• 제목/요약/키워드: Security Industry

검색결과 1,723건 처리시간 0.021초

한국형 네트워크 보안 시스템 성능 평가 방법론 실계 (A Designing Method of Performance Evaluation for Network Security Equipment of Korean Style)

  • 주승환;서희석;김상연
    • 디지털산업정보학회논문지
    • /
    • 제7권3호
    • /
    • pp.97-105
    • /
    • 2011
  • With the advancement of network, privacy information as well as confidential information that belongs to government and company are exposed to security incident like spreading viruses or DDoS attack. To prevent these security incident and protect information that belongs to government and company, Security system has developed such as antivirus, firewall, IPS, VPN, and other network security system. Network security systems should be selected based on purpose, usage and cost. Verification for network security product's basic features performed in a variety of ways at home and abroad, but consumers who buy these network security product, just rely on the information presented at companies. Therefore, common user doing self performance evaluation for perform Verification before buying network security product but these verification depends on inaccurate data which based on some user's criteria. On this paper, we designing methodology of network security system performance evaluation focused on Korean using other cases of performance evaluation.

기업의 산업기밀정보 유출예방에 관한 연구: 사물인터넷 활용을 중심으로 (Industry Secret Information Leakage Prevention : Focus on the Utilization of IoT)

  • 최관;김민지
    • 융합보안논문지
    • /
    • 제17권5호
    • /
    • pp.101-110
    • /
    • 2017
  • 이 연구는 사물인터넷 디바이스로 인해 발생가능 한 기업의 주요 핵심정보의 유출위협에 대해 살펴보고 유출예방을 위한 방안들을 관리보안과 기술보안 측면에서 살펴보는 것이 목적이다. 연구결과로서 관리보안측면에서는 첫째, 기업내부로 출입이 인가된 모든 사람들에 대해 사물인터넷 디바이스로 기업데이터가가 유출될 수 있음을 교육하고 주요 출입이 허가된 구역에 출입시점부터 사물인터넷 기기의 사용을 제한하는 가이드라인을 비치할 필요가 있다. 둘째, 사용자 요청 혹은 기업 자체의 보안운영 가이드라인을 마련할 필요가 있으며, 무선인터넷 공유가 가능한 전자기기에 무선인터넷 모듈을 도입시기부터 제거할 필요가 있다. 기술보안측면에서는 첫째, 컴퓨터에 대한 제어 솔루션으로서 기업정보들이 주로 저장되고 있는 컴퓨터 및 서버에 매체제어 솔루션 활용을 통해 사물인터넷 디바이스와 공유되는 경로를 대상으로 통제 솔루션을 실시해야 한다. 둘째, 네트워크에 대한 접근통제로서 네트워크에 공유된 사물인터넷 디바이스와 등록된 사물인터넷 디바이스의 현황을 정기적으로 확인하는 과정을 통해 보안관리 차원의 누수를 최소화해야 한다. 셋째, 암호화 방안으로서 컴퓨터, 서버 등의 정보자산에서 데이터 저장 및 암호화가 함께 이루어짐으로써 생성된 데이터가 외부로 불법적으로 유출되는 것을 예방하여야 한다.

국내 영상보안산업 활성화 방안 연구 (A Study on the Promotion Method of Domestic Video Security Industry)

  • 유순덕;유대현
    • 한국인터넷방송통신학회논문지
    • /
    • 제17권3호
    • /
    • pp.9-21
    • /
    • 2017
  • 본 연구에서는 영상보안산업의 현황과 실태를 조사하고, 이에 따른 문제점과 그 개선방안을 제시했다. 연구방법으로 12인의 전문가에게 인터뷰 방식으로 진행했으며, 시장동향, 영상보안산업의 문제점, 개선방안 및 정부추진전략에 대해 조사하였다. 본 연구의 결과, 국내 영상보안산업의 문제점으로 해외 수출 규모 감소 및 중국 수출 둔화 추세 지속, 국가별 인증제도 강화정책으로 인한 인증장벽 극복 방안 미흡, 국내 내수시장 수요 증가율 둔화, 중국 제품의 국내 시장 점유 확대 추세 지속, 국내 제품의 첨단기술 개발부족, 기술개발 및 운영 전문인력 부족, 영상보안산업 활성화를 위한 법제도 미비 등을 제시하였다. 이를 개선 방안으로 수출 확대 지원 정책 추진 필요, 국가별 맞춤형 대응체계구축 필요, 보안 관련 수요 창출 제도 개선 필요, 자국 산업보호 정책, 인증장벽, 관세 장벽 등의 대처 방안 강구, 고부가 가치 창출을 위한 미래 핵심 원천기술 개발 유도, 정부의 적극적인 인력 육성 지원 대책 필요, 관련 법과 제도 안정화 유도를 제시하였다. 본 연구는 영상보안산업 관련 정책수립에 기여 할 것이다.

Security관련 종사자의 무도수련이 직무수행에 미치는 영향 (The Effect of Practicing Martial Art upon job Performance of Employees Engaged in Security Industry)

  • 이상철;신상민
    • 시큐리티연구
    • /
    • 제4호
    • /
    • pp.257-277
    • /
    • 2001
  • The purpose of this study was to examine effects of practicing martial arts upon job performance of employees engaged in security industry. For positive investigation, 400 employees were questioned using some questionnaires; as a result, we obtained the following conclusion of the relation between the extent of the practicing martial art and the ability of performing their jobs. First, the more they practice martial art, the better and higher their mental health and psychological stability more than control group. Especially, when crime is reported to them or they arrest a criminal taken in an act of crime, the degree of their anxiety was low and they strongly expose self-confidence, their view of moral achievement and their sense of morality. Second, the more they practice martial art, the higher their ability of arrestment a criminal in an act and self-defense is. Because practicing martial art make their vital power and physical strength promoted. Third, the more they practice martial art, the more sincere the trust and friendship among colleagues are. As well they seem to feel strong solidarity oneanother. But practicing martial art appeared that it doesnt have an effect on coping with complications among generations and the gaps between master sergeant and them. Fourth, employees engaged in security industry practicing martial art is not only used in job performance merely as a technique; it is also effective on the mind that it make their anxiety dissolved and give them self-confidence.

  • PDF

스마트 디바이스 기반의 보안성 강화를 위한 접근제어 기법 설계 (A Design of Access Control Method for Security Enhance based Smart Device)

  • 박중오
    • 디지털산업정보학회논문지
    • /
    • 제14권3호
    • /
    • pp.11-20
    • /
    • 2018
  • Smart devices refer to various devices and control equipment such as health care devices, imaging devices, motor devices and wearable devices that use wireless network communication (e.g., Wi-fi, Bluetooth, LTE). Commercial services using such devices are found in a wide range of fields, including home networks, health care and medical services, entertainment and toys. Studies on smart devices have also been actively undertaken by academia and industry alike, as the penetration rate of smartphones grew and the technological progress made with the fourth industrial revolution bring about great convenience for users. While services offered through smart devices come with convenience, there is also various security threats that can lead to financial loss or even a loss of life in the case of terrorist attacks. As attacks that are committed through smart devices tend to pick up where attacks based on wireless internet left off, more research is needed on related security topics. As such, this paper seeks to design an access control method for reinforced security for smart devices. After registering and authenticating the smart device from the user's smart phone and service provider, a safe communication protocol is designed. Then to secure the integrity and confidentiality of the communication data, a management process such as for device renewal or cancellation is designed. Safety and security of the existing systems against attacks are also evaluated. In doing so, an improved efficiency by approximately 44% compared to the encryption processing speed of the existing system was verified.

한국과 미국의 정보보호 컨설턴트의 자격요건 비교: 구인광고를 중심으로 (Comparing Qualifications of Korea and US Information Security Consultants: Focused on Job Ads)

  • 임재중;김하영;김태성
    • 정보보호학회논문지
    • /
    • 제27권5호
    • /
    • pp.1157-1166
    • /
    • 2017
  • 국가 주요기반시설이 증가하고 ISMS 의무인증 대상이 확대되면서 정보보호 컨설팅의 수요가 증가하고 있다. 컨설팅을 수행할 인력의 수요 또한 증가하고 있지만, 산업계의 요구를 충족하는 인력은 부족한 실정이다[5]. 본 연구에서는 산업계의 요구를 파악하기 위해 한국과 미국의 구인광고를 수집하여 분석하였다. 이를 통해 향후 기업 수요에 맞는 컨설턴트의 인력양성을 위한 정책개발에 기여할 수 있고, 궁극적으로는 보안컨설팅 인력의 질적인 수요 불일치를 해결할 수 있을 것으로 기대된다.

Reliable blockchain-based ring signature protocol for online financial transactions

  • Jinqi Su;Lin He;Runtao Ren;Qilei Liu
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제17권8호
    • /
    • pp.2083-2100
    • /
    • 2023
  • The rise of Industry 5.0 has led to a smarter and more digital way of doing business, but with it comes the issue of user privacy and security. Only when privacy and security issues are addressed, will users be able to transact online with greater peace of mind. Thus, to address the security and privacy problems associated with industry blockchain technology, we propose a privacy protection scheme for online financial transactions based on verifiable ring signatures and blockchain by comparing and combining the unconditional anonymity provided by ring signatures with the high integrity provided by blockchain technology. Firstly, we present an algorithm for verifying ring signature based on distributed key generation, which can ensure the integrity of transaction data. Secondly, by using the block chain technique, we choose the proxy node to send the plaintext message into the block chain, and guarantee the security of the asset transaction. On this basis, the designed scheme is subjected to a security analysis to verify that it is completely anonymous, verifiable and unerasable. The protection of user privacy can be achieved while enabling online transactions. Finally, it is shown that the proposed method is more effective and practical than other similar solutions in performance assessment and simulation. It is proved that the scheme is a safe and efficient online financial transaction ring signature scheme.

보안 및 효율성을 고려한 관광 예약 정보 시스템 (Tourism Information Reservation System considering the Security and Efficiency)

  • 김태경
    • 디지털산업정보학회논문지
    • /
    • 제11권2호
    • /
    • pp.67-72
    • /
    • 2015
  • As new Information technology such as IoT develops rapidly, a lot of changes are occurred in our lives. The Internet of Things is the network of physical objects or things embedded with electronics, software, sensors and connectivity to enable it to achieve greater value and service by exchanging data with the manufacturer, operator and/or other connected devices. This change is also applied to tourism industry. These days many people make a tour reservation using the internet. But it is required to consider the efficiency and security of tour reservation system. In this paper, we suggest a tour reservation system. First, we describe the computer reservation system, hotel reservation system and reservation system. Second, we perform the modeling of general reservation system and suggested reservation system. Third, performance evaluation is carried out with respect to efficiency and security. The results show that the suggested reservation system has a better performance than a general reservation system. At last we described the results and future works.

위치 기반 관광 정보 서비스 보안 기술 연구 (A Study on the Security Technology of the Location based Tourism Information Service)

  • 김태경
    • 디지털산업정보학회논문지
    • /
    • 제12권2호
    • /
    • pp.25-29
    • /
    • 2016
  • Owing to the change of economic trends, the importance of the tourism industry is growing more and more. In particular, the number of foreign tourists continues to increase and the type of tourists is being changed into FIT (Foreign Independent Traveler). Therefore it is an important issue to provide the effective information to foreign tourists. To solve these problems, a variety of IT technology is being used in the tourism information systems. Especially the location based tour information service is being emerged. This kinds of tourism information service is a type of LBS (Location Based Services). But if the security of the location based tourism information service is not guaranteed, it can lead to many dangers. In this paper, the trends of location based tourism information service are surveyed. Also the security threats and countermeasures for the location based tourism information service are analyzed. This paper suggests secret considerations for the location based tourism information service.

기밀정보 유출 경험을 가진 기업들의 정보사고 대응역량 강화에 관한 연구 (The Correspondence Competence of Information Accident by Firms Experienced in Confidential Information Leak)

  • 정병호
    • 디지털산업정보학회논문지
    • /
    • 제12권2호
    • /
    • pp.73-86
    • /
    • 2016
  • The purpose of this study is to examine a security investment for firms experienced in confidential information leak. Information security is an apparatus for protection of secret information. The competence of information security is a competitiveness to avoid information leakage in changing business environment. The type of information security is divided into administrative security, technical security and physical security. It is necessary to improve the incident correspondence competence through information security investment of the three types. Therefore, the investment of information security is to enhance information-asset protection of firms. To reinforce accident response competence, an organization discussed an establishment, security technology development, expand investment and legal system of the security system. I have studied empirically targeting the only information leak of firms. This data is a technical security competence and technology leakage situation of firms happened in 2010. During recovery of the DDos virus damage on countries, company and individual, the collected data signify a reality of information security. The data also identify a security competence of firms worrying information security management. According to the study, the continuous investment of information security has a high competence of accident correspondence. In addition, the most of security accidents showed a copy and stealing of paper and computer files. Firm on appropriate security investment is an accident correspondence competence higher than no security investment regardless of a large, small and medium-sized, and venture firm. Furthermore, the rational security investment should choose the three security type consideration for firm size.