• Journal of the Korean Institute of Intelligent Systems
• /
• v.20 no.2
• /
• pp.173-180
• /
• 2010

The research of the preserving privacy of sensitive information has been popular recently. Many researches about the techniques of generalizing records under k-anonymity rules have been done. Considering that data anonymity requires a lot of time and resources, it would be important to decide whether a table is vulnerable to privacy attacks before being opened in terms of the improvement of data utilization as well as the privacy protection. It is also important to check to which attack the table is vulnerable and which of anonymity methods should be applied in the table. This paper describe two possible privacy attacks based upon related references. Also, we suggest the technique to check whether data table is vulnerable to any attack of them and describe what kind of anonymity methods should be done in the table. The technique we suggest in this paper can also be applied for checking the safety of anonymity tables in which insert or delete operations occurred as well from privacy attacks.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.35-43
• /
• 2023

As digital infrastructure increases connections and convergence progress rapidly in all areas, and it is most important to ensure safety from cyber infringement or hacking to continue national growth. Accordingly, it examines the obstacles to cyber threat information sharing, which is the basis for responding to cyber infringement, and suggests ways to improve efficiency. First of all, information sharing is divided into three areas: the government, cyber security companies, small and medium-sized enterprises and individuals and the requirements are checked from their respective positions. We will supplement this and explore ways to strengthen cybersecurity and provide economic benefits to each other. Therefore, national and public organizations will propose policies to create an cybersecurity industry ecosystem with a virtuous cycle that leads to diversification of cyber threat information sources, strengthening cybersecurity for general companies and individuals, and creating demand for the cybersecurity industry. The results of the study are expected to help establish policies to strengthen national cybersecurity.

• Review of KIISC
• /
• v.15 no.3
• /
• pp.40-47
• /
• 2005

RFID(Radio Frequency Identification)기술은 제조업체에서 상품 출하시 상품에 붙여서 유통, 물류, 판매, 사후관리 등 다양한 응용 분야로 적용될 수 있어 파급 효과가 큰 기술이다. 강력한 보안기능이 요구되는 환경에서는 능동형 RFID 기술이 적용되고 있으며, 이동환경에서 다양한 응용 서비스와 접목하기 위한 모바일 RFID 기술이 개발되고 있다. 그러나 RFID 서비스 환경에서 불법적인 위변조${\cdot}$도청${\cdot}$추적 등은 기업의 물품정보 뿐만 아니라 개인의 이동에 따른 위치, 시간 등 개인프라이버시 정보까지 파악될 수 있어, 보안 및 사생활 침해에 심각한 위협이 되고 있다. 따라서 최근 활발히 진행되고 있는 능동 및 모바일 RFID 서비스 환경에 적합한 정보보호 기술과 개인 프라이버시 보호 기술에 대한 연구동향과 표준화 동향에 대하여 소개하고자 한다.

• Informatization Policy
• /
• v.21 no.1
• /
• pp.3-16
• /
• 2014

The personal information is now considered more valuable and important topic in this highly improved knowledge information society. In this research, 50 research papers and government reports between 2000 and 2013 are analysed to understand a trend of academic research of the personal information. To summarize of the result of the analysis, firstly, there are many discussions and emphases to governmental protections of the personal information, mainly in the qualitative and legal system level. Secondly, there are insufficient researches of the personal information, particularly in the academic field rather than government and national research institutes. Thirdly, there are not sufficient investigations to approach influential reasons and relations of cause and effect, though there are much enough researches on the actual and present conditions of the protection of the personal information. To develop the investigation of the personal information, it needs to be considered to research more about systematic approach to the issue of personal information, expansion of research area considering the changeable IT environment, diverse methodological experiment like a metrical way, reformation of investigation system, and improved information management in the private sector.

• Annual Conference of KIPS
• /
• 2014.11a
• /
• pp.482-485
• /
• 2014

온라인 중고물품 거래의 장점은 인터넷을 사용하는 모든 사용자에게 자신이 팔고자 하는 물건을 쉽게 알릴수 있다는것이다. 하지만 온라인에서 중고물품 거래 시에 개인의 정보를 노출할 경우가 많아지게 되는데 이는 프라이버시를 침해할 수 있다. 온라인 중고물품거래시에 사용자들은 자신이 판매하는 물건과 함께 이메일 주소나 핸드폰 번호를 노출하게 되는데 이 정보를 소셜네트워크서비스에 연결하면 특정인에 정보를 획득할 수 있게 된다. 공격자는 온라인 중고물품거래가 진행되는 곳에서 특정인에 대한 정보를 획득한뒤 소셜네트워크서비스와 정보를 연결하여 특정인에 대한 스토킹이나 피싱, 금융사기같은 범죄를 할 가능성이 있다. 본 논문에서는 개인정보노출에 대한 위험성을 알아보기 위해 중고물품 사이트에서 획득한 개인정보를 소셜네트워크서비스에 연결하여 개인 식별가능성을 실험해 보았으며 이를 막기 위한 방법을 제안하였다.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.5
• /
• pp.731-737
• /
• 2011

The purpose of this study is to examine Internet users' psychological anxiety about the possibility of personal information leakage. The investigator examined the difference of psychological anxiety focusing on the possibility of personal information leakage according to the use amount of Internet, the number of joined sites and the frequency of e-commerce transaction. Study findings show that women felt more psychological anxiety than men did. In addition, people who used Internet more frequently felt more psychological anxiety. However, the number of joined sites and the average frequency of e-commerce transaction in a month had no significant influence upon users' psychological anxiety about the possibility of personal information leakage.

• The Korean Society of Law and Medicine
• /
• v.22 no.4
• /
• pp.185-210
• /
• 2021

On September 24, 2021, the new provisions(Article 38-2 of the Medical Service Act) mandatory CCTV installation in operating rooms where the unconscious patient is operating such as general anesthesia. The revised medical law aims to effectively prevent illegal activities that may occur in the operating rooms and to promote appropriate resolution to medical dispute. According to the law, medical institutions operating unconscious patients, such as general anesthesia, must install CCTVs in the operating rooms by September 25, 2023, and film surgical scenes only at the request of patients and their guardians, regardless of the consent of the medical personnel. The bill delegated the legislative device to minimize infringement of fundamental rights to subordinate statutes without stipulating it in the law.(Article 38-2(10)) The most realistic policy plan to minimize the infringement of the fundamental rights of patients is to prepare specific regulations. Therefore, this study examines the legislative background and main contents of the amended CCTV installation bill, and suggests issues to be reviewed when preparing subordinate statutes by analyzing major issues. It was reviewed based on compliance with the principle of minimizing infringement of fundamental rights of information subjects in the operating rooms. The information subjects of CCTV are health professionals and patients. Suggesting issues should be considered when preparing subordinate statutes so that the purpose of the CCTV installation law can be achieved while minimizing infringement of right of self-determination of personal information, personality rights, and human rights. It is hoped that this paper will be referred when discussing subordinate statutes and regulations to contribute minimizing infringement of fundamental rights.

• The Korean Journal of Air & Space Law and Policy
• /
• v.29 no.2
• /
• pp.135-161
• /
• 2014

An unmanned aerial vehicle (UAV), commonly known as a drone and also referred to as an unpiloted aerial vehicle and a remotely piloted aircraft (RPA) by the International Civil Aviation Organization (ICAO), is an aircraft without a human pilot aboard. ICAO classify unmanned aircraft into two types under Circular 328 AN/190. Unmanned aircraft, which is the core of the development of the aviation industry. However, there are also elements of the legal dispute. Unmanned aircraft are manufactured in small size, it is possible to shoot a record peripheral routes stored in high-performance cameras and sensors without the consent of the citizens, there is a risk of invasion of privacy. In addition, the occurrence of the people of invasion of privacy is expected to use of civilian unmanned aircraft. If the exposure of private life that people did not want for unmanned aircraft has occurred, may occur liability to the operator of unmanned aircraft, this is a factor to be taken into account for the development of unmanned aircraft industry. In the United States, which is currently led by the unmanned aircraft industry, policy related to unmanned aircraft, invasion of privacy is under development, is preparing an efficient measures making. Unmanned aircraft special law has not been enforced. So there is a need for legal measures based on infringement of privacy by the unmanned aircraft. US was presented Privacy Protection Act of unmanned aircraft (draft). However Korea has many laws have been enacted, to enact a new law, but will be able to harm the legal stability, there is a need for the enactment of laws for public safety of life. Although in force Personal Information Protection Law, unmanned aerospace, when the invasion of privacy occurs, it is difficult to apply the Personal Information Protection Law. So, it was presented a privacy protection bill with infringement of privacy of unmanned aircraft in the reference US legislation and the Personal Information Protection Act.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2012.05a
• /
• pp.359-361
• /
• 2012

스마트 그리드는 전력망에 정보기술을 접목하여, 전력공급자와 소비자가 양방향으로 정보를 실시간으로 교환하고 에너지효율을 최적화하여 새로운 부가가치를 창출할 수 있는 차세대 전력망이며 기존의 전력 시스템과는 달리 시스템의 개방성이 높아짐으로서 보안위협이 증가하였다. 이러한 보안 위협 중에서 본 연구는 전력망 소비자의 개인정보와 밀접한 관련을 갖는 사용자도메인에서 발생가능한 개인정보 침해 위협을 분석한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.745-756
• /
• 2016

As infringement accidents of personal information have often occurred and estimates of damages are too large, the government introduces many certifications related with personal information management system for protecting personal information. Among them, PIMS and PIPL share many points in common, so many complaints about duplicate regulation have been suggested. This study evaluates the duplication of two certifications in order to examine redundancy between PIMS and PIPL both of which have been controversial.