• Title/Summary/Keyword: Defense Security

Search Result 939, Processing Time 0.029 seconds

A Methodology for SDLC of AI-based Defense Information System (AI 기반 국방정보시스템 개발 생명주기 단계별 보안 활동 수행 방안)

  • Gyu-do Park;Young-ran Lee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.3
    • /
    • pp.577-589
    • /
    • 2023
  • Ministry of National Defense plans to harness AI as a key technology to bolster overall defense capability for cultivation of an advanced strong military based on science and technology based on Defense Innovation 4.0 Plan. However, security threats due to the characteristics of AI can be a real threat to AI-based defense information system. In order to solve them, systematic security activities must be carried out from the development stage. This paper proposes security activities and considerations that must be carried out at each stage of AI-based defense information system. Through this, It is expected to contribute to preventing security threats caused by the application of AI technology to the defense field and securing the safety and reliability of defense information system.

Resaerch Trend and Cocentualization of Defense Industry Security From Convergence Security Perspective (융합보안 관점에서 방위산업보안 개념 정립과 연구동향 분석)

  • Woo, Kwang Jea
    • Convergence Security Journal
    • /
    • v.15 no.6_1
    • /
    • pp.69-78
    • /
    • 2015
  • Methods that industrial spies use to smuggle core technology out are becoming more intelligent, technological, and complex, thus resulting in more serious damages. In particular, defense industries in which involve national core technology as well as institutions including labor force are industries that are in a greater need of the convergence security. Defense Industry develops, experiments, and produces defense security supplies for national security protection. Defense industry involves a number of security elements such as military secret, industrial secret, core technology labor force, defense industry supply, critical national facility, and information communication system. Defense industry security is a complex of military security and industrial security which is convergence security that integrates all security elements of defense industry. Therefore, defense industry security is a typical ideal model for convergence security. Research on defense industry security is relatively insufficient compared to research of security in other industrial fields. In order to prevent core technology of denfese industry from leaking and to protect technical professionals and institutions, research and action on defense industry security from convergence security perspective are therefore essential at this point of time.

Conceptualization of Defense Industrial Security in Relation to National Security (국가 안보와 연계한 방위산업 보안 개념 정립)

  • Go, Hee-Jae;Lee, Yong-Joon
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.20 no.12
    • /
    • pp.265-270
    • /
    • 2019
  • In order to protect the advancement of defense technology that has a tremendous e?ect on both the national security and the economy, the Republic of Korea established the Defense Technology Security Act in 2015. As the new enactment brought changes to the landscape of the defense industry and defense industrial security, a new examination of the concept of the defense industrial security has now become necessary. Even after taking into consideration the undisclosed nature of defense industrial security research, and the fact that only the limited number of firms participates in the subject matter, scientific studies related to the topic have not been active. However, with the new enactment of the Defense Technology Security Act, it is necessary to expand the scope of security and to redefine the concept of defense industrial security. In this paper, we analyzed the research works on related technology protection policies and our environment of the defense industry in order to conceptualize defense industrial security. The established concepts are expected to provide a systematic way to protect the confidential and defense technology.

A Participation Scheme of the Central Region Research Institute related to National Defense Information Security Industry (국방정보보호산업 관련 중부권 연구기관 활용방안)

  • Eom, Jung-Ho
    • Journal of National Security and Military Science
    • /
    • s.9
    • /
    • pp.191-206
    • /
    • 2011
  • This study is presented a scheme that information security research institutions located within the central area can be participated actively m national defense information security industry. The many of information security company are located in the central region(Daejeon) and there are many research institutes. However, the participation rate of the Defense Information Security Industry is not high compared to other provinces. Although a variety of reasons, there are no the Defense Privacy Office that could have a role in protocol and the information about the industry. In addition, the Department of Defense related to national defense information security industry have not information about research institutions in the central region and are not well to identify the characteristics of institutional technology and research. So in this paper we presented some of the alternatives. 1) Building Pool involved in information security research according to the characteristics of each agency 2) Constitute the research community between Research institutions and the company 3) Build the technology cooperation between research institutions and the defense research institutes 4) Utilization of industry/university/research institutes related to Information Security Industry 5) Make strategic alliances among research institutes based on technical expertise.

  • PDF

Development of the Information Security Methodology for Defense Organization (국방조직의 정보보호 평가 방법론 개발)

  • Cho, Sung Rim;Choi, In Soo;Park, Ji Hoon;Shin, Woo Chang
    • Journal of Information Technology Services
    • /
    • v.12 no.4
    • /
    • pp.77-90
    • /
    • 2013
  • As Cyber threats are rising, the scope of information Security (IS) is extending from technical protection of a single information system to organizational comprehensive IS capability. The ministry of National Defense (MND) has established the IS evaluation for defense organization in 'the Directive for Defense Informatization Affairs.' However, no information about an evaluation method, process and organization is provided. We surveyed information security management system (ISMS) and related best practices in public sector and other countries, and analysed the military information security affairs. Thus, this paper recommends the IS evaluation method and process. The trial IS evaluation is in progress this year and the MND will expand this IS evaluation to the entire organization.

Implementation of Security Policies of ONSU-MF(One Network Security Unit-Multi Function) and OSD-MD(One Security Device-Multi Defense) (ONSU-MF(One Network Security Unit-Multi Function)기법과 OSD-MD(One Security Device-Multi Defense)기법 기반의 보안정책 구현)

  • Seo, Woo-Seok;Lee, Gyn-An;Jun, Moon-Seog
    • The KIPS Transactions:PartC
    • /
    • v.18C no.5
    • /
    • pp.317-326
    • /
    • 2011
  • This study is meaningful in that it standardizes various security and defense policies and devices, newly defines characteristics of defense policies and defense techniques, and specify and report various kinds of security polities and devices in order for administrators or users to add and apply the policies when introducing new security policies including the implementation of existing network infra and applying additionally. Therefore, this study aims to divide the policies into ONSU-MF(One Network Security Unit-Multi Function) that classifies one network security device-based policies and OSD-MD(One Security Device-Multi Defense), which implements various security methods by using one security device, and suggest network security infra improvement mechanism through the standardization implementation technique integrating the two methods.

Adaptive Multi-Layer Security Approach for Cyber Defense (사이버 방어를 위한 적응형 다중계층 보호체제)

  • Lee, Seong-kee;Kang, Tae-in
    • Journal of Internet Computing and Services
    • /
    • v.16 no.5
    • /
    • pp.1-9
    • /
    • 2015
  • As attacks in cyber space become advanced and complex, monotonous defense approach of one-one matching manner between attack and defense may be limited to defend them. More efficient defense method is required. This paper proposes multi layers security scheme that can support to defend assets against diverse cyber attacks in systematical and adaptive. We model multi layers security scheme based on Defense Zone including several defense layers and also discuss essential technical elements necessary to realize multi layers security scheme such as cyber threats analysis and automated assignment of defense techniques. Also effects of multi layers security scheme and its applicability are explained. In future, for embodiment of multi layers security scheme, researches about detailed architecture design for Defense Zone, automated method to select the best defense technique against attack and modeling normal state of asset for attack detection are needed.

Defense Strategy of Network Security based on Dynamic Classification

  • Wei, Jinxia;Zhang, Ru;Liu, Jianyi;Niu, Xinxin;Yang, Yixian
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.12
    • /
    • pp.5116-5134
    • /
    • 2015
  • In this paper, due to the network security defense is mainly static defense, a dynamic classification network security defense strategy model is proposed by analyzing the security situation of complex computer network. According to the network security impact parameters, eight security elements and classification standard are obtained. At the same time, the dynamic classification algorithm based on fuzzy theory is also presented. The experimental analysis results show that the proposed model and algorithm are feasible and effective. The model is a good way to solve a safety problem that the static defense cannot cope with tactics and lack of dynamic change.

Korean Security Risk Management Framework for the Application of Defense Acquisition System (국방획득체계 적용 한국형 보안위험관리 프레임워크)

  • Yang, Woo-sung;Cha, Sung-yong;Yoon, Jong-sung;Kwon, Hyeok-joo;Yoo, Jae-won
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.32 no.6
    • /
    • pp.1183-1192
    • /
    • 2022
  • Information and Information processing systems must maintain a certain level of security during the total life cycle of Information. To maintain a certain level of security, security management processes are applied to software, automobile development, and the U.S. federal government information system over a life cycle, but theme of no similar security management process in Korea. This paper proposes a Korean-style security risk management framework to maintain a certain level of security in the total life cycle of information and information processing system in the defense sector. By applied to the defense field, we intend to present the direction of defense security work in the future and induce an shift in security paradigm.

A Study on the Implementation of Defense Technology Master Data Management System for Defense Technology Security (방산기술보호를 위한 방산기술 마스터 데이터 관리 체계 구현 방안)

  • Park, Heungsoon;Kim, Seyong;Kwon, Hyukjin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.1
    • /
    • pp.111-122
    • /
    • 2021
  • With the spread of technology in the 4th Industrial Revolution, the defense industry in South Korea is getting developed into an industrial structure in which high-tech technologies are concentrated. As the importance of defense technology has gradually increased, the government has enacted the Defense Technology Security Act and required to build a protection system for institutions that possess or manage defense technology. In order for the target institution to introduce a protection system, it is necessary to identify the defense technologies that are protected and to ensure systematic data management. In order to cope with this, we derived master data items for data management and analyzed the implementation types of defense technology master data system suitable for the defense industry environments. The derived method identified the defense technology master data, such as primary and secondary master data, and through AHP analysis, Co-existence type was suitable as the target model for the master data management system. We expect that stronger defense technology security policy will be implemented through the defense technology MDM system.