• Review of KIISC
• /
• v.18 no.3
• /
• pp.109-117
• /
• 2008

기업의 Network 보안은 회사의 관문 방화벽에만 의존하고 있어 보안정책의 집중으로 효율성이 저하되고 이를 우회할 경우 심각한 위험에 노출될 수 있다. 본 연구는 신속성, 보안강화 측면에서 Network보안 관리 모델을 제시하여 기업의 보안 수준을 강화하는 것을 목적으로 하고 있다. 따라서 기업 비즈니스 환경 변화를 배경으로 관련 연구 결과 및 Trend에서 제시하는 이론(802.1x 사용자 인증, Virtual Backbone 등)을 조사하고 이를 바탕으로 보안 강화 측면에서의 기업의 Network 구조와 보안정책 관리모델을 제시하여 이를 실제 기업 Network에 적용하여 얻어진 효과를 검증한다.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.815-824
• /
• 2003

Many organizations operate security systems and manage them using the intergrated secutity management (ISM) dechnology to secyre their network environment effectively. But current ISM is passive and behaves post-event manner. To reduce cost and resource for managing security and to remove possbility of succeeding in attacks by intruder, the perventive security management technology is required. In this paper, we propose PRISM model that performs preventative security management with evaluating the security level of host or network and the sensitivity level of information asset from potential risks before security incidents occur. The PRISM can give concrete and effective security management in managing the current complex networks.

• Proceedings of the KAIS Fall Conference
• /
• 2009.12a
• /
• pp.578-581
• /
• 2009

본 논문에서는 통합보안관리 시스템에 대해서 주요 기능을 분석하고 시장동향을 조사하였으며, 기존의 소프트웨어 품질 평가 기술 및 표준화에 관한 연구를 추진하고, 통합보안관리 시스템의 보안성 품질 평가 모델을 개발하였다. 본 연구를 통하여 도출된 통합보안관리 시스템의 보안성 품질 평가 모델을 통하여 통합보안관리 시스템의 품질을 향상시키는데 중요한 역할을 할 것으로 본다.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.2
• /
• pp.81-87
• /
• 2004

Very various intrusion by development of systems that is based on network is spread. To detect and respond this intrusion, security solutions such as firewall or IDS are bringing and management of security system that load these becomes more harder. Moreover, because environment of systems that require security is various, hard to manage establishing suitable security policy Therefore, need model about enterprise management of various security system and intrusion detection of each systems and response. In this paper, improve PBNM structure that manage wide network resources and presented suitable model in intrusion detection and response of security system. Also, designed policy-based enterprise security management system for effective intrusion detection and response by applying presented model to enterprise security management system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.8 no.2
• /
• pp.47-66
• /
• 1998

CALS체제의 구축에 있어 역기능으로 인한 여러 가지 문제가 대두되고 있다. 본 논문에서는 CALS정보보호 위협 요소를 비롯한 정보보호 서비스와 메커니즘을 분석하고 CALS를 안전하게 구축하기 위한 정보보호 모델과 시뮬레이션 단계를 예시하였다. CALS체제의 위협 요소, 보안 목적, 구현 자정요소, 지원 보안 메커니즘을 설정하여 제안된 CALS정보보호 모델은 4개의 서브 모델인 전송모델, 키관리 모델, 감사 모델, 통합 데이터 베이스 연계 모델로 수성하였으며 구현을 위한 모듈로 보안관리부, 디렉토리 서비스 에이전트와 인증국을 포함하는 키관리부, 분산 환경에서의 보안 감사부, 통합 데이터베이스 관리부로 나누어 제시하였다.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.3
• /
• pp.351-362
• /
• 2002

Today, management object using SNMP is not only covered network but also more privacy object like personal or billing data. To enforce security management, view-based access control model is introduced in SNMPv3. However, they are not designed to enforce more privacy object such as purpose and increase complexity of user management. Task-based access control can provide enhanced security service using purpose binding and leverage the complexity of user management using purpose of task.

• Journal of Navigation and Port Research
• /
• v.36 no.1
• /
• pp.9-14
• /
• 2012

Maritime security incidents by pirates and by terrorists increase, but maritime incidents investigation models are limited to figure out the maritime security incidents. This paper provides the analysis model for maritime security incidents. To develop this analysis model, this categorizes five threat factors, the ship, the cargo type, port system, human factor, information flow system, makes the risk assessment matrix to quantify the risk related to threat factors and classifies four priority categories of risk assessment matrix. Also, this model makes from the frameworks which include a variety of security initiatives implementing in stakeholder levels like international organizations, individual governments, shipping companies, and the ship. Therefore, this paper develops the Analysis for Maritime Security Management model based on various security initiatives responding to the stakeholder levels of maritime security management and top-bottom/bottom-up decision trees, and shows the validity through verifying the real maritime security incident of M/V Petro Ranger.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.459-463
• /
• 2001

정보기술의 발달과 함께 정보시스템을 보호하기 위한 정보보안관리문제는 모든 기관 및 조직에서 반드시 짚고 가야 하며, 조직 전반에 걸쳐 표준적인 관리지침을 통해 포괄적으로 검토되어야 하는 문제로 대두되고 있다. 그러나, 현행 국방관련조직은 전반적으로 보안관리방법과 관리모델이 정립되지 않은 실정이므로 정보보안관리를 위한 표준관리 지침이 요구된다. 이에 본 논문은 정보시스템을 운영하는 조직 전반의 보안상태를 평가하는데 유용한 방법론인 정보보안관리규격(BS7799)을 적용함으로서 전사적인 관점에서의 국방정보체계 정보보안관리모델을 제안하고자 한다.

• Convergence Security Journal
• /
• v.5 no.2
• /
• pp.9-17
• /
• 2005

Recently It's difficult to deal with about variety of attack. And Simple Security management have a problem. It is that they don't develop system measuring their system envoirment and have efficient attack detector, countermeasure organization about large network. Therefore, need model about enterprise management of various security system and intrusion detection of each systems and response. In this paper, improve PBNM structure that manage wide network resources and presented suitable model in intrusion detection and response of security system. Also, designed policy-based enterprise security management system for effective intrusion detection and response by applying presented model to enterprise security management system.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.573-584
• /
• 2001

Policy-Based Network Management (PBNM) architecture is to meet various needs of network users and to provide effective management facilities in distributed and large scale networks to network managers. In PBNM, network managers perform network management operations by stipulating a set of rules rather than control each network component. On the other hand, providing security services such as authentication, privacy of messages as well as a new flexible and extensible administration framework, SNMPv3 enables network managers to monitor and control the operation of network components more secure way than ever before. Despite of its enhanced security services, SNMPv3 has difficulties in managing distributed, large-scaled network because it does not provide centralized security management facilities. In this paper, we propose a new security model called Role-based Security Management model (RSM) with security management policy to support scalable and centralized security management for SNMP-based networks. Also, the structure and the operation of the security system as well as the efficiency analysis of RSM in terms of security management are also described.