Browse > Article
http://dx.doi.org/10.22156/CS4SMB.2020.10.07.020

Development of Personal Information Protection Framework to be Followed by IoT Service Providers  

Shin, Young-Jin (Industry Academic Cooperation Foundation, PaiChai University)
Publication Information
Journal of Convergence for Information Technology / v.10, no.7, 2020 , pp. 20-32 More about this Journal
Abstract
This study is to develop and provide a personal information protection framework that enables IoT service providers to safely and systematically operate personal information of IoT service subjects in the overall process of providing IoT devices and services. To this end, a framework for personal information framework was derived through literature survey, and FGI with experts, it was divided into three stages, each of three stages: IoT service provision process and IoT personal information processing process. The study conducted an e-mail survey of related experts using AHP techniques to determine the importance of the components of the selected personal information protection framework. As a result, in the IoT service provision process, the IoT product and service design and development stage (0.5413) is the most important, and in the IoT personal information processing process, personal information protection in the collection and retention of personal information (0.5098) is the most important. Therefore, based on this research, as the IoT service is spreading, it is expected that a safe personal information protection framework will be realized by preventing security threats and personal information infringement accidents.
Keywords
IoT service provider; IoT service subject; IoT product and service privacy protection framework; Priority analysis (AHP);
Citations & Related Records
Times Cited By KSCI : 5  (Citation Analysis)
연도 인용수 순위
1 McKinsey. (2015). THE INTERNET OF THINGS: MAPPING THE VALUE BEYOND THE HYPE. www.mckinsey.com/mgi
2 A. R. Lee. S. M. Son, H. J. Kim & B. S. Kim. (2016. 8). Improving Personal Data Protection in IoT Environments. Journal of the Korea Institute of Information Security & Cryptology, 26(4), 995-1012. DOI : 10.13089/JKIISC.2016.26.4.995   DOI
3 Y. J. Shin. (2018). A Study on Developing Policy Indicators of Personal Information Protection for Expanding Secure Internet of Things Service. Informatization Policy, 25(3), 29-51. DOI : 10.22693/NIAIP.2018.25.3.029   DOI
4 D. J. Choi. (2019. 9. 18). Net generation IoTsecurity in 5G era. Weekly Technology Trend Institute of Information & Communications Technology Planning & Evaluation.
5 Y. R. Lee & J. S. Kim. (2014). "Persona information protection framework in IoT environment." 2014 SpringSpring Conference Proceeding, The Korea Contents Association 277-278.9
6 Y. R. Lee, S. M. Kang, S. K. Seo & H. S. Lim. (2016). A study on information security framework according to the introduction of defense IoT. Defense technology, 448, 98-107.
7 S. H. Park & J. G. Park (2014. 10). A7ctivation plan with analysis on technology and market of IoT, 2014 Fall academic conference, Korea Technology Innovation Society, 85-91.
8 S. P. Hong, H. M. Jang, K. J. Kim, H. R. Kim & S. M. Park. (2015). Research on personal information protection issues and policy suggestions in IoT environment. KISA.
9 N. J. Park et al. (2016). A Research on IoT production security certification and security maintenance promotion. KISA.
10 J. S. Lee. (2009). Public Administration Dictionary. DYM Book.
11 T. L. Saaty. (1980). The analytic hierarchy process: planning, priorisetting, resource allocation. New York. McGraw-Hill International Book Company.
12 N. H. Kang. (2015). IoT convergence service security requirements. The Journal of The Korean Institute of Communication Sciences, 32(12), 45-50.
13 Korea Internet & Security Agency. (2007). RFID Personal Information Protection Guidelines. Korea Internet & Security Agency.
14 Korea Internet & Security Agency. (2019). Internet of Things (IoT) Security Test and Certification Standards Commentary.. KISA.
15 Ministry of Science and ICT & Korea Internet & Security Agency. (2018). Information protection pre-inspection guide. Ministry of Science and ICT & KISA.
16 IoT security alliance. (2016). IoT Common Security Guidelines. IoT security alliance.
17 Y. S. Jeong. (2017). Data Storage and Security Model for Mobile Healthcare Service based on IoT. Journal of Digital Convergence, 15(3), 187-193. DOI : 10.14400/JDC2017.15.3.187   DOI
18 H. K. Kong, H. K. Gu, H. W. Cho & J. S. Kang. (2015). Research on based security certification of IoT device. KISA.
19 S. Li & L. Da Xu. (2017). Securing the internet of things. Acorn publishing Co.
20 Finance Security Institute. (2016. 12. 12). IoT security threats and accidents. IoT Common Security Guide.
21 Ministry of Science and Technology Information and Communication, Ministry of Public Administration and Security.Korea, Korea Communications Commission, & Korea Internet & Security Agency. (2019). Information protection and personal information protection management system certification system guide.
22 Ministry of Public Administration and Security & Korea Internet & Security Agency. (2017). Personal information protection level diagnosis manual. MOPAS & KISA.
23 ISO. (2013). ISO/IEC 27001:2013(en): Information technology - Security techniques - Information security management systems - Requirements. https://www.iso.org/obp/ui/#iso:std:iso-iec:27001:ed-2:v1:en
24 S. H. Choi. DRESS is a software for AHP. http://blog.daum.net/_blog/BlogTypeView.do?blogid=0FE2P&articleno=11045124&_bloghome_menu=recenttext
25 Ministry of Public Administration and Security & Korea Internet & Security Agency. (2018). Personal Information Impact Assessment Guide..MOPAS & KISA.
26 Ministry of Public Administration and Security & Korea Internet & Security Agency. (2019). 2019 Personal information protection level diagnosis manual. in public agencies..MOPAS & KISA.