• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.12
• /
• pp.2325-2332
• /
• 2017

Consulting projects such as diagnosis of vulnerabilities of major information and telecommunication infrastructure are increasing, mandatory public information infrastructure assessment (PIA) for public institutions and ISMS (Information Security Management System) The demand for information protection consulting is continuously increasing as the field obeys the law, but the lack of information security consultant is not improving. One reason is that information security consultants are not being developed to meet the increasing demand for information protection consulting. In this paper, we present the case of information protection consulting as a scenario for studying and educating the duty of information security consultant by studying overseas case and domestic case based on standardization and standardization. We propose a problem-based learning (PBL) training method. In addition, we analyze the effectiveness of the PBL - based learning method.

• Information Systems Review
• /
• v.22 no.3
• /
• pp.157-172
• /
• 2020

The demand of information security consultants is expected to increase due to the emergence of ISMS-P incorporating ISMS and PIMS, the implementation of European Privacy Act (GDPR) and various security accidents. In this paper, we collected and analyzed advertisements of job advertisement sites that could identify firms' demand explicitly. We selected representative job advertisement sites in Korea and the United States and collected job advertisement details of information security consultants in 2014 and 2019. The collected data were visualized using text mining and analyzed using non-parametric methods to determine whether there was a change in the role of the information security consultant. The findings show that the requirements for information security consultants have changed very little. This means that the role does not change much over a five year time gap. The results of the study are expected to be helpful to policy makers related to information security consultants, those seeking to find employment as information security consultants, and those seeking information security consultants.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.881-888
• /
• 2015

Financial Authorities have added security controls to the Electronic Financial Transaction Act and the Supervisory Regulation according to the recent frequent personal credit information leakages. Accordingly, the security level has been upgraded. But it is necessary to study more security controls to add. This paper deduces 19 security controls over the mean value to be added to the financial area receiving 15 security consultant's help.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.227-235
• /
• 2016

As various measures of law observance obligations such as mandatory obligation of privacy impact assessment (PIA) for public institutions and authorization of information security management system (ISMS) are put into practice, increase in demand for information security consulting and securement of information security consultants are emerging as a major issue. The purpose of this study is to empirically investigate what core competencies information security consultants should possess and how much they actually possess them. By analyzing the differences in perception between practitioners and managers on core competencies, this study understands difference of views between the two groups and suggests ideas for cultivation of information security consultants.

• Journal of the Korea Society of Computer and Information
• /
• v.3 no.4
• /
• pp.120-125
• /
• 1998

Many Company or college construct the network for the of office efficient and information but they construct the total solution from vendor without security consultant. It makes many security problems. In this paper, I expalaned the network security system method from the three information security system that block system, encryption system, authentication system

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.10a
• /
• pp.347-350
• /
• 2016

Analysis of vulnerability of the software for risk. The weakness of the software material, the importance of strengthening security in accordance with financial damage occurred is emerging. There is a potential risk factor not only from the case, the manufacturing to use the software company that appropriate to use a software business and personal risk of loss to size.In this paper due to diagnose and vulnerabilities in software, diagnosis, the curriculum and to cultivate a diagnostic guide, and security vulnerabilities in software.Proposal system for increased.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.182-186
• /
• 2021

The market for smart phones has been booming in the past few years. There are now over 400,000 applications on the Android market. Over 10 billion Android applications have been downloaded from the Android market. Due to the Android popularity, there are now a large number of malicious vendors targeting the platform. Many honest end users are being successfully hacked on a regular basis. In this work, a cloud based reputation security model has been proposed as a solution which greatly mitigates the malicious attacks targeting the Android market. Our security solution takes advantage of the fact that each application in the android platform is assigned a unique user id (UID). Our solution stores the reputation of Android applications in an anti-malware providers' cloud (AM Cloud). The experimental results witness that the proposed model could well identify the reputation index of a given application and hence its potential of being risky or not.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.5
• /
• pp.945-950
• /
• 2017

Due to the vulnerability of the software, there is a hacking attack on the country's cyber infrastructure and real financial assets. Software is an integral part of the operating system and execution system that controls and operates Internet information provision, cyber financial settlement and cyber infrastructures. Analyzing these software vulnerabilities and enhancing security will enhance the security of cyber infrastructures and enhance the security of actual life in the actual country and people. Software development security system analysis and software development Security diagnosis analysis and research for enhancing security of software vulnerability. In addition, we will develop a textbook for the training of software vulnerability diagnosis and maintenance education, develop pilot test problems, pilot test of diagnostic staff, The purpose of this study is to enhance the software security of the cyber infrastructures of national and national life by presenting curriculum and diagnosis guide to train the software vulnerability examiner.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.349-352
• /
• 2005

네트워크 프린터 방식은 가정 및 사무환경 내부의 각종 출력 장치를 하나의 통신망으로 통합하여 사용할 수 있는 프린터 솔루션을 제공한다. 네트워크 프린터 환경은 사용 인원 증가로 인한 각종 장애 요인 발생으로 실시간 오류 검지 서비스의 필요성이 요구 되었다. 본 논문에서는 네트워크 프린터 환경의 장애 발생 시에 대한 문제점을 빠르고 정확하게 판단할 수 있도록 오류검지 시스템을 설계 및 구현하였다. 이를 위해 Winsock을 통해 API 설정을 하였고, Packet 분석을 통해 장애를 발생 시켰던 Client PC의 IP를 참조하여 문제를 해결함으로서 네트워크 프린터 솔루션의 효율적인 관리를 할 수 있다.

• Korean Security Journal
• /
• no.27
• /
• pp.51-80
• /
• 2011

I had an interview with some unemployed career staffs who had retired and worked for more than twenty years in order to research impacting elements on reemployment for l retired special security government officials. This interview included an officer and a consultant for supporting employment in order to explore compacting elements on retired security government official's reemployment. Looking over analysis results, first, there is a shortage of reemployment opportunities and information. The job applicant's employment requirements are not in accordance with the company's employment conditions. They don't have enough professional experience necessary for employment. There is no positive employment supporting counterplan or vocational education program in the organization. Second, their insight about finding a job is high for the current employment market condition. The reemployment offices have a very difficult task because job applicants prefer a full-time job which offers long term work and guarantees a social position. Third, it is a huge obstacle to undertake going into various enterprises and fields because they don't have the right mind set and enough preparation for reemployment. Moreover, they would prefer to depend on organization employment support rather than getting a new job by themselves when they don't possess other careers' qualifications. Finally, they know that social networks and personal connections are extremely important in obtaining vocations, but actually have poor social networks and few personal connections. Accordingly, Their organization and related persons need to reflect on analysis results about impacting elements on reemployment for retired special security government officials.