Concept Proposal of Multi-layer Defense Security Countermeasures Based on Dynamic Reconfiguration Multi-perimeter Lines
With the rapid progress of the Internet, security incidents are increasing and are becoming more sophisticated. Current trends in security incidents include not only cyber security threats such as viruses, malware, and unauthorized access, but also methods of stealing information, such as phishing, shoulder hacking, and electromagnetic wave eavesdropping. Thus, security incidents tend to diversify, and it is therefore important to consider physical countermeasures and psychological countermeasures other than the cyber security countermeasures typically taken. In this paper, in addition to the current cyber security countermeasures, we propose new multi-layer defense security countermeasures taking into consideration non-cyber security countermeasures that reflect physical viewpoints and psychological viewpoints. Specifically, we propose the concept of multi-layer defense security countermeasures based on dynamic reconfiguration multi-perimeter lines. Furthermore, a desktop simulation is performed with TPO (time, place, occasion) conditions in the office as specific perimeter lines, and the effectiveness of the concept is clarified. This contributes to the construction of a new paradigm of information security management in the digital transformation era.
This work was supported by JSPS KAKENHI Grant Number JP 19H04098.
- 1.Japan Network Security Association: Survey Report on Information Security Incidents in 2018. http://www.jnsa.org/result/incident/. (in Japanese)
- 2.The Finance: Latest cyber attack and security countermeasures summary. https://thefinance.jp/fintech/150722. (in Japanese)
- 3.McAfee Blog: 20 Types of Cyber Attacks You Should Know to Protect Your Organization. https://blogs.mcafee.jp/cyber-attack-type-to-know. (in Japanese)
- 4.McAfee Blog: Why is it multilayer defense? Strongest security countermeasures that make a risk the minimum. https://blogs.mcafee.jp/defense-in-depth-multilayer-protection. (in Japanese)
- 5.Cyber security.com: What is social engineering? Consider countermeasures from specific methods. https://cybersecurity-jp.com/cyber-terrorism/14431. (in Japanese)
- 6.Tanimoto, S.: New paradigm of information security management in the digital transformation era, Keynote3. In: Proceedings of the 12th International Conference on Project Management (ProMAC2018), The Society of Project Management, Bangkok, pp. 45–76 (2018)Google Scholar
- 7.MIC: 2017 version information communication white paper. http://www.soumu.go.jp/johotsusintokei/whitepaper/ja/h29/index.html. (in Japanese)
- 8.Canon: Security solution site’ Structure of the multilayer defense read and solved by illustration. https://www.canon-sas.co.jp/portal/security/securityinformation/deffences.html. (in Japanese)
- 9.Hoshi, T., et al.: Cyber attacker’s behavior considerations for Defense in Depth implementation, IPSJ SIG Technical reports, 2015-CSEC-71, no. 2 (2015). (in Japanese)Google Scholar
- 11.Elhaj, M.M.K., et al.: A multi-layer network defense system using artificial immune system. In: 2013 International Conference on Computing, Electrical and Electronic Engineering (ICCEEE), pp. 232–236 (2013)Google Scholar
- 14.MONOist: How to protect a control system: “multilayer defense” and “status recognition”. http://monoist.atmarkit.co.jp/mn/articles/1403/04/news005.html. (in Japanese)
- 15.Yoneda, S., et al.: A study of dynamic cooperation method between multi-clouds based on TPO conditions. IEICE Trans. Inf. Syst. (Jpn. Ed.) J99-D(10), 1045–1049 (2016)Google Scholar