• Strategy21
• /
• 통권37호
• /
• pp.32-64
• /
• 2015

This paper examines the types and trends of North Korea's military provocations and regional maritime threats against South Korea, and is focusing on the Republic of Korea's naval development and modernizations by the Republic of Korea Navy (ROKN) on future actions, what directions of the ROKN has taken thus far in response, as well as an examination of how the ROKN might respond to vulnerabilities identified throughout modern history. Importantly, this paper does not consider the domestic, bilateral, multilateral, regional and global political dimensions of the situation on the Korean Peninsula; nor does it consider the North Korea's transitional power politics, but including North Korea's nuclear program and submarine-launched ballistic missile developments, as a caveat, this paper is based on open sources in Korean and English language, and thus information concerning provocations is indicative only.

• Journal of Information Science Theory and Practice
• /
• 제4권3호
• /
• pp.6-27
• /
• 2016

There has been a growing interest and enthusiasm for the application of virtual worlds in learning and training. This research proposes a design framework of a virtual world-based learning environment that integrates two unique features of the virtual world technology, immersion and interactivity, with an instructional strategy that promotes self-regulatory learning. We demonstrate the usefulness and assess the effectiveness of our design in the context of information security learning. In particular, the information security learning module implemented in Second Life was incorporated into an Introduction to Information Security course. Data from pre- and post- learning surveys were used to evaluate the effectiveness of the learning module. Overall, the results strongly suggest that the virtual world-based learning environment enhances information security learning, thus supporting the effectiveness of the proposed design framework. Additional results suggest that learner traits have an important influence on learning outcomes through perceived enjoyment. The study offers useful design and implementation guidelines for organizations and universities to develop a virtual world-based learning environment. It also represents an initial step towards the design and explanation theories of virtual world-based learning environments.

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2009년도 추계학술대회
• /
• pp.1097-1100
• /
• 2009

해군에서는 효율적인 업무처리와 정보교환 및 관리효율성 증대를 위해 컴퓨터-네트워크 기반의 정보체계를 구축하고 있다. 해군복지포탈도 그 일환으로 개발되었고 현재는 문제점을 보완하여 새로 구축되었다. 하지만 체계서비스를 인터넷망에 제한하여 개인 인터넷 PC가 없는 군 사정상 불편한 점이 있다. 본 논문에서는 해군 복지포탈 개발 사례를 설명하고 향후 보안성을 고려한 발전방향을 제안한다.

• 융합보안논문지
• /
• 제14권4호
• /
• pp.41-53
• /
• 2014

조직의 정보보호 목표를 효율적이고 효과적으로 달성하기 위해서는 정보보호 수준을 정확히 평가하고 개선 방향을 제시하는 정보보호 성과평가 지표와 측정방법이 필요하다. 그러나 이러한 요구사항에도 불구하고 국내 기업의 정보보호 활동에 대한 성과나 효과를 측정하기 위한 표준적인 지표나 활용 가능한 측정 방법이 미흡한 실정이다. 이로 인해 기업에서는 지속적인 보안투자 결정을 이끌어 내는데 큰 어려움을 겪고 있다. 본 연구의 목적은 이러한 각 기업 환경에 적합한 합리적인 성과평가를 위하여 성과평가에 영향을 주는 다양한 관점에서 성과평가지표를 도출하고, 평가지표간 중요도에 따른 가중치 부여를 통하여 평가 지표와 측정방법을 개발하는 것이다. 정보보호 활동의 다양한 성과 요인을 균형 있게 평가하기 위해 Norton과 Kaplan(1992)이 개발한 균형성과표 (BSC : Balanced Scorecard) 모형을 활용하였다. 본 연구 결과는 국내 기업들이 정보보호 수준을 파악하고 주기적인 성과측정을 통해 자사의 정보보호 현황 파악과 추이 분석이 가능하고 정보보호 투자 등 전략을 수립하는데 적용할 수 있다.

• 한국컴퓨터정보학회논문지
• /
• 제14권7호
• /
• pp.105-112
• /
• 2009

중소기업은 대기업에 비해, 정보기술에 대한 의존도가 높지만, 재정적인 어려움과 한정된 자원 및 노하우의 부족 등의 이유로 인해서 정보기술 및 정보 보안에 투자하는 비용은 크지 않다. 이로 인해서 정보 보안에 취약점이 많으며, 그로 인한 침해 사고도 많아지게 된다. 중소기업의 정보 보안 실무자들은 바이러스 방역 솔루션을 업데이트하고, 방화벽을 운영하며, 정기적인 시스템 패치를 적용하는 것이 정보 보안의 전부라고 생각한다. 하지만 보안 사로를 줄이기 위해서 보안 정책, 정보 유출 방지, 사업 연속성, 접근 제어 및 기타 많은 정보 보안 이슈들이 고려되어야지만 한다. 본 논문에서는 이러한 관점에서 대기업 위주의 보안 대책과 전략들을 중소기업 정보시스템의 안정적 운영에 적합하도록 새롭게 정리하여, 4가지의 관점엥서 정보 보안 고려 사항들을 도출하고, 정보 보안 전략을 제안한다.

• Journal of Information Technology Applications and Management
• /
• 제26권5호
• /
• pp.13-25
• /
• 2019

Recently, as evaluation of information security (IS) management become more diverse and complicated, the contents and procedure of the evidence to prepare for actual assessment are rapidly increasing. As a result, the actual assessment is a burden for both evaluation agencies and institutions receiving assessments. However, most of them reflect the evaluation system used by foreign government agencies, standard organizations, and commercial companies. It is necessary to consider the evaluation system suitable for the domestic environment instead of reflecting the overseas evaluation system as it is. The purpose of this study is as follows. First, we will present the problems of the existing information security assessment system and the improvement direction of the information security assessment system through analysis of existing information security assessment system. Second, it analyzes the technical guidance for information security testing and assessment and the evaluation of information security management in the Special Publication 800-115 'Technical Guide to Information Security Testing and Assessment' of the National Institute of Standards and Technology (NIST). Third, we will build a framework to implement the evidence collection system and present a system implementation method for the '6. Information System Security' of 'information security management actual condition evaluation index'. The implications of the framework development through this study are as follows. It can be expected that the security status of the enterprises will be improved by constructing the evidence collection system that can collect the collected evidence from the existing situation assessment. In addition, it is possible to systematically assess the actual status of information security through the establishment of the evidence collection system and to improve the efficiency of the evaluation. Therefore, the management system for evaluating the actual situation can reduce the work burden and improve the efficiency of evaluation.

• 대한전자공학회:학술대회논문집
• /
• 대한전자공학회 2002년도 하계종합학술대회 논문집(1)
• /
• pp.391-394
• /
• 2002

Because of great damages by illegal hacking, demand for security of the public network as well as the private is seemingly limitless. This critic리 requirement is leading ISPS to deploy new security services for their customers. In this paper, we present active responses for the security of a ISP's network, and describe the deployment of a new security service using the network secured by that responses.

• Strategy21
• /
• 통권36호
• /
• pp.150-179
• /
• 2015

This thesis analyzes Somali piracy as a non-traditional threat to the Sea Lines of Communication (SLOC) and international countermeasures to the piracy. In an era of globally interdependent economies, the protection of sea lines and freedom of navigation are prerequisites for the development of states. Since the post-Cold War began in the early 1990s, ocean piracy has emerged as a significant threat to international trade. For instance, in the Malacca Strait which carries 30 percent of the world's trade volume, losses from failed shipping, insurance, plus other subsequent damages were enormous. Until the mid-2000s, navies and coast guards from Malaysia, Indonesia, Singapore, together with the International Maritime Organization (IMO), conducted anti-piracy operations in the Strait of Malacca. The combined efforts of these three maritime states, through information sharing and with reinforced assets including warships and patrol aircrafts, have successfully made a dent to lower incidents of piracy. Likewise, the United Nations' authorization of multinational forces to operate in Somali waters has pushed interdiction efforts including patrol and escort flotilla support. This along with self-reinforced security measures has successfully helped lower piracy from 75 incidents in 2012 to 15 in 2013. As illustrated, Somali piracy is a direct security threat to the international community and the SLOC which calls for global peacekeeping as a countermeasure. Reconstructing the economy and society to support public safety and stability should be the priority solution. Emphasis should be placed on restoring public peace and jurisdiction for control of piracy as a primary countermeasure.

• 정보보호학회논문지
• /
• 제32권2호
• /
• pp.309-327
• /
• 2022

전(全) 산업 분야에서 ICT 융합화가 진행되고 공급망의 글로벌 생태조성이 가속화됨에 따라, 공급망 위험 또한 지속적으로 증가하고 있다. 특히, ICT 제품의 공급망은 관리해야 할 기술적·환경적 요인들이 매우 복잡하여, 전체 생명주기에 걸친 투명한 관리가 어렵다. 이에 미국·영국·EU 등 세계 주요국과 국제연합은 ICT 제품 공급망 대상의 사이버 공급망 보안 관련 연구와 정책을 수행·수립 중이다. 우리나라도 2019년 발표한 국가사이버안보전략의 기본계획 내에 주요 ICT 장비의 공급망 보안을 위한 관리체계를 구축하는 등 현안으로써 추진하고 있으나, 국가·공공기관을 위한 조직·기관 수준의 정책은 아직 부재한 상황이다. 본 논문에서는 미국의 사이버 공급망 보안 관리체계를 검토하여, 사이버 공급망 보안 관점의 우리나라 국가 정보보안 기본지침 보완방안을 제시한다. 이는 국내 정보보안 분야에서 도입 가능한 사이버 공급망 조치사항의 참고 자료가 될 것으로 기대한다.

• 정보기술과데이타베이스저널
• /
• 제6권2호
• /
• pp.1-18
• /
• 1999

The purpose of this study was to identify the effect of microcomputer networking on user perception of potential threats to security employing user attitudes as a moderating variable. A research model consisting of microcomputer networking as the independent variable, user perception of potential threats to security as the dependent variable, and user attitude toward security control as the moderating variable was developed through literature review. The results of this study provide an empirical evidence of the importance of environmental change(information systems networking) on user perception of potential threats to security. Further-more the result imply that in order to improve security performance through the reinforcement of user perception of threats to security in the organization, user attitudes should be made favorable.