• Journal of Korea Entertainment Industry Association
• /
• v.13 no.8
• /
• pp.647-659
• /
• 2019

The purpose of this study was to examine the relationship between the awareness of health care workers on the protection of patient health information and their practice of it in an attempt to provide some information on the policy setting of health care institutions about medical information protection. As a result, the awareness of the health care workers on the protection of patient health information and their practice of it were both the best in the communication area, followed by the patient health information management area and the area of direct contact with health information. As for the variables linked to their awareness and practice of patient health information protection, the type of the health care institutions, job satisfaction, religion and the departments in which they worked were significantly related. To determine what factors affected the patient health information management area, a multiple regression analysis was carried out by selecting the area of direct contact with patient health information and the communication area as independent variables and by selecting the patient health information management area as a dependent variable. And it's found that the patient health information management area became better when the area of direct contact with the information and the communication area were better.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.4
• /
• pp.1046-1058
• /
• 1997

WWW has taken root in Internet as a means of future shopping.But paymetn systems using tpdays show us several security vnlnerabilities.The problem that plain shpter's credit card details are transferred in Internet is included.Thnese risks can break out not only an infringement of pribate information but also economic crime.To solve these risks,we introduce the techique which implrment the encrypted WWW communication using PGP.And we propose SCCP which is new electronic payment protocol.As a result of testing with criteria from IBM,we can find that SCCP is safe and secure electronic payment protocol.As a result of testing with criteria from IBM,we can find that SCCP is safe and secure elctronic payment protocol.

• The Journal of the Korea Contents Association
• /
• v.8 no.6
• /
• pp.66-73
• /
• 2008

The concept of u-Vehicle is a technological model that people try to build the ubiquitous world in the car which moves, by using the RFID technology as well as the telematics service based on the location. RFID is weak on the point of information security because RFID has possibility for being abused such as chasing, counterfeiting, and invading personal privacy. RFID's tags use a weak cryptographic algorithm. This paper presents the vulnerabilities of information security under u-Vehicle environments. To solve that, we propose a mechanism enhancing RFID tag's security but with low cost by reducing the number of mutual authentication stages and using the hash function.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1231-1238
• /
• 2013

In the background of rapidly increasing domestic cloud service demand, worries about security and privacy incidents can hinder the promotion of cloud service industry. Thus, it is crucial that the independent 3rd party assures the reliability for using the cloud service. This paper compares several external and internal cloud service certification cases, for example CSA certification, FedRAMP certification, KCSA certification, and concludes that insufficient security and privacy controls are prevailing. As a consequence, several enhanced countermeasures by using ISO/IEC 27017, KISA's ISMS considering manageability and expertise are proposed in the cloud service certification system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.81-88
• /
• 2013

As social network service(SNS) has grown rapidly, the variety information being shared through SNS. However, the privacy of individuals can be violated due to the shared information through a SNS or the post written in the past at the SNS. Although, many researches concerned about it, they did not suggest key management and access control especially. In this paper, we propose the method for the protection of the message in SNS using access control and hash-chain.

• Convergence Security Journal
• /
• v.10 no.3
• /
• pp.61-68
• /
• 2010

Recently a malware is increasing for leaking personal data, credit information, financial information, etc. The secondary damage is also rapidly increasing such as the illegal use of stolen name, financial fraud, etc. But when a system is infected by a malware of leaking information, the existing malware evidence collection tools do not provide evidences conveniently or sometimes cannot provide necessary evidences. So security officials have much difficulty in responding to malwares. This paper analyzes the current status and problems of the existing malware evidence collection tools and suggests new ways to improve those problems.

• The KIPS Transactions:PartC
• /
• v.19C no.1
• /
• pp.63-70
• /
• 2012

To ensure privacy of individual information in remote healthcare service, health data should be protected through a secure technology such as encryption scheme. Only user who delegated decryption right can access to sensitive health data and delegator needs capability for revocating access privilege. Recently, in ubiquitous environment, CP-ABTD(Ciphertext-Policy Attribute-Based Threshold Decryption with Flexible Delegation and Revocation of User Attributes) which extends CP-ABE(Ciphertext-Policy Attribute-Based Encryption) has been proposed for these requirements. In this paper, we construct remote healthcare monitoring system with delegation and revocation capability for attribute in CP-ABTD. Finally, we analyze collusion attack between users in our system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.901-911
• /
• 2012

The removal of security vulnerabilities during the developmental stage is found to be much more effective and much more efficient than performing the application during the operational phase. The underlying security vulnerabilities in software have become the major cause of cyber security incidents. Thus, secure coding is drawing much attention for one of its abilities includes minimizing security vulnerabilities at the source code level. Removal of security vulnerabilities at the software's developmental stage is not only effective but can also be regarded as a fundamental solution. This thesis is a research about the methods of Mobile-Secure Coding Self Assessment in order to evaluate the security levels in accordance to the application of mobile secure coding of every individual, groups, and organizations.

• The Korean Journal of Applied Statistics
• /
• v.10 no.1
• /
• pp.5-14
• /
• 1997

The difficulty of statistical survey has been weighted according to the development and the democratization of society. Since the survey cost increases and the quantity and the quality of the needed information become more diversity it is very hard to produce accurate and appropriate statistics in time. In order to cope with these survey conditions properly, we reviewed the statistical system of Korea and major countries, and proposed the improvable directions of our statistical system.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.23 no.2
• /
• pp.113-119
• /
• 2013

Face recognition techniques have been widely used for various areas including criminal identification due to their capability of easy implementing and user friendly interface. However, they have some drawbacks related to individual's privacy in case that his or her face information is divulged to illegal users. So, this paper proposed a novel method for protecting face template based on the real fuzzy vault. This proposed method has some advantages of regenerating a new face template when a registered face template is disclosed. Through implementing and testing the proposed method, we showed its validity and usefulness.