DOI QR코드

DOI QR Code

A Study on Structuring of Information Sharing Platforms Based on Risk Communication Theory

위험커뮤니케이션 이론에 기반을 둔 정보공유 플랫폼 구조화 연구

  • 유지연 (상명대학교 융합공과대학 휴먼지능정보공학과) ;
  • 박향미 (한국IT법연구원)
  • Received : 2019.06.03
  • Accepted : 2019.06.30
  • Published : 2019.06.30

Abstract

In this day and age physical and cyber boundaries have converged due to the development of new technologies, such as the Internet of Things (IoT) and the Cyber Physical System (CPS). As the relationship between physical system and cyber technology strengthens, more diverse and complex forms of risk emerge. As a result, it is becoming difficult for single organization or government to fully handle this situation alone and cooperation based on information sharing and the strengthening of active defense systems are needed. Shifting to a system in which information suitable for various entities can be shared and automatically responded to is also necessary. Therefore, this study tries to find improvements for the current system of threat information collecting and sharing that can actively and practically maintain cyber defense posture, focusing particularly on the structuring of information sharing platforms. To achieve our objective, we use a risk communication theory from the safety field and propose a new platform by combining an action-oriented security process model.

References

  1. Businesstopia, "Lasswell Model of Commication", Dec 29th 2015. https://www.slideshare.net/businesstopia/laswell-model-of-commication (Search: 2018.12.03.)
  2. Chee-Wooi Ten, Govindarasu Manimaran, and Chen-Ching Liu, "Cybersecurity for Critical Infrastructures: Attack and Defense Modeling", IEEE Transactions on Systems, Man, and Cybernetics - Part 1: Systems and Humans, Vol.40, No.4, Jul 2010.
  3. DTCC, "Cyber Risk - A Glbal Systemic Threat", Oct 2014.
  4. Earl Guzman, "Basic Linear Communication Models: Lasswell, Shannon and Weaver", Jul 15th 2015. https://www.slideshare.net/EarlGuzman/lasswell-shannon-weaver (Search: 2018.12.03.)
  5. Gomez, Jimmy A., "The Targeting Process: D3A and F3EAD", Small Wars Journal, Jul 16th 2011.
  6. Han Sang-Kook., "Improvement of National Information Sharing System by Security Environment Change: Focusing on US Information Society Case," Konkuk University Graduate School of Public Administration, Feb 2013.
  7. Ismael Valenzuela, "Intelligence-Driven Defense: Successfully Embedding Cyber Threat Intel in Security Operations", SANS Blue Team Summit, 2018.
  8. Kim Ae-Chan, and Lee Dong-Hoon, "A Study on the Priority of Requirements for Establishing Effective Cyber-threat Information Sharing System," Journal of the Korea Institute of Information Security and Cryptology, Vol.27, No.5 :61-67, 2016.
  9. Kim Dong-Hee, Park Sang-Don, Kim So-Jeong, and Yoon Oh-Jun, "A Study on Establishment of Cyber Threat Information Sharing System Focusing on U.S. Cases," Convergence Security Journal Vol.17, No.2 :53-68, 2017.
  10. Lim Won-Sick, Yoon Myung-Keun, and Cho Hark-Su, "KOSIGN: Cyber Threat Information Sharing System from Information Protection Products," Korea Institute of Information Security and Cryptology, Vol.28 No.2 :20-26, 2018.
  11. NSA CSS(National Security Agency Central Security Service), "Active Cyber Defense (ACD)", Aug 1st 2014. https://apps.nsa.gov/iaarchive/programs/iadinitiatives/active-cyber-defense.cfm
  12. Park Ji-Baek, Choi Byoung-Hwan, and Cho Hark-Su, "Promoting sharing of cyber threat information," Journal of The Korean Institute of Communication Sciences, Korea Institute Of Communication Sciences, Vol.35 No.7 :41-48, 2018.
  13. Song Hae-Ryong, Cho Hang-Min, Lee Yoon-Kyung, and Kim Won-Je, "A Study on the Conceptualization, Structural Analysis and Domain Establishment of Risk Communication," Dispute Resolution Studies Review, Dankook Center for Dispute Resolution, Vol.10, No.1 :65-100, 2012. https://doi.org/10.16958/drsr.2012.10.1.65
  14. SRC(Systemic Risk Center), "System Risk", http://www.systemicrisk.ac.uk/systemic-risk(Search: 2018.10.05.)
  15. START, "Understanding Risk Communication Theory: A Guide for Emergency Managers and Communicators", May 2012.
  16. WEF "Part 1: Global Risks 2014: Understanding Systemic Risks in a Changing Global Environment", Jan 2014.
  17. WEF, "Understanding Systemic Cyber Risk", Oct 2016.
  18. Yoon Oh-Jun, Cho Chang-Seob, Park Jeong-Keun, Bae Sun-Ha, and Shin Yong-Tae, "A Study on the Domestic Model for Cyber Threat Information Sharing by Analyzing the Relevant Systems of Major Advanced Countries," Convergence Security Journal, Vol.16, No.7 :101-111, 2016.
  19. Yoon Oh-Jun, Cho Chang-Seob, Park Jeong-Keun, Seo Hyung-Jun, and Shin Yong-Tae, "A Study on the Improvement Model for Invigorating Cyber Threat Information Sharing" Convergence Security Journal, Vol.16, No.4 :25-34, 2016.
  20. G. G. Kaufman and K. E. Scott, "What Is Systemic Risk, and Do Bank Regulators Retard or Contribute to It?" in Independent Review Vol.7, No.3 :371-391, 2003.