Browse > Article
http://dx.doi.org/10.13089/JKIISC.2014.24.6.1293

A Study on Data Security Control Model of the Test System in Financial Institutions  

Choi, Yeong-Jin (Korea University, Graduate School of Information Security)
Kim, Jeong-Hwan (Korea University, Graduate School of Information Security)
Lee, Kyeong-Ho (Korea University, Graduate School of Information Security)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.24, no.6, 2014 , pp. 1293-1308 More about this Journal
Abstract
The cause of privacy extrusion in credit card company at 2014 is usage of the original data in test system. By Electronic banking supervision regulations of the Financial Supervisory Service and Information Security business best practices of Finance information technology (IT) sector, the data to identify the customer in the test system should be used to convert. Following this guidelines, Financial firms use converted customer identificaion data by loading in test system. However, there is some risks that may be introduced unintentionally by user mistake or lack of administrative or technical security in the process of testing. also control and risk management processes for those risks did not studied. These situations are conducive to increasing the compliance violation possibility of supervisory institution. So in this paper, we present and prove the process to eliminate the compliance violation possibility of supervisory institution by controlling and managing the unidentified conversion customer identification data and check the effectiveness of the process.
Keywords
Personally Identifiable Information; Unidentified Conversion Data; Compliance; Data Security Control Model;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Regulations of the Privacy Act, http://www.law.go.kr/DRF/lawService.do?OC=illusfac&target=law&MST=136728&type=HTML
2 The total estimated damage due to leakage of the credit card company is 100 billionwon,http://view.asiae.co.kr/news/view.htm?idxno=2014012711034390924
3 Regulations for Electronic Banking Supervision of the Financial Supervisory Service, http://www.law.go.kr/행정규칙/전자금융감독규정
4 Definition of the system 'z/OS', http://en.wikipedia.org/?title=Z/OS
5 Definition of the DBMS 'DB2', http://en.wikipedia.org/wiki/IBM_DB2
6 What is a DBMS log?, http://www.answers.com/Q/What_is_a_DBMS_log
7 What is the System Catalog?, http://www.informit.com/library/content.aspx?b=STY_Sql_24hours&seqNum=170
8 Definition of the Referential Integrity, http://ko.wikipedia.org/wiki/%EC%B0%B8%EC%A1%B0%EB%AC%B4%EA%B2%B0%EC%84%B1
9 Definition of the Referential Constraints, http://www.sapdb.org/7.4/htmhelp/6d/117c5fd14811d2a97400a0c9449261/content.htm
10 What are Entity Relationships Diagrams?, http://www.smartdraw.com/resources/tutorials/entity-relationship-diagrams/
11 What is 'CRUD'?, http://ko.wikipedia.org/wiki/CRUD
12 What is 'primary key'?, http://terms.naver.com/entry.nhn?docId=851114&cid=42346&categoryId=42346
13 What is 'Load Balancing'?, http://en.wikipedia.org/wiki/Load_balancing_(computing)
14 Estimated loss of three of credit card companies which flow out PII, http://www.hankyung.com/news/app/newsview.php?aid=201405192887g
15 L.M. Kwiatkowski & C. Verhoef, "Reducing operational costs through MIPS management," Department of Computer Science, Vrije Universiteit Amsterdam, pp.6-7, Mar. 2010
16 Jong-hwan Kim, Jong-in Lim, "Composition and Policy Direction of Compensation Insurance Against Customer Information Infringements in Financial Transactions," The Journal of Society for e-Business Studies, pp.7-8, Aug. 2014
17 Definition of TCO, http://terms.naver.com/entry.nhn?docId=839269&cid=42344&categoryId=42344
18 L.M. Kwiatkowski & C. Verhoef, "Reducing operational costs through MIPS management," Department of Computer Science, Vrije Universiteit Amsterdam, pp.1-2, Mar. 2010
19 Dr. Howard Rubin, "Economics of Computing -The Internal Combustion Mainframe [Expanded Version]," Technology Economics, pp.1-2, 2010
20 What is 'Cost Benefit Analysis'?, http://en.wikipedia.org/wiki/Cost%E2%80%93 benefit_analysis
21 Weak High-End demand results in worldwide external disk storage systems revenue falling at rates not seen since 2009, according to IDC, http://www.idc.com/getdoc.jsp?containerId=prUS24914414
22 L.M. Kwiatkowski & C. Verhoef, "Reducing operational costs through MIPS management," Department of Computer Science, Vrije Universiteit Amsterdam, pp.8, Mar. 2010