Professional Documents
Culture Documents
1. How did the master plan to implement a government data center set up?
NIRS arranged a presidential committee composed of professionals from various
sectors such as professors, IT experts, public officers and more to listen to
different opinions and voices before and while executed the government data
center implementation project. NIRS conducted Business Process Reengineering
(BPR) and Information Strategy Planning (ISP) as projects to systematically
launch and administer the innovation. Well-prepared master plan were usefully
employed in actual implementation stage.
2. How were the matters related to the laws and regulations in regard to
establish a government data center resolved?
Korean Government needed to enact a number of new acts, laws and codes in
related to government data center establishment, operation and management over
pre-existed higher laws such as e-Government Act. It was essential to have
lawful principles ready prior to make people move. If interested, you can visit
www.law.go.kr. as releasable ones are available in English at the site.
3. What was the key to successfully settle conflicts among client agencies?
In Korean case, there were strong sense of commitment and leadership of top
management over government data center establishment project. The presidential
committee was determined to convince the agencies (clients-to-be) with various
data and information. Some key ministries’ active participation in pilot projects
also played as an important role in encouraging others to be positive in
considering to get in as they could experience actual advantages of integration
and showed examples first.
10. Did the clients like the idea of integration? any resistance?
Of course not. As you can imagine, they still wanted to take whole control over
their device, man, and money as before. One of the complaints was not being
able to get to know about the incident management status in real time.
Therefore, we had built up the system which could better facilitate the situation
to satisfy their needs. We have tried our bests to resolve issues that clients
brought up as much as we could. As a result, in customer satisfaction survey
had conducted twice a year, we could see the marks had kept going up as time
went by.
11. Please name some issues to be considered in early system migration stage.
OK. There are several stage specific issues to be considered such as issues to
understand actual status of retained resources, operational status, resources to
be transferred, ways to manage heterogeneous types of resources and mock drill
preparation to accommodate stable resource migration and more.
12. Is there any country who adopts Korean government data center model as
theirs?
Yes. Vietnam was one of the determined countries ever tried to adopt Korean
model to their land. Mongolia, Nepal and Thailand were the countries who were
very much interested in specific fields in Korean data center operation so we had
formed business cooperation contracts with each of them. There were also
countries once asked consultation to operate theirs such as Brunei, Uzbekistan
and Tunisia.
13. Could you tell me about the scope of the pilot project carried out before
completely integrate the systems?
Considered as one of the key agencies, 5 including Ministry of ICT, MoEF, and
MoIS proactively participated in the pilot project which was carried out before
fully launching the center. By willingly taking potential risks and showing
examples, the forerunners had contributed the integration project to being able to
make meaningful achievements after all in terms of proving its technical,
managerial and economical excellency.
14. I know there would be 2 more centers ready soon over currently operated 2
ones. Could you explain about the data management plan in brief?
Currently, information systems of 22 institutions where manage public services
closely related to people’s daily life are mainly taken cared by the 1st center in
Daejeon. And the rest of 23, mostly have to do with social order and security
are managed by the 2nd center in Gwangju. Exclusive back-up center in Gongju
expected to be completed by 2022 will mainly host being backed up data
currently managed both in Daejeon and Gwangju and the 3rd center in Daegu, to
be ready by 2021 will control new clients’ data such as public institutions and
affiliated agencies currently not under NIRS’ supervision.
Ⅱ. Information Resource Operation & Management Projects
1. How does NIRS close deals over information resource operation &
management
projects?
Information resource operation & management projects of NIRS are entrusted to
those companies who participated in and won at the open bid competition
conducted through the national e-procurement system, KONEPS run by Public
Procurement Service (PPS). Mostly, the contracts are valid through 1 to 3 years.
NIRS has found the fittest and they take charge over assigned projects.
3. How does NIRS communicate with the clients over information resource
management?
There is a portal for internal use to manage integrated resource operation in
NIRS called nTOPS (national Total Operation Platform System). Most of essential
information such as system operation status, things to notice, knowledge
management, and more are shared with client agencies in real time through the
system. There are staff in charge assigned per each institution to communicate
with as well. Semi-annual or quarter based congregations exclusively for clients
have been arranged so that recent trends or changes in major policies could be
shared in more intimate way.
9. Let us know about the professional training system of NIRS for the staff.
For the public officers, there are training systems divided into 9 groups per
characteristics of tasks based on NIRS HR Training Program. Various courses
are being provided per group. The courses can be classified as for professional
capability and common one based on nature of contents. For the private
partners, seminars or workshops dealing with new technologies and trends are
constantly presented all year around.
10. Does NIRS have a plan to manage private data as well in the future?
No. The primary objective of establishing NIRS was to exclusively serve the
government agencies as clients. NIRS does not plan to even accommodate
private data yet. Those of private sector such as banks or hospitals are
independently managed by their own they are required to comply with critical
government provisions though.
11. Can client agencies choose whether to entrust their resources to NIRS or
not? Is it optional or compulsory?
It is a 'must' thing to follow, not an option for the clients can choose from.
Before NIRS was established, the resources were individually managed by clients
respectively. However, operation and management of the 45 client agencies'
information resources have been one of the sole responsibilities of NIRS since
2005.
13. Are projects of NIRS only being ordered to big players, I mean to large
enterprises like Samsung or LG?
At early stage of operating NIRS, most of private partners were from big
enterprises as they had a number of reliable experiences dealing with System
Integration (SI). As time goes by, government had tried out new policies
encouraging more of SMEs to participate in NIRS projects to develop the industry
in general, boost up related local economy and invite SMEs to be competitive by
set limits over huge groups. Currently, 100% of NIRS' private partners are local
SMEs.
15. Who is responsible for taking care of incidents happening over NIRS
managing data?
It depends on the scope of responsibility either of NIRS or clients based on the
nature of data. NIRS takes care of DB security, DB system engine operation and
DB volume management. On the other hand, client agencies deal with DB data
security, private information security, DB access control and more.
Ⅲ. Cloud
2. What was the main drive that Korean Government decided to actively
implement the government-only cloud platform?
It is inevitable for amount of information resources to be kept growing as number
of new digital government services for public convenience improvement and gover
nment business innovation are increased or existing services are expanded. Kore
an Government needed to 1) reduce down the excessively spent maintenance co
sts, 2) improve inefficiency due to requiring to operate heterogeneous types of re
sources by standardizing them, 3) set up a smart domestic standards suit for uni
versal environment and 4) improve efficiency by only allocating resources in need
per work load.
4. Could you share the major features of the government cloud that NIRS
operates?
The cloud is to support the digital government services provided by the central
government bodies and is designed by specially taking availability, extendability
and agility into consideration based on the standardized frame. Operating services
in the Cloud are classified into 4 different categories considering significance and
numbers of users of services. Service levels over incident, change and security
management are being managed according to the corresponding classes. On top
of that, NIRS does not save its efforts to lead and support the related industry
by continuously carrying on various policies such as supporting SMEs, boosting
up domestic product consumption and expanding open SW adoption as a
government data center.
7. Could you explain about the NIRS Cloud migration plan by stage?
NIRS conducted a pilot test for implementing an intelligent cloud data center in
2019. From the last year in 2020, SDDC based cloud environment has been
successfully prepared at the first center in NIRS Deajeon and the infra is
continuously being expanding and advancing. We are expecting to apply the infra
to NIRS Daegu in next year while information resources of new client agencies
would be migrated. NIRS Gwanju’s infra would finish being transformed till 2022.
10. Are the Cloud servers in Korean main land only or also in overseas?
NIRS Cloud servers are only in Korean peninsula. NIRS operates disaster
recovery systems between NIRS Daejeon and Gwangju to deal with contingencies
such as unexpected disasters and sudden accidents. NIRS Gongju expected to
be ready in 2022 will be used as an exclusive backup center.
12. How did client agencies deal with new movement ? Are they ok about the
new projects without resistance?
Information Resources’ efficiency, resiliency and availability are all to be improved
by implementing a cloud computing infrastructure. Costs required for procurement
and operation has also been reduced down accordingly. Clients in early stages
had expressed their difficulties in migrating the legacies into the Cloud, however,
they are now in pretty much cooperative lines as they have reached an
consensus that the Cloud is competent not only in flexible resource allocation but
also in availability management and more.
13. Tell us about the ‘Cloud First’ policy of the NIRS (Korean Government).
It is the policy when brand new digital government services are to be launched
or outworn device are to be replaced, the Cloud infra need to be considered as
a priority to accomodate them. NIRS started resource integration projects since
2009 and has proactively promoted the Cloud policy, ‘G-cloud 456’ which
introduces more than 40% of open sources compared to existed operating
conditions, aiming to cut off over 50% of operating costs and to migrate over
60% of total government services into the Cloud, to accelerate expansion of the
government cloud services.
14. Does NIRS also have a plan to migrate UNIX based large scaled and critical
systems into the Cloud?
There are some client agencies requesting commercial SWs operating based on
UNIX environment when they are required to exercise high performing resources
such as DBMS from NIRS. As it is quite challenging to operate UNIX based
systems resiliently, NIRS keeps monitoring technological development status of
Cloud and virtualization product so that they could also be relocated to x86
based systems.
15. How about license issues according to expansion of server resources in the
Cloud? What is NIRS’ basic stance over the matter?
In NIRS Cloud system, it is essential to hire domestic and open SWs first. When
a client inevitably needs to practice commercial ones, NIRS reviews the specific
case with the department in charge by considering the features of services and
tries to find ways to settle the problems.
Ⅳ. Cyber Security Management System
NIRS is equipped with efficient defense systems over various types of cyber
threats. It operates the multi-layered defense system preferentially to manage
various kinds of attacks such as web-hackings and DDoS. In the later stage,
there is a Big Data based security management system which analyzes and
processes all data. Currently, the Big Data one is being transformed into an A.I.
based next generation security architecture.
Through the new innovative systems, number of cyber attacks are being
auto-blocked in real time and thorough analysis conducted with various analyzing
gears, which are far from just simply operating security device. NIRS also carries
out various sorts of mock drills in a regular basis.
2. Could you explain about major responsibilities of NIRS in the national cyber
crisis defense structure.
The Republic of Korea established the National Cyber Security Center (NCSC) in
2013. As it recognizes cyber crisis as one of the serious threats to National
Security, it organizes and operates civilian · government · military joint cyber
threat response group centered on National Cyber Security Secretaries.
The ‘serious’ level is issued in consultation with the Director of National Cyber
Security Center (NCSC) when critical harms are expected to be unavoidable to
national security. Appropriate measures such as intensive monitoring or
emergency on-call are taken in accordance with warnings of each level.
The Big Data based system status monitoring platforms that NIRS implemented
and is operating are as follows :
- nSIMS (national Security Information Management System) : The Big Data
based log analysis system, collect/analyze system information (down, resource
usage rate, error logs and more), detect events and transfer them to nTEMS
- nTEMS (national Total Event Management System) : Disseminates system status
to staff in charge, manage events by conducting event impact analysis and
assuring system recovery, transfer events to nTOPS
- nTOPS (national Total Operation Platform System) : Analyzes the cause of
events, register results of follow-up measures and more
(Incident Investigation) The incident is examined through related log collection and
digital forensic to find out root causes, extents of damage, and ways to recover
and prevent for the future.
NIRS conducts firewall policy usage check and blocks unnecessary ones in a
regular basis. Internet and Intranet are physically separated to inhibit hacking
activities through the Internet.
6. Share us some ways that NIRS takes to secure internal data safe.
In order to prevent the internal data from leaking, NIRS encrypts all document so
that they could not be used outside even if they are happened to be disclosed.
Basically, most of portable storage device such as USB, laptop and hard drive
as well as paper document are not allowed to be carried in or out physically so
that it can cut off a possible ditch in fundamental basis.
On top of that, account management for access over security equipment has
been reinforced to control unauthorized users’ illegal approach. Retired
employees’ email accounts are being deleted within a week after the day of
official leave.
9. Could you tell us about cooperation state of NIRS in the area of cyber
security management?
NIRS, as a national IDC which hosts a large number of major government information
resources in Korea, conducts intensive joint drills with private ISP companies over
cyber crisis. It also holds nationwide cyber threat information sharing systems to
pro-actively catch signs of new security threats in advance, as well as collaborating
committees to ensure effective coordination for any contingency.
10. Does NIRS have to worry about losing monitoring agents when A.I. technology
is applied to the cyber security management system?
NIRS does not necessarily need to worry about letting them go while considering A.I.
set up to be in place. Those monitoring agents would rather be dealing with more
advanced tasks such as A.I. modelling or new attacking techniques investigation than
current relatively simple responsibilities. Our goal is to reinforce the system to be
impressively epochal in terms of both in processing scope and speed.
The ultimate objective of the A.I. project is not to replace human forces to new
machines, but to support people to work more efficiently and to expand fields where
used to have limitations of time and resources to reach.
11. Would A.I. system of NIRS be only exercised in the security management
area?
NIRS aims for the platform to be universal in its nature so that it processes
many different models in distinctive environment. NIRS still counts cyber security
management with the technology as a priority for consideration to take for now,
however, it expects the system to be able to conduct other assignments by steps
such as forecasting incidents or carrying out simple internal tasks like approving
firewall tickets (about 100 cases per day).
12. What sorts of obstacles NIRS can anticipate while applying/operating A.I.
technology to the current systems?
Initial drawbacks NIRS dealt with when implementing the A.I. system was that it
needed to consume more resources to operate, including the legacies at the
same time.
A.I. is very close to a baby requiring learning periods which definitely demands
more resources such as forces to take care of existing systems, conduct
additional studying and analyzing duties. For instance, it is expected to take
about 6 months to create a primary model and 2 years to make it advanced.
13. What benefits NIRS can expect from newly implementing A.I. based security
management system?
First of all, processing scope will be expanded from current about two hundred
thousands events per day to over ten million. Processing speed will also be
improved from 10 minutes per event to 30 seconds. On top of that, responding
capability over unknown attacks will definitely get better through practicing
detecting abnormalities over normal behaviors.
NIRS expects such innovation will bring reduction in risk costs benefiting around
4.5 up to 9 billion US dollars.
14. Any new information security management scheme to prepare for the future?
In the past, the security industry was largely divided into 2 categories, physical
and information security. However, advances of technologies are widening the
points of contact between the two domains. NIRS has created a new information
security management system called ‘nAEGIS’ that comprehensively covers both
terrains.
1. Tell us about the types of disasters that NIRS takes priorities to look over.
The types of disasters that NIRS takes priorities to look after are about 10
different kinds. Some of the typical ones include 1) fire, 2) earthquake, 3) storm
and flood, 4) power supply error, 5) terrors and more. NIRS equips systematic
Business Continuity Plan (BCP)s per each disaster and in time of emergency, the
organization carries out each duty in charge for the circumstances according to
specific manuals and protocols.
3. Could you let us know about the kinds of regular back-up or dispersion
activities that NIRS practices to secure service continuity?
Regular back-up exercises include daily increment and weekend whole. Irregular
temporary back-ups are conducted in required occasions after being discussed
among people-in-charge. Talking about dispersion, both on-line and off-line
(physical) forms are also taken into consideration. Schedule, method, frequency
and saving period of backing up data are also operated with classes based on
associated rules and regulations.
1. What is K-net ?
K-net is the nationwide exclusive government information and communication
network used both by central and local government institutions which supports
efficient government businesses and public services. It is the very network that
connects all government information as one.
NIRS has connected GNS providers and ISPs to the common infrastructure so
that it can serve the user institutions with various and quality services.
To improve network survivability, NIRS not only has worked on circuits, nodes
and ISPs redundantly, but also introduced one of the new technologies in the
field such as T-SDN* which could handle a client’s demand like backbone net
extension more flexibly.
(* T-SDN : Transport Software Defined Network)
The project is expected to be wrapped up until the end of next year in 2022.
Private nets re-engineering and constant improvement works would be carried out
with continual operation supports by introducing technologies in the field such as
Quantum Cryptography Communication.
7. Could you let us know about the total availability of NIN? How about the
current average traffic of them ?
Total bandwidth of backbone nets of NIN are 860Gbps* for the 1st net and
530Gbps for the 2nd net. Currently, the traffics are not considered as sizable yet
since it is still early stage of conversion, however, it is expected for them to be
getting larger as NIN would be completed by stages.
* Gbps : Giga bit per second
Core nodes in NIRS Daejeon and Seoul Annex Complex have observed related
circuits of government complexes, local governments and local administrative
complexes and more.
NIRS is conducting compatibility verification for now whether the new monitoring
system implemented for NIN would also work for K-net. Once it would turn out to
be alright, it would also be applied to K-net by steps.
The NOC would visualize various network status by getting information from
ISP’s, provide customized monitoring service per each client and support
cross-monitoring among government institutions.
10. Does NIRS employee other communications means other than optical fiber
such as satellites ?
Currently backbone nets’ of K-net are based on optical fiber as well as NIN.
1. NIRS offers services only for central government institutions. Does any
government agency support local governments with similar services?
Yes, we have Korea Local Information Research & Development Institute (KLID)
which comprehensibly manages and operates information resources for local
governments. KLID is also an affiliated institution of Ministry of the Interior and
Safety (MoIS) just like NIRS is.
They not only take control over information system incidents and cyber infringement
& threats for local communities but also support research and development
practices for their organized and efficient development.
Some local bodies capable of running their own such as Seoul Metropolitan City or
Gyeong-gi-do have been operating their own data centers independently.
NIA takes part in policy or strategy making mostly about digital government and
digital capacity building for the intelligent information society. Those activities could
represent some of its roles as ‘an Head’ of the intelligent information society in a
broad sense.
About 5,000 visitors from around 160 countries have paid visits to NIRS between
2007 to 2021 to participate in the NIRS Study Tour Program to learn about
Korean digital government services and national information resources operation
status.
6. Share us about the ways that NIRS could support foreign countries when they
try to implement a government data center in their own lands.
There are three different technical categories in government data center
implementation domain. First, there is ‘consulting’ realm which deals with national
informatization master plan and basic plan for implementation. Next, we have ‘data
center implementation’ sphere working on building construction and framing
comprehensive environment for operation. Lastly, there we have ‘information
security management’ area caring information security managing system
implementation and building them by steps.
NIRS reviews feasibility, scopes and forms for supports such as holding joint
technical seminars or workshops, looking for applicable training programs or
participating at relevant international functions based on a request. All kinds of
supports are subject to internal circumstances of NIRS.
8. Could you let us know about instances of efforts that NIRS has made to
co-prosper with partners and communities?
SMEs are more than welcomed in NIRS as favorable and reliable partners. NIRS
has pro-actively participated in government’s ‘Cultivating & improving environment
for SMEs’ initiatives for years. Most of the big players which are early-stage
partners have been successfully displaced with capable SMEs in the field.
NIRS also supports partners, whose capability, performance and security have
been verified while carrying out implementation or operation projects of NIRS, to be
able to outreach its stage overseas by co-hosting or participating in a number of
functions or events overseas together and introducing them to foreign countries
asking for technical consulting.
NIRS does not save efforts and supports to care for partners in the field to be
able to grow and develop together as long as it can afford opportunities and
environments.