• Journal of the Korea Society of Computer and Information
• /
• v.20 no.3
• /
• pp.81-88
• /
• 2015

Recently the Security fields is emerged as a important issue in the world, While a variety of techniques such as a Cloud Computing or a Internet Of Things appeared. In these circumstances, The domestic security fields are divided into the Information Security, the Physical Security and the Convergence Security. and among these security fields, Convergence security is attracted much attention from various industries. the classification systems of a new field Convergence Security has become a very important criteria such about the Statistics calculation, the Analysis of status industry sector and the Road maps. However, In the domestic, The related institutions classified each other differently the Convergence Security Classification. so it is urgently needed a domestic security fields systematic classification due to the problems such as lack of reliability of the accuracy, compatibility of a data. Therefore, this paper will be analyzed to the characteristics of the domestic security classification systems by the cases. and will be proposed the newly improved classification system, to be possible to addition or deletion of an classification entries, and to be easy expanded according to the new technology trends. this proposed to classification system is expected to be utilized as a basis for the construct of a domestic security classification system in a future.

• Journal of the Korea Convergence Society
• /
• v.5 no.4
• /
• pp.27-32
• /
• 2014

The information security policy is one of the most important tools for organization to manage the implementation and ensure the organizational security. However, we do not have metrics for measuring its effectiveness. The ultimate purpose of this study is to develop the measures of information security policy effectiveness. To do this, this study review data quality and information quality literatures and investigate appropriate subfactors for information security policy. Rooted in these concepts, we suggest accuracy, completeness, interpretability, and relevance from content aspect and understandability, concise representation, and amount from form aspect as factors for information security policy effectiveness.

• Convergence Security Journal
• /
• v.3 no.2
• /
• pp.11-20
• /
• 2003

Now a days the threatenings of using internet web system's vulnerability are rapidly increasing. To protect the threat we introduce the sorts of threats and present the verification method of web application security.

• The Journal of Society for e-Business Studies
• /
• v.20 no.3
• /
• pp.47-58
• /
• 2015

Recently, new information security vulnerabilities have proliferated with the convergence of information security environments and information and communication technology. Accordingly, new types of cybercrime are on the rise, and security breaches and other security-related incidents are increasing rapidly because of security problems like external cyberattacks, leakage by insiders, etc. These threats will continue to multiply as industry and technology converge. Thus, the main purpose of this paper is to design and present security subjects in order to train professional security management talent who can deal with the enhanced threat to information. To achieve this, the study first set key information security topics for business settings on the basis of an analysis of preceding studies and the results of a meeting of an expert committee. The information security curriculum taxonomy is developed with reference to an information security job taxonomy for domestic conditions in South Korea. The results of this study are expected to help train skilled security talent who can address new security threats in the future environment of industrial convergence.

• Journal of Convergence Society for SMB
• /
• v.6 no.3
• /
• pp.13-19
• /
• 2016

In various ICBM (IoT, Bigdata, Cloud, Mobile) IT convergence environments, IT technologies have been evolved, new information security threats have been occurred. As information security incidents in major public agencies, financial institutions and companies occurred, it was emphasized that the importance of human security was disclosed. Thus, implementing of information security management system could protect hacks and security breaches and respond quickly to accidents so it minimized the sized of loss. In this paper, comparison of human security controls shown in ISO27001, COBIT, NIST 800-53, K-ISMS, Cyber Security Framework such as the main information security management systems was analyzed, and proposed of the security implications about effective controls of human resources security issues.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2024.05a
• /
• pp.298-301
• /
• 2024

클라우드 환경에서 컨테이너 사용이 증가하면서 컨테이너 환경을 대상으로 하는 여러 보안 위협이 증가하고 있다. 대표적인 악성 컨테이너는 크립토재킹 컨테이너로, 인스턴스 소유자의 승인 없이 리소스를 탈취하여 암호화폐를 채굴하는 공격이다. 이러한 공격은 리소스 낭비를 초래할 뿐 아니라 자원을 공유하는 정상 컨테이너나 호스트 인프라에까지도 영향을 미칠 수 있다. 따라서 본 논문에서는 크립토재킹 컨테이너를 탐지하기 위한 앙상블 기반의 크립토재킹 컨테이너 탐지 프레임워크 설계를 제안한다. 또한, 앙상블 모델 학습을 위한 데이터 수집에 있어 크립토재킹 컨테이너의 동적 특징을 나타내는 시스템 콜 및 네트워크 플로우 기반의 특성 활용 가능성을 사례 연구를 통해 분석하였다.

• Convergence Security Journal
• /
• v.1 no.1
• /
• pp.101-113
• /
• 2001

• Convergence Security Journal
• /
• v.14 no.6_2
• /
• pp.45-52
• /
• 2014

Up to now, the security system in Korea has been developed from the human security system to more efficient mechanical security system. The mechanical security system has its advantages over the human security system in terms of economy and operation. However, as there are weaknesses in the use of mechanical security equipment such as erroneous alarm sounds, the studies have been done to improve them. This paper tries to suggest how to improve the mechanical security system based on the results of the study on the weakness of the mechanical security obtained through AHP technique.

• ETRI Journal
• /
• v.36 no.1
• /
• pp.141-150
• /
• 2014

A fully integrated CMOS security-enhanced passive (SEP) tag that compensates the security weakness of ISO/IEC 18000-6C is presented in this paper. For this purpose, we propose a security-enhanced protocol that provides mutual authentication between tag and reader. We show that the proposed protocol meets the security demands of the ongoing international standard for RFID secure systems, ISO/IEC 29167-6. This paper fabricates the SEP tag with a 0.18-${\mu}m$ CMOS technology and suggests the optimal operating frequency of the CMOS SEP tag to comply with ISO/IEC 18000-6C. Furthermore, we measure the SEP tag under a wireless environment. The measured results show that communications between the SEP tag and reader are successfully executed in both conventional passive and SEP modes, which follow ISO/IEC 18000-6C and the proposed security enhanced protocol, respectively. In particular, this paper shows that the SEP tag satisfies the timing link requirement specified in ISO/IEC 18000-6C.

• Journal of Digital Convergence
• /
• v.13 no.5
• /
• pp.251-257
• /
• 2015

Intrusion protection system is a security system that stop abnormal traffics through automatic activity by finding out attack signatures in network. Unlike firewall or intrusion detection system that defends passively, it is a solution that stop the intrusion before intrusion warning. The security performance of intrusion protection system is influenced by security auditability, user data protection, security athentication, etc., and performance is influenced by detection time, throughput, attack prevention performance, etc. In this paper, we constructed a convergence performance evaluation model about software product evaluation to construct the model for security performance evaluation of intrusion protection system based on CC(Common Criteria : ISO/IEC 15408) and ISO international standard about software product evaluation.