• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.843-859
• /
• 2018

Cybersecurity has emerged as a serious problem in Korea and there have been relevant movements to improve domestic cybersecurity policy and system. However, discussions have yet to result in actual progress and the legislation for improvement of cybersecurity policy and system have been stagnant until now. As evidenced by the introduction of primary government legislation bill for national cybersecurity in 2017, the preparations for improvements to the policy and system are still in progress. However, we cannot be positive about the possibility of implementing these improvements during the process. Recognition of the importance of cybersecutiry has gradually risen and is more prevalent than in years past, however, in-depth discussions are not being made. In principle, misunderstandings about cybersecurity itself and insufficient understandings of the relevant legislation seem to cause such problems. Therefore, it is necessary to review key issues related to the improvement of cybersecurity policy and system and reconsider tasks for the future. Such issues include the relationship between cybersecurity and fundamental rights, establishing responsibility and capability of each of entities for cybersecurity, and the role of the military in cybersecurity. This type of in-depth discussion will be helpful for finding ways to improve upon cybersecurity policy and system. Moreover, this study aims to key issues with questionnaire survey and political and normative inquiry.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.295-316
• /
• 2012

In the recent field, cybersecuriyt has become one of the critical areas in the information technology field, and demands for cyberseucirty professionals have been increasing tremendously. However, there is In the recent past, cybersecurity has become one of the critical areas in the Information Technology (IT) field, and demands for cybersecurity professionals have been increasing tremendously. However, there is a shortfall in the qualified cybersecurity workforce which is a factor that contributes to the vulnerability of society to various cyber threats. Our study articulates a model to explain career selection behavior in the cybersecurity field. The study explored factors that affect scholars' behavioral intention to pursue a cybersecurity career. Positive outcome expectations from a cybersecurity career as well as high self-efficacy about skills and knowledge about cybersecurity have a strong impact on the scholars' cybersecurity career decisions. Further, perceived usefulness of the cybersecurity curriculum has a positive effect on the scholars' career decisions. The results of this research have implications for retaining a qualified workforce in the computer and information security fields.

• Journal of information and communication convergence engineering
• /
• v.18 no.2
• /
• pp.94-99
• /
• 2020

Real cyberterrors are invisible and difficult to identify. Even after a cyberattack, its origin and cause are difficult to determine. Cyberterrorism results in invisible cyberwars, and it is believed that World War IV will begin with a cyberwarfare. For national cybersecurity, information on cybersecurity must be collected, shared, and disseminated. In this study, we investigate a blockchain system designed based on the World Cybersecurity Agreement. National cybersecurity information is linked to the hyperledger blockchain system network through the National Cybersecurity Center. National cybersecurity information designs and uses a secure protocol for protection; further, it is collected, shared, and disseminated to treaty countries. National cybersecurity information is shared and spread by the hyperledger blockchain system, and it uses a cyberdefense system that responds to the cyberattacks and their origin. This paper serves as a policy and legislation guideline for forming a World Cybersecurity Agreement between countries.

• Convergence Security Journal
• /
• v.13 no.6
• /
• pp.91-98
• /
• 2013

Cyber attacks threaten the national security in this day and age. The government of the Republic of Korea recently released the National Cyber Security Comprehensive Countermeasures as a new cybersecurity policy. But current legal system cannot provide legal basis for the implementation of such measures. The current legal system related to cybersecurity is applied in each sector, thus the governance system in cybersecurity is separate. So there are many problems in the governance system in cybersecurity. To solve these problems fundamentally, it is righter to make a new cybersecurity law than to revise existing laws. Meanwhile, lawmakers proposed some bills in Congress to strengthen the cybersecurity in Korea in 2013. It will increase possibility of legislation of cybersecurity act to make a law through the analysis of these bills and to derive the essential elements from those. and to reflect these in the new cybersecurity act.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.1
• /
• pp.99-109
• /
• 2020

In the past, conservative concepts have been applied in terms of the characteristic of nuclear power plants(NPPs), resulting in analog-based equipment and closed networks. However, as digital technology has recently been applied to the design, digital-based facilities and communication networks have been used in nuclear power plants, increasing the risk of cybersecurity than using analog-based facilities. Nuclear power plant facilities are divided into a safety system and a non-safety system. It is essential to identify the difference and cope with cybersecurity threats to the safety system according to its characteristics. In this paper, we examine the cybersecurity regulatory guidelines for safety systems in nuclear power plant facilities. Also, we analyze cybersecurity threats to a programmable logic controller of the safety system and suggest cybersecurity requirements be applied to it to respond to the threats. By implementing security functions suitable for the programmable logic controller according to the suggested cybersecurity requirements, regulatory guidelines can be satisfied, and security functions can be extended according to other system requirements. Also, it can effectively cope with cybersecurity attacks that may occur during the operation of nuclear power plants.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.459-460
• /
• 2019

최근 블록체인의 안정성이 화제가 됨에 따라 블록체인을 응용한 시스템 적용을 통한 기록의 무결성을 보장하는 기법이 대두되고 있다. 특히, 사용자간의 현금을 거래하는 거래 시스템은 타 시스템과 비교하여 거래 기록의 무결성이 더욱 강조된다. 본 논문에서는 거래 시스템의 무결성을 보장하기 위하여 블록체인을 적용한 여러 거래 시스템을 소개한다.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.22 no.6
• /
• pp.299-312
• /
• 2023

Recently, the electronic control unit (ECU) has been integrating several functions into one beyond simple convenience functions. Accordingly, ECUs have more functions and external interfaces than before, and various cybersecurity problems are arising. The United Nations Economic Commission for Europe (UNECE) World Forum for Harmonization of Vehicle Regulations (WP.29) issued UN Regulation No.155 to establish international standards for vehicle cybersecurity management systems in light of the growing threats to vehicle cybersecurity. According to international standards, vehicle manufacturers are required to establish a Cybersecurity Management System (CSMS) and receive a Vehicle Type Approval (VTA). However, opinions were raised that the implementation period should be adjusted because domestic preparations for this are insufficient. Therefore, in this paper, we propose a web-based solution that maps a checklist to check the status of CSMS in the requirement and various vehicle security companies and solutions to mitigate the identified gap.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.18 no.2
• /
• pp.39-48
• /
• 2022

The application of digital technology to instrumentation and control systems in nuclear power plants has overcome many shortcomings of analog technology, but the threat of cybersecurity has increased. Along with other systems, the reactor protection system also uses digital-based equipment, so responding to cybersecurity threats is essential. We generally determine cybersecurity threats according to the role and function of the system. However, since the instrumentation and control system has various systems linked to each other, it is essential to analyze cybersecurity threats together between the connected systems. In this paper, we analyze the cybersecurity threat of the reactor protection system with the associated facilities. To this end, we quantitatively identified the risk of the reactor protection system by considering safety functions, a communication type, the use of analog or digital-based equipment of the associated systems, and the software vulnerability of the configuration module of the reactor protection system.

• International Journal of Computer Science & Network Security
• /
• v.22 no.5
• /
• pp.11-16
• /
• 2022

The main purpose of the study is to determine the main elements of the state management of the development of national cybersecurity. Cybersecurity ensures the protection of the properties of information resources and the operability of technical and software users and is directed against relevant cyber incidents. Therefore, today it is impossible to ignore the importance of public administration of the processes taking place in it. The methodological support of our study is determined by its goals and objectives and is based on the use of a combination of general scientific and special methods of scientific knowledge, which ensured the completeness and reliability of the results obtained. The article has limitations and concerns the lack of practical implementation of the research results. The study is purely theoretical to reflect the main aspects of the modern system of state management of the development of national cybersecurity. Further research requires an analysis of the world experience of state management of the development of national cybersecurity.

• Convergence Security Journal
• /
• v.11 no.4
• /
• pp.19-29
• /
• 2011

After a change of government and the inauguration of President Barack Obama in 2009, there are various effort to set up a cybersecurity policy which is better than its predecessor. The legislative trend of cybersecurity is the one aspect of that. So we compare the legislative trend of cybersecurity in the Obama era to one in the Bush era and analyze that and find items which is helpful to Korea. It seems that the point of cybersecurity legislation of U.S.A. changes from tougheners of penalties to improvements to implementation system. We can find the implications for Korea From that. Cybersecurity is covered as a problem all over the nation and a security problem. It is necessary for Korea to get ready for new Pax Americana in cybersecurity in advance and to guarantee fundamental human rights.