• Title/Summary/Keyword: Security design

Search Result 3,411, Processing Time 0.03 seconds

Designing demand side education of information security professionals (수요자 중심의 정보보호 전문 인력 양성을 위한 교육과정 설계)

  • Lee, Jong Lark
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.9 no.3
    • /
    • pp.99-106
    • /
    • 2013
  • There has been a lot of growth more than 10% in the information security industry. In accordance with the industrial growth, it increased needs for the information security manpower development as a national problem. But there is an imbalance between demand and supply of the information security manpower in terms of the quantity and quality. It is mainly caused by the curriculum of the information security is made considering for suppliers not for demanders. As a resolution to solve this problem, we suggest the curriculum of information security for vocational education and training. As the information security area is wide in view of required knowledge and technology, we design the curriculum by selecting major occupation type from the information security manpower distribution and products and then by investigating the job description using NCS(National Competency Standard). And we compared the curriculum to that of two or three year diploma courses in Korea.

Design and Implementation of NSM based Security Management System in Smart Grid (스마트그리드 전력망의 NSM 기반 보안관리시스템 설계 및 구현)

  • Chang, Beom Hwan
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.9 no.3
    • /
    • pp.107-117
    • /
    • 2013
  • In this paper, we designed the security management system based on IEC 62351-7 in the Smart Grid environment. The scope of IEC 62351-7 focuses on network and system management (NSM) of the information infrastructure as well as end-to-end security through abstract NSM data objects for the power system operational environment. However, it does not exist that security management system based on IEC 62351-7 manages the security of the power system in the Smart Grid environment, because power equipment or SNMP agents providing NSM data do not exist yet. Therefore, we implemented the security management system to manage the information infrastructure as reliably as the power system infrastructure is managed. We expect that this system can perform the security management of IEC 61850 based digital substation and can be a prototype of the security system for the Smart Grid in the future.

Security Design of Information Security for Wireless Local Area Network (무선 네트워크망의 정보보호를 위한 시스템 설계)

  • Kim, Jung-Tae;Jung, Sung-Min
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2003.05a
    • /
    • pp.729-732
    • /
    • 2003
  • Security and privacy issues complicate wireless local area network deployment. for a wired network, certain levels of security are maintained since access to the physical medium is restricted to the devices physically connected to the network. Though wireless local area networks offer some built-in security features, security breaches are possible if appropriate precautions are not taken. This paper describes security issues related to wireless local area networks and presents a software approach for restricting and controlling wireless access. The system authenticates users on the basis of identity, privileges and access hardware by distributed software agents that implement security policy and restrict unauthorized access.

  • PDF

Design and Performance Analysis of Security Network Management Architecture for Auto-managing Security Systems (보안 시스템의 자동 관리를 위한 보안 네트워크 관리 구조의 설계 및 성능 분석)

  • Ahn Gae-Il
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.30 no.8B
    • /
    • pp.525-534
    • /
    • 2005
  • This paper proposes the architecture and the methods of security network management for auto-configuration of security systems by extending the existing policy-based network management architecture. The architecture and the methods proposed in this paper enable a security management sewer to automatically decide the best-suited security policy to apply to a security system and the most effective and efficient security system to perform security policy rule, based on the role and capability information of security systems and the role and time information of security policy. For integrated control of network system and security system, this paper also proposes SNMP protocol based security network topology map generator. To show the excellence of the proposed architecture and methods, we simulate and evaluate the automatic response against attacks.

The Montgomery Multiplier Using Scalable Carry Save Adder (분할형 CSA를 이용한 Montgomery 곱셈기)

  • 하재철;문상재
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.10 no.3
    • /
    • pp.77-83
    • /
    • 2000
  • This paper presents a new modular multiplier for Montgomery multiplication using iterative small carry save adder. The proposed multiplier is more flexible and suitable for long bit multiplication due to its scalable property according to design area and required computing time. We describe the word-based Montgomery algorithm and design architecture of the multiplier. Our analysis and simulation show that the proposed multiplier provides area/time tradeoffs in limited design area such as IC cards.

Study of Information Security Management Model in Public Institution (공공기관의 정보보안 관리 모델 연구)

  • Kim, JaeKyeong;Jeong, Yoon-Su;Oh, ChungShick;Kim, JaeSung
    • Journal of Digital Convergence
    • /
    • v.11 no.2
    • /
    • pp.43-50
    • /
    • 2013
  • Recently, Cyber threats that is doing intelligence and sophistication from the organization's information assets to secure order technical disciplines, as well as managerial and environmental sectors, such as mind-response system is must established. In this paper, possible to analyze the case for the theory in network security, such as the logical network and physical network separation suitable for the corporate environment and constantly respond and manage the Information Security Management Model A secure network design is proposed. In particular, the proposed model improvements derived from the existing network, network improvements have been made in order to design improved ability to respond to real-time security and central manageability, security threats, pre-emptive detection and proactive coping, critical equipment in the event of a dual hwalreu through applied features such as high-availability, high-performance, high-reliability, ensuring separation of individual network security policy integrated management of individual network, network security directional.

Study on the Security R&R of OT-IT for Control System Network Boundaries (제어 네트워크 경계에 대한 OT-IT 책임 역할 연구)

  • WOO, Young Han;Kwon, Hun Yeong
    • Journal of Information Technology Services
    • /
    • v.19 no.5
    • /
    • pp.33-47
    • /
    • 2020
  • In recent years, due to the demand for operating efficiency and cost reduction of industrial facilities, remote access via the Internet is expanding. the control network accelerates from network separation to network connection due to the development of IIoT (Industrial Internet of Things) technology. Transition of control network is a new opportunity, but concerns about cybersecurity are also growing. Therefore, manufacturers must reflect security compliance and standards in consideration of the Internet connection environment, and enterprises must newly recognize the connection area of the control network as a security management target. In this study, the core target of the control system security threat is defined as the network boundary, and issues regarding the security architecture configuration for the boundary and the role & responsibility of the working organization are covered. Enterprises do not integrate the design organization with the operation organization after go-live, and are not consistently reflecting security considerations from design to operation. At this point, the expansion of the control network is a big transition that calls for the establishment of a responsible organization and reinforcement of the role of the network boundary area where there is a concern about lack of management. Thus, through the organization of the facility network and the analysis of the roles between each organization, an static perspective and difference in perception were derived. In addition, standards and guidelines required for reinforcing network boundary security were studied to address essential operational standards that required the Internet connection of the control network. This study will help establish a network boundary management system that should be considered at the enterprise level in the future.

Design and Control of Security Ticket Based CERT/CC System for Quantified Incident Management (정량적 침해사고 관리를 위한 Security Ticket 기반의 CERT/CC 설계 및 관리)

  • Kim, Sun-Tae;Park, Dea-Woo;Jun, Moon-Seog
    • Journal of the Korea Society of Computer and Information
    • /
    • v.12 no.4
    • /
    • pp.239-248
    • /
    • 2007
  • There's been a difficulty for general corporate to adopt recent incident response study because those studies focus on nation wide CERT Coordination Center or large organization aspect. This study is focus on study and design on security ticket based CERT system through analysis Security management's threat element, attack element, response element and it also help general corporate establish incident response process that is adjusted on IT operation. Confirmed CERT model's effectiveness and effect of quantitative Security incident management way that propose executing Security incident response experiment on the basis of this way. This study which provides general corporate oriented CERT model can be used to improve corporate's capability of responding incident by quantified management technique and select incident response SLA indicator. Already, formation which operate CERT can heighten corporation's information protection level by measure Security incident response result as metrical and analyze and improve problem continuously.

  • PDF

A Study and Design on security ticket based CERT system for quantified incident management (정량적 침해사고 관리를 위한 Security Ticket 기반의 침해사고 관리시스템(CERT) 설계 및 관리방안 연구)

  • Kim, Sun-Tae;Jun, Moon-Seog;Park, Dea-Woo
    • KSCI Review
    • /
    • v.15 no.1
    • /
    • pp.141-150
    • /
    • 2007
  • There's been a difficulty for general corporate to adopt recent incident response study because those studies focus on nation wide CERT Coordination Center or large organization aspect. This study is focus on study and design on security ticket based CERT system through analysis Security management's threat element, attack element. response element and it also help general corporate establish incident response process that is adjusted on IT operation. Confirmed CERT model's effectiveness and effect of quantitative Security incident management wav that propose executing Security incident response experiment on the basis of this way. This study which Provides general corporate oriented CERT model can be used to improve corporate's capability of responding incident by quantified management technique and select incident response SLA indicator. Already, formation which operate CERT can heighten corporation's information protection level by measure Security incident response result as metrical and analyze and improve problem continuously.

  • PDF

A Study on Five Levels of Security Risk Assessment Model Design for Ensuring the u-Healthcare Information System (u-헬스케어시스템의 정보보안 체계 확보를 위한 5단계 보안위험도 평가모델 설계)

  • Noh, Si Choon
    • Convergence Security Journal
    • /
    • v.13 no.4
    • /
    • pp.11-17
    • /
    • 2013
  • All u-Health system has security vulnerabilities. This vulnerability locally(local) or network(network) is on the potential risk. Smart environment of health information technology, Ad-hoc networking, wireless communication environments, u-health are major factor to increase the security vulnerability. u-health care information systems user terminal domain interval, interval public network infrastructure, networking section, the intranet are divided into sections. Health information systems by separating domain specific reason to assess vulnerability vulnerability countermeasure for each domain are different. u-Healthcare System 5 layers of security risk assessment system for domain-specific security vulnerability diagnosis system designed to take the security measures are needed. If you use this proposed model that has been conducted so far vaguely USN-based health information network security vulnerabilities diagnostic measures can be done more systematically provide a model.