• 한국통신학회논문지
• /
• 제36권1B호
• /
• pp.43-50
• /
• 2011

최근 공격기술은 네트워크의 진화와 함께 다양한 형태로 나타나고 있으며, 대부분의 네트워크에서는 다양한 보안장치들을 통해 대응하고 있다. 또한 외부 공격으로부터 내부 네트워크의 정보자산을 보호하지 위해 기존 네트워크에 필요한 보안시스템들을 추가 배치하고 있다. 그러나 이와 같은 네트워크 구축방법 및 보안시스템의 사용은 내부 네트워크의 성능과 보안에 큰 영향을 미친다. 따라서 본 논문은 내부 네트워크의 보안시스템 사용 및 구축에 따른 성능저하요인을 분석함으로써, 향후 내부 네트워크의 성능 및 보안성 향상을 위한 자료로 활용될 것으로 기대한다.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2021년도 춘계학술대회
• /
• pp.638-640
• /
• 2021

망분리 환경은 내부 업무망과 외부 인터넷망을 분리하는 네트워크 보안 설계시스템으로 인터넷이 연결된 네트워크와 연결되지 않은 업무용 네트워크로 분리하여 내부 업무망과 외부 인터넷망이 분리되어 보안적 측면에서 단일망에 비해 비교적 안전한 네트워크 구조이다. 하지만 내부 시스템, 네트워크 장비, 보안장비의 취약점을 이용하여 내부망을 감염시키는 사례가 빈번하게 발생하고 있다. 본 논문에서는 이러한 망분리 환경의 IT보안 위협 취약점을 분석하고 효과적인 보안관제를 위한 기술적인 방안을 제안한다.

• Asia pacific journal of information systems
• /
• 제26권2호
• /
• pp.299-321
• /
• 2016

Previous studies on strategic alliance formation have largely overlooked the effects that organizations' routine development can have on the relationship between organizations' network position and their alliance ambidexterity strategy. This study extends ambidexterity research by adding internal and network perspectives and examining their cumulative effects on alliance ambidexterity. We first acknowledge the interplay between organizations' internal knowledge exploration/exploitation strategies and organizations' alliance ambidexterity and determine that organizations with a high level of internal knowledge breadth are more likely to make focused alliance decisions. Second, our analysis of 145 US-based information technology organizations with an active alliance behavior reveals that having well-formed routines as a result of previous collaborations strengthens the tendency of brokerage organizations to follow alliances that focus on either exploration or exploitation. Although most alliance studies have commonly argued in favor of an ambidextrous approach, this study provides critical evidence that both internal knowledge exploration/exploitation strategies and development of routines constrain organizations' alliance formation decisions, guiding them towards a more focused approach.

• 디지털산업정보학회논문지
• /
• 제13권4호
• /
• pp.13-23
• /
• 2017

In order to protect personal information and important information (confidential information, sales information, user information, etc.) in the internal network, companies and organizations apply encryption to the Server-To-Server or Server-To-Client communication section, And are experiencing difficulties due to the increasing number of known attacks and intelligent security attacks. In order to apply the existing S / W encryption technology, it is necessary to modify the application. In the financial sector, "Comprehensive Measures to Prevent the Recurrence of Personal Information Leakage in the Domestic Financial Sector" has been issued, and standard guidelines for financial computing security have been laid out, and it is required to expand the whole area of encryption to the internal network. In addition, even in environments such as U-Health and Smart Grid, which are based on the Internet of Things (IoT) environment, which is increasingly used, security requirements for each collection gateway and secure transmission of the transmitted and received data The requirements of the secure channel for the use of the standard are specified in the standard. Therefore, in this paper, we propose a secure encryption algorithm through mutual authentication and grouping for each node through H / W based Network Control Server (NCS) applicable to internal system and IoT environment provided by enterprises and organizations. We propose a protocol design that can set the channel.

• 한국컴퓨터정보학회논문지
• /
• 제24권8호
• /
• pp.77-85
• /
• 2019

In this paper, we propose a "Safe Web Using Scrapable Headless Browse" Because in a network separation environment for security, It does not allow the Internet. The reason is to physically block malicious code. Many accidents occurred, including the 3.20 hacking incident, personal information leakage at credit card companies, and the leakage of personal information at "Interpark"(Internet shopping mall). As a result, the separation of the network separate the Internet network from the internal network, that was made mandatory for public institutions, and the policy-introduction institution for network separation was expanded to the government, local governments and the financial sector. In terms of information security, network separation is an effective defense system. Because building a network that is not attacked from the outside, internal information can be kept safe. therefore, "the separation of the network" is inefficient. because it is important to use the Internet's information to search for it and to use it as data directly inside. Using a capture method using a Headless Web browser can solve these conflicting problems. We would like to suggest a way to protect both safety and efficiency.

• 한국정보통신학회논문지
• /
• 제19권5호
• /
• pp.1137-1143
• /
• 2015

다양한 서비스를 제공하는 인터넷 환경에서 수많은 중요정보가 전송되고 있으나, 대부분의 내부 사용자는 어떠한 중요 정보가 전송되는지 모르고 있다. 본 논문에서는 네트워크 패킷 내에 포함된 중요정보를 지속적으로 모니터링하고, 유출 여부를 사용자에게 알려주는 차단 시스템 개발을 목표로 한다. 이를 위하여 중요정보 필터링 시스템을 설계하고 구현하여 그 결과를 분석한다. 사용자는 제안 시스템을 사용하여 중요정보의 유출 여부를 시각적으로 직접 확인할 수 있으며, 해당 패킷을 폐기할 수도 있다. 본 연구 결과는 중요정보 유출 방지에 기여함으로써 기업 내부정보를 대상으로 하는 다양한 사이버 침해를 줄이는데 기여할 수 있을 것으로 판단한다.

• International Journal of Computer Science & Network Security
• /
• 제21권5호
• /
• pp.237-242
• /
• 2021

The article deals with the problematic issues of defining information as an object of private relations. Definitions that they are intangible and non-consumable by nature, are inextricably linked to a specific material carrier are/or secured by the subject that transmits them, messages, and information that have quantitative and qualitative characteristics, and are capable of having a freight or another value, and in case of its illegal usage causing damage and moral harm.

• 대한전자공학회:학술대회논문집
• /
• 대한전자공학회 1999년도 하계종합학술대회 논문집
• /
• pp.158-161
• /
• 1999

This Paper proposes the architecture of WDM(wavelength division multiplexed) based large scale photonic packet switch network, which is composed of the FC(frequency converter) and OM (output module). The features of the proposed WDM based photonic packet switch network are 2-stage switch network, and WDM based internal optical link that is connected between FC and OM. This paper evaluates the internal call blocking characteristics of the photonic packet switch network. In results, we confirmed that the proposed WDM based photonic packet switch network has the potentiality in the practical implementation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권11호
• /
• pp.4163-4183
• /
• 2021

As measures for protecting users and ensuring security of electronic financial transactions, such as online banking, financial institutions in South Korea have implemented network segregation policies. However, a revision of such domain-centered standardized network segregation policies has been increasingly requested because of: 1) increased demand for remote work due to changes resulting from COVID-19 pandemic; and 2) the difficulty of applying new technologies of fintech companies based on information and communications technologies (ICTs) such as cloud services. Therefore, in this study, problems of the remote work environment arising from the network segregation policy currently applied to the financial sector in South Korea and those from the application of new ICTs such as fintech technology have been investigated. In addition, internal network protection policies of foreign financial sectors, such as those of the United States, United Kingdom, European Union, and Russia, and internal network protection policies of non-financial sectors, such as control systems, have been analyzed. As measures for the effective improvement of the current network segregation policy, we propose a policy change from domain-based to data-centric network segregation. Furthermore, to resolve threats of hacking at remote work, recently emerging as a global problem due to COVID-19 pandemic, a standard model for remote work system development applicable to financial companies and a reinforced terminal security model are presented, and an alternative control method applicable when network segregation is not applied is proposed.

• International Journal of Computer Science & Network Security
• /
• 제21권12호
• /
• pp.264-268
• /
• 2021

In the context of globalization of information processes, the prevalence of information wars and terrorism, there are new threats to national interests in the information sphere, which actualizes providing the information sovereignty of modern states. Therefore, the purpose of the article is an in-depth analysis of the features and content of information sovereignty as a component of state sovereignty, its relationship with freedom of information and information security, as well as a characterization of the bases and directions of providing information sovereignty. The information sovereignty of the modern state includes its activities to determine national interests in the information sphere, the formation and implementation of information policy, providing information security, regulation and control of information processes. The realization of information sovereignty should be based on real freedom of information, information privacy and the state obligation to provide them. Ensuring information sovereignty also requires solving the problems of formation of modern information legislation, which would comprehensively establish the bases and directions of providing information sovereignty, exceptional cases of restriction of freedom of information.