• Journal of Korea Multimedia Society
• /
• v.10 no.8
• /
• pp.1052-1059
• /
• 2007

Network security system used in the large scale network composes individual security system which protects only own domain. Problems of individual security system are not to protect the backbone network and to be hard to cope with in real-time. In this paper we proposed a security system which includes security function at the router, and the access point, which exist at the backbone network, to solve the problems. This security system sends the alert messages to an integrated security management system after detecting intrusions. The integrated security management system releases confrontation plan to each suity system. Thus the systematic and immediate confrontation is possible. We analyzed function verification and efficiency by using the security system and the integrated security management system suggested in this paper. We confirmed this integrated security management system has a possibility of a systematic and immediate confrontation.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.2
• /
• pp.51-57
• /
• 2017

The first thing to be prioritized is to set the scope of the management system when establishing an information security management system for systematic and effective information security management. It is important to set the scope for an organization's information security goals due to the scope affects the organization's overall information security activities. If the scope is set incorrectly, it might become impossible to protect important services and therefore, the scope of the management system should be determined in consideration of the core business services of the organization. We propose a core service selection model based on the organization's mission-critical service and high risk service in order to determine the effective information security management system scope in this paper. Core service selection criteria include the type of service, contribution to sales, socio-economic impact, and linkage with other services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1585-1594
• /
• 2018

In recent years The importance of information security management for securing information collection and analysis, production and distribution is increasing. Companies are assured of confidence in information security through authentication of information Security Management System. However, level assessment and use of domains that make up the management system is limited. On the other hand, the security maturity model is able to diagnose the level of information protection of the enterprise step by step. It is also possible to judge the area to be improved urgently. It is a tool to support goal setting according to the characteristics and level of company. In this paper, C2M2, which is an example of security maturity model, is compared and analyzed with Korea Information Security Management System certification. Benchmark the model to check the level of information security management and derive the priority among the items that constitute the detailed area of information security measures of ISMS certification. It also look at ways to check the level of information security management step by step.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.2
• /
• pp.81-87
• /
• 2004

Very various intrusion by development of systems that is based on network is spread. To detect and respond this intrusion, security solutions such as firewall or IDS are bringing and management of security system that load these becomes more harder. Moreover, because environment of systems that require security is various, hard to manage establishing suitable security policy Therefore, need model about enterprise management of various security system and intrusion detection of each systems and response. In this paper, improve PBNM structure that manage wide network resources and presented suitable model in intrusion detection and response of security system. Also, designed policy-based enterprise security management system for effective intrusion detection and response by applying presented model to enterprise security management system.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.4
• /
• pp.427-434
• /
• 2004

Attacks such as hacking, a virus intimidating a system and a network are increasing recently. However, the existing system security or network management system(NMS) cannot be safe on various threats. Therefore, Firewall, IDS, VPN, LAS(Log Analysis System) establishes security system and has defended a system and a network against a threat. But mutual linkage between security systems was short and cannot prepare an effective correspondence system, and inefficiency was indicated with duplication of security. Therefore, an active security and an Enterprise Security Management came to need. An effective security network was established recently by Enterprise Security Management, Intrusion Tracking, Intrustion Induction. But an internetworking is hard for an enterprise security systems, and a correspondence method cannot be systematic, and it is responded later. Therefore, we proposes the active enterprise security management module that can manage a network safely in this paper.

• Korean Security Journal
• /
• no.55
• /
• pp.57-73
• /
• 2018

The domestic casino industry is attempting to change from the existing single form to the advanced-type of complex casino resort. In addition, the importance of the security management system, which prevents and responds to accidents caused by negative influences of gambling, is emphasized at the casino enterprise level. Therefore, this study aimed to find measures to revitalize the security management system for domestic casinos only for foreigners through an analysis of relevant literature and case studies. As a result of the analysis, it was found that in order to effectively cope with changes in the casino industry, three areas were needed to be revamped: (1) a lack of protocols which intend to protect casino security personnel, (2) an inefficient operational system due to the dualized casino security management system, and (3) a lack of systematic educational system for casino security personnel. This study therefore proposed three measures: (1) a review of revisions of related laws to protect casino security personnel, (2) enhancement of professionalism of casino security personnel and (3) establishment of a single operating system of the casino security management operating system.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1594-1597
• /
• 2005

A rapid development and a wide use of the Internet have expanded a network environment. Further, the network environment has become more complex due to a simple and convenient network connection and various services of the Internet. However, the Internet has been constantly exposed to the danger of various network attacks such as a virus, a hacking, a system intrusion, a system manager authority acquisition, an intrusion cover-up and the like. As a result, a network security technology such as a virus vaccine, a firewall, an integrated security management, an intrusion detection system, and the like are required in order to handle the security problems of Internet. Accordingly, a router, which is a key component of the Internet, controls a data packet flow in a network and determines an optimal path thereof so as to reach an appropriate destination. An error of the router or an attack against the router can damage an entire network. This paper relates to a method for RSMS (router security management system) for secure networking based on a security policy. Security router provides functions of a packet filtering, an authentication, an access control, an intrusion analysis and an audit trail in a kernel region. Security policy has the definition of security function against a network intrusion.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.3
• /
• pp.133-155
• /
• 2016

Recently, in the adoption of cloud computing are emerging as locations are key requirements of security and privacy, at home and abroad, several organizations recognize the importance of privacy in cloud computing environments and research-based transcription and systematic approach in progress have. The purpose of this study was to recognize the importance of privacy in the cloud computing environment based on personal information security methodology to the security of cloud computing, cloud computing, users must be verified, empirical research on the improvement plan. Therefore, for existing users of enhanced security in cloud computing security consisted framework of existing cloud computing environments. Personal information protection management system: This is important to strengthen security for existing users of cloud computing security through a variety of personal information security methodology and lead to positive word-of-mouth to create and foster the cloud industry ubiquitous expression, working environments.

• Journal of Information Technology Applications and Management
• /
• v.16 no.3
• /
• pp.73-86
• /
• 2009

To establish an effective security strategy, business enterprises need a security benchmarking tool. The strategy helps to lessen an impact and a damage in any threat. This study analyses many aspects of information security management and suggests a way to deal with security investments by considering important factors that affect security manager's decision. To address the different threats resulting from a major cause of accidents inside an enterprise, we investigate an approach that followed ISO17799. We unfold a criminology theory that has designated many measures against the threat as suggested by General Deterrence Theory. The study proposes a coherent model of the theory to improve the security measures especially in handling and protecting company assets and human lives as well.

• Journal of Digital Contents Society
• /
• v.16 no.2
• /
• pp.345-353
• /
• 2015

Security Management System is a system which operates in the security control center for security control. All living things across the Internet in recent years, with the rapid increase in the subscriber base has increased the need for network security dramatically depending on yirueojim through web services, thus cyber security sheriff, I have a big issue to build a security management system, each agency and perform control tasks. But the security functional requirements for security management system would not specified exactly, in developing a security management system to build and design a situation that PP's needs require a lot of trouble. In this paper, we develop a Managed Security System Protection Profile for the security functional requirements specification of the security management system.