• Title/Summary/Keyword: IT security

Search Result 11,498, Processing Time 0.038 seconds

The assessment and political subject of Revised Security Industry Law (개정 경비업법의 평가와 정책과제)

  • Lee, Sang-Hun
    • Korean Security Journal
    • /
    • no.36
    • /
    • pp.349-386
    • /
    • 2013
  • This research analyzes and evaluates The Korean Security Industry Law(TKSIL) putting the regulation of the present government about the private security industry. It nowadays becomes the important axis of the police services offered in the aspect of 'the national life safety' in connection with 'the materialization of society which is safe from the crime'. TKSIL is one of the national administration strategies which Park Gun-hye government aims on supervision policy. After seeking out the core values of the private security industrial policy which sets up in order to approach the national life safety which Park Gun-hye government aims, we make some assessments of this revised security industry law systematically. Particularly all keynote of policy about the private security of the police tried to be confirmed and the desirable direction of policy tries to be presented as to the security industry law application and real operation. In the site of organized civil complaint, the revised security industry law was revised as the direction which intensifies the administrative regulation as to the partial regulation such as it established the reason of the introduction of the arrangement license system. And grounds for disqualification of security instructor and guard, and rules of punishment is intensified order to intercept previously illegal and violent act of the security company etc. However it has the feature that it accomplishes 'the law principle(principle of statute)' the substantial portion through the effort of them changing a lot the content for the form of the law when being the clauses of the fundamental human rights limit, although it has been prescribed in "the security industry law enforcement ordinance" or "the security industry law enforced regulation". The security industry law revised this time brought from the change of the sharp policy through the revision of 17 clauses or new establishment. It can divide into 4 categorizes. (1) strictness of punishment in the site of organized civil complaint (2) Intensification of throwing out for the violation person in the private security business market time-limitedly (3) Intensification of the legal guide supervision power of police (4) upstream of the capital, name tag attachment under compulsion and the limit about other equipment use etc. Essentially "the security industry law" cannot help regulating the national interference of the private security and regulation with this content. However as to this interference and regulation, the limit has to be possible within reasonable range. As the history proved, excessive regulation by the country is not only due to bring the distortion of the security system of nation but also provoke national social cost. It can't be disregards ever that it premises the harmony which appropriate as well as reasonable in the socio-economic dimension for drawing the best combination that all things which get the compulsory education, it limits the person providing the private security service to the corporation, or it limits to the certificate of qualification holder are the ultimate for 'the safety of the national life'.

  • PDF

A STUDY ON THE GROWTH OF PRIVATE SECURITY IN THE UNITED STATES (미국(美國) 민간경비의 성장요인 분석)

  • Lee, Chang-Mu
    • Korean Security Journal
    • /
    • no.6
    • /
    • pp.273-289
    • /
    • 2003
  • The purpose of this study is to explore the underlying causes of the development of private security in the United States. These include the increasing crime rates and fear of crime, the poor performance of public policing, the decentralization of political authority, the increase of mass private property, economic growth and increase of personal income, commodification of security, insurance companies' demand for tighter security and fear of litigation, and historical events such as World War I & II. Based on the findings of this study, it is suggested that no single factor would account for the growth of private security in the United States. In other words, the rapid growth of private security in the United States should be attributed to the interrelated influences of the factors given above. Finally, it might be the contribution of this study that the future development of private security in Korea would be guided by understanding the case of the United States because of the similarities of the developmental process in private security industry of two countries.

  • PDF

A Study on the Plan for Professional License of the Private Security in Korea (한국 민간경호 ${\cdot}$ 경비관련 자격제도 도입방안)

  • Park, Jun-Seok;Park, Dae-Woo
    • Korean Security Journal
    • /
    • no.7
    • /
    • pp.191-212
    • /
    • 2004
  • According to current record of private security in Korea, more than 107,963 private security guards are employed by 2,051 security guard association. However, it is obvious that there is lack of any kinds of professional license. To ensure the profession of Private Security industry and at the same time to improve the quality of private guard duty, it is necessary to introduce professional license system which is specialized and developed. The kinds of license anticipated are security guards services, armored car services, alarm services, proprietary security services, special guards services, terror, security consultants services, and private investigators. To settle those license system, there should be not only exertion of academic society but also administrative support of government and research of legal office th arrange legal and official structure.

  • PDF

Research Trends Analysis of Information Security using Text Mining (텍스트마이닝을 이용한 정보보호 연구동향 분석)

  • Kim, Taekyung;Kim, Changsik
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.14 no.2
    • /
    • pp.19-25
    • /
    • 2018
  • With the development of IT technology, various services such as artificial intelligence and autonomous vehicles are being introduced, and many changes are taking place in our lives. However, if secure security is not provided, it will cause many risks, so the information security becomes more important. In this paper, we analyzed the research trends of main themes of information security over time. In order to conduct the research, 'Information Security' was searched in the Web of Science database. Using the abstracts of theses published from 1991 to 2016, we derived main research topics through topic modeling and time series regression analysis. The topic modeling results showed that the research topics were Information technology, system access, attack, threat, risk management, network type, security management, security awareness, certification level, information protection organization, security policy, access control, personal information, security investment, computing environment, investment cost, system structure, authentication method, user behavior, encryption. The time series regression results indicated that all the topics were hot topics.

A DEVELOPMENT FRAMEWORK FOR SOFTWARE SECURITY IN NUCLEAR SAFETY SYSTEMS: INTEGRATING SECURE DEVELOPMENT AND SYSTEM SECURITY ACTIVITIES

  • Park, Jaekwan;Suh, Yongsuk
    • Nuclear Engineering and Technology
    • /
    • v.46 no.1
    • /
    • pp.47-54
    • /
    • 2014
  • The protection of nuclear safety software is essential in that a failure can result in significant economic loss and physical damage to the public. However, software security has often been ignored in nuclear safety software development. To enforce security considerations, nuclear regulator commission recently issued and revised the security regulations for nuclear computer-based systems. It is a great challenge for nuclear developers to comply with the security requirements. However, there is still no clear software development process regarding security activities. This paper proposes an integrated development process suitable for the secure development requirements and system security requirements described by various regulatory bodies. It provides a three-stage framework with eight security activities as the software development process. Detailed descriptions are useful for software developers and licensees to understand the regulatory requirements and to establish a detailed activity plan for software design and engineering.

Prioritize Security Strategy based on Enterprise Type Classification Using Pair Comparison (쌍대비교를 활용한 기업 유형 분류에 따른 보안 전략 우선순위 결정)

  • Kim, Hee-Ohl;Baek, Dong-Hyun
    • Journal of Korean Society of Industrial and Systems Engineering
    • /
    • v.39 no.4
    • /
    • pp.97-105
    • /
    • 2016
  • As information system is getting higher and amount of information assets is increasing, skills of threatening subjects are more advanced, so that it threatens precious information assets of ours. The purpose of this study is to present a strategic direction for the types of companies seeking access to information security. The framework classifies companies into eight types so company can receive help in making decisions for the development of information security strategy depending on the type of company it belongs to. Paired comparison method survey conducted by a group of information security experts to determine the priority and the relative importance of information security management elements. The factors used in the security response strategy are the combination of the information security international certification standard ISO 27001, domestic information protection management system certification K-ISMS, and personal information security management system certification PIMS. Paired comparison method was then used to determine strategy alternative priorities for each type. Paired comparisons were conducted to select the most applicable factors among the 12 strategic factors. Paired comparison method questionnaire was conducted through e-mail and direct questionnaire survey of 18 experts who were engaged in security related tasks such as security control, architect, security consulting. This study is based on the idea that it is important not to use a consistent approach for effective implementation of information security but to change security strategy alternatives according to the type of company. The results of this study are expected to help the decision makers to produce results that will serve as the basis for companies seeking access to information security first or companies seeking to establish new information security strategies.

Industrial Security Crime's Realities and Counter-Measure (산업보안범죄의 실태 및 대응방안)

  • Seo, Bong Sung;Lim, You Seok
    • Convergence Security Journal
    • /
    • v.15 no.6_2
    • /
    • pp.141-149
    • /
    • 2015
  • Modern society is to have an significant impact on the competitiveness of the country in which the economic value is very high occupancy and ensure a state-of-the-art science and technology. The country's core technology or industry security crimes going seized state-of-the-art technology firms can threat of damage to the country's economic security. In particular, the defense industry serious crime that is directly related to national security. The company's core technology and trade secrets leaked once the industrial countries must prevent security breaches and offenses of strict punishment measures because it is impossible to recover. Also, some advanced countries directly has been operating industrial security crime for the country's economy and national security. In recent years, Nation core technology infringement cases are rapidly increasing in the country. In addition, industrial security crime threat to national security. Therefore, the industry security crimes damage to the national security that infringe on the business secrets of core technologies and businesses. It is necessary to identify that industry security crime associated with the visibility of the broad scope of intellectual property protection.

A Study on the Utilizing Certificate Awareness for Student Certificate Holders of Private Security Guard (신변보호사 자격취득 학생들의 자격활용 인식에 관한 연구)

  • Kim, Il Gon
    • Convergence Security Journal
    • /
    • v.13 no.2
    • /
    • pp.45-54
    • /
    • 2013
  • Korea Security Association suggested from who Professor An, Hwang Kwon advocated the introduction of a private security guard certification system, and the private security guard certification exam has been conducted seven times since 2005, being authorized by the government. Currently, there are a lot of certified private security guards who have passed the exam. In fact, however, no preference is given to them. In terms of employment, they don't receive any preferential treatment nor are given any extra points. Furthermore, they cannot afford to make use of their certificate. The purpose of this study was to examine the state of utilizing the private security guard certificate among student certificate holders and their awareness of the private security guard system. The findings of the study were as follows: First, it's important to present a vision for certified private security guards, and what equally matters is to make it clear how and where they can show what they can do. Second, it's required to improve the image and reliability of private security guards as professional security guards. Third, candidates for the certification exam should boost their own self-esteem, confidence and professionalism as competent human resources who can make a contribution to society.

Development of Security Metrics of Enterprise Security Management System (통합보안관리시스템의 보안성 메트릭 개발)

  • Yang, Hyo-Sik
    • Journal of Digital Convergence
    • /
    • v.15 no.12
    • /
    • pp.303-311
    • /
    • 2017
  • As new information technology emerges, companies are introducing an Enterprise Security Management system to cope with new security threats, reducing redundant investments and waste of resources and counteracting security threats. Therefore, it is necessary to construct a security evaluation metric based on related standards to demonstrate that the Enterprise Security Management(ESM) System meets security. Therefore, in order to construct a metric for evaluating the security of the ESM, this study analyzed the security quality related requirements of the ESM and constructed a metric for measuring the degree of satisfaction. This metric provides synergies through the unification of security assessments that comply with ISO/IEC 15408 and ISO/IEC 25000 standards. It is expected that the evaluation model of the security quality level of ESM will be established and the evaluation method of ESM will be standardized in the future.

An Analysis of Cyber Attacks and Response Cases Related to COVID-19 (코로나19 관련 사이버 공격 및 대응현황 분석)

  • Lee, Yongpil;Lee, Dong-Geun
    • Journal of Information Technology Services
    • /
    • v.20 no.5
    • /
    • pp.119-136
    • /
    • 2021
  • Since the global spread of COVID-19, social distancing and untact service implementation have spread rapidly. With the transition to a non-face-to-face environment such as telework and remote classes, cyber security threats have increased, and a lot of cyber compromises have also occurred. In this study, cyber-attacks and response cases related to COVID-19 are summarized in four aspects: cyber fraud, cyber-attacks on companies related to COVID-19 and healthcare sector, cyber-attacks on untact services such as telework, and preparation of untact services security for post-covid 19. After the outbreak of the COVID-19 pandemic, related events such as vaccination information and payment of national disaster aid continued to be used as bait for smishing and phishing. In the aspect of cyber-attacks on companies related to COVID-19 and healthcare sector, we can see that the damage was rapidly increasing as state-supported hackers attack those companies to obtain research results related to the COVID-19, and hackers chose medical institutions as targets with an efficient ransomware attack approach by changing 'spray and pray' strategy to 'big-game hunting'. Companies using untact services such as telework are experiencing cyber breaches due to insufficient security settings, non-installation of security patches, and vulnerabilities in systems constituting untact services such as VPN. In response to these cyber incidents, as a case of cyber fraud countermeasures, security notices to preventing cyber fraud damage to the public was announced, and security guidelines and ransomware countermeasures were provided to organizations related to COVID-19 and medical institutions. In addition, for companies that use and provide untact services, security vulnerability finding and system development environment security inspection service were provided by Government funding programs. We also looked at the differences in the role of the government and the target of security notices between domestic and overseas response cases. Lastly, considering the development of untact services by industry in preparation for post-COVID-19, supply chain security, cloud security, development security, and IoT security were suggested as common security reinforcement measures.