DOI QR코드

DOI QR Code

정보보안 정책의 다변화 과정에 따른 일원화 절차의 제안과 적용에 따른 안전성 확보에 대한 연구

A Study on Securing Stability following the proposal and Application of Integration Procedure following the Diversification Process of Information Security Policies

  • Seo, Woo-Seok (Dept. Security Consulting, Gyeonggi-do R&D laboratory)
  • 투고 : 2018.01.06
  • 심사 : 2018.04.15
  • 발행 : 2018.04.30

초록

공공기관의 정보보안에 관한 다양한 지침이 제정 및 개정되는 등의 일련의 절차와 배급 및 지침 준수에 따른 성과 제도 등 다양하고 다변화된 과정을 하나의 일원화된 절차에 적용하여, 한 번의 개정 또는 변화는 전체 정보보안을 위한 일원화된 절차에서 모든 단계적 환경 조건을 기준으로 적용되어지는 연구와 활용이 이루어져 왔다. 다만, 각 기관들의 업무 영역과 보유하고 유지 및 보안성을 확보해야 하는 대상의 차이가 너무 이질적인 형태의 정보로써 이를 하나의 안전성 확보를 위한 절차에 일련의 과정으로 연계하는 데는 아직도 문제점을 나타내고 있는 것이 사실이다. 또한 공공기관이 예산 반영을 기반으로 구성하고 연구한 결과를 지침으로써 고지하고 이를 민간기관에 재배포 및 구성하는 데에도 시간과 추가적인 경비는 연구목적을 달성하는 부분에 또 다른 문제이기도 하다. 따라서 본 논문에서는 유사기관의 정보보안 대상을 선별 및 통계학적으로 분류하고 이를 정보보안 안전성 확보를 위한 일련의 다양성과 다변화 과정을 거친 일원화 절차를 제안하고 제안된 절차에 적용함으로써 최적의 안전성을 확보하는 연구를 하고자 한다.

Distribution of a series of procedure for establishment and revision for various instructions on information security for public institutions and diversified process of performance system following the compliance with the instruction are applied to the integrated procedure that any revision or change has led to the studies that are applied on the basis of all environment requirements and the facilitation of such studies in the integrated procedure for the entire information security. However, as the difference of possessing the work territory for each institution, maintaining and securing the security with the heterogeneous type for subject, the information still displays the issues to link to a series of process to the procedure to secure the foregoing as stability, In addition, the notice should be made by the public institutions for the result structured and notified on the basis of budget and the additional time and expenses for re-distributing to the private institutions would be another issue for the part to accomplish the purpose of such study. Therefore, under this study, the subject of information security of similar institutions should be sorted out and statistically classified, and it proposes the integration procedure through a series of diversity and multi-change process and summarize the same in the proposed procedure to engage in studies to secure the optimal stability.

키워드

참고문헌

  1. Y. Joung, "Legal Concept :Based on Analysis of Cases about Information Security," Public law journal, vol 14, no. 4, 2013, pp. 209-243.
  2. J. Jeong and M. Choi, "A Study on Awareness of Information Security Influencing Trustness," Journal of the Korean Institute of Information Security and Cryptology, vol. 25, no. 5, 2015, pp. 1225-1233. https://doi.org/10.13089/JKIISC.2015.25.5.1225
  3. M. Lee, "A Development of Curriculum for Information Security Professional Manpower Training," Journal of the Institute of Electronics and Information Engineers, vol 54, no. 1, 2017, pp. 46-52. https://doi.org/10.5573/ieie.2017.54.1.046
  4. K. Son, "Status and Prospects of IT Security Industry in Korea," Communications of the Korean Institute of Information Scientists and Engineers, vol 28, no. 11, 2010, pp. 72-78.
  5. M. Yim, "Why Security Awareness Education is not Effective?," Journal of digital convergence, vol 12, no. 2, 2014, pp. 27-37. https://doi.org/10.14400/JDC.2014.12.2.27
  6. S. Son, J. Park, and S. Moon, "A Study on Improvement Measures of Information Security Relevant Laws for IoT Service Providers," Institute of Law Studies College of Law and Political Science, Pusan National University, vol 57, no. 1, 2016, pp. 181-215.
  7. S. Kim and Y. Song, "An Empirical Study on Motivational Factors Influencing Information Security Policy Compliance and Security Behavior of End-Users(Employees) in Organizations," Global e-Business Association, vol 12, no. 3, 2011, pp. 327-349.
  8. J. Yun, "A Study on the Short Term Curriculum for Strengthening Information Security Capability in Public Sector," Journal of the Korean Institute of Information Security and Cryptology, vol 226 no. 3, 2016, pp. 769-776.
  9. J. Jang, C. Choi ,and D. Kim, "Design of Smart Tourism in Big Data," Korea Institute of Electronic Communication Sciences, vol 12, no. 4, 2017, pp. 637-644.
  10. B. Cha, J. Kim ,and S. Park, "Prototype Design of Hornet Cloud using Virtual Honeypot Technique," Korea Institute of Electronic Communication Sciences, vol 10, no. 8, 2015, pp. 891-900. https://doi.org/10.13067/JKIECS.2015.10.8.891