• Journal of Digital Convergence
• /
• v.10 no.8
• /
• pp.149-157
• /
• 2012

Recently, many corporations and public institutions are busy preparing and providing measures in dealing with new privacy information law. This study reviews privacy impact assessments in order to perform preventing and diagnosis against potential threats focus on the K-hospital case. The quality of protection in K-hospital shows that the corporations itself is 79.0, the system is 97.0, the life cycle of the privacy is 67.4 and CCTV is 90.0. The lowest levels are saving and keeping 50.0, usage and offer 64.1 and destruction 66.7 among the life cycle of the privacy. The result of risk analysis shows that the highest levels are controlling for privacy 11.0, saving and keeping 12.5 and destruction 13.0. From the result, dangerous duplications are saving and keeping and destructions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.1013-1023
• /
• 2016

Transborder data flow(TBDF) of personal information in Korea has been limited by current Privacy law which request data subject to give consent. As the IT industry is growing at an incredible rate, there is a need to review the existing law to cope with growing industrial demand and increasing numbers of international data transfer. The transfer of personal data overseas not only allow businesses providing IT services including finance, internet, e-commerce to thrive, but also impact every aspect of our lives which are increasingly depended on these technology. Transmitting personal data across borders raises serious questions of privacy protection and restriction of business operation. In ordrer to promote interoperability of personal data in international environment, a considerable amount of research and debate needs to be taken before implementing a sound policy. This paper presents a need for a sound TBDF policy in Korea by examine the main policy challenges associated with TBDF. Finally, the paper identify policy suggestions based on European Union's approach as they have successfully implemented TBDF policy that balanced data privacy and economic agenda.

• Informatization Policy
• /
• v.19 no.1
• /
• pp.74-90
• /
• 2012

This thesis analyzes the Apple Inc.'s case from the viewpoint of the necessity for the protection of information privacy related to location data as for information society and ubiquitous community. Meanwhile, the regulatory conformity to equilibrium of contradictional value between personal data protection and utilization of information is debated from the fundamental right as for constitutional law concept to the commercial and technological structure in terms of economic and business point. Therefore, this paper reaches the conclusion that the legislative system should form a harmonious relationship between legal protection and lawful utilization to reappraise the present condition of legalization on personal data protection from guaranteeing rights and interests of information subject in the perspective of human rights to information guarantee consequently. As a result, it is required to revaluate the lawfulness of the fine on the violation of administrative duty levied by KCC(Korea Communications Commission).

• Review of KIISC
• /
• v.15 no.2
• /
• pp.37-53
• /
• 2005

정보통신환경발달과 함께 지식사회에서 암호의 역할이 증대됨에 따라 OECD의 암호정책가이드라인 공표를 시점으로 각 국은 자국의 신정에 맞는 새로운 암호정책을 세우고 이에 따른 법$\cdot$제도를 정비하기 위해 본격적인 노력을 기울여오고 있다. 하지만 암호는 개인의 프라이버시를 보호할 수 있는 가장 유용한 수단인데 반해 암호의 범죄이용 등으로 인한 국가의 안녕과 법질서 혼란을 초래할 수 있다는 역기능도 상존하고 있다. 각 국의 정부는 이러한 우려 때문에 암호이용을 제한적으로 규제하려는 정책을 시도하여 왔으나 시민단체의 반대에 부딪쳐 암호의 자율이용 원칙과 국가 합법적 통제제고의 균형을 맞출 수 있는 암호정책을 세우는데 고심하고 있다. 본 교에서는 미국, 영국, 프랑스, 중국 등 주요 국가론 중심으로 암호이용을 활성화하고 암호의 역기능을 방지하기 위해 세운 암호정책 및 암호이용 관련 법제도 현황을 살펴보았다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.2
• /
• pp.305-312
• /
• 2020

The Privacy Act stipulates that the privacy policy document, which is a privacy statement, should be disclosed in order to guarantee the rights of the information subjects, and the Fair Trade Commission considers the privacy policy as a condition and conducts an unfair review of the terms and conditions under the Terms and Conditions Control Act. However, the information subjects tend not to read personal information because it is complicated and difficult to understand. Simple and legible information processing policies will increase the probability of participating in online transactions, contributing to the increase in corporate sales and resolving the problem of information asymmetry between operators and information entities. In this study, complex personal information processing policies are analyzed using deep learning, and models are presented for acquiring simplified personal information processing policies that are highly readable by the information subjects. To present the model, the personal information processing policies of 258 domestic companies were established as data sets and analyzed using deep learning technology.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.1
• /
• pp.253-258
• /
• 2021

In this study, we explored consumers' the privacy attitudes and Internet activities on the expectations of the fourth industrial revolution. Furthermore, we examined the moderating effect of Internet activities between the privacy attitudes and the expectations of the fourth industrial revolution. Research data are 2018 Korea media panel survey provided by Korea Information Society Development Institute. As a result, concerns about privacy were negative on the expectations of the fourth industrial revolution. Consumer's internet activities had a positive effect on the expectations of the fourth industrial revolution. Concerns about privacy have a negative effect on the expectations of the fourth industrial revolution, but active internet activities have mitigated it or turned it into a positive. This study will contribute as basic data for more active responses in the economic structure facing the 4th industrial revolution.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.705-717
• /
• 2020

Cities in the world are rushing to develop smart cities to create a sustainable and happy city by solving many problems in cities using information and communication technologies such as big data and IoT. However, in Korea's smart cities and smart city certification systems, the focus is on platform-oriented hardware infrastructure, and the information security aspect is first considered to build and authenticate. It is a situation in which a response system for the risk of leakage of big data containing personal information is needed through policy research on the aspect of personal information protection for smart city operation. This paper analyzes the types of personal information in smart cities, problems associated with the construction and operation of smart cities, and the limitations of the current smart city law and personal information protection management system. As a solution, I would like to present a model of a personal information protection management system in the smart city field and propose a plan to strengthen personal information protection through this. Since the management system model of this paper is applied and operated in the national smart city pilot cities, demonstration cities, and CCTV integrated control centers, it is expected that citizens' personal information can be safely managed.

• Journal of the Korea Society for Simulation
• /
• v.32 no.4
• /
• pp.59-67
• /
• 2023

Private blockchains can apply enhanced security policies that allow only authorized users to participate in the blockchain network. In addition, when used in a career management system where the validity of an individual's career is important, it has the suitable characteristics in terms of information integrity. However, due to the excessive performance requirements of blockchain technology, identifying performance characteristics through simulation can be helpful in stable operation of the system. This paper presents research results that utilized performance evaluation results while constructing a career management system based on the Ethereum blockchain. The service not only serves as a portfolio that records personal career development activities, certification acquisition, and award results, but also provides a community function for career planning to strengthen employment competitiveness. In addition, we present how a compensation policy can be executed to encourage users to participate in career development through community activities. In particular, an appropriate compensation policy was derived by reviewing changes in performance characteristics in accordance with the transaction volume on Geth nodes.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2004.05a
• /
• pp.507-511
• /
• 2004

그리드 VO(Virtual Organization)는 내부 규정과 정책의 집합에 의하여 제어되는 기존의 VO 개념에서 벗어나 임시적, 동적 기반의 자원 공유와 협업을 하기 위해 개인 또는 기관, 시스템 자원이 모인 임시적인 VO이다. 이것은 개인 또는 기관, 시스템 자원들이 동시에 몇 개의 VO의 일원이 되는 경우나 변화하는 시스템 자원의 상황에 따라 VO 구성을 위한 결합, 형성된 그리드 VO에 대한 인증에서 많은 문제가 발생하게 된다. 본 논문에서는 그리드 VO 구성에서 발생할 수 있는 보안 문제 중 자원에 대한 인증과 관련된 문제를 해결하고자 XML 정보보호기술을 토대로 경량화된 그리드 VO에 대한 자원 인증 시스템을 제안하였다.

• Proceedings of the Safety Management and Science Conference
• /
• 2001.11a
• /
• pp.73-78
• /
• 2001

민간자율규제와 정부개입의 최소화의 조율은 업계의 자율규제를 기본으로 하여 정부의 법 정책적인 보호 및 규제를 병행하여 해결하는 것이 바람직할 것이다. 특히, 소비자 보호 및 개인정보보호에 관해서는 업계의 충실한 자율규제를 촉구하고, 정부의 개입이 불가피하다면, 보다 명확하고 구체적인 조건과 범위 내에서만 허용되어야 할 것이다. 이에 본 논문에서는 전자상거래 관련 국제규범 형성의 전망을 중심으로 국내 전자상거래 규범 형성과정에 있어서 정부의 대응방안을 제시하였다.