Journal of Convergence for Information Technology (융합정보논문지)

Convergence Society for SMB (중소기업융합학회)
권호 표지
DOI QR코드

DOI QR Code

An IPIMS Design for Efficient Personal Information Management

효율적인 개인정보 관리를 위한 IPIMS 설계

  • Jeon, Byung-Jin (Department of Information Security, Tongmyong University) ;
  • Shin, Seung-Soo (Department of Information Security, Tongmyong University) ;
  • Lee, Jun-Yeon (School of Digital Media Engineering, Tongmyong University)
  • 전병진 (동명대학교 정보보호학과) ;
  • 신승수 (동명대학교 정보보호학과) ;
  • 이준연 (동명대학교 미디어공학부)
  • Received : 2017.06.02
  • Accepted : 2017.06.20
  • Published : 2017.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

The purpose of this study is to solve the limitations that the information security manager of company should recognize the personal information of all employees. In this study, we propose efficient personal information retention status management system to minimize information retention status of personal information and department by information security manager and departmental information security officer. To do this, we study the method of transferring the check result from the PVA system to the efficient personal information retention management system, also study ways to minimize the amount of personal information we hold. It is possible to minimize the possession of personal information by changing the one channel method managed by the information security administrator of the existing PVA system to the two channel method so that the information security manager and the information security officer can manage it.

본 연구의 목적은 기업체의 정보보안 관리자가 모든 임직원들의 개인정보 보유 현황을 인지해야 하는 한계성을 해결하고자 한다. 본 연구에서는 정보보안 관리자와 부서별 정보보안 담당자가 개인별, 부서별 개인정보 보유 현황을 최소화할 수 있도록 효율적인 개인정보 보유 현황 관리시스템을 제안한다. 이를 위해 개인정보 보유 현황의 대상이 되는 점검대상 컴퓨터와 개인정보 보유 현황의 결과를 확인할 수 있는 점검결과를 PVA 시스템으로부터 효율적인 개인정보 보유 현황 관리시스템으로 전송하는 방법에 대해 연구하고, 확인된 개인정보 보유 현황을 최소화할 수 있는 방법에 대해서도 연구한다. 기존 PVA 시스템을 정보보안 관리자가 관리하는 One channel 방식을 정보보안 관리자와 정보보안 담당자가 관리할 수 있도록 Two channel 방식으로 변경하여 개인정보 보유 현황을 최소화한다.

Keywords

References

  1. H. C. Kim, “A Study on the Destruction of the Personal Information,” The Journal of Comparative Private Law, Vol. 21, No. 3, pp. 1109-1138, 2014.
  2. D. J. Cho, "The development of IT technology and protection of personal information," KOREAN LEGAL CENTER, The Justice 158-1, pp. 49-58, 2017.
  3. S. B. Kim and B. M. Chang, “Design and Implementation of Privacy Impact Assessment Information System,” Journal of Korean Institute of Information Technology, Vol. 13, No. 6, pp. 87-104, 2015. DOI : 10.14801/jkiit.2015.13.6.87
  4. D. K. Lee and J. I. Lim, “Forecast System for Security Incidents,” Journal of The Institute of Electronics and Information Engineers, Vol. 53, No. 6, pp. 69-79, 2016. DOI : 10.5573/ieie.2016.53.6.069
  5. S. H. Bae, J. S. Shin, S. H. Chun and H. S. Chung, “A Study on Improving the Privacy for personal information collected for statistical processing,” Journal of Convergence Society for SMB, Vol. 6, No. 2, pp. 25-30, Jun. 2016. DOI : 10.22156/cs4smb.2016.6.2.025
  6. H. J. Mun, Y. C. Hwang and H. Y Kim, “Countermeasure for Prevention and Detection against Attacks to SMB Information System – A Survey,” Journal of Convergence Society for SMB, Vol. 5, No. 2, pp. 1-6, Jun. 2015.
  7. H. T. Chae and S. J. Lee, “Security Policy Proposals through PC Security Solution Log Analysis,” Journal of the Korea Institute of Information Security and Cryptology, Vol. 24, No. 5, pp. 961-968, Oct. 2014. DOI : 10.13089/jkiisc.2014.24.5.961
  8. S. K. Cho and M. S. Jun, “Privacy Leakage Monitoring System Design for Privacy Protection,” Journal of the Korea Institute of Information Security and Cryptology, Vol. 22, No. 1, pp. 99-106, Feb. 2012.
  9. B. J. Jeon, D. B. Yoon and S. S. Shin, “Improved Integrated Monitoring System Design and Construction,” Journal of Convergence for Information Technology, Vol. 7, No. 1, pp. 25-33, Jan. 2017. DOI : 10.22156/cs4smb.2017.7.1.025
  10. B. J. Jeon, D. B. Yoon and S. S. Shin, “Integrated Monitoring System using Log Data,” Journal of Convergence for Information Technology, Vol. 7, No. 1, pp. 35-42, Jan. 2017. DOI : 10,22156/CS4SMB.2017.7.1..035 https://doi.org/10.14801/jaitc.2017.7.2.35
  11. M. S. Kim and D. W. Kang, "Information leakage prevention system design for small business," 2008.
  12. J. Y. Lee and S. Y. Kang, “Design and Verification of the Integrated Log Analysis System for Enterprise Information Security,” Journal of Digital Contents Society, Vol. 9, No. 3, pp. 491-498, Sep. 2008.
  13. K. S. Yu, S. H. Im and H. B. Kim, “Technology trend and development direction of integrated log management system,” Korea Institute Of Information Security And Cryptology, Vol. 23, No. 6, pp. 90-99, 2013.
  14. B. G. Seo and D. H. Park, “Development on Early Warning System about Technology Leakage of Small and Medium Enterprises,” Journal of Intelligence and Information Systems, Vol. 23, No. 1, pp. 143-159, Mar. 2017. https://doi.org/10.13088/jiis.2017.23.1.143
  15. S. J. Park and J. I. Llim, “A study on the development of SRI(Security Risk Indicator)-based monitoring system to prevent the leakage of personally identifiable information,” Journal of the Korea Institute of Information Security & Cryptology, Vol. 22, No. 3, pp. 637-644, Jun. 2012.