• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.379-390
• /
• 2012

This study is to consider political implication of indicators to measure personal information security in public sector studied by Ministry of Public Adminstration and Security from 2008 to 2011. The study analyzed the priority of personal information security policy dividing into personal information security infrastructure, personal information management with life cycle, correspondence of information infringement by scholars, experts, and chargers. As the results, to progress personal information security policy is important to management of personal identification information on web site; specially institutional infrastructure as responsible organization, exclusive manpower, and security budget; personal information security infrastructure. As like the results, it would be reflected in the progress of personal information security policy and tried to provide systematic management program with improving safe information distribution and usefulness.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.923-939
• /
• 2012

In the information society, to serve the normal economic activity and to delivery the public service is to secure the privacy information. The government endeavors to support with the privacy protection laws and public organizations. This paper is to study the privacy protection policy in the major countries by analyzing the laws and organizations. At last, The study is to examine the policy tasks to support the privacy protection policy.

• Review of KIISC
• /
• v.11 no.4
• /
• pp.35-43
• /
• 2001

본 논문에서는 인터넷 비즈니스를 수행하는 기업들의 웹사이트의 개인정보보호정책 현황을 고찰하였다. 서비스 유형별 개인정보보호정책 공표현황을 살펴보면, 포털/검색엔진 사이트와 쇼핑몰 사이트, 그리고 금융서비스를 제공하는 사이트가 타 사이트에 비해 고객 및 회원, 또는 방문자의 개인정보보호의 공식적인 공표가 더 많다. 그리고 서비스 유형에 크게 구분없이 대부분의 사이트들이 개인정보보호정책의 목적, 개인정보 수집목적 및 이용목적, 개인정보 수집 범위 및 방법, 개인정보 보유기간 및 파기, 제3자와의 정보공유 및 정보제공 경우, 정보보호를 위한 기술적·제도적 대책 등을 잘 명시하고 있으나 정책구성에 필요한 용어정의, 불만/분쟁처리방법, 아동보호방법, 정책의 시행일자 등을 명시하는데 미흡했다.

• 한국경영정보학회:학술대회논문집
• /
• 2007.06a
• /
• pp.966-969
• /
• 2007

인터넷은 개인과 조직간의 정보를 원활하게 유통시키는 역할을 하고 있지만, 개인정보를 노출시키는 부작용을 낳고 있다. 특히 개인정보의 가치가 중요시되고 있는 상황에서 개인정보를 보호할 수 있는 보호정책이 필요하다. 본 연구는 개인정보의 수집, 저장, 이용, 파기와 같은 수명주기에 따른 개인정보 관리모델을 제시하고자 한다. 개인정보 관리모델은 각 개인정보 수명주기에 따라 개인정보 관리자가 수립해야 할 개인정보보호정책, 개인정보보호를 위한 기술적 대책, 기술적 대책 및 프로세스를 관리할 수 있는 관리적 대책을 서술한다. 본 연구는 제안된 개인정보 관리모델을 구현할 수 있는 개념적인 아키텍처를 제시한다. 본 연구는 개인정보의 수명주기에 따른 개인정보보호를 위해서 필요한 개인정보정책, 기술적인 대책, 관리적인 대책을 제시했다는 데 의의가 있다.

• Proceedings of the Korean Society for Information Management Conference
• /
• 2000.08a
• /
• pp.197-200
• /
• 2000

현재 데이터베이스업체들은 이용자들에게 과도한 정보를 요구하고 있으며, 개인정보보호지침을 준수하고 있지 않다는 지적을 받고 있다. 실제로 업계의 실태를 조사한 결과, 많은 업체들이 과도한 개인정보를 요구하고 있었으며, 대부분 개인정보보호정책을 마련해 놓고 있지 않았다. 업체들이 갖추어야하는 개인정보보호정책에는 개인정보 수집목적, 수집항목, 정보의 열람 및 정정, 어린이 개인정보 등에 관한 내용이 포함되어야 한다.

• Informatization Policy
• /
• v.25 no.3
• /
• pp.29-51
• /
• 2018

As the core technology of the Fourth Industrial Revolution, the Internet of Things has been developed and has enabled various services, and personal information has been handled freely in the process. However, the infringement threat of personal information is increasing as more convenient services are provided and more information devices including smart devices are connected to the network. Therefore, this study is to analyze prioritizing personal information protection policy indicators in order to provide IoT services by constructing secure environment for implementing the Internet of things as the core technology of the 4th Industrial Revolution. This study reviewed personal information protection policy indicators based on the literature survey, and identified 3 fields, 9 areas, and 25 indicators through Delphi analysis for experts. The weights were calculated based on the AHP survey for 66 experts and the results were used to present the relative importance and priority of the policy indexes. The results of this study found the policy field was the most important, followed by the technical field, and the administrative field. Of the three areas of the policy field, strengthening the personal information protection laws related to IoT is the most important, while among the indicators, promoting and revising the personal information protection law related to IoT is the most important. Comparisons of the fields, areas, and indicators of IoT-related personal information protection policies found consistent values. The personal information protection policy indicators derived this way will contribute to the nation's competitiveness by expanding secure IoT policies in the future.

• Journal of Digital Convergence
• /
• v.18 no.4
• /
• pp.81-89
• /
• 2020

Since the Korean privacy policy was legalized in 2011, the related academical researches have been lasted in various fields. Upcoming so-called 3 data laws would be implemented, it is meaningful to review privacy policy studies for exploring future research direction. For this purpose, the total of 146 journals from 2011 to 2019 were reviewed by the content analysis following as research subjects, methodologies and constructions of studies. As results, the numbers of the researches have been conducted on protection policies themselves for improvement, comparing with other countries' policies and also digital finance information protection were deeply discussed. Some of technology based protection applications were experimented and suggested. The major research characteristics was mainly focused on case analysis and criminal laws and policies were developed as protection contingencies. However, most research objects were focused on the protection regulations, not deregulation, therefore, researchers in future study need to explore more digital industry-centric tasks which are practically applied in safer ways. Further, social agreement in using private information will be an essential to prevent indiscriminate use.

• The Journal of the Korea Contents Association
• /
• v.17 no.4
• /
• pp.461-467
• /
• 2017

Privacy laws are widely enforced throughout the general public and private sector, and the Ministry of Government Administration and Home Affairs is stepping up its annual level of protection and management levels annually. However, in actual field, it has limits to follow the laws that are amended to comply with the privacy laws of the public sector. Therefore, this study should examine the trends of privacy protection and examine items that require adherence to privacy practices in public institutions. In addition, it is hoped to draw implications for the problems arising from the task itself, as well as providing implications for the issues that are closely related to the public in the privacy of the privacy policies.

• Journal of the Korean Society for Library and Information Science
• /
• v.46 no.4
• /
• pp.207-242
• /
• 2012

A library privacy policy describes the library's willingness to protect the library users' personal information, and also serves as a code of conduct for library staff. In recent years, cases of privacy invasion have been growing exponentially in society as a whole, including at the library, and therefore the establishment and application of a privacy policy is becoming more important. In this study, we try to develop and propose the optimal library privacy policy. For this purpose, we derived implications by analyzing the domestic and international privacy laws and guidelines, investigating invasion of privacy cases at home and abroad, and studying different library privacy policies from libraries around the world. The library privacy policy that we propose in this study was created to be a guideline for librarians when dealing with privacy issues and is library specific, diverging in many ways from privacy guidelines used in other fields.

• Journal of Digital Convergence
• /
• v.14 no.2
• /
• pp.191-196
• /
• 2016

The organizations and companies establish personal information protection policy under the law and guidelines. They carry out access control without consideration for distinctiveness of the information although the damage degree varies when the information is leaked. Considering the distinctiveness, a policy needs to be made for individuals to protect his personal information. However, he is not able to write the policy because of lack of understanding the system. To write his own policy efficiently, the system that authorizes ones according to service list provided by organizations is necessary. This paper suggests the model and method that write personal policy for his information protection based on the service list provided by organizations. Through this model, fine-grained authorization and policy change are easily made and ultimately the access control customized according to one's own information is possible.