A study of issues about Accredited Certification methods in Korea

Seung-Woan Chai,Kyoung-Sik Min,Jeong-Hyun Lee 보안공학연구지원센터 2015 International Journal of Security and Its Applicat Vol.9 No.3

In line with the e-Government strategy, Korea has implemented a global standard electronic signature and certification system since the Electronic Signature Act was enacted by Act No. 5792 in 1999. Over a decade Korea has been using the electronic signature and certification system in daily life. In the cyberspace where the contracting parties cannot meet face to face, electronic signatures and authentication are inevitable. On the other hand, with the explosive use of smart devices, some critics argue that the current certified electronic signature is regarded as uncomfortable system in electronic commerce. They also point out that such certified electronic signature system is not commonly used in foreign countries. Yet, so far, the accredited certificate is still the most reliable method even though the usage of accredited certificates presumably decreases in the areas that do not require security significantly. Thus, it must be unwise to discard the accredited electronic signature on account of an “unnecessary obstacle”. Therefore, legal and technical issues regarding the accredited certificate need to be discussed. Additionally, methods to promote certified electronic signature and to improve certification system should be explored.

Analysis on Supply and Demand Status of Information Protection of Human Resources in Korea

Seung-Woan Chai,Sang-Ho Jie,Kyoung-Sik Min 보안공학연구지원센터 2015 International Journal of Security and Its Applicat Vol.9 No.4

There were about nine hundred information protection human resources less in Korea in 2012 but this number is expected to increase to about two thousand, five hundred in 2015, widening the gap between demand and supply. This is more of a serious qualitative issue than a quantitative issue in terms of scarce resources. There is an average proficiency gap of 1.2 points out of seven points among the resources companies would like to hire. In particular, among the twenty-five knowledge and technology levels, fields such as cryptology only meet about 70% of the industry's expectation level. To solve the quantitative supply and demand gap of information protection human resources, it is necessary to attract more human resources into the information protection industry through various training paths. Also, in order to enhance the qualitative fidelity level of the information protection resources, there is a need to foster customized talents that meet company demands by adjusting training curriculum according to proficiency differences.

개인정보보호의 경제적 효과

채승완(Chai, Seung Woan) 한국소비자원 2008 消費者問題硏究 Vol.- No.33

An Analytic Study of Cyber Security Strategies of Japan

Kyoungsik Min,Seung-Woan Chai 보안공학연구지원센터 2016 International Journal of Security and Its Applicat Vol.10 No.10

Japan has recently enacted the Fundamental Act on Cyber Security, taking prompt actions to reinforce the status of the cyber security policy and to organize the implementation system. This kind of change in policy indicates that cyber space does not remain as a field of information restricted to Internet but has become an international field of discussion about economy, society and politics. This study summarizes the change of cyber security policy of Japan, and analyzes the recent changes.

An International Comparative Study on Cyber Security Strategy

Kyoung-Sik Min,Seung-Woan Chai,Mijeong Han 보안공학연구지원센터 2015 International Journal of Security and Its Applicat Vol.9 No.2

It is expected that utilization and expansion of cyber-space on the basis of big data, cloud computing and IoT(Internet of Things) will be a critical factor which determines national competitiveness. In the meantime, cyber threat accompanied by the utilization of cyber space, attacks targeting cyber space, became enhanced and complicated. Besides this, attackers were also more organized with economic and political intention. As a result, damage caused by the attacks targeting cyber-space has already brought about social confusion. This paper analyzes various countries' cyber security strategy by focusing on public-private partnership, which is one of the common grounds of the strategies. Especially, it focuses on how each country establishes institutional framework of the partnership related to infra-protection. The subject of analysis is limited to U. S. A, EU and Japan. Consequently, the countries, to some degree, adopt intervention policy through cyber security strategy, and government control is changing from voluntary self-regulation to enforced self- regulation in general. Additionally, public-partnership is more and more emphasized.

국내 정보보호 교육체계 연구

김동우(Dong-woo Kim),채승완(Seung-woan Chai),류재철(Jae-cheol Ryou) 한국정보보호학회 2013 정보보호학회논문지 Vol.23 No.3

최근의 사이버 공격은 내부 직원을 목표로 하거나 불특정 다수의 PC를 이용하는 등 지능화, 대규모화 되고 있어 기술적인 보안대책만으로 대응하는데 한계가 있으며, 관련 인력이 중심이 되는 종합적인 대책이 필요하다. 그러나 정보보호 전문 인력을 양성하는데 있어서 근간이 되는 국내의 정보보호 교육체계는 정보보호 교육 중장기 계획 부재, 교육 프로그램에 대한 검증 부족, 교육기관 간의 정보 교류 부재 등 여러 가지 문제점을 가지고 있다. 본 논문에서는 국내 정보보호 교육체계의 문제점을 해결하고 사이버 정보보호 환경을 개선하기 위한 정보보호 교육 발전 방안을 제안한다. 본 논문에서 제안하는 정보보호 교육체계 발전 방안은 국가 정보보호 교육 마스터플랜의 기획 및 추진, 정보보호 교육 프로그램 인증제도 도입, 정보보호 전문인력 DB 운영, 정보보호 전문 인력에 대한 다양한 혜택 개발 등의 세부 방안을 포함한다. There is a limitation on counteracting recent cyber-attacks with only technical security measures because they become more intelligent and large-scale to aim at employees instead of systems directly or to be conducted with unspecified multiple PCs. Thus, comprehensive measures revolved around related manpower are necessary to deal with them. However, domestic information security education system which is the base of professional manpower training lacks medium-and long-term plans for information security education, verification of education programs, and information sharing among educational institutions. This paper suggests information security education development plans for resolving problems on domestic education systems and improving cyber information security environment such as a national information security education master plan, certification system introduction of education programs, and professional manpower database management.

An Analysis of the Economic Effects of NetworkIndustry by Applying Household Endogenous Model

Woo-Soo Jeong,Mijeong Han,Seung-Woan Chai,Kyoung-Sik Min 보안공학연구지원센터 2015 International Journal of Smart Home Vol.9 No.2

Currently the Republic of Korea is planning a government-sponsored project to build a new network infrastructure in order to provide better services with citizens in spite of the already established world class network infrastructure. For past few years, there were several investments on network infrastructure development projects which resulted in high ROI(Return on Investment) rates in Korea. The clear definition and objective analysis of the project is an important task to be completed prior to the beginning of carrying out the project which aimed to promote network industry with government support. This report applies an analysis of inter-relationship among industries including an influence process of income and consumption by considering the effects of an increase in consumption, resulting from the growth of household income, on production. It might be worthy to review input-output table with household endogenous model when it investigates the effectiveness of investment on network infrastructure.

정보보호 산업의 경제적 파급효과 분석

정우수(Woo-Soo Jeong),민경식(Kyoung-Sik Min),채승완(Seung-Woan- Chai) 한국정보보호학회 2014 정보보호학회논문지 Vol.24 No.2

정보통신 산업이 발전하고 정보의 자산적 가치가 증대됨에 따라 정보보호에 대한 수요는 더욱 확대될 것으로 예상된다. 정보보호 산업은 정보보호제품을 개발.생산 또는 유통하거나 정보보호에 관한 컨설팅 등과 관련된 산업을 말한다. 본 연구에서는 제품 및 서비스 산업 정의에 기반 하여 정보보호 산업을 재분류하고, RAS 기법을 활용하여 산업연관표를 연장하여 2013~2017년까지의 정보보호 산업의 경제적 파급효과를 분석하도록 한다. 정보보호 산업의 경제적 파급효과를 분석한 결과를 살펴보면, 정보보호 산업에 대한 투자(‘13∼’17년)를 통해 나타나는 경제적 파급효과의 총생산유발액은 약 3조 2,069억 원에 달하였으며, 약 27,406명의 고용유발 기대할 수 있을것으로 추정되었다. With development of Information Security industry and recognizing value of information as an asset, demand for information protection is foreseen to be expanding gradually. The Information Security industry in this paper defines as an industry where relative products as well as consulting services are developed, produced, and distributed. This study reclassifies sub-sectors of the Information Security industry based on the definition of product and services defined above, and it uses the RAS technique to broaden a scope of an input-output table to include the Information Security industry with purpose of analyzing economic spill-over effects industry will encounter during 2013~2017. Results show that investment in the Information Security industry during 2013-2017 induces total economic outputs to KRW 3,206.9 billion and is expected to employ additional 27,406 workforce.