its problems as a security aspect of the SKY@HOME. This model analyzes the security state of the resource supply PC respectively, and then the result is available to provide an appropriate security of the resource supply PC using an integration security model. The proposed model is not need additionally to buy and install the software, because it is provided the security management server oriented service. It is also able to set up the suit security function of a characteristic of the each resource supply PC. As a result, this paper clearly show the participation of resource supply PC improved about 20%.