Browse > Article
http://dx.doi.org/10.22156/CS4SMB.2021.11.12.001

The Improvement Plan for Indicator System of Personal Information Management Level Diagnosis in the Era of the 4th Industrial Revolution: Focusing on Application of Personal Information Protection Standards linked to specific IT technologies  

Shin, Young-Jin (Division of Intelligent SW Engineering-Information Security, PaiChai University)
Publication Information
Journal of Convergence for Information Technology / v.11, no.12, 2021 , pp. 1-13 More about this Journal
Abstract
This study tried to suggest ways to improve the indicator system to strengthen the personal information protection. For this purpose, the components of indicator system are derived through domestic and foreign literature, and it was selected as main the diagnostic indicators through FGI/Delphi analysis for personal information protection experts and a survey for personal information protection officers of public institutions. As like this, this study was intended to derive an inspection standard that can be reflected as a separate index system for personal information protection, by classifying the specific IT technologies of the 4th industrial revolution, such as big data, cloud, Internet of Things, and artificial intelligence. As a result, from the planning and design stage of specific technologies, the check items for applying the PbD principle, pseudonymous information processing and de-identification measures were selected as 2 common indicators. And the checklists were consisted 2 items related Big data, 5 items related Cloud service, 5 items related IoT, and 4 items related AI. Accordingly, this study expects to be an institutional device to respond to new technological changes for the continuous development of the personal information management level diagnosis system in the future.
Keywords
Personal Information Management Level Diagnosis; Core IT technology; Big data; Cloud; IoT; Artificial intelligence; Personal information protection;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 D. H. Lee & N. J. Park. (2017). Proposal of Technology and Policy Post-Security Management Framework for Secure IoT Environment, Journal of KIIT. 15(4), 127-138. DOI : 10.14801/jkiit.2017.15.4.127   DOI
2 Korea Internet & Security Agency. (2016). Guide to Cryptographic Authentication Technology in Internet of Things (IoT) Environment
3 H. M. Jung, K. M. Jeong & H. J. Cho. (2017. Nov.). A Design for Security Functional Requirements of IoT Middleware System. Journal of the Korea Convergence Society. 8(11), 63-69. DOI : 10.15207/JKCS.2017.8.11.063   DOI
4 Johan Sjolund. (2020). Cybersecurity evaluation of IoT systems, South-Eastern Finland University of Applied Sciences.
5 G. J. Lee, (2021. 7. 27). Setting up standards for personal information protection such as artificial intelligence and autonomous driving, Information and Communication Newspaper (Online). https://www.koit.co.kr/news/articleView.html?idxno=80658
6 Personal Information Protection Committee. (2021. 5. 31). Artificial Intelligence (AI) Personal Information Protection Voluntary Checklist.
7 Y. J. Shin, H. C. Jeong & W. Y. Kang. (2012). A Study of Priority for Policy Implement of Personal Information Security in Public Sector: Focused on Personal InformationSecurity Index. Journal of the Korea Institute of Information Security & Cryptology, 22(2), 379-390.   DOI
8 C. W. Park, J. W. Kim & H. J. Kwon. (2016). An Empirical Research on Information Privacy Risks and Policy Model in the Big data Era. The Jounal of Society for e-Business Studies. 21(1), 131-145. DOI : 10.7838/jsebs.2016.21.1.131   DOI
9 European Commission. (2021. 4. 21) Proposal for a Regulation laying down harmonised rules on Artificial Intelligence (Artificial Intelligence Act) and amending certain Union legislative acts
10 S. K. Han, (2021). Implementation of the European Union's Draft AI Act, 2021 KISA Report.
11 Reuters. (2021. 4. 21). EU set to ratchet up AI fines to 6% of turnover - EU document.
12 Korea Internet & Security Agency, (2021). Regulation and protection of personal information of main contents of EU artificial intelligence(AI). Personal Information Protection Monthly Trend Analysis, 5, 1-10.
13 Korea Communications Commission, Korea Internet & Security Agency. (2015). Big data privacy guideline commentary,
14 C. H. Jang & Y. H. Cha. (2021). A Study on the Determinants of Personal Information Protection Activities: With a Focus on Personal Information Managers Informatization Policy, 28(1), 64-76. DOI : 10.22693/NIAIP.2021.28.1.064   DOI
15 S. H. Na & E. N. Huh. (2012. Nov.). Privacypreserving Reference Model for Personal Cloud. Seminar Proceeding of The Korean Institute of Information Scientists and Engineers. 39(2C), 146-148.
16 Y. J. Shin. (2015. March). A Study on Development for Conformity Assessment Indicators of Privacy in Cloud Services. Journal of Korean Associastion for Regional Information Society. 18(1), 1-31. DOI : 10.22896/karis.2015.18.1.001   DOI
17 Y. J. Shin. (2018. Sept.). A Study on Developing Policy Indicators of Personal Information Protection for Expanding Secure Internet of Things Service. Information Policy. 25(3), 29-51. DOI : 10.22693/NIAIP.2018.25.3.029   DOI
18 Y. J. Shin. (2018. Sept.). A Study on Developing and Applying Framework and Assessment Standard of It's Conformity of Personal Information Protection for IoT Service Subject. Journal of Korean Associastion for Regional Information Society, 23(2), 83-117. DOI : 10.22896/karis.2020.23.2.004   DOI
19 Ministry of Public Administration and Security, (2021. 6. 25). Provision and Use of Pseudonym Information in the Public Sector More Safely, Ministry of Public Administration and Security Press Release.
20 Korea Communication Commission. (2011). SLA guide in Cloud computing.
21 Y. W. Lee, H. M. Jang & S. P. Hong. (2012. Nov.). A Design of the Large-Scale Personal Information Management Model for Privacy Protection in BigData Environments, Korean Proceeding of Symposium of Society for Internet Information, 29-30.
22 Lloyd's Register. (n.d.). Lloyd's Register, cloud security assurance (Online). https://www.lr.org/ko-kr/csa-star/
23 J. W. Kim. (n.d). ISO/IEC 27018, International Standards for personal information protection of Cloud Service., Data Protection & Privacy(Online). https://blog.naver.com/n_privacy/222432267736
24 AhnLab. (2016.10.5), IoT Security Guide for the Internet of Things Era (Online). https://blog.daum.net/simjy/11993768
25 Australian Government, Department of Industry, Science, Energy and Resource. (2019. Nov.). Artificial Intelligence : Australia's Ethics Framework, A Disscussion Paper (Online). https://consult.industry.gov.au/strategic-policy/artificial-intelligence-ethics-framework/supporting_documents/ArtificialIntelligenceethicsframeworkdiscussionpaper.pdf
26 Korea Internet & Security Agency. (2019). Information Protection and Personal Information Protection Management System Certification System Guide.
27 Personal Information Protection Commission. (2021.3). 2021 Public Institutions Personal Information Management Level Diagnosis Manual.
28 J. H. Cheong (2010). Study on AHP and Non-Parametric Verification on the Importance of the Diagnosis Indicators of Personal Information Security Level. Journal of The Korean Data Analysis Society. 12(3), 1499-1510.
29 S. H. Lee, H. E. Park & S. G. Choi. (2011. 6). A Study on index improvement of personal information protection level diagnosis in the public organizations. Proceedings of Symposium of the Korean Institute of communications and Information Science, 207-208.
30 M. S. Jeong & K. H. Lee. (2015. June) A Study on Personal Information Protection Management Assessment Method by DEA. Journal of the Korea Institute of Information Security & Cryptology. 25(3), 691-701. DOI : 10.13089/JKIISC.2015.25.3.691   DOI
31 J. D. Kim, D. H. Park & H. Y. Youm. (2015). A Study on development of privacy indicators in the context of cloud service level agreement Journal of Digital Convergence. 13(2), 115-120. DOI : 10.14400/JDC.2015.13.2.115   DOI
32 Ministry of Science and ICT, Korea Internet & Security Agency, (2020). Cloud Service Security Certification System Evaluation Criteria Commentary.
33 Personal Information Protection Committee & Korea Internet & Security Agency, (2020. Dec.). Guidelines for Protection of Personal Information Automatically Processed,
34 IoT Security Alliance. (2016). IoT Common Security Guidelines, 2016.
35 Sejong Law Firm, (2021. 5. 21). Legal issues related to the use of unstructured data in light of the Personal Information Protection Commission's sanction for 'Leeruda'. (Online). http://www.shinkim.com/kor/media/newsletter/1498
36 W. T. Lee & J. M. Kang. (2016. 8. 31). A study on Model of Personal Information Protection based on Artificial Intelligence Technology or Service. The Journal of The Institute of Internet, Broadcasting and Communication (IIBC). 16(4), 1-6. DOI : 10.7236/JIIBC.2016.16.4.1   DOI
37 H. J. Lim. (2017. April). Analysis of personal information de-identification processing methods in big data environment. Electronic Finance and Financial Security, 8, 13-17.
38 Y. J. Shin, S. Y. Cho, G. H. Chae & H. G. Choi. (2021). The Research on improvement of personal information management level diagnosis system, Korean Internet & Security Agency.
39 European Commission. (2020). White Paper on Artificial Intelligence - A European approach to excellence and trust, COM.
40 J. K. Lee. (2021). Examine the meaning of disposition of 'Leeruda'. 2021 KISA Report Korea Internet & Security Agency,
41 Information Commissioner's Office. (2017). Big data, artificial intelligence, machine learning and data protection.