• Title/Summary/Keyword: 자료보안기술

Search Result 334, Processing Time 0.029 seconds

The Research on Security Cognition and Management Status of Technology Outflow about Small-medium Companies in New IT Environment (신정보화 환경에서 중소기업 기술유출에 대한 인식과 관리 실태에 관한 연구)

  • Kim, Ki Ho;Ha, Kyu Soo
    • Journal of Digital Convergence
    • /
    • v.11 no.11
    • /
    • pp.305-312
    • /
    • 2013
  • This research suggests the security countermeasures for solving technology outflow of small-medium companies in New IT Environment through level comparison of security cognition and security management between small-medium companies and major big companies. According to analysis results, it is poor for small-medium companies' level of security cognition and security management compared with major big companies. Small-medium companies need to manage technology outflow to major big companies' level in New IT Environment. Small-medium companies has started to build New IT Environment recently and it must build the appropriate security system for small-medium companies at the same time. Small-medium company has more problem with budget and proffessionals to maintain the security of technology outflow. Therefore government has to support systematic management for the security of technology outflow to Small-medium companies

DRM 입체분석

  • Yang, Gi-Seok
    • Digital Contents
    • /
    • no.2 s.153
    • /
    • pp.39-49
    • /
    • 2006
  • 직장인들의 연말정산시 인터넷을 통해서 관련 자료를 다운로드 받고자할 때 일종의 보안프로그램이 작동한다. 바로 DRM(Digital Rights Management)이다. DRM은 각종 문서 등 콘텐츠의 생성부터 관리, 유통까지를 통괄적으로 지원하는 보안 솔루션. 그간에는 주로 공공기관과 일반기업들을 중심으로 시장이 확대되어 왔으나 최근 들어서는 일반인들에게도 매우 친숙한 SW가 돼 가면서 관심도 크게 높아지고 있다. DRM시장 및 최신 기술동향에 대해서 살펴봤다.

  • PDF

Status and Future of Security Techniques in the Internet Banking Service (인터넷 뱅킹 서비스 보안기술의 현황과 미래)

  • Lee, Kyungroul;Yim, Kangbin;Seo, Jungtaek
    • Journal of Internet Computing and Services
    • /
    • v.18 no.2
    • /
    • pp.31-42
    • /
    • 2017
  • As Internet banking service became popular, many users can exchange goods by online. Even though this advantage, there are incident cases in the Internet banking service due to security threats. In order to counteract this problem, various security techniques have been applied over whole area in the Internet banking service. Therefore, we described that analyzed results of security techniques applied in the financial institutions area and network communication area in this paper. We consider that this paper will be useful as a reference to protect security threats occurred by insiders and vulnerabilities in implementation.

A Study on Improvement of Construction Project Management Data Sharing System under Separated Network environment. (망분리 환경에서의 건설사업관리 자료공유체계 개선방안 연구)

  • Kim, SeongJin;Kim, NamGon
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2013.05a
    • /
    • pp.1053-1054
    • /
    • 2013
  • 과거 건설사업관리업무를 수행하는 건설사 업무담당자들은 방대한 보고자료를 발주기관으로 전송할 경우 주로 웹하드를 이용하였다. 그러나, 최근 개인정보 유출 등 각종 인터넷 보안사고가 빈번히 발생함에 따라 발주기관별로 기관 내부망과 외부망으로 분리하여 네트워크 보안을 강화하는 추세에 있다. 이에 따라, 건설사에서 발주기관으로 대용량 파일을 전송하지 못함으로서 발주청의 건설사업관리 업무처리에 어려움이 발생하였다. 이러한 문제를 해결하기 위하여 본 연구는 망분리 환경하에서 특정 사용자만을 위한 자료 공유체계를 마련하였다.

Design of a Policy-based Security Mechanism for the Secure Grid Applications (안전한 그리드 응용을 위한 정책기반의 보안 기능 설계)

  • Cho, Young-Bok;You, Mi-Kyung;Lee, Sang-Ho
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.12 no.2
    • /
    • pp.901-908
    • /
    • 2011
  • For the available grid environmental realization, the resource supply PC must have to provide an appropriate security function of their operation environments. SKY@HOME is a kind of the grid computing environments. If this has not supervised by administrator handling smoothly, it is inherently vulnerable state to the security level of the grid environments, because the resource supply PC is not update a security function without delay. It is also have the troublesome problems which have to install of an additional security program for support the appropriate security. This paper proposes an integration security model on the policy-based that provides an update each level according to the situation of the resource supply PC for improving its problems as a security aspect of the SKY@HOME. This model analyzes the security state of the resource supply PC respectively, and then the result is available to provide an appropriate security of the resource supply PC using an integration security model. The proposed model is not need additionally to buy and install the software, because it is provided the security management server oriented service. It is also able to set up the suit security function of a characteristic of the each resource supply PC. As a result, this paper clearly show the participation of resource supply PC improved about 20%.

A Study on the Influence of Organizational Justice on the Industrial Security Supervisors' Compliance Motivations towards Security Policies: With a Focus on Organizational Attachment and Empowerment (조직공정성이 산업보안담당자의 보안정책 준수의지에 미치는 영향 : 조직애착과 임파워먼트를 중심으로)

  • Shin, Hyun-Goo;Lee, Ju-Lak
    • Korean Security Journal
    • /
    • no.39
    • /
    • pp.241-268
    • /
    • 2014
  • This paper is a study on the industrial security specialists of organizations in possession of industrial technology and their compliance motivations towards security policies. The focus is on organizational justice, organizational attachment and empowerment based on our hypothesis that compliance motivations are shaped, not only by the organization itself but, also by the attitude and principle of the organization's members. The objective is to propose a direction for administrative security policy to increase prevention of industrial technology leakage by identifying the factors' significance through hypothesis testing and thereafter investigating the influencing relationship. Survey questionnaires are collected from the participants of a regular educational program provided by the Korean Association for Industrial Technology Security (KAITS) and analyzed using SPSS 21.0 and AMOS 21.0 software. Through various statistical analyses, following results are acquired. First, procedural fairness and organizational attachment are found to motivate security supervisors to comply with security policies. Particularly, the relationship between procedural fairness and compliance motivations towards security policies is fully mediated by organizational attachment, suggesting that improved fairness at the organizational level will lead to an increase in organizational attachment, which will encourage the individuals to comply with security policies. Additionally, empowerment of the individuals in organizations partially mediates the relationship between procedural fairness and organizational attachment, confirming that procedural fairness empowers each individual and increases his organizational attachment. Specifically, in order to maximize compliance of security policies, businesses should demonstrate procedural fairness when compensating their employees for their work to empower them and increase their organizational attachment, which can increase their will to comply with existing security policies. This research provides insights into how to encourage security supervisors to comply with security policies by increasing their empowerment and organizational attachment.

  • PDF

An Empirical Study on Influencing Factors of Using Information Security Technology (정보보안기술 사용의 영향요인에 관한 실증적 연구)

  • Kim, Sang-Hoon;Lee, Gab-Su
    • The Journal of Society for e-Business Studies
    • /
    • v.20 no.4
    • /
    • pp.151-175
    • /
    • 2015
  • Although three types of the information security measures (technical, physical and managerial ones) are all together critical to maintaining information security in the organizations and should be implemented at the same time, this study aims at providing theoretical basis of establishing and implementing effective managerial security measures. The rationale behind this research objective is that it is very important to effectively perform the managerial security measures to achieve the target performance level of the technical and the physical security measures because main agents of practicing the information security measures in the organizations are staff members even though the technical and the physical ones are well constructed and implemented. In particular, this study intends to develop and propose the theoretical model applicable to providing the way of improving organizational members' intention to use information security technologies since the very intention to use them is essential to effectively establishing and promoting managerial security measures. In order to achieve the objective of this study, the factors critical to influencing upon the intention to use information security technologies are derived through systematically reviewing related theories and previous studies, and then the research model and hypotheses are proposed by logically reasoning the casual relationship among the these factors. Also, the empirical analyses are performed by conducting the survey of the organization members of domestic large companies and analyzing the structural equation model by PLS (Partial Least Squares) method. The significant results of this study can contribute to expanding the research area of managerial information security and can be applied to suggesting the practical guidelines for effectively establishing and implementing the managerial security measures in various organizations.

CA 시스템 적용 모델 및 현황

  • 안혜연
    • Review of KIISC
    • /
    • v.8 no.3
    • /
    • pp.105-114
    • /
    • 1998
  • 최근 정보 보안 및 전자 상거래 관련된 영역에서 cdrtificate(인증), certificate authirity(인증기관) 및 Public key Infrastructure(공개키 기반 구조) 등에 대한 관심이 고조되고 있다. 이러한 기술은 보안의 기본 요소인 인증 (authentication), 기밀성(confidentiality), 무결성(Integrity)및 부인봉쇄(non-repudiation)등의 기능을 커다란 규모의 시스템에 적용할 수 있는 거의 유일한 solution이 될 것이 확실하다. 이 자료에서는 CA(Certificate Authority)관련 기술 자체에 대한 자세한 설명보다는 개념적인 차원에서의 소개와 적용 영역 및 적용 model에 대해 소개하였다.

  • PDF

A Study on Industrial Technology Leakage and Effective Industrial Security Measures through analysis of domestic portal article data (국내 포털 기사자료 분석을 통한 산업기술유출 사례와 산업보안 강화 방안 연구)

  • Yang, Hyun Jung;Lee, Chang Moo
    • Convergence Security Journal
    • /
    • v.17 no.2
    • /
    • pp.3-13
    • /
    • 2017
  • In the knowledge-information society, many domestic companies put lots of investment in technical development to possess core technologies and intellectual property. However, in the results of passive investment in security to protect their technologies compared to the active investment in technical development, the technology leaks from many companies and research institutes are rapidly increasing. Such increase of technology leaks not only causes damage to companies, but also has harmful effects on national economy directly and indirectly. Even though it has been perceived that a lot of industrial technology leak crimes are committed by former/current workers of small and medium-sized businesses, it is hard to find researches that mainly compare and analyze them. Therefore, this study aimed to understand the actual status of industrial technology leaks by analyzing cases of industrial technology leaks from 2014 to 2016 based on the type of victimized companies, corporate internal leakers' positions, matter of complicity, tools used for technology leaks, and motivation for technology leaks. Through the analysis in each type, the patterns and characteristics of industrial technology leaks were researched, and also the exploratory research on industrial security for the prevention of industrial technology leaks was conducted.

Exploit Tool Implementation for Secure USB Drive: Based on the Password Authentication of Product F (보안 USB 취약점 익스플로잇 도구 개발: F 제품 비밀번호 인증을 기반으로)

  • Suwan Go;Seunghee Kwak;Junkwon Lee;Jaehyuk Lee;Kyungroul Lee
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2023.05a
    • /
    • pp.176-177
    • /
    • 2023
  • 최근 USB 저장장치의 데이터 노출 및 탈취 문제를 해결하기 위하여, 보안 USB 저장장치가 등장하였으나, 데이터를 보호하기 위한 다양한 보안기술을 적용함에도 불구하고, 사용자 인증 우회나 비밀번호 노출과 같은 취약점으로 인하여, 보안 USB에 저장된 중요한 자료나 민감한 정보가 노출되는 문제점이 지속해서 발견되는 실정이다. 이에 따라, 보안 USB의 취약점 연구도 지속적으로 연구되고 있지만, 보안 USB 취약점을 분석하는 것은 수동적이고, 많은 노력과 시간이 소요되므로, 취약점을 자동으로 진단하고 분석하는 도구가 요구된다. 따라서, 본 논문에서는 자동화된 취약점진단 및 분석 도구를 제작하기 위하여, F 제품을 대상으로, 해당 제품에서 제공하는 비밀번호인증에서 발생하는 취약점을 분석하고 실증하며, 그 결과를 기반으로 최종적으로는 보안 USB 취약점 익스플로잇 도구 프로토타입을 개발한다.