The paper, authored by Shin Dae-min, a senior researcher at the Financial Security Institute, is published in Computer Standards & Interfaces, an international journal indexed in Science Citation Index Expanded (SCIE). Courtesy of Financial Security Institute
By Jun Ji-hye
Shin Dae-min, a senior researcher at the Financial Security Institute’s (FSI) personal information protection department, has proposed efficient development and operation strategies for financial software while minimizing security threats in cloud environments in his recent paper.
His study has gained attention as the financial sector is increasingly adopting cloud computing, yet security systems and technologies remain tailored to traditional infrastructures, highlighting the need for improvements.
Shin Dae-min, senior researcher at Financial Security Institute / Courtesy of Financial Security Institute
His paper, “Enhancing Cloud-Native DevSecOps: A Zero Trust Approach for the Financial Sector,” was published in Computer Standards & Interfaces, an international journal indexed in Science Citation Index Expanded.
In the study, Shin proposed a new security framework that integrates DevSecOps, which unifies software development (Dev), security (Sec) and operations (Ops), with zero trust, a model that continuously verifies all users and devices without assuming trust.
The study was highly regarded for its concrete proposals on how financial institutions can minimize security threats in cloud environments while efficiently developing and operating financial software, the FSI noted.
Shin said in an email interview with The Korea Times that the study’s findings could serve as a foundational resource for enhancing cloud-native security in the financial sector and facilitating the practical adoption of the zero-trust security model.
“The findings may be considered as a security compliance standard for cloud-native DevSecOps environments in the financial sector. They can also serve as a foundational reference when establishing security assessment criteria and evaluation standards,” he said.
“Additionally, the research can be used as a review resource for implementing the cloud native access point model in financial cloud environments, ensuring secure access between internal and external networks, and adopting zero trust network access-based access control.”
FSI Director Park Sang-won underscored that the institution will continue to enhance employees’ expertise, strengthen security standards in the financial sector and lead the way in safe digital innovation.
“We will actively support research on emerging security technologies such as artificial intelligence and cloud computing, as well as participation in world-class hacking competitions,” Park said.
English (United States) ·