그림 1. 정보자산 구분과 탑재 정보현황 및 접근권한과 권한별 인증구성 Fig. 1 Information asset classification and loading information status and access authority and authentication configuration by authority
그림 2. 정보자산 접근 보안정책 모듈과 연계 구성 Fig. 2 Information asset access security policy module and linkage configuration
그림 3. 보안정책 모듈 설계 기준 Fig. 3 Security policy module design criteria
그림 4. 제안된 설계 기준 적용형태에 대한 중복조건구성 Fig. 4 Construction of redundant conditions for the proposed design criteria application form
그림 5. 안전성 확보를 기반으로 하는 최종 제안되는 보안정책 검증 기준 Fig. 5 The final proposed security policy verification standard based on security assurance
표 1. 정보보안을 위한 보안 구성요소와 정의 및 쓰임 Table 1. Definition and use of security components for information security
표 2. 접근권한과 권한별 인증범위 구성현황 Table 2. Status of access authority and authentication scope by authority
References
- Y. Lee, "A Design and Analysis of Multiple Intrusion Detection Model," J. of the Korea Institute of Electronic Communication Sciences, vol. 11, no. 6, 2016, pp. 619-626. https://doi.org/10.13067/JKIECS.2016.11.6.619
- K. Kim, D. Wang, and S. Han, "Home Security System Based on IoT," J. of the Korea Institute of Electronic Communication Sciences, vol. 12, no. 1, 2017, pp. 147-154. https://doi.org/10.13067/JKIECS.2017.12.1.147
- K. Kim, Y. Park, S. Ro, and B. Kim, "Design of Infringement Accidents Preventing System Using DNS Information Retrieval Integration Method," J. of the Korea Institute of Electronic Communication Sciences, vol. 16 no. 9, 2012, pp. 1955-1962.
- C. Choi, Y. Lee, and Tae. Lee, "Improvement Method of ELIS Local Laws and Regulations Format for Personal Information Protection," J. of the Korea Institute of Electronic Communication Sciences, vol. 11, no. 11, 2016, pp. 1017-1024. https://doi.org/10.13067/JKIECS.2016.11.11.1017
- S. Paik, S. Kim, and H. Park, "Design and Implementation of Network Access Control for Security of Company Network," J. of the Korea Institute of Electronic Communication Sciences, vol. 47, no. 12, 2010, pp. 90-96.
- J. Yun, "A Study on the Short Term Curriculum for Strengthening Information Security Capability in Public Sector," Journal of the Korean Institute of Information Security and Cryptology, vol. 226 no. 3, 2016, pp. 769-776. https://doi.org/10.13089/JKIISC.2016.26.3.769
- S. Park and N. Kim, "A Verification Case Study about the Authentication of a Network using AAA," J. of the Korea Institute of Electronic Communication Sciences, vol. 12, no. 2, 2017, pp. 295-300. https://doi.org/10.13067/JKIECS.2017.12.2.295
- M. Yim, "Why Security Awareness Education is not Effective?," J. of digital convergence, vol. 12, no. 2, 2014, pp. 27-37. https://doi.org/10.14400/JDC.2014.12.2.27
- J. Jang, C. Choi, and D. Kim, "Design of Smart Tourism in Big Data,"J. of the Korea Institute of Electronic Communication Sciences, vol. 12, no. 4, 2017, pp. 637-644. https://doi.org/10.13067/JKIECS.2017.12.4.637
- B. Cha, J. Kim, and S. Park, "Prototype Design of Hornet Cloud using Virtual Honeypot Technique," J. of the Korea Institute of Electronic Communication Sciences, vol. 10, no. 8, 2015, pp. 891-900. https://doi.org/10.13067/JKIECS.2015.10.8.891