Á¤º¸Ã³¸®ÇÐȸ ³í¹®Áö ÄÄÇ»ÅÍ ¹× Åë½Å½Ã½ºÅÛ
Current Result Document :
ÇѱÛÁ¦¸ñ(Korean Title) |
Á¶Á÷ÀÇ ½Ç½Ã°£ º¸¾È°ü¸® ü°è È®¸³À» À§ÇÑ ¡®ÀÎÅÍÆäÀ̽º º¸¾È¡¯ °È¿¡ ´ëÇÑ ¿¬±¸ |
¿µ¹®Á¦¸ñ(English Title) |
A Study on Interface Security Enhancement |
ÀúÀÚ(Author) |
¹ÚÁØÁ¤
±è¼Ò¶ó
¾È¼öÇö
ÀÓäȣ
±è±¤Á¶
Joon-Jeong Park
Sora Kim
SooHyun Ahn
Chae-ho Lim
Kwangjo Kim
|
¿ø¹®¼ö·Ïó(Citation) |
VOL 04 NO. 05 PP. 0171 ~ 0176 (2015. 05) |
Çѱ۳»¿ë (Korean Abstract) |
ƯÁ¤ º¸¾È ±â¼ú¸¸À¸·Î´Â ³ª³¯ÀÌ Ä¡¹ÐÇØÁö´Â °ø°ÝÀ» ¹æ¾îÇÒ ¼ö ¾ø±â ¶§¹®¿¡ ISMS(Information Security Management System) µî ´Ù¾çÇÑ º¸¾È°ü¸® ¸ðµ¨ µîÀÌ Àû¿ëµÇ°í ÀÖÁö¸¸, ³Ê¹« ¸¹Àº Ç׸ñ¿¡ ´ëÇÑ ÀϹÝÀûÀÎ º¸¾È°ü¸® ¹æ¾ÈÀ» Á¦½ÃÇÏ°í ÀÖ¾î Ãë¾àÁ¡ÀÌ ³ôÀº ºÎºÐ¿¡ ÁýÁßÇÏÁö ¸øÇÏ´Â ´ÜÁ¡ÀÌ ÀÖ´Ù. ÃÖ±Ù ¼ö³â°£ ¿ì¸® »çȸ¿¡ ¸·´ëÇÑ ÇÇÇظ¦ ÀÔÈù ÁÖ¿ä Á¤º¸ ¹× ±â¹Ð À¯Ãâ °ü·Ã »ç°ÇÀ» ºÐ¼®ÇÑ °á°ú, °ø°ÝÀÚ´Â ÁÖ·Î À̸ÞÀÏ, À¥ ¼¹ö, ÈÞ´ë¿ë ÀúÀå¸Åü, ¿ÜÁÖ¾÷ü Á÷¿ø µî Á¶Á÷ÀÇ ³»ºÎ¿Í ¿ÜºÎ¸¦ ¿¬°áÇØÁÖ´Â Åë·ÎÀÎ ¡®ÀÎÅÍÆäÀ̽º(interface)¡¯ Ãë¾àÁ¡À» ÀÌ¿ëÇÏ¿´À½À» ¹ß°ßÇÏ¿´´Ù. À̸¦ ÅëÇØ ¿ì¸®´Â º¸¾È¿¡ ÅõÀÚÇØ¾ß ÇÒ ½Ã°£°ú ÀÚ¿øÀÌ Á¦ÇѵǴ Çö½ÇÀ» °í·ÁÇÏ¿© °ø°ÝÀÚ°¡ ¾Ç¿ëÇÒ °¡´É¼ºÀÌ ³ôÀº ÀÎÅÍÆäÀ̽º¿¡ ´ëÇÑ ÇöÀç º¸¾È ½ÇŸ¦ Àû½ÃÇÑ ÈÄ °ü¸®Àû¤ý±â¼úÀû¤ý¹°¸®Àû Ãø¸éÀ» À¶ÇÕÇÑ º¸¾È´ëÃ¥À» Á¦½ÃÇÏ°í, ÇØ´ç ÀÎÅÍÆäÀ̽º¿¡ ´ëÇÑ ÁßÁ¡ÀûÀÌ°í Áö¼ÓÀûÀÎ °ü¸®(continuous management)¸¦ ÅëÇØ ÅõÀÚ ºñ¿ë ´ëºñ È¿°úÀûÀ¸·Î Á¶Á÷ÀÇ ½Ç½Ã°£ º¸¾È°ü¸®¸¦ °¡´ÉÇÏ°Ô Çϴ ü°è¸¦ Á¦¾ÈÇÏ°íÀÚ ÇÑ´Ù.
|
¿µ¹®³»¿ë (English Abstract) |
Because the specific security technology alone can not cope with sophisticated attacks, various security management models are applied. But, they do not focus on the vulnerability of the highest part because they offer so many common security management criteria. By analyzing the main information and confidential leakage cases inflicting enormous damage to our society, we found that attackers are using mainly an interface vulnerabilities – the paths that connect the internal and external of the organization, such as e-mail, web server, portable devices, and subcontractor employees. Considering the reality that time and resources to invest in security domain are limited, we point out the interface security vulnerabilities the possibility of attackers to exploit and present a convergence method of security measures. Finally, based of ROI(Return on Investment), we propose the real-time security management system through the intensive and continuous management.
|
Å°¿öµå(Keyword) |
ÀÎÅÍÆäÀ̽º º¸¾È
½Ç½Ã°£ º¸¾È°ü¸®
Áö¼ÓÀû º¸¾È°ü¸®
ÅõÀÚ ´ëºñ È¿°ú
Interface Security
Real-Time Security Management
Continuous Management
ROI(Return on Investment)
|
ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|