Information Security Management System for SMB in Ubiquitous Computing

摘要

In this study, an information security management system is developed through theoretical and literary approach aiming at efficient and systematic information security of Korean small and medium size businesses, considering the restrictions of the literature review on the information security management systems and the inherent characteristics of the small and medium size businesses. The management system was divided into the 3 areas of the supporting environment of the information security, establishment of the information security infrastructure, and management of the information security. Through verification by statistical methods(reliability analysis, feasibility study) based on the questionnaire for the specialists, the overall information security management system is structures with the 3 areas, 8 management items, and 18 detailed items of the management system. On the basis of this study, it is expected that small and medium size businesses will be able to establish information security management systems in accordance with the information security policy incorporating the existing informatization strategies and management strategies, information security systems which will enhance existing information management, and concrete plans for follow up management.