• Korean Security Journal
• /
• no.1
• /
• pp.351-370
• /
• 1997

This study concerns possible measures to prevent separatists' terrorist acts against overseas Korean businessmen. Of late, many Korean enterprises are helping a number of foreign countries develop their economy, by building factories and manning regional offices in those countries. But recent development of terrorism especially against Korean businessmen is alarming. This report discusses the need for Korean enterprises heading overseas to prepare themselves with awareness of terrorism and possible protective measures against it, besides their routine pursuance of profits; and for the government and prospective enterprises to refrain from investing in those countries having active separatist movements. If an investment has become inevitable, a careful survey of the region in conflict should be conducted and self-protective measures should be put in place through security information exchange, emergency coordination and training of personnel, etc. This study will first review the past terrorist incidents involving employees of overseas Korean enterprises, and then will focuss on seeking effective measures on the basis of the reported incidents. In carrying out the study, related literature from both home and abroad have been used along with the preliminary materials reported and known on the Internet from recent incidents. 1. The separatist movements of minority groups Lately, minority separatist groups are increasingly resorting to terrorism to draw international attention with the political aim of gaining extended self rule or independence. 2. The state of terrorism against overseas Korean enterprises and Koreans Korean enterprises are now operating businesses, and having their own personnel stationed, in 85 countries including those in South East Asia and Middle East regions. In Sri Lanka, where a Korean enterprise recently became a target of terrorist bombing, there are 75 business firms from Korea and some 700 Korean employees are stationed as of August 1996. A total of 19 different terrorist incidents have taken place against Koreans abroad since 1990. 3. Terrorism preventive measures Terrorism preventive measures are discussed in two ways: measures by the government and by the enterprises. ${\blacktriangleleft}$ Measures by the government - Possible measures at governmental level can include collection and dissemination of terrorist activity information. Emphasis should be given to the information on North Korean activities in particular. ${\blacktriangleleft}$ Measures by individual enterprises - Organizational security plan must be established by individual enterprises and there should also be an increase of security budget. A reason for reluctant effort toward positive security plan is the perception that the security budget is not immediately linked to an increment of profit gain. Ensuring safety for overseas personnel is a fundamental obligation of an enterprise. Consultation and information exchange on security plan, and an emergency support system at a threat to security must be sought after and implemented. 4. Conclusion Today's terrorism varies widely depending on reasons and causes, and its means has become increasingly informationalized and scientific as well while its method is becoming more clandestine and violent. Terrorist organizations are increasingly aiming at enterprises for acquisition of budgets needed for their activities. Korean enterprises have extended their business realm to foreign countries since 1970, exposing themselves to terrorism. Enterprises and their employees, therefore, should establish their own security measures on the one hand while the government must provide general measures, on the other, for the protection of the life and property of Korean residents abroad from terrorist attacks. In this regard, set-up of a counter terrorist organization that coordinates the efforts of government authorities in various levels in planning and executing counter terrorist measures is desired. Since 1965, when the hostile North Korea began to step up its terrorist activities against South Koreans, there have been 7 different occasions of assassination attempt on South Korean presidents and some 500 cases of various kidnappings and attempted kidnappings. North Korea, nervous over the continued economic growth and social stabilization of South Korea, is now concentrating its efforts in the destruction and deterioration of the national power of South Korea for its earlier realization of reunification by force. The possibility of North Korean terrorism can be divided into external terrorist acts and internal terrorist acts depending on the nationality of the terrorists it uses. The external terrorist acts include those committed directly by North Korean agents in South Korea and abroad and those committed by dissident Koreans, hired Korean residents, or international professionals or independent international terrorists bought or instigated by North Korea. To protect the life and property of Korean enterprises and their employees abroad from the threat of terrorism, the government's administrative support and the organizational efforts of enterprises should necessarily be directed toward the planning of proper security measures and training of employees. Also, proper actions should be taken against possible terrorist acts toward Korean business employees abroad as long as there are ongoing hostilities from minority groups against their governments.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.2 s.40
• /
• pp.75-82
• /
• 2006

The service use management for keeping up stable and effective environment is hard little by little by according to increase of internet user and being complicated network environment of the Internet little by little. being various of the requirements of the service which is provided and the user demand. And the beginning flag security was limited in IDS, But recently the integrated civil management is coming to be considered seriously according to adventting IDS. Firewall , Security or system. The development of integrated security civil management system to analyze widely through observation and detection at Network or host base, the judgment of attack, and integrated analysis of infiltration information is necessary because of detecting the various type attack.

• Journal of Internet Computing and Services
• /
• v.13 no.6
• /
• pp.33-40
• /
• 2012

The cloud service has become the significant factor to save the IT operation cost and to improve the productivities in companies. It was introduced to Korea for enterprise services of major companies in 2008. As the increase of recognition for its effect, more small businesses and public institutions plan to introduce the cloud computing services. The cloud computing researches have only focused on the security threats and response technologies to them. Therefore, this research analyzed the importances of responses to security threats in specific domains. The domains were divided into managerial, physical, and technical security. The specific factors in three domains were used for the analysis in this research as well. The ordered logit model was used for the analysis and the analysis results showed that physical security and managerial security are considered to be significantly important in the cloud computing security. The results also presented that the security policy, the control and surveillance to service infrastructure, and application security are highly important in the respect of specific factors. This research will contribute to enterprises or institutions in Korea, which want to introduce the cloud computing services, by aiding the establishment of effective security strategies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.119-132
• /
• 2011

Mobile devices such as smart phones have brought big changes to be called as 'mobile big bang' against which we can't go. Mobile banking service and MTS(Mobile Trading System) are freely available at any time, anywhere and we are able to activate communications between financial company staffs out of the office and take care of business works even remotely by using mobile devices. Mobile devices are approaching as 'smart mobile innovation' to improve an enterprise productivity and competitiveness, but threats which engaged in unfair trading behaviors or unwholesome business works in finance companies are increasing and the customer's information can be leaked out by using the nonpublic official information and mobile devices. Therefore, we have to analyze the potential problems and take the necessary countermeasures with preemptive steps to protect the customer's information and improve the financial trading soundness and fairness. In this paper, we would like to suggest countermeasures and threats against using the financial company's mobile devices focusing on the financial investment companies by 'Capital Market and Financial Investment Business Act'.

• The Journal of Society for e-Business Studies
• /
• v.20 no.2
• /
• pp.27-36
• /
• 2015

Current leakage of industrial technologies with revealing state secret against nation is gradually increasing and scope of the spill is diversified from technology-oriented leakage to new economic security sector like information and communication, electrical and electronic, defense industry, illegal export of strategic material, economic order disturbance by foreign country, infringement of intellectual property, etc. So the spill damage can affect not only leaked company but also national interests and entire domestic industry. According to statistics from National Industrial Security Center of National Intelligence Service, a major cause of technology leakage is not only by external things about hacking and malignant code, but internal leakage of former and current employees account for about 80%. And technology leakage due to temptation of money and personal interests followed by technology leakage of subcontractor is steadily increased. Most studies in the field of security have tended to focus on measuring security capability of company in order to prevent leakage core assets or developing measurement Indicators for management rather than security activities of the company members that is most important. Therefore, this study analyzes the effect of most underlying security education in security activities on security capabilities of enterprise. As a result, it indicates that security education have a positive(+) correlation with security capabilities.

• Korean Security Journal
• /
• no.9
• /
• pp.201-235
• /
• 2005

This study is designed to contribute for development of Private Security Business by fact-finding in instruction and training of private security guard serviced in this realm and domestic and foreign guard service and modeling effective and rational instruction and training program based on drawn problem. For this study, basically I collected and analyzed documents, theses, and papers of the inside and outside of the country. For practical use of data, I used materials of private security related institutes and police agency. And for private security educating training programs of the inside and outside of the country, I collected materials on internet, and with the help of police agency and interpol. For korean private security company's educating training programs, I made a study with the interview of private security company's businessmen. This study's conclusion is as follows. In a domestic private security enterprise, when set theory instruction minimize instruction and training program and must set up instruction and training program as practical affairs center enemy instruction, and theory instruction must be composed for instruction me that it is connected to practical affairs instruction too. The instruction course of private security guard instruction and training program composed with a security outline, a security plan, an information-gathering, civilian expenses, a security way, terror and terrorism, a related law, security trial, electronic security, a security analysis technique, company introduction, instruction and training program about a professional tube with theory instruction. Practical affairs instruction composed with the selection and a preventive security, close contact attendance security, vehicle security, security driving the security martial arts and self-protection liquor, first aid, security equipment, a gun and shooting, a security protocol, customer satisfaction, facilities security and expenses, a fire fighting instruction, teamwork training, explosive and a dangerous substance, physical strength, a documentation practical affairs, service, instruction and training program about foreigh language instruction.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.1017-1020
• /
• 2012

최근 정보화의 급속한 발전과 함께 다양하고 첨단화된 서비스를 제공하기 위해 개인정보에 대한 의존도 및 활용도가 높아지고 있다. 특히 오늘날 개인정보는 사회의 모든 분야에서 없어선 안 되는 필수재 역할을 하고 있고, 이러한 이유로 개인정보보호는 단순히 개인의 권익에 관한 문제로 국한되지 않고, 기업의 사활을 좌지우지하는 비즈니스 이슈로 대두되고 있다. 따라서 본 논문에서는 보안 컨설팅을 중소기업을 대상으로 제공하여 개인정보를 보다 안전하게 보호하고 중소기업 또한 기업 활동에 지장이 없게 도와줄 수 있도록 설계하고 구현한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.04a
• /
• pp.706-709
• /
• 2012

최근 발생한 사이버 범죄 경위를 살펴보면 범죄 목적이 분명하고 이를 달성하기 위한 수단이 치밀하여 비교적 높은 보안 수준을 가진 기업이라도 사이버 범죄 행위에 노출되어 피해를 입는 사례가 빈번히 발생하고 있다. 특히 기업환경에서 업무 효율을 높이기 위해 전자결재나 스마트워크 등을 도입하여 업무의 많은 부분이 컴퓨팅 장치에 의존적이 되면서 사이버 범죄에 대한 위협이 늘어나고 있다. 본 논문에서는 악성코드 또는 이를 이용한 악성행위로부터 기업 환경을 보호하기 위한 보안 시스템의 이상적인 요구사항에 대해 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.11a
• /
• pp.531-534
• /
• 2011

본 연구의 목적은 차세대 MEAP 환경에서의 보안 평가 모델을 제시하는 것이다. 기업용 애플리케이션 개발환경은 PES 및 MEAP을 거쳐 완벽한 OSMP구현을 위한 HTML5 환경으로 발전하고 있다. 이와 더불어 보안의 위협도 증대되고 있으나, HTML5 환경에서의 보안에 대한 연구는 미흡한 실정이다. 이러한 문제에 대비하기 위해서는 기존 개발환경의 보안 특징을 살펴볼 필요가 있다. 본 연구에서는 보안위협요소를 Back-End System, Client, Developer, OS 4가지로 도출한 후, 이에 해당하는 보안 위협 문제들을 살펴보고 보안 평가 모델을 제시하였다. 본 모델은 단계별 보안이슈를 포함하고 있으며, 향후 HTML5 시대에 논의될 보안 이슈의 방향성을 제시한다는데 그 의미가 있다. 따라서 본 연구는 기업형 하이브리드 애플리케이션 개발을 준비하는 기업 및 연구자에게 시사점을 제공할 것으로 기대된다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2013.01a
• /
• pp.243-247
• /
• 2013

응용시스템 개발 과정에 있어서 중요하고 핵심을 이루는 작업은 분석과 설계 작업이며 아울러 대부분의 응용시스템은 데이터베이스 기반으로 구축된다. 또한, 응용시스템들은 외부 공격에 쉽게 노출되기 때문에 보안과 관련된 처리 과정 역시 중요하다. 하지만 이러한 보안은 대부분 개발 마지막 과정에서 고려하기 때문에 보안에 취약한 응용시스템들이 개발될 가능성이 매우 높다. 따라서 개발 초기에 보안을 반영한 분석 및 설계 과정이 매우 중요하다. Java EE는 웹 응용시스템을 위한 보안 방안을 제공하고 아울러 관계형 데이터베이스도 보안을 위하여 역할기반 접근제어를 지원하고 있지만 관계형 데이터베이스 및 Java EE의 역할기반 접근제어를 활용하는, 요구사항 수집부터 구현까지 개발 단계 전체에 걸친 일관된 개발방법론은 전무한 실정이다. 따라서 본 논문에서는 보안 요구사항을 요구사항 수집부터 분석 및 설계 그리고 마지막 구현 단계까지 반영하여 Java EE 기반의 웹 응용시스템을 개발하기 위한, 보안을 고려한 일관된 통합 분석.설계 방법론을 제안한다.