• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.79-87
• /
• 2023

Precision Medicine, which utilizes personal health information, genetic information, clinical information, etc., is growing as the next-generation medical industry. In Korea, medical institutions and information communication companies have coll aborated to provide cloud-based Precision Medicine Hospital Information Systems (P-HIS) to about 90 primary medical ins titutions over the past five years, and plan to continue promoting and expanding it to primary and secondary medical insti tutions for the next four years. Precision medicine is directly related to human health and life, making information protecti on and healthcare information protection very important. Therefore, this paper analyzes the preliminary research on inform ation protection models that can be utilized in cloud-based Precision Medicine Hospital Information Systems and ultimately proposes research on ways to improve information protection in P-HIS.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.597-599
• /
• 2021

5G technology will be applied to various technologies related to game changers in the defense field. In addition, the establishment of a mobile work environment will be utilized. 5G has emerged as a new threat due to major technologies different from previous technologies. And due to 5G technology, there is an increasing demand to apply mobile technology to the defense sector. In this paper, we look at the security policy for defense 5G operation and the step-by-step construction plan consisting of three.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.79-86
• /
• 2019

In a small sense Job creation is the making of certificate and In the big sense the government will create new industries and create jobs accordingly. therefore We used the most similar ISE as an example and linked it with the PMP of PMBOK. And I tried to standardize this process by deriving the detailed knowledge required for the foundation. As a result, eleven stages such as creation of (1) Job creation making plan (2) Offer on registration of private qualification (3) business process analysis (4) Confirmation of test criterion (5) Reception system development (6) Educational book development (7) Assist open lecture (8) TEST notice plan making (9) Implement training for certification (10) Operation of qualifying examination and Never ending training. Afterwards It will become the data for the development of the Professional making a job in the future.

• Journal of Internet Computing and Services
• /
• v.23 no.1
• /
• pp.105-112
• /
• 2022

The national defense requires uninterrupted decision-making, even under direct or indirect impacts on non-traditional threats such as infectious diseases. Since all work utilizes the information system, it is very important to ensure the availability of the information system. In particular, in terms of security management, defense work is being performed by dividing the network into a national defense network and a commercial Internet network. This study suggests a work execution plan that takes into account the efficiency of work performed on the Internet and the effectiveness of security through effective defense information system operation. It is necessary to minimize the network contact point between the national defense network and the commercial Internet, and to select a high-priority one among various tasks and operate it efficiently. For this purpose, actual cases were investigated for "A" institution and characteristics were presented. Through the targeted tasks and operation plans to improve the effectiveness of defense tasks and ensure security, presented in this paper, it will be possible to increase the availability of task performance even in non-traditional threats such as infectious diseases.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1435-1447
• /
• 2015

Finance Companies are operating a security solution such as E-DRM(Enterprise-Digital Right Management), Personal information search, DLP(Data Loss Prevention), Security of printed paper, Internet network separation system, Privacy monitoring system for privacy leakage prevention by insiders. However, privacy leakages are occurring continuously and it is difficult to the association analysis about relating to the company's internal and external distribution of private document. Because log system operated in the separate and independent security solutions. This paper propose a systematic chains that can correlatively analyze business systems and log among heterogeneous security solutions organically and consistently based on security documents. Also, we suggest methods of efficient detection for Life-Cycle management plan about security documents that are created in the personal computer or by individual through the business system and distribution channel tracking about security documents contained privacy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.489-499
• /
• 2016

Nowadays the importance of information security has been increased because there are many benefits and threats like information leakage caused by rapid growth of information technology. It is important to apply technical solution, however enhancing security capability is more important to respond evolving security threats. Information security education is one of typical way to enhance security capability and there are various efforts at the dimension of nation, company and academic community. However it is required to analyze previous research until now and derive future research direction for long-term development plan. In this study, we analyzed a publication status about 177 papers related to information security, training and awareness from 4 foreign journals and 2 Korean journals. Additionally, we analyzed in detail about 70 papers related to information security education. As a result, the most part of study is about curriculum, and in the future, it is required to expand educational area as well as study about effectiveness measurement of information security education by experimental research.

• The Journal of Society for e-Business Studies
• /
• v.16 no.4
• /
• pp.87-96
• /
• 2011

The importance of the security management system for the aviation infrastructure cannot be overemphasized. What is especially important on the security management system for it is the assessment that is detaild and systematic. This article presents a framework based on a Hanulcha-type security management system model for a Information security of the Aviation infrastructure. This system checks, estimates and analyzes the goal of security with effect, especially in case of the security-accident on the aviation infrastructure because this system model gives the integrated security assessment method.

• Journal of Industrial Convergence
• /
• v.20 no.3
• /
• pp.23-31
• /
• 2022

Recently, the importance of the role of the university information security department in nurturing security experts to defend against cyber attacks is increasing day by day. The current university security curriculum has a problem in that the proportion of theoretical education is high and the professionalism of practical education is relatively low. This study analyzed the recent educational programs of domestic and foreign security education institutions for the purpose of improving the practical ability of the Department of Security, designing a class model suitable for the core specialization process, and suggesting the direction. The proposed model improves the existing problems of basic class connection and security practice curriculum roadmap, and additionally explains the practice program of the five core specialized subjects. This study intends to contribute to the improvement of the quality of the curriculum and educational model of each university's security department.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.33-41
• /
• 2023

In recent years, advanced persistent threat (APT) attack organizations have exploited various vulnerabilities and attack techniques to target companies and institutions with national core technologies, distributing ransomware and demanding payment, stealing nationally important industrial secrets and distributing them on the black market (dark web), selling them to third countries, or using them to close the technology gap, requiring national-level security preparations. In this paper, we analyze the attack methods of attack organizations such as Kimsuky and Lazarus that caused industrial secrets leakage damage through APT attacks in Korea using the MITRE ATT&CK framework, and derive 26 cybersecurity-related administrative, physical, and technical security requirements that a company's security system should be equipped with. We also proposed a security framework and system configuration plan to utilize the security requirements in actual field. The security requirements presented in this paper provide practical methods and frameworks for security system developers and operators to utilize in security work to prevent leakage of corporate industrial secrets. In the future, it is necessary to analyze the advanced and intelligent attacks of various APT attack groups based on this paper and further research on related security measures.

• Industry Promotion Research
• /
• v.5 no.3
• /
• pp.23-29
• /
• 2020

In order to enrich the lives of senior citizens, this study suggested measures to increase income for the elderly by strengthening the current income security policies. Income security is a policy that guarantees income to maintain a certain standard of living. It is a policy that guarantees income to maintain a certain standard of living when income is suspended due to unemployment, disease, or disaster, or when income is lost due to retirement or death of a dependent due to old age, or when expenditure accompanying birth, death, etc. occurs. According to the study, measures to expand old-age income security are as follows. First, a phased increase in basic pension for the guarantee of old-age income is needed. Second, the income security function of the National Pension Service should be further strengthened. Third, a multi-layered old-age income security system should be established. Fourth, the government should continue to push for the expansion of works for the elderly. In conclusion, in order to strengthen the income security policy for the elderly, a reexamination of the current income guarantee system for the elderly is needed first. Then, it will be necessary to propose measures to gradually guarantee income for the elderly.