• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.447-448
• /
• 2021

The boundary-based security architecture has the advantage of easy deployment of security solutions and high operational efficiency. The boundary-based security architecture is easy to detect and block externally occurring security threats, but is inappropriate to block internally occurring security threats. Unfortunately, internal security threats are increasing in frequency. In order to solve this problem, a zero trust model has been proposed. The zero trust model requires a real-time monitoring function to analyze the behavior of a subject accessing various information resources. However, there is a limit to real-time monitoring of file access of a subject confirmed to be trusted in the system. Accordingly, this study proposes a method to monitor user's file access in real time. To verify the effectiveness of the proposed monitoring method, the target function was verified after the demonstration implementation. As a result, it was confirmed that the method proposed in this study can monitor access to files in real time.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1179-1189
• /
• 2019

Cyber security evaluation is a series of processes that estimate the level of risk of assets and systems through asset analysis, threat analysis and vulnerability analysis and apply appropriate security measures. In order to prepare for increasing cyber attacks, systematic cyber security evaluation is required. Various indicators for measuring cyber security level such as CWSS and CVSS have been developed, but the quantitative method to apply appropriate security measures according to the risk priority through the standardized security evaluation result is insufficient. It is needed that an Scoring system taking into consideration the characteristics of the target assets, the applied environment, and the impact on the assets. In this paper, we propose a quantitative risk assessment model based on the analysis of existing cyber security scoring system and a method for quantification of assessment factors to apply to the established model. The level of qualitative attribute elements required for cyber security evaluation is expressed as a value through security requirement weight by AHP, threat influence, and vulnerability element applying probability. It is expected that the standardized cyber security evaluation system will be established by supplementing the limitations of the quantitative method of applying the statistical data through the proposed method.

• The Journal of Society for e-Business Studies
• /
• v.20 no.4
• /
• pp.151-175
• /
• 2015

Although three types of the information security measures (technical, physical and managerial ones) are all together critical to maintaining information security in the organizations and should be implemented at the same time, this study aims at providing theoretical basis of establishing and implementing effective managerial security measures. The rationale behind this research objective is that it is very important to effectively perform the managerial security measures to achieve the target performance level of the technical and the physical security measures because main agents of practicing the information security measures in the organizations are staff members even though the technical and the physical ones are well constructed and implemented. In particular, this study intends to develop and propose the theoretical model applicable to providing the way of improving organizational members' intention to use information security technologies since the very intention to use them is essential to effectively establishing and promoting managerial security measures. In order to achieve the objective of this study, the factors critical to influencing upon the intention to use information security technologies are derived through systematically reviewing related theories and previous studies, and then the research model and hypotheses are proposed by logically reasoning the casual relationship among the these factors. Also, the empirical analyses are performed by conducting the survey of the organization members of domestic large companies and analyzing the structural equation model by PLS (Partial Least Squares) method. The significant results of this study can contribute to expanding the research area of managerial information security and can be applied to suggesting the practical guidelines for effectively establishing and implementing the managerial security measures in various organizations.

• Korean Security Journal
• /
• no.48
• /
• pp.79-111
• /
• 2016

This study aims at analyzing the global trend of standardization in the field of Industrial Security through ISO/TC 292. It covers broad areas from risk management for industrial property protection and loss prevention through supply chain security, product and document fraud and counterfeiting countermeasures and control and community resilience. It also explores the historical background of the standardization in the security field, how ISO TC 292 came out as a leading group in order to standardize relevant security management systems. TC 292 deals with terminology, general security-related standards and supply chain security management. One of the major findings from this analysis is that security targets and threats are diversified and so organizations like enterprises should have proper flexibility to adapt themselves to new security environment and take appropriate resilience system to cope with the threats and incidents. Also the ISO standardization requires public or private entities to take holistic approaches in security management. Finally, it was found that South Korea has to prepare for this global trend of standardization in this field so that ISO certification market demand and the requirements for transnational trades can be well met.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.115-127
• /
• 2021

With the development of science and technology around the world, the realm of cyberspace, following land, sea, air, and space, is also recognized as a battlefield area. Accordingly, it is necessary to design and establish various elements such as definitions, systems, procedures, and plans for not only physical operations in land, sea, air, and space but also cyber operations in cyberspace. In this research, the importance of cyber targets that can be considered when prioritizing the list of cyber targets selected through intermediate target development in the target development and prioritization stage of targeting processing of cyber operations was selected as a factor to be considered. We propose a method to calculate the score for the cyber target and use it as a part of the cyber target prioritization score. Accordingly, in the cyber target prioritization process, the cyber target importance category is set, and the cyber target importance concept and reference item are derived. We propose a TIR (Target Importance Rank) algorithm that synthesizes parameters such as Event Prioritization Framework based on PageRank algorithm for score calculation and synthesis for each derived standard item. And, by constructing the Stuxnet case-based network topology and scenario data, a cyber target importance score is derived with the proposed algorithm, and the cyber target is prioritized to verify the proposed algorithm.

• Korean Security Journal
• /
• no.41
• /
• pp.67-96
• /
• 2014

Today each country in the world goes beyond the narrow concept of national security that was limited to national defense and ideology and are entering multi-dimensional global system mainly based on economic profits. Nevertheless, conflicts between nations due to religious and ideological reasons have brought unprecedentedly intense disputes Security services for head of states have been an important national mission in every era and society. However, they are becoming a main target for assassination and attacks by terrorists. Attacks on the head of state and other VIPs can cause aftermath ranging from war to conflict situation, political crisis, and economic loss. Therefore this study aims to draw insights by comparing protective security units of Korea, the U.S., and Japan which have different legal basis and sociocultural characteristics. Especially in South Korea, which faces difficult diplomatic stance due to the tension with North Korea and relationship with other countries such as the U.S., China, and Russia as well as polarization between classes, generations, regions, and ideologies, cohesion among members of society has weakened and hatred toward the head of state has been brought, which emphasizes the important of national security services. Therefore the study of protective security units and its operation by comparison between neighboring countries will be able to bring insights on the promotion of the security service.

• Korean Security Journal
• /
• no.60
• /
• pp.113-135
• /
• 2019

Despite being one of the most important national facilities, the National Assembly building of the Republic of Korea has become increasingly vulnerable to potential terrorist attacks, and the instances of demonstrations occurring around and banned items taken into the building are continuing to rise. In addition, promoting the idea of "open assembly" has led to increased visitors and weakened access control. Furthermore, while there is a significant symbolic value attached to attacking the National Assembly building, the level of security management is relatively very low, making it a suitable target for terrorism. In order to address such vulnerability, an appropriate access control system should be in place from the areas surrounding the building. However, the National Assembly Security Service which oversees security around the building is scheduled to disband in June 2020 following the abolition of the conscripted police force in 2023. Therefore, there needs to be an alternative option to bolster the security system outside the facility. In this research, the perceptions of 114 government officials in charge of security at the National Assembly Secretariat toward the protection and security system of the areas surrounding the National Assembly building were examined. Results showed that the respondents believed it was highly likely that risky situations could occur outside the building, and the use of advanced technologies such as intelligent video surveillance, intrusion detection system, and drones was viewed favorably. Moreover, a mid- to long-term plan of establishing a unified three-layer protection system and designating a department in charge of the security outside the building were perceived positively. Lastly, the participants supported the idea of employing private police to replace the National Assembly Security Service for the short term and introducing parliamentary police for the mid- to long-term.

• Journal of Korea Port Economic Association
• /
• v.39 no.4
• /
• pp.127-145
• /
• 2023

As the importance of strengthening port security is increasing, it is necessary to conduct a perceptual study on port facility users who pay for port security services first. This study aims to identify improvements in the port security function of Busan Port and contribute to the future development of port security in Korea. A total of 125 questionnaires were collected from port facility security fee collectors at Busan Port. Based on the collected data, exploratory factor analysis, traditional IPA, and modified IPA were conducted. In conclusion, first, the physical function of port security is the most important and should be continuously maintained and strengthened. Second, improving the professionalism of port security personnel is most urgent, and the port security education system needs to be improved. Finally, it is necessary to gradually develop the port security information service function in consideration of future development possibilities.

• Korean Security Journal
• /
• no.48
• /
• pp.57-78
• /
• 2016

This study was set up hypotheses and conduct surveys target major in security students that the higher satisfaction with the curriculum and major selection will be higher satisfaction for the job selection and employment after graduation. Test results Chronbach's Alpha coefficients 0.833 have been calculated as ensuring internal consistency and simple regression analysis revealed a correlation coefficient of each item is presented to 0.811 showed a very high correlation. Therefore, the higher the satisfaction with the major selection and curriculum were analyzed by the higher satisfaction with the job choices and employment after graduation. The university seems to need effective training courses to give students an increasing satisfaction with the majors. To increase the level of theoretical and practical training is required to the active support and attention of Industrial School Institute. In order to increase the satisfaction of employees and future development security, the need for effective education in universities is raised.

• Journal of KIISE
• /
• v.44 no.4
• /
• pp.352-362
• /
• 2017

This paper analyzes security threats in Security Enhanced (SE) Android and proposes a new technique to efficiently protect application data including private information on rooted Android phones. On an unrooted device, application data can be accessed by the application itself according to the access control models. However, on a rooted device, a root-privileged shell can disable part or all of the access control model enforcement procedures. Therefore, a root-privileged shell can directly access sensitive data of other applications, and a malicious application can leak the data of other applications outside the device. To address this problem, the proposed technique allows only some specific processes to access to the data of other applications including private information by modifying the existing SEAndroid Linux Security Module (LSM) Hook function. Also, a new domain type of process is added to the target system to enforce stronger security rules. In addition, the proposed technique separates the directory type of a newly installed application and the directory type of previously installed applications. Experimental results show that the proposed technique can effectively protect the data of each application and incur performance overhead up to or less than 2 seconds.