• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.4
• /
• pp.451-453
• /
• 2016

In this paper, we propose a Load Balance System for SFC based on DLP solution. SFC based on DLP solution does not distribute to the user data and each DLP server manages all traffic generated by the user device. When using existing algorithms such as the Load Balance Round Robin, Least Connection does not consider the resource usage of DLP server so traffic is not efficiently distributed due to different user traffic usage. It causes system failure and overload of the DLP server. Therefore, we propose the architecture of a Load Balance system for SFC based on DLP solution to perform the Load Balance based on the resource usage of DLP server through a LBM server in this paper.

• Proceedings of the Korean Information Science Society Conference
• /
• 2012.06c
• /
• pp.254-256
• /
• 2012

스마트폰의 보급이 증가하게 됨에 따라 많은 사람들이 이를 활용하고 있지만 스마트폰 활용에 따른 보안에 대한 인식은 낮다. 기업에서도 스마트폰을 활용한 업무가 증가함에 따라 각 기업의 내부 자료가 외부에 유출될 수 있는 보안 위협이 증가하고 있으며 이를 막기 위하여 Data Loss Prevention(DLP) 기술의 중요성이 커지고 있다. 본 논문에서는 안드로이드 플랫폼 기반의 DLP를 위한 기반 기술이 되는 데이터의 이동을 모니터링 하는 기술을 제안한다.

• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.121-126
• /
• 2018

The development of modern ICT and network technologies has made the business environment smart.and under such circumstances, a great deal of data is being generated, stored and used. The important information that becomes an energy source for corporate management creates economic profit and value and is also utilized as a basis for strong influence. Therefore, important information must ensure its availability and convenience while ensuring confidentiality and integrity, which is the basic objective of information protection. However, most companies are seeing more and more incidents of serious damage due to the leakage of important internal information. In this study, we deal with the Data Loss Prevention (DLP) technologies and solutions to prevent internal information leakage and establish stable data security and information protection management.

• Convergence Security Journal
• /
• v.24 no.3
• /
• pp.3-11
• /
• 2024

Information security is crucial not only for protecting against external cyber-attacks but also for identifying and blocking internal data leakage risks in advance. To this end, many companies and institutions implement digital rights management(DRM) document security solutions, which encrypt files to prevent content access if leaked, and data loss prevention(DLP) solutions, which control devices such as USB ports on computing equipment to prevent data leaks. At a time when efforts to prevent internal data leaks are crucial, there is a growing need for control policies such as device control and the identification of information assets in standalone network environments, which could otherwise fall into unmanaged domains. In this study, we propose a Generation-Distribution-Application model for device control policies that are uniquely applied to standalone information assets that are not connected to internal networks. To achieve this, we developed an authentication technique linked with the asset management system, where information assets are automatically registered upon acquisition. This system allows for precise identification of information assets and enables flexible device control, and we have designed and implemented a system based on these principles.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.26 no.4
• /
• pp.67-79
• /
• 2023

Service environments through laptops, smart devices, and various IoT devices are developing very rapidly. Recent security measures in these Internet environments mainly consist of network application level solutions such as firewall(Intrusion Prevention Systems) and IDS (intrusion detection system). In addition, various security data have recently been used on-site, and issues regarding the management and destruction of such security data have been raised. Products such as DRM(Digital Rights Management) and DLP(Data Loss Prevention) are being used to manage these security data. However despite these security measures, data security measures taken out to be used in the field are operated to the extent that the data is encrypted, delivered, and stored in many environments, and measures for encryption key management or data destruction are insufficient. Based on these issues we aim to propose a SecureOS Module, an OS-based security module. With this module users can manage and operate security data through a consistent interface, addressing the problems mentioned above.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1435-1447
• /
• 2015

Finance Companies are operating a security solution such as E-DRM(Enterprise-Digital Right Management), Personal information search, DLP(Data Loss Prevention), Security of printed paper, Internet network separation system, Privacy monitoring system for privacy leakage prevention by insiders. However, privacy leakages are occurring continuously and it is difficult to the association analysis about relating to the company's internal and external distribution of private document. Because log system operated in the separate and independent security solutions. This paper propose a systematic chains that can correlatively analyze business systems and log among heterogeneous security solutions organically and consistently based on security documents. Also, we suggest methods of efficient detection for Life-Cycle management plan about security documents that are created in the personal computer or by individual through the business system and distribution channel tracking about security documents contained privacy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.961-968
• /
• 2014

In order to prevent leakage of personal information by insiders a large number of companies install pc security solutions like DRM(Digital Right Management), DLP(Data Loss Prevention), Personal information filtering software steadily. However, despite these investments anomalies personal information occurred. To establish proper security policy before implementing pc security solutions, companies can prevent personal information leakage. Furthermore by analyzing the log from the solutions, companies verify the policies implemented effectively and modify security policies. In this paper, we define the required security solutions installed on PC to prevent disclosure of personal information in a variety of PC security solution, plan to integrate operations of the solutions in the blocking personal information leakage point of view and propose security policies through PC security solution log analysis.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.12
• /
• pp.2333-2340
• /
• 2017

Recently industry is suffering severe losses of important internal information, and most of the leaks result from the insiders. Thus, various technological counter measures are being studied in order to protect private organization information. In this paper, among various internal information leakage path protection mechanisms, we propose a technique for preventing files which are defined as confidential from being copied or moved through USB. The implemented confidential file loss prevention system is composed of both signature insert manager and confidential file detect manager. The signature insert manager allows a system administrator to insert a special pattern specifying a classified confidential file, while the confidential file detect manager protects confidential file leakage when a user attempts to move or copy a confidential file to the USB memory. This results would be contributed to reducing the damage caused by leakage of confidential files outside of the company via USB.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.771-772
• /
• 2017

내부 정보 유출 사고의 빈도가 높아지게 되면서 이러한 내부 정보 유출을 막기 위해 DLP(Data Loss Prevention), DRM(Digital Rights Management), DB 접근 통제 솔루션, 인터넷 접근 차단 솔루션과 같은 여러 가지 보안 솔루션을 적용하고 있으나, 내부 정보 유출을 시도하는 개인의 행동을 기반으로 개인을 탐지한다는 문제점을 가지고 있다. 본 논문에서는 개인이 아닌 조직으로 이루어진 내부 정보 유출의 행위를 탐지하고 대응하기 위해 보안로그를 위험 사용자들끼리 그룹화 하여 내부 정보 유출 여부를 판단하는 시스템을 제안한다.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.21-30
• /
• 2008

This study researched into the method that allows only the certified user and computational engineer to possibly use network resources and computing resources by implementing the system of the intensified certification and security based on LDAP(Lightweight Directory Access Protocol) directory service, that copes with incapacitation in security program due to making the security program forcibly installed, and that can correctly track down the industrial-technology exporter along with applying the user-based security policy through inter-working with the existing method for the protection of industrial technology. Through this study, the intensified method for the protection of industrial technology can be embodied by implementing the integrated infra system through strengthening the existing system of managing the protection of industrial technology, and through supplementing vulnerability to the method for the protection of industrial technology.