Hardware-Assisted Isolation Techniques for Security Enhancement on ARM

조영필 서울대학교 대학원 2018 국내박사

To protect the system from software attacks, various security approaches, such as formal verification and memory safety, have been proposed by researchers. However, many of the security approaches have not been practical to apply to real-world systems because they involve too strict restrictions or incurs significant performance overhead. In this situation, security researchers have proposed isolation approaches that dramatically reduce the attack surface by isolating security-critical parts of software from the others. The isolation approaches have been adopted in many security studies to increase the security level of software with minimal overhead. However, the security studies based on the isolation approaches have been carried out focusing on the systems, such as desktop PCs and servers. Unfortunately, in the mobile devices, the most widely used systems these days, only a few related studies have been conducted, so in these devices, the isolation approaches have evolved less in terms of security, coverage, and efficiency. In this thesis, therefore, I will perform a series of research to enhance the isolation approaches, and ultimately to increase the security level of the mobile devices. I first will analyze the usage scenarios and environments of the mobile devices and confirm the required security capabilities and levels. Subsequently, I will carefully review the recent ARM architectures that are mainly used in the mobile devices and find some salient hardware features. After that, on top of these features, I will propose novel security solutions stemming from the isolation approaches. These solutions targeting from applications to different types of system software satisfy the required security capability and levels confirmed by the previous analysis. In this thesis, I will describe the details of design and implementation of these security solutions, around the isolation approaches based on the salient hardware features. Also, the efficiency and effectiveness of these solutions will be demonstrated through various experimental results.

Self-Adaptive Security Requirements Engineering for Blockchain-Based Cloud Platform

SINGH IRISH 아주대학교 2022 국내박사

Several security vulnerabilities have been reported in the current state of blockchain-based cloud systems. One of these is the lack of a standard design process for developing secure smart contracts (SC). Also, the security mechanisms in the system are not designed to continuously evolve to address evolving adversary attacks. These issues prevent the BBC from taking effective decisions when faced with an attack. The goal of this study is to build a self-adaptive security framework that will allow the BBC to take effective decisions when faced with evolving adversary attacks. This framework is built on the principles of the software development lifecycle, which is designed to model secure SC. The system uses the multi-model adaptation loop to make decisions based on the threat models and the service level agreement, which are used to identify and mitigate threats. Through the validation of the proposed methodology, we were able to demonstrate the validity of the research questions and the hypothesis. We then compare the proposed approach with the security quality requirements engineering approach known as SQUARE. The results of the study revealed that the proposed approach performed better than the SQUARE approach in terms of various parameters such as the quality of artifacts, the time it took to respond to security threats, and the complexity of the system. The proposed methodology can be used by SC security developers to quickly develop and implement secure contracts. They can also take advantage of the flexibility of the framework to adapt it to their needs. The key contribution of this study are as follows: 1) Comparatively Analyze the feasibility of Blockchain for secure cloud 2) Propose a Blockchain based cloud (BBC) framework to enhance the security and trust of the data stored in the Cloud, make Service Level Agreements (SLA) transparent and open to all users, and maintain the confidentiality and integrity of the data 3) Propose RE_BBC: Requirements Engineering process for Service Level Agreements in BBC, where we used RE modelling to build SC to perform actions of third-party providers in the cloud, such as to develop SLA and to provision SLA for services and security functionalities to the users. 4) The proposed SRE_BBC Process is a self-adaptive security requirements engineering (SRE) approach to address the security vulnerabilities in the BBC's Smart Contracts using a combination of threat model, goal model, and MAPE-BBC process. This approach can be used to provide secure implementations of the contracts based on the Service Level Agreement (SLA). 5) To provide a secure and resilient framework, we need to develop formalisms that are designed to provide a self-adaptive approach to contract language. So, we propose the Adaptive Secure Business Contract Language (AS_BCL) and Adaptive Secure Formal Contract Language (AS_FCL). 6) We statistically prove the research questions and hypotheses using the t-test [11] and Mann–Whitney U test [12]. 7) The proposed SRE_BBC approach is compared with the state-of-the-art Security Quality Requirements Engineering approach (SQUARE) method [13] to evaluate various parameters such as quality of artifacts and self-adaptive security evaluation quality, efficiency, complexity, and usability based on statistical tests. 8) We applied our proposed approach to three case studies, including Healthcare Data Management Blockchain-Based Cloud (HDM_BBC) case study, Banking Blockchain-Based Cloud (B_BBC), and Intelligent Transportation system Blockchain-Based Cloud (ITS_BBC). 9) Six subject matter experts from the software engineering field are involved in this study to validate our research study. They have extensive experience in analyzing security concepts such as blockchain, cloud computing, and SC. The proposed approach SRE_BBC is novel and necessary because as of now, there is no design standard that follows RE principles to model secure smart contracts for the BBC system. As a result, the development quality is not assured, and several security issues, and privacy leakage plague the development of smart contracts for BBC applications. The SRE-_BBC process responds to the many of these challenges of the BBC and determines a novel direction to provide secure and quality development of blockchain-based applications. The SRE_BBC process aims to reach a complete understanding of the problems in BBC systems and to have a quality set of security requirements for a meaningful SLA process that is sufficient for building secure BBC systems and is satisfied by customers. Smart contract development has a lot of potential as the Smart contract market size is to reach USD 345.4 million by 2026 from USD 106.7 Million in 2019 at a Compound Annual Growth Rate of 18.1% and there is increasing adoption of more than 50 industries that smart contract development could transform. Some of them are banking, healthcare, government, management, supply chain, automobile, real estate, insurance, etc. Our SRE_BBC process can provide secure and quality development services to the above industries. Keywords: security; attacks; vulnerabilities; goal model; threat model; self-adaptation; Service Level Agreement; smart contract; blockchain; cloud; healthcare; banking; intelligent transportation system.

Security entropy approach on multilateral security

李위 Graduate School of International Studies, Korea Un 2014 국내박사

When international security has inevitably and eventually entered a multilateral age, under what conditions a multilateral security practice would achieve its effectiveness? Interpreting this broad query to reality, why Six Party Talks has failed to solve North Korean nuclear crisis; will the new Six Party Talks on Iranian nuclear crisis bring a success of denuclearization? This research is designed to answer these questions by offering an original theoretical approach, namely, Security Entropy Approach (SEA). Every system can be described as a set of complexity, from an organism, individual, family, society, state, region, world, and the universe beyond human scope. This research takes set of Multilateral Security practice in international politics, namely, multilateral security cooperation such as SCO or 6PT, as the penetrating point for the theoretical application of complexity theory under SEA. The idea of SEA is lucid and straightforward: effectiveness of complex system is co-determined by both structure and process in chaotic dynamics. To elaborate, the core argument of SEA is: maximum chaos brings the worst stability, which goes without saying; minimum chaos through peace with concomitant lack of productive incentives is rarely possible and does not serve effectiveness either. When systemic effectiveness is evaluated through the distribution of Security Energy, the optimal hypothetical outcome is the Stability-Productivity equilibrium, when Security Entropy is moderated at 0.5 by process control.

Security in East Asia : from balance of power to multilateral security cooperation

김은경 이화여자대학교 국제대학원 2000 국내박사

Utilizing Data Analytics in the Field of Physical Security: An Exploratory Study

Tajali, Farhad ProQuest Dissertations & Theses University of Sout 2021 해외박사(DDOD)

소속기관이 구독 중이 아닌 경우 오후 4시부터 익일 오전 9시까지 원문보기가 가능합니다.

Security professionals face mounting challenges by the various threats targeting their respective organizations. The digital revolution has introduced many benefits, and inadvertently created multitude of additional threats and challenges (Foynes & Fuller, 2018). To combat new and existing emerging threats, security professionals can utilize data generated by the same digital revolution to proactively identify security gaps, mitigate risks and take a proactive approach to protecting their organizations. The purpose of this study was to assess the knowledge, motivation, and organizational influences (KMO) impacting security professionals’ ability to utilize data analytics in the field of physical security. To explore potential assets and needs, this study utilized Clark and Estes’s (2008) Gap Analysis Framework to assess the KMO influences that contribute to the use of data analytics to inform data driven decision making. An explanatory sequential mixed methods research design was conducted to obtain quantitative and qualitative data for analysis. Survey data was obtained from 258 security professionals from the United States and 43 other countries globally. Additionally, data from seven security professionals were obtained through interviews. This study found security professionals have a common understanding of data analytics and value its use, however, fail to effectively utilize data analytics in the field of physical security. Data analysis process (procedural knowledge) self-efficacy (motivation), and provision of resources (organizational influence) were identified as needs during this study. Clark and Estes’s (2008) Gap Analysis Framework was used to generate solutions and recommendations. The implementation of the recommendations outlined in Chapter five will enable security professionals to effectively utilize data analytics and proactively protect their organizations.

기업 보안 유형들의 상호작용 효과가 보안성과에 미치는 영향

이정환 韓國外國語大學校 大學院 2013 국내석사

We studied how the firm’s security elements affect the security-incident response competence. The purpose of this study is to empirically demonstrate the security-incident response capabilities and the interaction of administrative security factors within physical and technical security as using Socio-Technical approach. It is assumed that the security organization of firms affects the security-incident response competence. The result of research shows that the Administrative security gives a impact upon the relationship of the physical and technical security with the incident response competence. Furthermore, it was revealed that the difference in the security-incident response competence was according to the firm’s security organization. We proved that it has a positive impact on the security-incident response capabilities as companies invest in administrative security.

(A) Study on the design of secure multi function printer conforming to the Korea evaluation and certification scheme

이광우 성균관대학교 일반대학원 2011 국내박사

MFP (Multi-Function Printer) is an embedded system that serves several functions including printing, copying, scanning, faxing, document storing, and etc. Recently, MFP is becoming a popular option for office workers due to its multi--functionality and economic efficiency. Furthermore, MFP is able to perform several functions such as USB printing, private job printing, stored job printing, and scan-to-server. Due to the rapid growth of MFP market and variety of MFP function, it is widely used in many workspaces. To protect the sensitive data, MFP adopts the security functionality such as user authentication, image overwrite, security management, security audit logs, data flow management, and data encryption. In this reason, Common Criteria certification program is widely used to evaluate and assure the security of MFP. However, the background and know-how on the MFP are not enough to evaluate and to eliminate the vulnerabilities. Therefore, developers and evaluators of MFP have difficulty in development and evaluation process. Currently, most of government organizations, agencies, and large companies have adopted MFP with hard drives. Moreover, it is connected with network. Therefore, security features of MFP are important to preserve their critical and sensitive data. According to our research, however, present MFPs still have various security holes and vulnerabilities. Moreover, we can extract the critical information and data from MFP's storage devices. In this dissertation, we propose secure MFP system architecture and components that meet the Korea Evaluation and Certification Scheme (KECS). We first review system architecture, components, functions, and related works of the MFP. Next, we analyze the vulnerabilities of MFP in accordance with the penetration testing methods. According to the results of security analysis, we provide the assets, threats, and security requirements for the MFP. Finally, we propose a secure MFP system and provide an implementation and its security analysis. Our contribution are fourfold: (1) we present background information necessary to understand the MFP. The system architecture, operational environments, assets, threats, security objectives, and security requirements are included. (2) we present the penetration testing method to reduce the vulnerabilities of MFP and improve the security. (3) we propose the secure MFP system architecture and components that meet the KECS. (4) we implement the security module and cryptographic module for secure MFP that meet the KECS. The proposed security module awarded nine common criteria certification for their security. 디지털 복합기(MFP, Multi-Function Printer)는 프린터, 복사기, 스캐너, 팩스, 문서 저장함 등 다양한 기능을 포함하고 있는 임베디드 시스템으로 최근 널리 보급되고 있다. 디지털 복합기가 다양한 기능을 제공함에 따라, 기존 PC를 통해 수행되던 작업들이 디지털 복합기를 통해 독립적으로 수행되는 경우가 증가하였다. 즉, 기존 프린터가 PC를 통해서만 문서를 출력할 수 있었다면, 현재 출시되는 디지털 복합기에서는 이동식 저장장치 인쇄, 저장 문서 출력, 스캔 후 이메일 또는 네트워크 서버 전송, 인터넷 접속 등 독립적으로 수행할 수 있는 기능들이 증가하고 있다. 디지털 복합기의 기능이 다양해지면서, 디지털 복합기에서 저장되거나 처리되는 정보에 대한 중요성이 높아지고 있다. 이에 따라, 최근 출시되는 디지털 복합기는 디지털 복합기에서 처리되는 중요 정보를 보호하기 위해 사용자 사용자 식별 및 인증, 완전 삭제, 보안 관리, 보안 감사, 보안 기능, 데이터 흐름 통제, 데이터 암호화 등의 보안 기능을 탑재하고 있다. 따라서, 디지털 복합기에 포함된 보안 기능은 IT 보안 제품을 평가하는 기준인 CC (Common Criteria) 평가 인증을 통해 제품의 안전성을 평가 및 보증할 수 있다. 하지만, 디지털 복합기를 평가하기 위한 배경지식과 평가 노하우가 충분하지 않아, 평가 과정에서 개발자 및 평가자들이 많은 어려움을 겪고 있다. 최근 대부분의 정부 조직, 공공 기관 및 대기업에서 도입하고 있는 디지털 복합기는 저장장치로 하드디스크를 탑재하고 있으며, 네트워크에 연결되어 있다. 따라서, 디지털 복합기에 저장되어 있는 주요 기밀 정보를 보호하기 위한 보안 기능이 중요해지고 있다. 하지만, 현재 출시되어 있는 디지털 복합기는 여전히 다양한 보안 취약성에 노출되어 있다. 뿐만 아니라, 악의적인 공격자는 디지털 복합기의 저장장치에 저장되어 있는 주요 기밀 정보를 추출할 수 있다. 본 논문에서는 국내 정보보호 제품 평가 및 인증 제도의 요구사항을 만족하는 보안 디지털 복합기 구조 및 기능을 설계 및 구현하고, 해당 제품의 안전성을 정보보호제품 평가 인증을 통해 검증받고자 한다. 본 논문에서는 디지털 복합기의 시스템 구조, 보안 기능 및 관련 연구를 살펴보고, 기존 디저털 복합기에 대한 취약성 시험을 통해 디지털 복합기의 안전성을 분석한다. 또한 안전성 분석 결과를 통해, 디지털 복합기에 요구되는 보안 요구사항을 도출하고, 이를 만족하는 디지털 복합기 보안 기능을 설계 및 구현한다. 본 논문에서 제안한 방식은 정보보호제품 평가인증 제도를 통해 디지털 복합기의 안전성을 검증받았다.

Security Vulnerability Discovery and Anomaly Detection in IoT Domotics Systems

NKUBA KAYEMBE CARLOS 고려대학교 대학원 2024 국내박사

The emergence of the Internet of Things (IoT) technologies has promoted the development of smart devices for home comfort, convenience, accessibility, and remote device monitoring. These domestic automation systems (Domotics) or smart homes have revolutionized the way we interact with our home environments, offering several additional benefits ranging from energy efficiency and enhanced security to seamless entertainment and lifestyle management. Smart home systems are facilitated by various protocols, including, but not limited to Z-Wave, ZigBee, Thread, Wi-Fi, Bluetooth, LoRa, KNX, NFC, and UPB. The widespread adoption of Z-Wave and ZigBee protocols is attributed to device interoperability, cost-effectiveness in deployment, and low energy consumption, which is particularly beneficial for battery-powered devices. However, despite the numerous benefits of domotics, security challenges are on the rise. As smart homes become more interconnected and remotely controlled through the Internet, they become susceptible to various cyberattacks. As an illustration, critical security vulnerabilities were found in Z-Wave smart home devices. These vulnerabilities allowed attackers to remotely control devices and gain illegal access to the house. Therefore, it is critical to assess the vulnerabilities of IoT domotics devices before their release not only to preserve user privacy, safety, and functionality, but also to reduce the cost and difficulties of patching those vulnerable IoT smart home devices. In pursuit of establishing a comprehensive understanding of the challenges posed by vulnerabilities in domotic systems, we first present (1) an automated vulnerability detection technique based on blackbox fuzz testing, namely Vfuzz, which can detect flaws in domotic IoT systems that use the Z-Wave chipset. Vfuzz uses our field prioritization algorithm (FIPA) approach, which mutates specific Z-Wave frame fields to ensure the validity of the generated test cases. With the finding of Vfuzz, we propose (2) Zfinder, a new portable penetration testing framework for the Z-Wave network. Zfinder employs a fingerprinting approach with both active and passive scanning to retrieve the properties of the device. Additionally, it utilizes an exploit mutation approach to generate customized new exploits, with the objective of discovering additional unknown vulnerabilities in the Z-Wave network. With critical vulnerabilities identified by Vfuzz and Zfinder, we introduce (3) Zmad, an anomaly-based intrusion detection system designed to detect both known and unknown attacks on Z-Wave smart home networks. Zmad aims to enhance the security of domotic systems, particularly by addressing the vulnerability of legacy Z-Wave devices that lack the capability for proactive threat detection due to their inability to be updated. Zmad uses packet formalization technique to address heterogeneous packets coming from various devices and the centralized learning approach to profile the normal communication patterns of devices to increase the coverage of the Z-Wave Command Classes. Barriers in smart home security research stem from the expense associated with acquiring devices for analysis. To encourage and facilitate future research on Z-Wave smart home systems, we introduce (4) KU-ZDS, a comprehensive open Z-Wave network dataset that includes benign traffic from authentic Z-Wave devices and malicious attack traffic generated by exploiting known vulnerabilities and using fuzzing techniques. Experimental results on real Z-Wave devices have demonstrated that our proposed Vfuzz technique is efficient in terms of the discovery of new vulnerabilities. Our techniques have discovered 10 new vulnerabilities on Z-Wave devices, of which 6 new CVEs were assigned by the United States CERT/CC. Furthermore, Zfinder found 15 unknown vulnerabilities and has shown to be more effective than existing approaches by increasing the discovery of unknown Z-Wave vulnerabilities by 550% compared to HubFuzzer research. Moreover, the results of the evaluation on real Z-Wave devices have shown that Zmad is more effective than existing approaches, with high detection accuracy (98%) of attack traffic, while increasing the coverage of the Z-Wave protocol Command Classes by 663%. Using our proposed approaches, IoT domotic manufacturers could detect and fix vulnerabilities in their products before release using Vfuzz and Zfinder approaches; and end users can secure their existing smart home network from external attacks using Zmad IDS. Lastly, KU-ZDS can be used effectively in the creation of Z-Wave security analytic applications to protect smart homeowners from external attacks. Because identifying and mitigating vulnerabilities and threats can enhance the security posture of smart home systems, preventing unauthorized access, data breaches, and service disruptions that, in turn, encourage manufacturers to adopt security-by-design principles. We openly offer our solutions to encourage collaboration and research by scholars and developers.

업종 및 사고유형을 고려한 정보보안 투자 우선순위 도출

박주헌 연세대학교 공학대학원 2015 국내석사

Security incident has been along with history together since information system is developed. As information system is getting higher and amount of information assets is increasing, skills of threatening subjects are more advanced, so that it threatens precious information assets of ours. In domestic conditions, various attacks for extorting private information, extorting important information, and damaging information have been detected, and some of them generated security incident, abusing security’s weakness of information systems, so that it becomes a severe social problem. Most of the security incidents have taken places in corporations. Because most of valuable information exists in corporations and government institutions, the threatening subjects of security aim to corporations and government institutions as a top priority. By types of each corporation, attacking purposes or priorities of the threatening subjects change. As following the types of security incidents, the amount of damages becomes different very widely. Form that ways, it is different to deal with incidents as following the types of corporations and security incidents, and it also different to manage factors intensely. This classifies and defines types of corporations and security incidents, and it is to research what security incidents people should confront intensely. Furthermore, this study has a purpose and meaning to deduce priorities of investing information security, as dealing with corporation types that confront the security incidents intensely and security incidents. 보안 침해사고는 정보시스템이 발달하기 시작한 시점부터 역사를 함께하고 있다. 정보시스템이 고도화되고, 담겨 있는 정보 자산의 규모가 증가 할수록 위협 주체들의 기술도 함께 고도화되어 우리의 소중한 정보 자산을 위협하고 있다. 국내에도 개인정보의 탈취, 중요 정보의 탈취, 정보의 훼손을 목적으로 한 각종 공격 시도들이 탐지되고 있고, 일부는 정보시스템 등의 보안 취약점을 악용하여 보안 침해 사고를 발생시키는 등 심각한 사회 문제로 대두되고 있는 실정이다. 대부분의 정보보안 침해사고는 기업에서 발생하고 있다. 이유는 각종 가치 있는 정보가 개인보다는 기업 및 정부기관에 집중되어있어 보안 위협 주체들이 기업과 정부 기관을 주요 공격 대상으로 하고 있다. 기업의 업종별로 보안 위협 주체들의 공격 목적 및 우선순위가 달라진다. 또한, 보안 침해사고 유형에 따라서 피해 규모도 천차만별로 달라진다. 기업의 업종과 보안사고 유형에 따라 대응해야 하는 방식도 다르고, 중점적으로 관리해야 하는 요소도 달라진다. 본 연구에서는 업종 별, 보안사고 유형 별로 구분하여 정의하고, 어떤 업종과 보안사고에 중점적으로 대응해야 할 것인가에 대해 연구하고자 한다. 나아가 중점 대응 업종 및 보안사고 대응에 대한 정보보안투자 우선순위를 도출하는 것이 본 연구의 목적이자 의의라 할 수 있다.

Security Exceptions in the WTO System and Its Implications to the International Trade : Section 232 of the U.S. Trade Expansion Act of 1962 And the WTO Compatibility

박윤진 서울대학교 대학원 2021 국내석사

The relationship between national security and international trade has a long history that can be traced back to the establishment of GATT in 1947. In fact, these two arenas are closely linked, which can be particularly found in Article XXI of the GATT. This provision allows Member States to impose international trade measures for a purpose related to their national security interests. Due to this broad framework under the GATT/WTO, some countries have implemented highly controversial trade sanctions claiming Article XXI as a justification for such actions. The security exception clause has recently come into attention since the Trump administration took the lead of revival of Section 232 of the US Trade Expansion Act of 1962. Section 232 gives the U.S. authority a discretion to conduct investigations to determine effects on the national security of imports. In 2018, the US Department of Commerce released Section 232 reports on imported steel and aluminum, arguing that imports of such sectors “threaten to impair the national security.” The selective list of countries by the US heightened international attention and threatened the current multilateral trading system. This study qualitatively conducts a critical assessment of legal texts of Article XXI of the GATT and its relations to Section 232 of the US Trade Expansion Act of 1962. Moreover, this thesis covers the cases pursuant to Section 232 from the years 1963 to 2020 and the most current WTO case pursuant to Article XXI of the GATT in 2019. Based on case studies, this paper addresses the status of security exception provisions under the current GATT/WTO system. The results of this study are as follows: Section 232 was developed to exert a high degree of discretion by the investigating authorities, unlike other trade sanctions that are subject to stricter obligations under the WTO. This is mainly due to the absence of the GATT/WTO ruling and precedents to define the scope of essential security interests. Although the recent WTO Panel report of Russia- Measures Concerning Traffic in Transit in 2019 clarified key terms of self-judging nature of the security exception provision, the study finds that it has a limited implication to the current cases pursuant to Section 232, which are mostly involved with economic interests for the purpose of national security during peacetime. Therefore, the study suggests a development of FTAs under the bilateral framework in order to prepare for future trade issues in a more predictable manner. This research is unique as it is among the few to analyze the two contrasting approaches to security exception provisions, by illustrating cases pursuant to Section 232 of the US Trade Expansion Act of 1962 and the current WTO Panel Report. Hence, it provides future discussions on security exception provisions and offers a view as to countries, such as South Korea, to effectively participate in the global trade. 국가 안보와 국제 무역 사이의 관계성은 1947년 GATT (General Agreement on Tariffs and Trade) 설립 이후로 거슬러 올라갈 수 있을 만큼 오랜 역사가 있는 주제이다. 실제로 이 두 가지 쟁점은 국제통상에 있어 서로 밀접하게 연결되어 있으며, 이는 GATT 제 21조인 안보 예외 (Security Exceptions) 조항에서 가장 두드러지게 찾아볼 수 있다. 현재 국제통상 체제에서 안보 예외 조항은 국가 안보와 관련된 목적으로 국가가 국제 무역 조치를 취할 수 있도록 한다. 특히 트럼프 행정부 출범 이후로 국가 안보와 국제 무역 간에 관계는 통상 분쟁의 중심에 서 있다고 할 수 있다. 보호주의 성향이 강하게 드러나는 트럼프 행정부 지휘 아래 실시된 1962년 무역확장법 232조 (Section 232 of the Trade Expansion Act of 1962)의 부활은 GATT 제 21조 조항을 기본으로 두고 있다. 2018년 3월 트럼프 대통령은 무역확장법 제 232조에 근거하여 수입산 철강 및 알루미늄에 대해 관세를 부과하기로 최종 결정을 선포한 바 있다. 이는 장래에 232조 조사가 철강과 알루미늄 외에 자동차, 항공기, 반도체와 같은 핵심 산업 영업으로 확대될 가능성도 제시하고 있어 앞으로의 무역확장법을 근거로 한 미국의 수입 제재 행보를 예의주시할 필요성이 제기되고 있다. 본 연구는 GATT 제 21조와 미국 1962년 무역확장법 232조를 비교 분석하여, 안보 예외 조항에서 비롯된 자기판단 성격이 수입조치의 통상 법적 쟁점에 어떠한 영향을 미쳤는지 탐구하고자 한다. 더 나아가, WTO 체제 내에서의 안보 예외 조항에 대한 미국의 입장과 그 합치성을 따져보고자 한다. 모호성이 남겨둔 채로 발전된 안보 예외 조항은 결론적으로 해당 국가의 조사기관 재량권의 확대를 의미하므로, WTO 체재와 FTA 체제 내에서의 자기판단조항의 발전을 살펴보고 그에 따른 해결방안을 제시하고자 한다.