• 정보보호학회논문지
• /
• 제8권1호
• /
• pp.23-37
• /
• 1998

This paper considers the design and management of security MIB for EDI system. EDI system has to establish various securety wervices and mechanisms to protect against security threats. Hence, the EDIsystem requires appropriate security management to monitor and control the security obhects for its security services and mechanisms. In this paper, I identify security objects for management of secueity services defined in the EDIsystem, and propose the design of a security MIB and describe the use of SNMPnetwork management protocol in its management.

• 디지털산업정보학회논문지
• /
• 제6권4호
• /
• pp.307-317
• /
• 2010

The majority of financial and general business organizations have had individual damage from hacking, worms, viruses, cyber attacks, internet fraud, technology and information leaks due to criminal damage. Therefore privacy has become an important issue in the community. This paper examines various elements of the information security management system and discuss about Information Security Management System Models by using the analysis of the financial statue and its level of information security assessment. These analyses were based on the Information Security Management System (ISMS) of Korea Information Security Agency, British's ISO27001, GMITS, ISO/IEC 17799/2005, and COBIT's information security architecture. This model will allow users to manage and secure information safely. Therefore, it is recommended for companies to use the security management plan to improve the companies' financial and information security and to prevent from any risk of exposing the companies' information.

• 제어로봇시스템학회:학술대회논문집
• /
• 제어로봇시스템학회 2004년도 ICCAS
• /
• pp.926-931
• /
• 2004

In this paper, we proposed security management architecture that combines programmable network technology and policy based network management technology to manage efficiently heterogeneous security systems. By using proposed security management architecture, a security administrator can manage heterogeneous security systems using security policy, which is automatically translated into a programmable security policy and executed on programmable middleware of security system. In addition, programmable middleware that has the features of programmable network can reduce excessive management traffic. We showed that the programmable middleware could reduce the load of management traffic by comparing processing time between the proposed architecture and PBNM architecture.

• 대한안전경영과학회지
• /
• 제17권3호
• /
• pp.205-213
• /
• 2015

This study aims to verify the structural correlation empirically between information security performance and information management performance. To verify the correlation, three factors such as managerial controlled activity, technical controlled activity, and physical controlled activity are divided for the information security activities variable. the security performance are divided into accident prevention and accident response variables. As a result, security organization activity is a unique factor being positively significant to information security and management performance. And three activities such as human security, security training, development security do not affect at all on both information security and management performance.

• 한국원자력학회:학술대회논문집
• /
• 한국원자력학회 2005년도 추계학술발표회
• /
• pp.1019-1020
• /
• 2005

• 한국원자력학회:학술대회논문집
• /
• 한국원자력학회 2005년도 추계학술발표회
• /
• pp.1009-1010
• /
• 2005

• International Journal of Advanced Culture Technology
• /
• 제9권4호
• /
• pp.355-362
• /
• 2021

Through the Korean version of the New Deal 2.0, manufacturing-oriented SMEs are facing a new environmental change called smart factory construction. In addition, SMEs are facing new security threats along with a contactless environment due to COVID-19. However, it is practically impossible to apply the previously researched and developed security management system to protect the core technology of manufacturing-oriented SMEs due to the lack of economic capacity of SMEs. Therefore, through research on security management systems suitable for SMEs, it is necessary to strengthen their business competitiveness and ensure sustainability through proactive responses to security threats faced by SMEs. The security management system presented in this study is a security management system to prevent technology leakage applicable to SMEs by deriving and reflecting the minimum security requirements in consideration of technology protection point of view, smart factory, and remote access in a non-contact environment. It is also designed in a modular form. The proposed security management system is standardized and can be selectively used by SMEs.

• 융합보안논문지
• /
• 제6권4호
• /
• pp.101-112
• /
• 2006

정보통신시스템에 대한 기술적 보안만으로는 안전한 정보통신시스템 운영을 보장할 수 없다. 따라서, 안전한 정보통신시스템 운영을 위한 정보보안관리시스템(ISMS)에 대한 연구와 표준화가 활발히 전개되고 있다 우리나라는 2005년 "국가사이버안전관리규정"을 제정하고, "국가사이버안전매뉴얼"의 "보안관리 기준"에 의하여 국가 공공기관이 자체적으로 "보안관리수준 평가"를 수행토록 함으로써 체계적인 정보보안관리 활동이 이루어지도록 하고 있다. 본 논문은 관련 표준들과 호주, 미국의 보안관리 체계에 대하여 조사하고, "보안관리수준 평가" 체계를 효율적인 보안관리 측면에서 분석하고, 이를 통하여 "보안관리수준 평가"의 개선방향에 대하여 연구하였다. 기존의 체계에 추가항목(A/C ; Additional Control), 선택적 보안관리 기준(Selective Controls)구성을 도입하고 평가 준비 절차의 개선을 통하여 각 기관에 최적화된 보안관리 기준을 작성할 수 있도록 함으로써, 기관에 적합한 효율적 보안관리의 수행이 가능하고, 급변하는 정보통신 환경에 유연하게 대응할 수 있도록 하였다.

• 디지털산업정보학회논문지
• /
• 제9권3호
• /
• pp.107-117
• /
• 2013

In this paper, we designed the security management system based on IEC 62351-7 in the Smart Grid environment. The scope of IEC 62351-7 focuses on network and system management (NSM) of the information infrastructure as well as end-to-end security through abstract NSM data objects for the power system operational environment. However, it does not exist that security management system based on IEC 62351-7 manages the security of the power system in the Smart Grid environment, because power equipment or SNMP agents providing NSM data do not exist yet. Therefore, we implemented the security management system to manage the information infrastructure as reliably as the power system infrastructure is managed. We expect that this system can perform the security management of IEC 61850 based digital substation and can be a prototype of the security system for the Smart Grid in the future.

• Journal of Information Technology Applications and Management
• /
• 제23권3호
• /
• pp.61-69
• /
• 2016

Growing information threats have threatened organization to lose information security controls in these days. Many organizations have accepted the various information security management systems does mention necessity of a continuous evaluation process for the executions of information security management in a theoretical aspect. This study suggests a continuous evaluation process for information security management reflecting the real execution of managers and employees in organizations.