Journal of the Korean Society of Industry Convergence (한국산업융합학회 논문집)

The Korean Society of Industry Convergence (한국산업융합학회)
권호 표지
DOI QR코드

DOI QR Code

Framework Based Smart City Cyber Security Matrix

프레임워크 기반 스마트시티 사이버 보안 메트릭스

  • Kim, Sung-Min (Electronics, Electrical and Computer Engineering at University of Seoul) ;
  • Jung, Hae-Sun (Electronics, Electrical and Computer Engineering at University of Seoul) ;
  • Lee, Yong-Woo (Electronics, Electrical and Computer Engineering at University of Seoul)
  • 김성민 (서울시립대학교 전자전기컴퓨터공학과) ;
  • 정혜선 (서울시립대학교 전자전기컴퓨터공학과) ;
  • 이용우 (서울시립대학교 전자전기컴퓨터공학과)
  • Received : 2020.03.01
  • Accepted : 2020.04.02
  • Published : 2020.04.30
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, we introduce a smart city-cyber-security-grid-matrix methodology, as a result of research on overall cyber security of smart cities. The identified cyber security risks that threaten smart cities and smart-city-cyber-security-threat list are presented. The smart-city-cyber-security-requirements necessary to secure the smart city cyber security with the developed smart city-cyber-security-grid-matrix are given in this paper. We show how the developed smart city-cyber-security-grid-matrix methodology can be applied to real world. For it, we interlocked the developed smart city-cyber-security-grid-matrix methodology with the cyber-security-framework of the National Institute of Standards and Technology, and developed a framework-based smart city-cyber-security-grid-matrix. Using it, it is easy and comfortable to check the level of cyber security of the target smart ciy at a glace, and the construction and operation of the smart city security system is systematized.

Keywords

References

  1. ISO/IEC TS 27100 - Information technology - Security techniques - Cybersecurity - Overview and concepts, https://www.iso27001security.com/html/27100.html. (Accessed: March 01, 2020)
  2. ISO/IEC TS 27101 - Information Security, Cybersecurity and Privacy Protection - Cybersecurity framework development guidelines, https://www.iso27001security.com/html/27101.html. (Accessed: March 01, 2020)
  3. ISO/IEC TR 27103:2018 - Information technology - Security techniques - Cybersecurity and ISO and IEC standards, https://www.iso27001security.com/html/27103.html. (Accessed: March 01, 2020)
  4. "Framework for Improving Critical Infrastructure Cybersecurity", National Institute of Standards and Technology, (2018).
  5. "ENISA Threat Landscape Report 2018", European Union Agency For Network And Information Security, pp. 24-115, (2019).
  6. "ENISA Threat Taxonomy", European Union Agency For Network And Information Security, (2016).
  7. "Cyber security for Smart Cities - An architecture model for public transport", European Union Agency For Network And Information Security, (2015).
  8. "Smart Hospitals - Security and Resilience for Smart Health Service and Infrastructures", European Union Agency For Network And Information Security, (2016).
  9. 2019 National Information Protection White Paper, Available From: https://www.kisa.or.kr/public/library/etc_View.jsp?regno=0012001&searchType=&searchKeyword=&pageIndex=1. (Accessed: March 01, 2020)
  10. "Survey for Information Security Industry in Korea : Year 2019", Korea Information Security Industry Association, (2019).
  11. Smart Medical, https://www.kisa.or.kr/public/laws/laws3.jsp. (Accessed: March 01, 2020)
  12. E. D, Hwang, and Y. W. Lee, "User Authentication of a Smart City Management System", Journal of the Korea Convergence Society, vol. 10, no. 1, pp. 53-59, (2019). https://doi.org/10.15207/JKCS.2019.10.1.053
  13. E. D, Hwang, and Y. W. Lee, "Smart City Security Management in Three Tier Smart City Management System", Journal of the Korea Convergence Society, vol. 10, no. 1, pp. 25-33, (2019). https://doi.org/10.15207/JKCS.2019.10.1.025
  14. Korean Ministry of Land, Infrastructure and Transport, Act on Smart City Creation and Industry Promotion, etc, This Decree enter into force on Sept. 22, 2017. Law No.14718.
  15. Korean Ministry of Land, Transport and Maritime Affairs(Ministry of land, transport and maritime affairs), Korea, ACT ON THE CONSTRUCTION, ETC. OF UBUQUITOUS CITIES, amended by Act No. 9705, May 22, (2009).
  16. H. S. Jung, C. S. Jeong, Y. W. LEE and P. D. Hong, "An Intelligent Ubiquitous Middleware for U-city: SmartUM", Journal of Information Science and Engineering, vol. 25, no. 2, pp. 375-388, (2009).
  17. Threat Classification Taxonomy Cross Reference View, http://projects.webappsec.org/w/page/13246977/Threat%20Classification%20Views. (Accessed: March 01, 2020)
  18. Taxonomy Model for Cyber Threat Intelligence Information Exchange Technologies, https://s2erc.georgetown.edu/sites/s2erc/files/CyberISE%20Taxonomy.pdf. (Accessed: July 01, 2016)
  19. Two taxonomies of deception for attacks on information systems, http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.457.5398&rep=rep1&type=pdf. (Accessed: March 01, 2020)
  20. CIF Taxonomy Assesment v1", https://code.google.com/p/collective-intelligence-framework/wiki/TaxonomyAssessment_v1. (Accessed: July 01, 2016)
  21. HP Tipping Point Event Taxonomy V 2.2, http://h10032.www1.hp.com/ctg/Manual/c03964615. (Accessed: July 01, 2016)
  22. A Taxonomy of Operational Cyber Security Risks, http://resources.sei.cmu.edu/library/assetview.cfm?assetID=9395. (Accessed: March 01, 2020)
  23. H. H. Kim, et al., " Development of CAN network intrusion detection algorithm to prevent external hacking", The Korean Society of Industry Convergence, vol. 20, no. 2, pp. 177-186 (2017).