• The Journal of Society for e-Business Studies
• /
• v.19 no.2
• /
• pp.109-124
• /
• 2014

As the emerged importance and awareness for information security, It is being implemented by each industrial sector to protect information assets. In this paper, we analyze the information security checklists or security ratings criteria to derive similarity and difference in context which used to knowledge network analysis method. The analyzed results of all checklists (ISMS, PIMS, 'FSS', 'FISS', 'G') are as follows : First, It is common factors that the protection of information systems and information assets, incident response, operations management. Second, It deals with relatively important factors that IT management, the adequacy of audit activities in the financial IT sector including common factors. Third, the criteria of ISMS contains the majority of the contents among PIMS, 'FSS', 'FISS'and 'G'.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.12
• /
• pp.8908-8914
• /
• 2015

The Internet continues to grow and develop, but there are going to generate a variety of Internet attacks that exploit it. In the initial Internet environment, the attackers maliciously exploited Internet environments for ostentations and hobbies. but these days many malicious attempts purpose the financial gain so systematic and sophisticated attacks that are associated with various crimes are occurred. The structures, such as viruses and worms were present in the form of one source multi-target before. but recently, APT(Advanced Persistent Threat, intelligent continuous attacks) in the form of multi-source single target is dealing massive damage. The performance evaluation analyzed whether to generate audit data and detect integrity infringement, and false positives for normal traffic, process detecting and blocking functions, and Agent policy capabilities with respect to the application availability.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.8
• /
• pp.1818-1824
• /
• 2015

Cloud computing draws attention as an application to provide dynamically scalable infrastructure for application, data and file storage. An untrusted remote server can cause a variety of problems in the field of data protection. It may process intentionally or involuntarily user's data operations(modify, insert, delete) without user's permission. It may provide false information in order to hide his mistakes in the auditing process. Therefore, it is necessary to audit the integrity of data stored in the cloud server. In this paper, we propose a new data auditing system that can verify whether servers had a malicious behavior or not. Performance and security analysis have proven that our scheme is suitable for cloud computing environments in terms of performance and security aspects.

• Journal of the Society of Disaster Information
• /
• v.13 no.2
• /
• pp.139-146
• /
• 2017

This research verified that how citizen feel about police protection for the mass rally and how they trust about police and private security. Mass rally is lots of people gathering therefore, each of member could feel fear for their safe. And that kind fear has effect on success of rally Therefore we researched that security level by police and private security and the result is that most of people think that the charge of security is police and they think police member need to be more for their security. And police should be involved for the rally security. But they don't think for the private security.

• Journal of Internet Computing and Services
• /
• v.25 no.1
• /
• pp.123-136
• /
• 2024

The U.S. Department of Defense, leading global cybersecurity policies, has two main cybersecurity frameworks: the Cybersecurity Maturity Model Certification (CMMC) for external defense industry certification, and the Risk Management Framework (RMF) for internal organizational security assessments. For Republic of Korea military, starting from 2026, the Korean version of RMF (K-RMF) will be fully implemented. Domestic defense industry companies participating in projects commissioned by the U.S. Department of Defense must obtain CMMC certification by October 2025. In this paper, a new standard compliance meta-model (R3C) development methodology that can simultaneously support CMMC and RMF security audit readiness tasks is introduced, along with the implementation results of a compliance solution based on the R3C meta-model. This research is based on practical experience with the U.S. Department of Defense's cybersecurity regulations gained during the joint project by the South Korean and U.S. defense ministries' joint chiefs of staff since 2022. The developed compliance solution functions are being utilized in joint South Korean-U.S. military exercises. The compliance solution developed through this research is expected to be available for sale in the private sector and is anticipated to be highly valuable for domestic defense industry companies that need immediate CMMC certification.