Earticle

초록

영어

Many organizations need to comply with ISMS-P for information systems and personal information management for ISMS-P certification. Organizations should safeguard vulnerablities to information systems. However, as the kinds of information systems are diversified and the number of information systems increases, management of such vulnerabilities manually accompanies with many difficulties. SCAP is a protocol to manage the vulnerabilities of information system automatically with security standards. In this paper, for the introduction of SCAP in domestic domains we verify the applicability of server-oriented system which is one of ISMS-P certification targets. For SCAP applicability, For obtaining this goal, we analyze the structures and functions of SCAP. Then we propose schemes to check vulnerabilities of the serveroriented system. Finally, we implement the proposed schemes with SCAP to show the applicability of SCAP for verifying vulnerabilities of the server-oriented system.

목차

Abstract
1. 서론
2. SCAP 분석
2.1 SCAP 환경
2.2 SCAP 분석 및 시사점
3. 기술 영역 검증 방안
3.1 검증항목 도출
3.2 검증 방안
4. SCAP 적용 가능성
4.1 검증 방안 구현
4.2 SCAP 적용 가능성 실험
5. 결론
References

키워드

저자

• 신동천 [ Dong Cheon Shin | Dept. of Industrial Security, Chung-Ang University ] Corresponding author
• 김선광 [ Seon Kwang Kim | Dept. of Industrial Convergence Security, Graduate School of Chung-Ang University ]

참고문헌

발행기관

간행물

표지보기 관심저널 등록

• 간행물명

  JITAM [Journal of Information Technology Applications and Management]

• 간기

  격월간

• pISSN

  1598-6284

• eISSN

  2508-1209

• 수록기간

  1999~2026

• 십진분류

  KDC 005 DDC 005