The Rational Improvement Plans of Inspection Standards on Vulnerability Analysis and Evaluation in Electronic Financial Infrastructure (전자금융기반시설 취약점 분석·평가 점검기준의 합리적 개선방안)

Gwang Bae Kim (김광배); Hun-Yeong Kwon (권헌영)

doi:10.34163/jkits.2017.12.6.013

The Rational Improvement Plans of Inspection Standards on Vulnerability Analysis and Evaluation in Electronic Financial Infrastructure

Journal of Knowledge Information Technology and Systems
Abbr : JKITS
2017, 12(6), pp.913-923
DOI : 10.34163/jkits.2017.12.6.013
Publisher : Korea Knowledge Information Technology Society
Research Area : Interdisciplinary Studies > Interdisciplinary Research
Published : December 31, 2017

Gwang Bae Kim ¹, Hun-Yeong Kwon ¹

¹고려대학교

Accredited

ABSTRACT

To secure the safety and reliability of the electronic financial transactions, the financial company perform vulnerability analysis and evaluation on the electronic financial infrastructure. However, the financial sector vulnerability analysis and evaluation criteria that are used in the analysis and evaluation of electronic financial infrastructure vulnerabilities by financial companies have not been updated since its distribution in 2012, Although vulnerability analysis and evaluation agencies such as the financial information sharing and analysis center and the information security professional services company are updating their own vulnerability analysis and evaluation standards, since the standards are not standardized, financial companies are confused when performing vulnerability analysis and evaluation. n this paper, we analyze the problems of the existing analysis and evaluation criteria of the electronic financial infrastructure and propose a measure to establish a reasonable inspection standard in accordance with the characteristics of the financial institution's electronic financial infrastructure and suggest a supplementary point using the information security management system. In addition, We introduced example case of establishing the criteria of analyzing and evaluating the vulnerability according to the autonomous security system of the financial company

KEYWORDS

Information security, Financial security, Electronic financial infrastructure, Vulnerabilities analysis, ISMS(Information Security Management System)

Citation status

* References for papers published after 2023 are currently being built.

[other] / 2017 / 2017 National information security white paper, National Intelligence Service / National Intelligence Service

[other] Financial Services Commission / 2017 / Electronic financial transactions Act

[other] Ministry of Science and ICT / 2017 / Enforcement decree of the act on promotion of information and communications network utilization and information protection / Etc

[other] The Board of Audit and Inspection of Korea / 2014 / Information security and cyber safety management and supervision actual condition in financial sector

[journal] I. S. Kim / 2015 / Electronic financial security theory / IT Forum

[journal] 박근덕 / 2016 / Improvements of Information Security Level in Electronic Financial Infrastructure(By Analyzing Information Security Management Level) / 정보보호학회논문지 / 한국정보보호학회 26(6) : 1605~1618

[other] Financial Services Commission / 2017 / Enforcement decree of the electronic financial transactions Act

[other] Financial Services Commission / 2012 / Vulnerability analysis and measurement criteria in financial sector

[other] Ministry of Science and ICT / 2017 / Act on the protection of information and communications infrastructure

[report] Ministry of Science, ICT and Future Planning / 2013 / Critical network infrastructure vulnerability analysis and measurement criteria / Ministry of science, ICT and future planning

[other] Financial Security Institute / 2017 / Status of issuance of information security management system certificate

[other] Financial Security Institute / 2017 / Inspection criteria of information security management system in financial sector

[other] Korea Internet & Security Agency / 2016 / 2016ISMS certification status

[other] Korea Internet & Security Agency / 2017 / Information security management system certification system guide

[thesis] S. J. Park / 2016 / A study on the harmonization of public regulation and self-regulation for the constructing secure e-banking environment / Mokpo University

[report] / 2016 / 2016 financial security institute annual report / Financial Security Institute

KJCKorea
Journal Central

Journal of Knowledge Information Technology and Systems 2023 KCI Impact Factor : 0.89

The Rational Improvement Plans of Inspection Standards on Vulnerability Analysis and Evaluation in Electronic Financial Infrastructure

ABSTRACT

KEYWORDS

Citation status

* References for papers published after 2023 are currently being built.

Journal of Knowledge Information Technology and Systems 2023 KCI Impact Factor : 0.89

The Rational Improvement Plans of Inspection Standards on Vulnerability Analysis and Evaluation in Electronic Financial Infrastructure

ABSTRACT

KEYWORDS

Statistics

Tools

Issue List

Citation status

KCI Citation Counts (0)

REFERENCES (16) * References for papers published after 2023 are currently being built.

Search PDF

Citation

* References for papers published after 2023 are currently being built.