최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm...

© 2015 IBM Corporation

IBM Security Systems

1 © 2015 IBM Corporation

최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 IBM 전략 소개

박형근 실장IBM AP Security Tiger



2

FINTECH



3



4

인터넷 은행



5

신용카드

로열티프로그램

기프트카드

ID 카드

영수증

디지털 화폐 /RDC(Remote Deposit Capture)

스마트 티켓

Wallet

모바일 지갑



6

쇼핑 카텔로그 / 리스트 상점에서 바코드 스캔 자가 결제디지털 영수증

스마트 유통



7



8



9

그런데 , 보안은 ?



10

ProcessorsPayment Gateway

API

WalletPCI Vault

Merchant

Ledger

Adv.Routing

Basic Fraud Adv. Fraud

Cross-channelCommerce

Engine

Checkout

Data Feeds

Reconciliation

Shadow A/R

SettlementOperations

Web Tool

Logistics

Treasury

A/R

Financial Back-Office

Order Management

Payment Gateway



11

온라인 금융 서비스

사용자 기기(PC/ 모바

일 )

악성코드

피싱 /파밍

감염 및 보안 이벤트 데이터세션 정보

기기 정보 , 세션정보

전자금융 서버 ( 웹 / 모바일 )

고객 지원

고객 대응보안 / 관제

분석 범죄 로직 확인 위험도 산출

사이버 범죄 인텔리전스

IBM 보안센터

IBM 사이버 금융범죄 대응 서비스



12


API

WalletPCI Vault

Merchant

Ledger

Adv.Routing



Engine

Checkout

Data Feeds

Reconciliation

Shadow A/R


Web Tool

Logistics

Treasury

A/R


Order Management

Payment Gateway



13

사용자 인증 ( 서비스마다 차별적인 )



14

MAC

CPU

IMEI

Battery ID

Chip ID

언제 , 어디서나 , 무엇으로든 인터넷을 통해 접근 가능 동시 로그인 및 계정 탈취 방지 필요 . 멀티 디바이스 , 멀티 브라우저 지원 요구 ID/Password 에 부가하여 새로운

방식의 인증 강화 (Transparent 3-Factor)

서버에서 디바이스를 구분하는 방식의 문제점 기기 자체의 정보 (H/W, OS, 브라우저 등 ) 를

신뢰하면 위험

IBM Solution: ”Persistent Device ID” 소프트웨어 + 하드웨어 결합방식 앱이나 OS* 가 재설치시에도 ID 유지 범죄자의 Device 사용시 구분

사용자 디바이스 인증



15

사용자의 편의성 고려한 차별화 서비스 필요



16

사용자 디바이스 보안 – PC

피싱 차단 악성코드 방어

피싱사이트 블랙리스트

신용카드 정보 악성코드 방어

로그인정보 보호

피싱 대응 치료

피싱사이트 다운서비스

악성코드 제거로그인 정보

재설정

보고

브라우저 위변조

피싱사이트차단

고객 리포트

악성 행위 차단브라우저 보호

웹인젝션 키로깅 스크린 캡처

파밍 ,DNS 변조

x

사용자 기기

악성코드

피싱

오버레이 공격차단



17



18

사용자 디바이스 보안 - 모바일

사용자 기기

악성코드

피싱

http://2.bp.blogspot.com/-80TZ4wEIwkc/UpxoDjNEpZI/AAAAAAAABY8/RDrBwCrhb3s/s1600/TM001.jpg



19


API

WalletPCI Vault

Merchant

Ledger

Adv.Routing



Engine

Checkout

Data Feeds

Reconciliation

Shadow A/R


Web Tool

Logistics

Treasury

A/R


Order Management

인터페이스 보안



20

통제 디바이스 / 사물 (Thing) 서비스 인터페이스 서비스 플랫폼

IBM Fraud & Secure Gateway

IBM Cyber CrimeIntelligence

ID/PW Mobile OTP

보안 서비스

ID 탈취 탐지

•Device ID, User ID 에 대한 도난 여부 탐지 , 인증정보 통한 플랫폼 공격 방어

악성코드탐지

•웹 브라우징 상의 악성코드 감염 여부 탐지와 제거

웹 /XML공격 방어

•웹 혹은 XML 취약점 기반 공격 방어

암호화 통신

•암호화 통신 (TLS/HTTPS) 및 가속화

인증 /접근제어

•사용자 혹은 디바이스 인증 및 서비스 접근 제어 ( 인증 혹은 IP 기반 등 )

인터페이스보안

인터페이스 보안



21

IBM 보안 프레임워크



22

IBM 보안 솔루션 포트폴리오



23

IBM 보안 서비스 포트폴리오IBM Security Services Portfolio

People Data Applications Infrastructure

Identity Assessment & Strategy Crown Jewels Discovery & Protection SDLC Program Development Security Optimization

User Provisioning/Access Mgmt Database Security Dynamic and Static Testing Design, Deployment & Migration

Total Authentication Solution Encryption and Data Loss Prevention

Embedded Device TestingStaff Augmentation

Managed/Cloud Identity Mobile Application Testing

Strategy, Risk & Compliance

Security Maturity BenchmarkingSecurity Strategy & Roadmap

DevelopmentSecurity Risk Assessment & Program

DesignIndustrial Controls

(NIST, SCADA)PCI Advisory

Firewall / Unified Threat Management Intrusion Detection & Prevention Web Protection & Managed DDoSHosted E-Mail & Web

Vulnerability Mgmt

Managed SIEM &

Log Management

Security Operations

Security Intelligence Operations Center Design & Build Out Services

Cloud and Managed Services

Cybersecurity Assessment & Response

Threat Intelligence Advisory X-Force Threat Analysis Penetration Testing Incident Preparation Emergency Response



24

www.ibm.com/security

© Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

www.ibm.com/security

© Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

http://www.ibm.com/security

http://www.ibm.com/security

최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm...

Technology