• Title/Summary/Keyword: 개인정보보호 지표

Search Result 44, Processing Time 0.021 seconds

A Study of Priority for Policy Implement of Personal Information Security in Public Sector: Focused on Personal Information Security Index (공공분야 개인정보보호 정책 집행과제의 우선순위 분석: 개인정보보호 수준진단 지표의 선정 및 중요도를 중심으로)

  • Shin, Young-Jin;Jeong, Hyeong-Chul;Kang, Won-Young
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.2
    • /
    • pp.379-390
    • /
    • 2012
  • This study is to consider political implication of indicators to measure personal information security in public sector studied by Ministry of Public Adminstration and Security from 2008 to 2011. The study analyzed the priority of personal information security policy dividing into personal information security infrastructure, personal information management with life cycle, correspondence of information infringement by scholars, experts, and chargers. As the results, to progress personal information security policy is important to management of personal identification information on web site; specially institutional infrastructure as responsible organization, exclusive manpower, and security budget; personal information security infrastructure. As like the results, it would be reflected in the progress of personal information security policy and tried to provide systematic management program with improving safe information distribution and usefulness.

A Study on development of privacy indicators in the context of cloud service level agreement (클라우드 개인정보보호를 위한 SLA 지표 개발)

  • Kim, Jungduk;Park, Dae-Ha;Youm, Heung-Youl
    • Journal of Digital Convergence
    • /
    • v.13 no.2
    • /
    • pp.115-120
    • /
    • 2015
  • As the cloud services, the underlying technology of the digital convergence environment, have been widely adopted in the business, personal information protection has been recognized as one of the major issues to resolve. When cloud services are used to process the personal information, the personal information protection law speculates the establishment of a contract or service level agreement(SLA). This research presents 7 privacy indicators and 13 metrics which can be included in cloud SLA, based on the analysis of related regulation and standards and the SMART(Specific, Measurable, Action-oriented, Relevant and Timely) model. The proposed indicators are examined using the Focus Group Interview method in terms of materiality and feasibility. The results show that all the proposed indicators are meaningful and useful.

Security Prism : 통계로 알아보는 정보보호 - 점수가 올랐어요

  • 정보보호뉴스 취재팀
    • 정보보호뉴스
    • /
    • s.137
    • /
    • pp.54-57
    • /
    • 2009
  • 방통위가 지난 3월초 우리나라 민간영역의 개인정보보호 수준을 측정한 개인정보보호지수를 발표했다. 개인정보보호지수는 민간부문 의 개인정보보호 수준측정과 정부의 정책성과 평가 및 정책방향 수립 등을 위해 지난 2007년부터 실시한 것으로, 2008년 하반기에 실시한 정보보호 실태조사 결과를 반영해 최초로 공개한 자료다. 이번 자료에 따르면, 2008년 민간영역의 개인정보보호지수는 64.3점으로 2007년 결과인 52.2점에 비해 크게 개선된 것으로 나타났다. 기업 영역 세부지표와 개인영역 세부지표로 구성된 이번 조사결과를 통계를 중심으로 살펴보자.

  • PDF

The Improvement Plan for Indicator System of Personal Information Management Level Diagnosis in the Era of the 4th Industrial Revolution: Focusing on Application of Personal Information Protection Standards linked to specific IT technologies (제4차 산업시대의 개인정보 관리수준 진단지표체계 개선방안: 특정 IT기술연계 개인정보보호기준 적용을 중심으로)

  • Shin, Young-Jin
    • Journal of Convergence for Information Technology
    • /
    • v.11 no.12
    • /
    • pp.1-13
    • /
    • 2021
  • This study tried to suggest ways to improve the indicator system to strengthen the personal information protection. For this purpose, the components of indicator system are derived through domestic and foreign literature, and it was selected as main the diagnostic indicators through FGI/Delphi analysis for personal information protection experts and a survey for personal information protection officers of public institutions. As like this, this study was intended to derive an inspection standard that can be reflected as a separate index system for personal information protection, by classifying the specific IT technologies of the 4th industrial revolution, such as big data, cloud, Internet of Things, and artificial intelligence. As a result, from the planning and design stage of specific technologies, the check items for applying the PbD principle, pseudonymous information processing and de-identification measures were selected as 2 common indicators. And the checklists were consisted 2 items related Big data, 5 items related Cloud service, 5 items related IoT, and 4 items related AI. Accordingly, this study expects to be an institutional device to respond to new technological changes for the continuous development of the personal information management level diagnosis system in the future.

A Study on Developing Policy Indicators of Personal Information Protection for Expanding Secure Internet of Things Service (안전한 사물인터넷 서비스 확산을 위한 개인정보보호정책평가지표 개발에 관한 연구)

  • Shin, Young-Jin
    • Informatization Policy
    • /
    • v.25 no.3
    • /
    • pp.29-51
    • /
    • 2018
  • As the core technology of the Fourth Industrial Revolution, the Internet of Things has been developed and has enabled various services, and personal information has been handled freely in the process. However, the infringement threat of personal information is increasing as more convenient services are provided and more information devices including smart devices are connected to the network. Therefore, this study is to analyze prioritizing personal information protection policy indicators in order to provide IoT services by constructing secure environment for implementing the Internet of things as the core technology of the 4th Industrial Revolution. This study reviewed personal information protection policy indicators based on the literature survey, and identified 3 fields, 9 areas, and 25 indicators through Delphi analysis for experts. The weights were calculated based on the AHP survey for 66 experts and the results were used to present the relative importance and priority of the policy indexes. The results of this study found the policy field was the most important, followed by the technical field, and the administrative field. Of the three areas of the policy field, strengthening the personal information protection laws related to IoT is the most important, while among the indicators, promoting and revising the personal information protection law related to IoT is the most important. Comparisons of the fields, areas, and indicators of IoT-related personal information protection policies found consistent values. The personal information protection policy indicators derived this way will contribute to the nation's competitiveness by expanding secure IoT policies in the future.

The SME Informatization Level Analysis and Design for Privacy (개인정보보호를 고려한 중소기업 정보화 수준 분석 설계)

  • Kim, Byung-Chul
    • Journal of Digital Convergence
    • /
    • v.13 no.2
    • /
    • pp.121-126
    • /
    • 2015
  • SME informatization level analysis is significant as an indicator for analyzing the performance and competitiveness of enterprises. However, as has recently been highlighted, the importance of privacy recognized as infrastructure, and mindset are very important indicators for security and privacy. Therefore, In this study, analysis of SMEs at the informatization level, with a focus on how we can assess whether the privacy-related activities were carried out.

Developing Warning Map for Risk Monitoring on Personal Information Security (개인정보보호를 위한 리스크 모니터링: 경고맵)

  • Lee, Youngjai;Shin, Sangchul;Min, Geumyoung
    • Journal of Korean Society of societal Security
    • /
    • v.1 no.4
    • /
    • pp.33-40
    • /
    • 2008
  • Personal information security has been as risk ever since the development of information technology increased its internet use. As personal information security is compromised there will be a rise in personal privacy conflicts and this will become an important social issue. The following research is a presentation of the warning map for risk monitoring on personal information security. First, the personal information security process is identified then defined. Second, in order to achieve the personal information security's objective, a survey was taken and the data was collected. Third, factor in the Fishbone Diagram's analysis and figure out the key indicators that include metric and threshold. Last, develop the warning map which has the matrix table composed of the process and the risk. It displays the warning based on the threshold and the value of key indicators related to risks.

  • PDF

Research on the Development of SLA Indicators for Personal Information Protection of Public IT Maintenance Business (공공정보화분야 유지관리사업의 개인정보보호를 위한 SLA 지표 개발에 대한 연구)

  • Lee, Kyung-Hwan;Ryu, Gab-Sang
    • Journal of the Korea Convergence Society
    • /
    • v.11 no.6
    • /
    • pp.37-42
    • /
    • 2020
  • In the field of public informatization maintenance business, the attacks of external illegal users such as unauthorized leakage, destruction, and alteration due to intentional or inadequate management of personal information are increasing. In order to prevent such security incidents in advance, it is necessary to develop and quantitatively manage SLA indicators. This study presents the privacy SLA indicators and suggests specific methods such as information collection method and timing of the privacy SLA indicators. In order to confirm the validity and reliability of the proposed SLA indicators, an online survey was conducted with a group of experts. As a result, it was evaluated that compliance rate of personal information destruction and compliance rate of personal information protection system would be effective when applied to new and revised SLA indicators in terms of importance and validity. In the future, using SLA indicators for personal information protection as a standard for public information maintenance will contribute to improving SW quality and securing safety.

A Study on the Measurement Method of Personal Information Protection Investment Performance (개인정보보호투자의 성과측정방안에 관한 연구)

  • Kim, Young-Il;Lee, Jae-Hoon
    • Journal of Digital Convergence
    • /
    • v.11 no.1
    • /
    • pp.99-106
    • /
    • 2013
  • Personal information protection has become one of the most impending business issues because leakage of personal information can cause tremendous financial losses and image degradation. Consequently, personal information protection initiatives have been recognized widely in business. To invigorate personal information protection investments, performance measurement method such as cost benefits analysis or qualitative analyses are needed, which have not been studied enough in the previous studies. This study proposes a performance measurement model which can include quantitative and qualitative analyses in the context of personal information protection investments. A comparative analysis has been performed on security investment and IT investment performance measurements, which leads to choose the WiBe method (developed by the German Interior Ministry), considering the privacy characteristics and the method's applicability. In particular, the quantitative effect measured how proactive threat assessment based on the way according to the nature of the businesses and organizations of privacy and possible investment decisions. This study proposes the 16 performance indicators, which turn out to be meaningful in terms of their materiality and feasibility by conducting focus group interviews of 25 experts on personal information protection.

국내.외 정보보호 수준 팽가 체계 및 지표 동향

  • Lee, Dong-Hee;Yeo, Don-Gu;Youm, Heung-Youl
    • Review of KIISC
    • /
    • v.20 no.5
    • /
    • pp.74-85
    • /
    • 2010
  • 인터넷의 발달로 해킹과 같은 각종 보안위협이 증가하고 있으며 이는 국가, 기업 그리고 개인에게 심각한 위협이 되고 있다. 해킹으로 인해 유/무형적인 손실을 받을 수 있기 때문에 보안 위협에 대한 적절한 보안 대책의 수립이 필요하며, 또한 수립된 보안 대책 및 대상의 보안 수준을 확인하기 위한 다양한 정보보호 체계 및 평가 지표들이 존재하고 있다. 본 논문에서는 국내/외에서 개발된 정보보호 평가 체계와 지표, 그리고 국제 표준과 진행 동향을 살펴보고, 각 체계간의 차이점을 도출한다.