군 구성원의 심리적 요인, 보안 스트레스, 보안행동의도 간 관계에 관한 연구

박의천 미래군사학회 2022 한국군사학논총 Vol.11 No.2

Recently, in order to respond to various security threats, the focus is on physical and technical security. However, security incidents are increasing. Accordingly, it is recognized that the root cause of the increase in security accidents is human 'psychology'. This study empirically analyzed how psychological factors of Planned Behavior Theory and Protection Motive Theory, which are social science theories dealing with human psychology, affect Security Behavior Intention. In addition, the stress control effect was investigated in their relationship. For this purpose, controlled regression analysis and continuous moderation effect analysis methods were used. Looking at the research results, First, it was found that Security Behavior Intention was significantly affected in the order of Security Belief, Security Severity, Perceived Norm, Security Efficiency, and Security Effectiveness. Second, it was found that Security Stress modulates the relationship between Perceived Norms, Security Vulnerabilities, and Security Behavioral Intentions. Through these conclusions, By extracting psychological factors that have a significant effect on compliance with security regulations, it provided an opportunity to secure the credibility of people centered approach to security accident prevention. It is also expected to provide a basis for expanding academic research models on security. 최근 각종 보안위협에 대응하기 위해 물리적이고 기술적인 보안에 주안점을 두고 있다. 그러나, 보안사고는 증가하고 있다. 이에, 보안사고가 증가하는 근본적인 원인이 인간의 ‘심리’라고 인식하게 된다. 인간의 심리를 다루는 사회과학이론인 계획행동이론과 보호동기이론의 심리적 요인이 보안행동의도에 어떠한 영향을 미치는지 실증 분석하였다. 또한, 이들의 관계에서 스트레스 조절효과를 규명하였다. 이를 위해 통제회귀분석과 연속형 조절효과 분석방법을 이용하였다. 연구결과를 살펴보면, 첫째, 보안신념, 보안심각성, 인지된 규범, 보안효율성, 보안효능감 순으로 보안행동의도에 유의미한 영향을 미치는 것으로 나타났다. 둘째, 보안 스트레스가 인지된 규범, 보안취약성과 보안행동의도 간의 관계를 조절하는 것으로 나타났다. 이러한 결론을 통해, 보안규정을 준수하는데 유의미한 영향을 주는 심리적 요인을 추출함으로써 보안사고 예방에 대한 인간 중심의 접근방법의 신뢰성을 확보하는 계기를 마련하였다. 또한, 보안에 대한 학술적인 연구모델을 확장하는데 기초를 제공할 것으로 기대한다.

대학에서 시큐리티(Security)관련 학과 및 교과목 운영현황과 발전방안

박찬혁 ( Park Chan Hyeok ),정의롬 ( Jung Eui Rom ) 한국경찰학회 2016 한국경찰학회보 Vol.18 No.4

Security means protection of a person, building, organization, or country against threats. Recently, the definition of security has redefined the scope of security including cyber security, industrial security, and information security. Security matters have become an integral part of daily life. With the rapid growth of security services, the curriculum of universities have change responding to the new trends. Universities start to educate students for the development of various security service sectors. However, there are no standardized curriculum of security departments. This study aims to empirically examine the actual state of the current curriculums among the newly established security related departments at universities in Korea. In this article, security related departments include its scope to industrial security, information security, cyber security, security service, and information and communication major. Nationwide 33 universities`` security related departments were selected for the analysis. The curriculums of the selected departments were comparatively analyzed. In this article, we suggest a possible framework for the development of security departments. There should be an agreement on the standardized academic system. Also, identity of security related department should be established for training proper human resource in the security industries.

안보와 지역: 안보개념의 정립과 동북아안보공동체의 가능성

박인휘 세종연구소 2010 국가전략 Vol.16 No.4

This research includes analyses on the definitions of security and insecurity, the referent subject of security, the meaning of threat, and the related political process. In the history of modern sovereign states 'individual security', which emphasizes the physical, economic, and social conditions of human beings, has been centered on the discussions on security. Those conditions mainly based on the 'social contract' between individuals and state stand on the reliable foundation of the domestic political stability and rational diplomatic relations with neighboring countries. In other words, 'being secured condition' of human beings only can be achieved by the understanding of the social relations or interdependence in which peoples are associated with in regional levels. The Northeast Asian region has been identified as one of the most typical regions at which the 'individual security' of the people is unlikely to be understood in the context of regional level. To achieve the better secured Northeast Asian region it is mostly necessary to explore theoretical concepts on security which would lead to develop a regional security community. 안보연구는 통상 ‘안보’ 및 ‘안보부재’를 정의하는 방법, 안보의 주체, 위협의 내용, 안보를 확보하는 방법, 그리고 관련 정치화 과정 등을 핵심 내용으로 한다. 근대 주권국가의 역사에서 안보의 출발은 ‘개인의 안보(individual security)’ 확보에 있으며, 생명의 보장과 행복한 삶으로 통칭되는 개인의 안보는 ‘국가’와의 계약을 토대로 국내 정치적 안정 및 주변 국가들과의 이성적인 외교관계를 전제로 하고 있다. 즉, 개인을 둘러싸고 있는 환경들과의 지속적인 ‘상호작용 및 사회적 연합’을 이해하고, 이를 둘러싼 다양한 노력과 실천이 안보 확보의 핵심임을 깨닫게 된다. 시간적, 공간적, 구조적 수준의 안보 이슈들이 서로 복합적으로 얽혀있는 동북아의 경우 이 지역에 살고 있는 사람들의 안보를 확보하기 위해서는 동북아를 하나의 지역으로 설정한 공동체적 접근이 긴요히 요구된다. 그러기 위해서는 무엇보다도 동북아 지역의 안보를 구성하고 있는 인식적 요소 및 관련 개념화 작업이 필요하다고 판단된다.

Security technologies based on a home gateway for making smart homes secure

Kim, Geon Woo,Lee, Deok Gyu,Han, Jong Wook,Lee, Seung Hyun,Kim, Sang Wook Emerald Group Publishing Limited 2009 INTERNET RESEARCH Vol.19 No.2

<B>Purpose</B> - The purpose of this paper is to identify security technologies that are essential in making home network systems secure and to describe specialized security mechanisms for the home network and the relationships among them. <B>Design/methodology/approach</B> - The research model is designed to support three functions: authentication, authorization, and security policy. Authentication is tested in several methodologies such as id/pw, certificate, or bio; authorization is tested using RBAC methodologies; and security policy is specified using newly-designed script language, such as xHDL. <B>Findings</B> - The findings for "authentication" suggest that home network users can access services conveniently and securely. In addition, the findings for "security policy" suggest that security policy for home network requires specialized rather than general specification. <B>Practical implications</B> - The paper identifies three security functions essential for home network: authentication that supports most existing authentication mechanisms, so as to maximize user accessibility; authorization that is middleware-independent and beyond the physical transport layer; and security policy optimized for the home network environment. <B>Originality/value</B> - The paper focuses on an implementation-based security model for the home network. Though interest and research in home network security are increasing, only limited authentication applications have been adopted in real deployment up to now. This paper introduces an integrated security model and emphasizes safety and convenience so as to promote reliability in home network services.

CIA-Level 기반 보안내재화 개발 프레임워크

강수영,김승주 한국정보보호학회 2020 정보보호학회논문지 Vol.30 No.5

From the early 1970s, the US government began to recognize that penetration testing could not assure the security quality of products. Results of penetration testing such as identified vulnerabilities and faults can be varied depending on the capabilities of the team. In other words none of penetration team can assure that “vulnerabilities are not found” is not equal to “product does not have any vulnerabilities”. So the U.S. government realized that in order to improve the security quality of products, the development process itself should be managed systematically and strictly. Therefore, the US government began to publish various standards related to the development methodology and evaluation procurement system embedding “security-by-design” concept from the 1980s. Security-by-design means reducing product’s complexity by considering security from the initial phase of development lifecycle such as the product requirements analysis and design phase to achieve trustworthiness of product ultimately. Since then, the security-by-design concept has been spread to the private sector since 2002 in the name of Secure SDLC by Microsoft and IBM, and is currently being used in various fields such as automotive and advanced weapon systems. However, the problem is that it is not easy to implement in the actual field because the standard or guidelines related to Secure SDLC contain only abstract and declarative contents. Therefore, in this paper, we present the new framework in order to specify the level of Secure SDLC desired by enterprises. Our proposed CIA (functional Correctness, safety Integrity, security Assurance)-level-based security-by-design framework combines the evidence-based security approach with the existing Secure SDLC. Using our methodology, first we can quantitatively show gap of Secure SDLC process level between competitor and the company. Second, it is very useful when you want to build Secure SDLC in the actual field because you can easily derive detailed activities and documents to build the desired level of Secure SDLC. 미국 정부는 1970년대 초반부터 모의해킹만으로는 제품의 보안 품질을 향상시킬 수 없다는 것을 인지하기 시작하였다. 모의해킹팀의 역량에 따라 찾을 수 있는 취약점이 달라지며, 취약점이 발견되지 않았다고 해서 해당 제품에취약점이 없는 것은 아니기 때문이다. 제품의 보안 품질을 향상시키기 위해서는 결국 개발 프로세스 자체가 체계적이고 엄격하게 관리되어야 함을 깨달은 미국 정부는 1980년대부터 보안내재화(Security by Design) 개발 방법론및 평가 조달 체계와 관련한 각종 표준을 발표하기 시작한다. 보안내재화란 제품의 요구사항 분석 및 설계 단계에서부터 일찍 보안을 고려함으로써 제품의 복잡도(complexity)를 감소시키고, 궁극적으로는 제품의 신뢰성(trustworthy)을 달성하는 것을 의미한다. 이후 이러한 보안내재화 철학은 Microsoft 및 IBM에 의해 SecureSDLC라는 이름으로 2002년부터 민간에 본격적으로 전파되기 시작하였으며, 현재는 자동차 및 첨단 무기 체계 등다양한 분야에서 활용되고 있다. 하지만 문제는 현재 공개되어 있는 Secure SDLC 관련 표준이나 가이드라인들이매우 일반적이고 선언적인 내용들만을 담고 있기 때문에 이를 실제 현장에서 구현하기란 쉽지 않다는 것이다. 따라서 본 논문에서 우리는 Secure SDLC를 기업체가 원하는 수준에 맞게 구체화시키는 방법론에 대해 제시한다. 우리가 제안하는 CIA(functional Correctness, safety Integrity, security Assurance)-Level 기반 보안내재화 프레임워크는 기존 Secure SDLC에 증거 기반 보안 방법론(evidence-based security approach)을 접목한것으로, 우리의 방법론을 이용할 경우 첫째 경쟁사와 자사간의 Secure SDLC 프로세스의 수준 차이를 정량적으로분석할 수 있으며, 둘째 원하는 수준의 Secure SDLC를 구축하는데 필요한 상세한 세부 활동 및 산출해야 할 문서 등을 쉽게 도출할 수 있으므로 실제 현장에서 Secure SDLC를 구축하고자 할 때 매우 유용하다.

경호산업 전문인력 양성을 위한 대학 내 경호보안 전공계열 교육과정 개선 방안

신미애,박영만 한국민간경비학회 2023 한국민간경비학회보 Vol.22 No.4

The purpose of this study is a plan to improve the curriculum for security majors in universities to train security industry professionals, and the research method to achieve the research purpose was set as a systematic literature review. The identified problems consisted of three issues: first, deepening of the centralization of educational subjects, second, the curriculum not reflecting social changes and trends, and third, the inconsistency between the goals of the curriculum and industrial demands. The improvement measures for this were first, it was proposed to increase the proportion of public security subjects, second, to establish 4th Industrial Revolution technology convergence subject, and third, to establish a new subject that reflects the demands of the security industry. The meaning of the improvement plan presented above is that the curriculum of majors and departments related to security and security ultimately has a mutual influence with science of security and the security industry. In other words, as the decline of the curriculum can be seen as a decline of the science of security and the security industry, it can be seen that this suggests that intensive changes and efforts must be made in the current security and security-related majors and departments.

기업 보안 유형에 따른 보안사고 대응역량 : 사회기술시스템 이론 관점에서

이정환(Jeonghwan Lee),정병호(Byungho Jung),김병초(Byungcho Kim) 한국IT서비스학회 2013 한국IT서비스학회지 Vol.12 No.1

This study proceeded to examine the cause of the continuous secret information leakage in the firms. The purpose of this study is to find out what type of security among administrative, technological and physical security would have important influence on firm's security performance such as the security-incident response competence. We established the model that can empirically verify correlation between those three types of security and the security-incident response competence. In addition, We conducted another study to look at relation between developing department of security in the firms and reaction ability at the accidents. According to the study, the administrative security is more important about dealing with the security-incident response competence than the rest. Furthermore. a group with department of security has better the security-incident response competence and shows higher competence in fixing or rebui lding the damage. Therefore. this study demonstrates that investing in administrative security will be effective for the firm security.

脫냉전 이후 비국가행위자의 안보위협과 국가정보 활동방향

함중영 한국국가정보학회 2022 국가정보연구 Vol.15 No.1

Factors that threaten national security have been constantly changed. The structure of the East-West Cold War has been broken down as a turning point in 1991, and the changes were clearly shown before and after the year of 1991, in terms of security threats and counter activities. When considering the timing, before the post-Cold War period is classified as traditional security, and after that is classified as non-traditional security. As a new security concept that emerges after the post-Cold War, "human security" introduced by the UNDP in 1994 was appeared, and the concept of "comprehensive security" was introduced by European scholars in 1998. Meanwhile, some scholars in Korea also use the concept of 'new security' mainly studying specific factors of non-traditional security concepts, which is not the same as the concept of ‘emerging security’. Threats dealt with in traditional security were war and physical conflicts between countries. Security threats in the non-traditional security period are the intersection of threats identified in the new security dimension and threats listed in the human security dimension, such as poverty, famine, infectious diseases, environmental problems, violence and crime. On the other hand, while the traditional security actor is a state-actor, the activities of non-state actors have emerged as a huge security threat since the introduction of the non-traditional security concept, as seen in the September 11 attacks in 2001. Among the threats derived from the intersection of new security and human security threats, the main threats posed by non-state actors appear as terrorism, transnational organized crime, terrorist-TOC combined groups, cyber attacks, and abuse of new technologies. Korea's national intelligence agencies have made efforts to appropriately respond to the security threats of non-state actors listed above while responding to changes in the international environment. In particular, it is encouraging to expand national espionage activities, enact anti-terrorism laws for efficient counter-terrorism activities, and international cooperation activities to respond to cyberattacks. However, non-systematic expansion and ambiguity of national counterintelligence activities, errors in anti-terrorism laws, and lack of a security response system for new technologies are pointed out as problems to be improved quickly. 국가안보를 위협하는 요인은 지속적으로 변화해왔으며, 동서 냉전의 구도가 와해되는 1991년을 분깃점으로 삼아, 전후로 구분하여 안보위협 환경 변화와 대응활동의 커다란 차이를 나누어 볼 수 있다. 시기적으로 고찰해 볼 때, 탈냉전 시기 이전을 전통적 안보, 이후를 비전통적 안보라고 구분한다. 이어 탈냉전 이후 출현하는 새로운 안보 개념으로, 1994년 UNDP에서 소개한 ‘인간안보’가 소개되었고, 1998년 유럽 학자들을 중심으로 ‘포괄적 안보’ 개념이 소개되면서 작금 국제관계학의 주류 용어로 자리잡고 있다. 한편, 국내 일부 학자들은 비전통적 안보개념의 구체적 요인들을 대상으로 연구하면서 ‘신안보’라는 개념도 활용하는데, 신흥안보 또는 Emerging Security 등 다양하게 소개되는 새로운 안보개념과의 비교 구분도 요구된다. 전통적 안보에서 다루어진 위협요인은 국가 간 전쟁과 갈등관계였다. 비전통적 안보 시기의 안보위협은 신안보 차원에서 파악한 위협의 요인과 인간안보 차원에서 열거된 위협들의 교집합이라고 할 수 있는데, 현재와 미래에서 다루어져야 할 위협으로서, 빈곤, 기근, 감염병, 환경문제, 폭력과 범죄 등이다. 한편, 전통적 안보의 행위자(actor)는 국가인데 비해, 2001년 9.11 테러에서 보듯이 비전통적 안보개념이 도입되는 시점부터 비국가행위자의 활동이 엄청난 안보위협으로 대두되고 있다. 신안보위협과 인간안보 위협들의 교집합에서 도출한 위협요인 중 비국가행위자에 의해 자행되는 대표적 위협은 테러리즘, 초국가적조직범죄, 테러조직과 조직범죄집단의 연계활동, 사이버공격, 신기술의 악용 등으로 나타난다. 우리나라 국가정보기관은 국제환경의 변화에 대응하면서 위에서 열거한 비국가행위자의 안보 위협요인에 적절히 대처하는 노력을 전개해왔다. 특히, 국가방첩활동의 확대와 효율적인 대테러 활동을 위한 테러방지법 제정, 사이버공격에 대응하기 위한 국제협력 활동 등이 고무적이다. 그러나, 국가방첩활동의 비체계적 확장과 모호성, 테러방지법의 오류, 신기술에 대한 안보 대응체계 미흡 등은 신속히 개선되어야 할 문제점으로 지적된다.

경호심리학 연구의 융합적 접근 -경호학과 심리학-

김태민 한국범죄심리학회 2020 한국범죄심리연구 Vol.16 No.4

In contemporary society, crime and terrorism have become routine occurrences, causing people to feel intimidated psychologically in an unsafe and dangerous society. Crimes have tended to become increasingly inhuman, ferocious, atrocious, and borders between nations are breaking down, while threats of terrorist attacks are spreading. In response to that, the security industry is making strides to meet human desire for psychological safety, and the academic research and exploration by the security science should be conducted more profoundly. Psychology represents the study of the science investigating the state of mind and behavior, and has influenced and contributed significantly to overall academic fields of studies. Security Psychology is a type of study that aims to increase understanding of complex state of mind of the security guards, persons protected by security guards, perpetrators, and the crowd, the elements of security, based on the pattern of their behaviors. In a narrow sense, the Security Psychology can be defined as empirical science that scientifically investigates the behavior and psychological processes of security guards. In particular, the Security Psychology pays attention to the psychological factors that affect the security subjects and the measures for overcoming such psychological factors when security duties are performed. This study aimed to promote academic development of the Security Psychology through the approach based on convergence between Security Science and Psychology. Moreover, this study was intended to present the topics of psychology and research subjects that would need to be converged with the Security Psychology, the topics of lectures on the Security Psychology, and the challenges for development of the Security Psychology. This study is significantly meaningful in that it attempted the research converging the academic disciplines of Security Science and Psychology. Furthermore, the results of this study would contribute to academic advancement of the Security Psychology as a new study integrated into the curriculum for security-related departments. 현대사회에서는 범죄와 테러의 일상화로 국민들은 심리적으로 위축되고 불안전한 위험사회를 살아가고 있다. 범죄는 날로 비인간적이고 흉포화 되고 있으며, 국가 간 경계가 허물어지며 테러위협도 확산되고 있다. 여기에 맞서 인간의 심리적 안전욕구를 충족해 주기 위해 시큐리티 산업은 발전하고 있으며, 경호학의 학문적 연구와 고민도 심오해 져야 한다. 심리학은 마음과 행동에 관한 과학적 연구의 학문이며, 여러 학문분야 전반에 많은 영향을 끼치고 공헌을 해오고 있다. 경호심리학은 경호의 요소인 경호원, 경호대상자, 위해자, 군중 등의 행동을 통해 복잡한 마음 상태를 알아가는 학문이다. 좁은 의미에서는 경호원의 행동과 심리과정을 과학적으로 연구하는 경험과학으로 정의할 수 있다. 특히 경호심리학에서는 경호임무수행 시 경호주체에 미치는 심리요인과 극복 방안에 관하여 관심을 두고 있다. 이 연구에서는 경호학과 심리학의 융합적 접근을 통해 경호심리학의 학문적 발전을 도모하고자 하는데 연구의 목적으로 두었다. 또한 경호심리학에 융합해야 할 심리학의 주제와 연구대상, 경호심리학 강의의 주제, 그리고 경호심리학의 발전과제를 제시하고자 하였다. 이 연구는 경호학과 심리학이라는 학문 간 융합적 연구로서 큰 의미를 가진다. 더불어 경호 관련 학과 교과목으로 편성되고 있는 신생 학문으로서 경호심리학의 학문적 발전에도 기여를 할 수 있을 것으로 판단된다.

Mapping Out the Possible Outcomes of the Security Dilemma in International Politics

Er-Win Tan Institute for International Trade and Cooperation, 2019 Asian International Studies Review Vol.20 No.1

Whilst a significant amount of work has been undertaken in the field of security dilemma theory, there is a gap in the academic literature concerning the possible scenarios that may result from this phenomenon in international politics. To date, no known systematic attempt has been made to consider the full range of scenarios that may result from the security dilemma. Six possible scenario outcomes may be identified, these being: first, the security dilemma is transcended; second, a security-seeking state leaves itself unilaterally vulnerable to external aggression; third, the inappropriate adoption of diplomatic and military assertiveness to reaffirm deterrence instead arouses the fears of another security-seeking state, thereby leading to inadvertent escalation of a crisis into a conflict; fourth, a ‘deep security dilemma’ based on long-running mutual hostility that does not escalate into conflict; fifth, a security dilemma that escalates to the brink of conflict but is then de-escalated; and sixth, mitigation of the security dilemma between rival states. This article will explore these respective scenarios in terms of their underpinnings, as well as their implications for security and diplomacy