Browse > Article
http://dx.doi.org/10.9716/KITS.2012.11.2.119

A Crypto Control Guideline for Global Enterprises in Order to Respond the Decryption Order  

Son, Sang-Il (수원대학교 IT 대학 컴퓨터공학과)
Son, Yu-Seung (수원대학교 IT 대학 컴퓨터공학과)
Kim, Young-Kyon (수원대학교 IT 대학 컴퓨터공학과)
Goh, Sung-Cheol (수원대학교 IT 대학 정보보호학과)
Publication Information
Journal of Information Technology Services / v.11, no.2, 2012 , pp. 119-130 More about this Journal
Abstract
Nowadays, encryption is core technology widely used in IT industry to protect private information of individuals and important intellectual assets of companies. However, when criminals and terror suspects abuse such technology, national security can be threatened and law enforcement can be disturbed. To prevent such adverse effects of cryptography, some nations have enacted legislations that allow legally obtained encrypted data to be decrypted by certain law enforcement agencies. Hence it is imperative that firms having international presence understand and comply by each nation's regulations on decryption order. This paper explains circumstances under which legislations on decryption order were established, organizes countries with regulations and punishment, explores what global enterprises need to consider in making policies to effectively respond to decryption orders, and suggests that technological methods and managerial guidelines for control of encryption be established.
Keywords
Decryption Order; Global Enterprises; Crypto Control Guideline;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Nehaluddin Ahmad, "Restrictions on cryptography in India-A case study of encryption and privacy", Computer Law and Security Review, Vol.25(2009), pp.173-180.   DOI
2 Chris Sundt, "Cryptography in the real world", Information Security Technical Report, Vol. 15, No.1(2010), pp.2-7.   DOI
3 http://www.guardian.co.uk/technology/2011/apr/18/uae-blackberry-emails-secure.
4 http://www.nytimes.com/2010/08/02/busi-ne ss/global/02berry.html?_r = 1&pagewanted = all.
5 권현조, 전길수, 이재일, "국내외 암호관련 법 제도 현황", 정보보호학회지, 제15권, 제2호 (2005), pp.37-53.
6 백승조, 임종인, "피의자 개인의 암호이용 통제정책에 대한 연구", 정보보호학회논문지, 제20권, 제6호(2010), pp.271-288.   과학기술학회마을
7 Zelezny, J. D., Communications Law, p.493.
8 Bert-Jaas Koops's web site, http://rechten.uvt.nl/koops/cryptolaw.
9 http://www.idc.com/groups/isi/main.html.
10 http://data.worldbank.org/data-catalog/GDPranking-table.
11 http://isms.kisa.or.kr, "정보보호관리체계 인증심사 기준", 2007.
12 박광청, 이규호, 조은영, "기업 환경 VPN 실전 구축 가이드", 시사컴퓨터, 2004.