• Review of KIISC
• /
• v.33 no.4
• /
• pp.131-141
• /
• 2023

최근 코로나로 인하여 원격 근무의 증대와 디지털 트랜스포메이션(DX)으로 인한 클라우드 사용의 증가, 그리고 사이버 보안에 있어서의 끊임없는 새로운 공격의 등장과 공격 면(Attack Surface)의 확대가 증가 일로에 있다. 특히 기존 네트워크 중심의 보안 방식인 경계 보안(Perimeter Security) 방식은 새로운 네트워크 환경, 새로운 형태의 근무 형태로 인한 컴퓨팅 환경의 변화, 새로운 형태의 사이버 공격 등의 다양한 공격에 대한 방어 한계 등으로 인하여 새로운 전기를 맞이하고 있다. 즉, 기존 경계 보안의 한계를 보완하기 위한 차세대 보안 개념의 하나인 제로 트러스트 보안 방식이 최근 많은 관심을 끌고 있다. 본 고에서는 제로 트러스트 보안에 대하여, 미국 국립표준기술연구소(NIST)가 발표한 제로 트러스트 아키텍처SP 800-207을 중심으로 제로 트러스트 보안 개념, 등장 배경, 제로 트러스트 기본 구성, 제로 트러스트 도입과 성숙도 모델, 제로 트러스트 아키텍처 접근 방식 등에 대하여 살펴보고자 한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.12
• /
• pp.1898-1903
• /
• 2021

Recently, the need to be wary of internal access such as internal access as well as external attackers' access to work has increased due to network expansion, cloud infrastructure expansion, and changes in working patterns due to COVID-19 situations. For this reason, a new network security model called Zero Trust is drawing attention. Zero Trust has a key principle that a trusted network does not exist, and in order to be allowed access, it must be authenticated first, and data resources can only be accessed by authenticated users and authenticated devices. In this paper, we will explain these zero trust and zero trust architectures and examine new security application strategies applicable to various companies using zero trust and the process of building a new security system based on the zero trust architecture model.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.1187-1188
• /
• 2023

인공지능·데이터·클라우드 등 혁신적인 기술로 새로운 사회 구조를 만드는 시대가 도래하면서 현 정부 핵심 국정과제 중 하나로 디지털플랫폼정부(DPG) 구현이 언급되었다. DPG는 수많은 공공 데이터를 관리하고 있으며, 중요·민감 데이터의 안전성을 유지하기 위한 신보안체계로서 '제로트러스트'를 고려하고 있다. 하지만 DPG에 제로트러스트 보안 개념을 적용하고자 할 경우 기업이나 정부 기관 대상의 제로트러스트와 달리 DPG는 참여 주체(정부, 민간 기업, 일반 국민 등)가 다양하고 민간 클라우드 활용을 지향하는 만큼, 이러한 특징을 고려하여 아키텍처를 설계해야 한다. 따라서, 본 논문에서는 DPG에 제로트러스트 보안 아키텍처를 도입할 경우, 고려해야 할 점을 제시한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.1001-1020
• /
• 2023

As massive increase in remote work since COVID-19, the boundaries between the inside and outside of corporate networks have become blurred. As a result, traditional perimeter security has stagnated business productivity and made it difficult to manage risks such as information leakage. The zero trust architecture model has emerged, but it is difficult to apply to IT environments composed of various companies. Therefore, using the remote work system configuration as an example, we presented a configuration and methodology that can apply zero trust models even in various network environments such as on-premise, cloud, and network separation. Through this, we aim to contribute to the creation of a safe and convenient cyber environment by providing guidance to companies that want to apply zero trust architecture, an intelligent system that actively responds to cyber threats.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.05a
• /
• pp.132-135
• /
• 2021

최근 네트워크의 확장으로 인한 공격 벡터의 증가로 외부자뿐 아니라 내부자를 경계해야 할 필요성이 증가함에 따라, 이를 다룬 보안 모델인 제로트러스트 모델이 주목받고 있다. 이 논문에서는 reverse proxy 와 사용자 패턴 인식 AI 를 이용한 제로트러스트 아키텍처를 제시하며 제로트러스트의 구현 가능성을 보이고, 새롭고 효율적인 전처리 과정을 통해 효과적으로 사용자를 인증할 수 있음을 제시한다. 이를 위해 사용자별로 마우스 사용 패턴, 리소스 사용 패턴을 인식하는 딥러닝 모델을 설계하였다. 끝으로 제로트러스트 모델에서 사용자 패턴 인식의 활용 가능성과 확장성을 보인다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.443-444
• /
• 2021

Security threats to information services are increasingly being developed, and the frequency and damage caused by security threats are also increasing. In particular, security threats occurring inside the organization are increasing significantly, and the size of the damage is also large. A zero trust model has been proposed as a way to improve such a security environment. In the zero trust model, a subject who has access to information resources is regarded as a malicious attacker. Subjects can access information resources after verification through identification and authentication processes. However, the initially proposed zero trust model basically focuses on the network and does not consider the security environment for systems or data. In this study, we proposed a zero trust-based access control mechanism that extends the existing zero trust model to the file system. As a result of the study, it was confirmed that the proposed file access control mechanism can be applied to implement the zero trust model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.83-102
• /
• 2024

Recently, as the use of the cloud increases year by year and remote work within the enterprise has become one of the new types of work, the security of the cloud-based remote work environment has become important. The introduction of zero trust is required due to the limitations of the existing perimeter security model that assumes that everything in the internal network is safe. Accordingly, NIST and DoD published standards related to zero trust architecture, but the security requirements of that standard describe only logical architecture at the abstract level. Therefore, this paper intends to present more detailed security requirements compared to NIST and DoD standards by performing threat modeling for OpenStack clouds. After that, this research team performed a security analysis of commercial cloud services to verify the requirements. As a result of the security analysis, we identified security requirements that each cloud service was not satisfied with. We proposed potential threats and countermeasures for cloud services with zero trust, which aims to help build a secure zero trust-based remote working environment.

• Journal of Internet of Things and Convergence
• /
• v.9 no.2
• /
• pp.55-60
• /
• 2023

Recently, demand for cloud computing has increased and remote access due to home work and external work has increased. In addition, a new security paradigm is required in the current situation where the need to be vigilant against not only external attacker access but also internal access such as internal employee access to work increases and various attack techniques are sophisticated. As a result, the network security model applying Zero-Trust, which has the core principle of doubting everything and not trusting it, began to attract attention in the security industry. Zero Trust Security monitors all networks, requires authentication in order to be granted access, and increases security by granting minimum access rights to access requesters. In this paper, we explain zero trust and zero trust architecture, and propose a new cloud security system for strengthening access control that overcomes the limitations of existing security systems using zero trust and blockchain and can be used by various companies.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.11a
• /
• pp.210-212
• /
• 2022

4차 산업혁명의 시대적 요구에 따라 스마트워크, 원격진료, 메타버스 등 원격 접속 기반의 사회 인프라 환경이 확산되고 있으며, 코로나19는 이와 같은 원격접속 환경을 가속화하였다. 원격 접속 환경에서는 공간, 시간, 단말 등의 제약으로부터 비교적 자유롭게 기업 내부의 중요 자원 및 서비스를 이용할 수 있기 때문에 노동 생산성을 증대시킨다는 이점은 있으나, 충분히 검증받지 않은 작업 환경이기 때문에 보안적 측면에서는 문제를 야기시킬 수 있다. 또한 전통적인 정보보호 관리체계에서는 원격접속 환경은 허용하지 않거나 최소화한다는 기본 사상을 바탕으로 설계되어 있기 정보보호 전략적 한계가 존재한다. 본 논문에서는 이와 같은 정보보호 전략적 한계를 개선하기 위해 제로 트러스트 아키텍처 기반의 정보보호 관리체계 구축에 대한 방안을 제언한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1069-1080
• /
• 2022

Zero trust, which means never trust anything before verifying it, is emerging as a hot issue in security field. After authenticating users, zero trust establishes network boundaries so that only networks in the trusted range can be accessed. This concept is also consistent with the concept of SDP, which performs pre-verification and creates a network boundary with a dynamic firewall so that clients can access only as many as they have permission to connect. Therefore, we recommend the SDP model as an example of how zero trust can be achieved in a zero trust architecture. In this paper, we point out the areas where SDP needs to be modified for zero trust and suggest ways to overcome them. In addition, we propose an onboarding method, which is one of the processes for becoming an SDP entity, and present performance measurement results.