• Title/Summary/Keyword: Infrastructure Security

Search Result 1,091, Processing Time 0.024 seconds

Advanced approach to information security management system utilizing maturity models in critical infrastructure

  • You, Youngin;Oh, Junhyoung;Kim, Sooheon;Lee, Kyungho
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.10
    • /
    • pp.4995-5014
    • /
    • 2018
  • As the area covered by the CPS grows wider, agencies such as public institutions and critical infrastructure are collectively measuring and evaluating information security capabilities. Currently, these methods of measuring information security are a concrete method of recommendation in related standards. However, the security controls used in these methods are lacking in connectivity, causing silo effect. In order to solve this problem, there has been an attempt to study the information security management system in terms of maturity. However, to the best of our knowledge, no research has considered the specific definitions of each level that measures organizational security maturity or specific methods and criteria for constructing such levels. This study developed an information security maturity model that can measure and manage the information security capability of critical infrastructure based on information provided by an expert critical infrastructure information protection group. The proposed model is simulated using the thermal power sector in critical infrastructure of the Republic of Korea to confirm the possibility of its application to the field and derive core security processes and goals that constitute infrastructure security maturity. The findings will be useful for future research or practical application of infrastructure ISMSs.

A Study on the Security Framework Design for Stable Operation of Critical Infrastructure Service (주요기반시설 서비스의 안정적 운영을 위한 보안 프레임워크 설계에 관한 연구)

  • Lee, Suyeon;Yoo, Jiyeon;Lim, Jongin
    • Journal of Information Technology Services
    • /
    • v.15 no.4
    • /
    • pp.63-72
    • /
    • 2016
  • Critical infrastructure has been operating in a closed environment with a completely separate information system and in the private area. However, with the current ICT environment changes due to convergence and open platforms it has increased the threats and risks to critical infrastructure. The importance of cyber security is increasing in the infrastructure control system, such as the outbreak of Ukraine blackout in 2015 by a malicious code called 'black energy'. This thesis aims to recognize the importance and necessity of protecting the critical infrastructure service, designing a security framework reflecting environmental and characteristic changes, and analyzing the management system suitable for a security framework. We also propose a theoretical basis for constructing a new security framework by comparing and analyzing seven international security management system standards, such as NIST 800-82 and IEC 62443-2-1, which are used in the control system. As a result, the environment surrounding critical infrastructure changes with the characteristics of connectivity, openness, and finality was studied, and as a response to this, many scholars and institutions present critical infrastructure security frameworks as cycle enhancement type structures, risk management structures, and management domain expansion structures. In response, the security framework encompassing these structures, CISF (Critical Infrastructure Security Framework), was designed. Additionally, through the security related international standard and criterion analysis, as a newly designed security standard suitable for CISF, IEC 62443-2-1 is reviewed and suggestions are made.

Cyber Security Considerations and Countermeasures for UAM Air Traffic Management Infrastructure (UAM 항공교통관리 인프라의 사이버보안 고려사항 및 대응방안)

  • Kyungwook Kim
    • Journal of Information Technology Applications and Management
    • /
    • v.30 no.6
    • /
    • pp.17-29
    • /
    • 2023
  • In this paper, we aim to propose cyber security considerations and countermeasures for infrastructure and services in the UAM(Urban Air Mobility) Air Traffic Management field, which is one of the key elements of the UAM market that has not yet bloomed. Air traffic management is an important factor for safe navigation and social acceptance of UAM. In order to realize air traffic management, infrastructure and services based on solid network connectivity must be established. And for industries where connectivity is the core component, it can become an infiltration route for cyber threats. Therefore, cyber security is essential for the infrastructure and services. In detail, we will look into the definition of the existing air traffic management field and the cyber threats. In addition, we intend to identify cyber security threat scenarios that may occur in the newly designed UAM air traffic management infrastructure. Moreover, in order to study the cyber security countermeasures of the UAM air traffic management infrastructure, there will be analysis of the UAM operation concept. As a result, countermeasures applicable to the infrastructure and service fields will be suggested by referring to the cyber security frameworks.

A Study on Security Requirements of Electric Vehicle Charging Infrastructure Using Threat Modeling (위협모델링을 이용한 전기차 충전 인프라의 보안요구사항에 대한 연구)

  • Cha, Ye-Seul;Kim, Seung-joo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.6
    • /
    • pp.1441-1455
    • /
    • 2017
  • In order to build a secure electric vehicle charging infrastructure, security research is required because various data including charging and payment data are transmitted in the electric vehicle charging infrastructure. However, previous researches have focused on smart grid related security research such as power system infrastructure rather than charging infrastructure for electric vehicle charging. In addition, research on charging infrastructure is still lacking, and research using a systematic methodology such as threat modeling is not yet under way. Therefore, it is necessary to apply threat modeling to identify security threats and systematically analyze security requirements to build a secure electric vehicle charging infrastructure. In this paper, we analyze the electric vehicle charging infrastructure by accurately identifying possible threats and deriving objective security requirements using threat modeling including Data Flow Diagram, STRIDE, and Attack Tree.

Building an Overseas Infrastructure Offices of the Information Security Industry (정보보호 산업 해외 거점 인프라 생성 연구)

  • Cho, Chang-Duk;Park, Dea-Woo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.20 no.1
    • /
    • pp.103-109
    • /
    • 2016
  • The information security industry is technology-intensive, high value-added industries. South Korea's response has excellent ICT skills and experience and skills in a variety of cyber attacks, has become a benchmark in the world. However, the small size of the domestic information security company, supporting infrastructure is lacking. Domestic information security industry is the primary condition to activate the export. For the export of high value-added enterprise information security products and services, it is necessary the establishment of the domestic IT information security infrastructure of the industrial promotion is based overseas. Come to analyze the domestic information security industry, capital of this small, market reclamation of overseas expansion, information, manpower shortage was a problem. This fact, combined losses caused by cost-free period AS. Therefore, the study on information security in the infrastructure industry overseas bases is necessary. How to select and analyze the causes of infrastructure in selected overseas offices. By utilizing the infrastructure of overseas bases, can raise the added value of the products and services of the Information Security company, we can enable the export of small and medium Information Security company from overseas offices.

A Wireless Network Structure and AKA(Authentication and Key Agreement) Protocol of Advanced Metering Infrastructure on the Smart Grid based on Binary CDMA (스마트 그리드를 위한 Binary CDMA 기반의 AMI 무선 네트워크 구조 및 AKA 프로토콜)

  • Jeon, Jae-Woo;Lim, Sun-Hee;Yi, Ok-Yeon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.5
    • /
    • pp.111-124
    • /
    • 2010
  • AMI (Advanced Metering Infrastructure) is a core infrastructure of Smart Grid, and is promoting in various country. Wireless network is considered for cost savings and operational efficiencies in AMI. But various security problems are expected in wireless networks of AMI, so we should solve these problems. In this paper, we suggest a wireless network of AMI by using Binary CDMA and security countermeasures of AMI wireless network. Proposed security architecture is using BSIM (Binary Subscriber Identity Module) to perform user authentication and key agreement for the encryption and decryption over radio network to reduce security threats.

A Study on Accredited certificate issuance on authentication infrastructure of national licence (국가자격 인증기반 구축을 위한 인증서 발급모델 연구)

  • Park, Bae-Hyo;Yoon, Jae-Ho;Lee, Seok-Lae
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2005.11a
    • /
    • pp.961-964
    • /
    • 2005
  • 디지털홈 서비스는 기존 PC에서 제공하던 서비스와 차별화된 서비스를 실용화 하지 못하고 있는 이유 중에 하나는 오프라인에서 제공하던 의료, 법률, 교육 등의 서비스를 가정에 맞게 직접 제공하고 있지 못하기 때문이다. 이를 위하여 본 논문에서는 온라인에서 의사, 변호사와 안전하게 거래할 수 있도록 국가자격 인증기반을 구축하고자 이에 필수적인 검증 가능한 온라인 자격증 발급을 위하여 기존 공인인증서에 자격필드를 추가하거나, 기존 공인인증서를 그대로 사용하거나, 별도의 자격인증서를 발급하는 등 세 가지 발급모델을 제시한다. 또한 이러한 세 가지 발급모델의 장단점을 비교 분석하여 향후 자격인증기반 구축할 때 선택할 수 있는 기준을 제시한다. 마지막으로 기 제시된 세 가지 발급 모델 중에 자격필드가 추가된 공인인증서를 이용하여 의료서비스(E-Health)를 받는 서비스 모델 시나리오를 제안하고자 한다.

  • PDF

Improvements of Information Security Level in Electronic Financial Infrastructure(By Analyzing Information Security Management Level) (전자금융기반시설 정보보호 수준강화 방안 (정보보호 관리수준 분석을 통한))

  • Park, Keun-dug;Youm, Heung-youl
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.6
    • /
    • pp.1605-1618
    • /
    • 2016
  • In recent years, security incidents - such as personal information leakage, homepage hacking, DDoS and etc. - targeting finance companies(banks, securities companies, credit card companies, insurance companies and etc.) have increased steadily. In this paper, we analyze problems of information security management level in the existing electronic financial infrastructure from perspective of compliance and information security certification system and propose improvements to enable sustainable high level of information security activities under a comprehensive management system for the financial sector characteristics using ISMS, SECU-STAR and CNIVAM system.

Internet Security Readiness: The Influence of Internet Usage Level and Awareness on Internet Security Readiness Capital, Skill, and Actual Uptake/Use of Infrastructure

  • Ryoo, Jung-Woo;Park, Eun-A
    • Journal of Computing Science and Engineering
    • /
    • v.5 no.1
    • /
    • pp.33-50
    • /
    • 2011
  • In this paper we applied our previously developed assessment framework to the data collected from an internet security readiness survey targeted at households. We used the assessment framework to compute an Internet Security Readiness index for each household, which was in turn derived from Internet Security Readiness capital, skill, and actual uptake/use of infrastructure indices. We then examined the relationships among overall Internet Security Readiness, and the capital, skill, and actual uptake/use of infrastructure related to Internet Security Readiness. In addition, we explored the influence of Internet usage level and experience on Internet Security Readiness.

Design and Implementation of NSM based Security Management System in Smart Grid (스마트그리드 전력망의 NSM 기반 보안관리시스템 설계 및 구현)

  • Chang, Beom Hwan
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.9 no.3
    • /
    • pp.107-117
    • /
    • 2013
  • In this paper, we designed the security management system based on IEC 62351-7 in the Smart Grid environment. The scope of IEC 62351-7 focuses on network and system management (NSM) of the information infrastructure as well as end-to-end security through abstract NSM data objects for the power system operational environment. However, it does not exist that security management system based on IEC 62351-7 manages the security of the power system in the Smart Grid environment, because power equipment or SNMP agents providing NSM data do not exist yet. Therefore, we implemented the security management system to manage the information infrastructure as reliably as the power system infrastructure is managed. We expect that this system can perform the security management of IEC 61850 based digital substation and can be a prototype of the security system for the Smart Grid in the future.