Go to contents

CS More Vulnerable to Security Breach Than NEIS

Posted May. 18, 2003 22:10,   

한국어

Some 350 members of the Korean Federation of Teachers` Association, who teach information systems at primary, middle and high schools nationwide, held a meeting at the Teachers` Union Building in Seocho-gu, Seoul on May 18 and discussed how to cope with the government plan to revise the NEIS (National Education Information System) plan.

And attendants at the meeting decided to reject adoption of CS (Consolidated System) if the government switches back some parts of NEIS to CS as recommended by the National Human Rights Commission of Korea.

They also plan to file a complaint to the commission on the ground that CS is more vulnerable to human rights abuse than NEIS.

“Since CS is based on individual school unit, they are more exposed to human rights violation,” said the teachers at the meeting. “The commission now suggests that the government switch back to CS citing some vulnerabilities of NEIS, a decision apparently resulted from the lack of understanding about school environment and digitalization.”

“Some 30% of schools are not equipped with CS security systems and barely have the first stage of firewalls,” pointed out Yun, teacher in Bucheon, Gyeonggi Province. “What is the point of upgrading CS systems when even middle school students successfully hack the systems.”

“NHRC is supposed to deal with human rights issues and the proposal to switch back to CS is beyond its authority,” said a schoolteacher working in Seoul. “Teachers must file a formal case against the commission if the government adopts the proposal.”

“While we were hacked three times using CS last year, there has no hacking incident after we adopted NEIS,” said a teacher in Taebak, Gangwon-do. “It makes no sense for the commission to prefer CS citing information protection as a reason, therefore.”

The Ministry of Education is set to hold an NEIS committee meeting on May 19 inviting teachers` and parents` organizations, before making a final decision whether to adopt NHCR`s proposal on the 20th at a meeting with education commissioners.

Meantime, The National Information Security Technology Institute, a government-backed information security research organization, and security firms such as Secu-i.com and Korea Information Certificate Authority said in their research papers that CS lags behind NEIS significantly in terms of information security. And they added, “It will take a great deal of time and money to address the problems with CS.”

“We found CS more vulnerable in server access control, management of workforce, intrusion detection, server security and data transmission passwords,” pointed out the information security institute.

“Since CS was made before the adoption of the Internet in the school community, its security functionality is weak in system security, facility security and management and operations,” explained Secu-i.com.



In-Chul Lee inchul@donga.com