• 정보화사회
• /
• s.168
• /
• pp.12-16
• /
• 2004

정보보호기술은 사이버 공간을 통한 정보침해의 양상이 다양화.지능화되고, 새로운 정보통신서비스가 등장함에 따라 기술 발전도 더욱 가속화될 전망이다. 이제 사이버상의 범죄 예방 및 국가차원의 정보보호를 제고하기 위하여 정보보호산업의 육성은 매우 시급한 실정이다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.627-630
• /
• 2006

정보사회에서 인터넷을 기반으로 한 IT관련 기술의 빠른 증가와 더불어 유비쿼터스 환경의 연구 또한 점점 가시화 되어 지고 있다. 이와 더불어, 웹 기반의 분산 컴퓨팅 환경 내에서 관련 정보들의 수집, 보관, 공유, 이동이 활발해지면서, 개인정보의 불법적 유출, 남용에 따른 사생활 침해문제를 해결하기 위한 방안에 관심이 집중되고 있다. 이에 본 논문에서는 유비쿼터스 환경 내에서의 신뢰할 수 있는 개인정보 아키텍처를 구현하기 위한 3단계의 개인정보 보호 메커니즘/통합사용자 인증 메커니즘 CAM(Consolidated Authentication Mechanism), 개인정보정책 메커니즘 PPM(Privacy Policy Mechanism), 개인정보 통제 메커니즘 OCM(Output Control Mechanism)을 제시하였다. 또한 사용자에게 개인정보 사용시 정보의 중요도에 따른 "알림(Notice)" 기능을 웹 브라우저 내 개인정보 적용 기술(P3P)과 연동하여 제공하고, 접근 제어하는 기술적 적용 방안을 소개함으로써 개인 정보의 연동시 오 남용 방지 방안과 시스템 환경 내 실용 가능성(feasibility)을 소개하였다.

• 정보화사회
• /
• s.184
• /
• pp.44-47
• /
• 2007

새해부터는 프로그램저작권 침해행위에 대한 벌칙이 현행 3년 이하의 징역에서 5년 이하의 징역으로 강화된다. 특히, 개인정보보호에 관한 법률이 크게 강화될 예정으로 개인정보를 취급하는 통신사업자의 개인정보 관리.감독 기준이 대폭 강화될 전망이며, 청소년의 유해정보차단을 효율적으로 집행하기 위한 법도 새로 시행될 전망이다. 이밖에도 새해에는 기간통신사업자의 지분인수 시 정보통신부 장관의 인가를 받아야 하며, 무선국 시설자들은 전자파강도를 측정하는 의무가 부여되는 등 많은 부분에서 새로운 제도가 시행될 전망이다. 또, 국세청장이나 지방국세청장도 조세범칙사건의 조사에 필요한 경우에 통신 자료제공을 요청할 수 있도록 법적근거를 마련해 통신매체를 활용한 탈세행위가 새해에는 원천 차단될 전망이다.

• Journal of IKEEE
• /
• v.27 no.4
• /
• pp.548-555
• /
• 2023

With the advancement of the internet, the use of personal information in online interactions has increased, underscoring the significance of data protection. Breaches of personal data due to unauthorized access can result in psychological and financial damage to individuals, and may even enable wide-ranging societal attacks aimed at those associated with the victims. In response to such threats, there is active research into security measures using blockchain to safeguard personal information. This study proposes a system that uses middleware and IAM (Identity and Access Management) services to protect personal information in a BaaS (Blockchain as a Service) environment where blockchain is provided via the Internet. The middleware operates on servers where IAM roles and policies are applied, authenticates users, and performs access control to allow only legitimate users to access blockchain data existing in the cloud. Additionally, to understand the impact of the proposed personal information protection method on the system, we measure the response time according to the time taken and the number of users under three assumed scenarios, and compare the proposed method and research related to personal information protection using blockchain in terms of security characteristics such as idea, type of blockchain, authentication, and confidentiality.

• Journal of Advanced Navigation Technology
• /
• v.13 no.2
• /
• pp.272-279
• /
• 2009

A location information used in LBS provides convenience to the user, but service provider can be exploited depending on how much risk you have. Location information can be exploited to track the location of the personal privacy of individuals because of the misuse of location information may violate the user can import a lot of damage. In this paper, we classify the life cycle of location information as collection, use, delivery, storage and destroy and analyze the factors the privacy is violated. Furthermore, we analyze information security mechanism is classified as operation mechanism and policy/management mechanism and propose a security solutions of all phase in life cycle.

• 정보보호뉴스
• /
• s.137
• /
• pp.26-29
• /
• 2009

지난 2008대규모 해킹 개인정보 유출 등 보안 사고로 얼룩진 한 해였다. 중국발 해킹으로 인해 국내 대표 오픈마켓 회원 1,000개인정보가 유출됐고, 포털 사이트의 고객 상담정보가 해커에 의해 탈취됐으며, 정유회사 고객정보 1,100내부 직원에 의해 유출되는 등 다양한 형태의 보안 사고가 발생했던 한해였다. 지난 십여년에 결쳐 진행된 정보화혁명으로 인해, 거의 모든 정보들이 디지털화되고 인터넷을 통한 유통이 일반화되면서 정보보호 이슈는 날이 갈수록 심화되고 있는 실정이다. 인터넷이 우리 사회에 가져 올 순기능은 형언할 수 없을 만큼 크지만 개인정보 침해를 비롯한 역기능 또한 심각한 수준에 이르고 있다. 향후 유비쿼터스 시대 도래 등과 더불어 다양한 개인 맞춤형 IT 서비스가 더욱 확산된다면 개인정보 보호와 프라이버시에 대한 이슈는 지금보다 더 첨예하게 대두될 것으로 예상된다. 더 많은 정보사회의 편익을 누리기 위해 개인정보의 적절한 수집과 활용은 계속될 것이기 때문이다. 그런 의미에서 개인정보 보호는 고도 정보화 사회를 위한 기본 전제조건이자, 결정적인 신뢰요소다. 그리고 지금은 우리 사회 의 개인정보보호 수준제고를 위해 모두의 지혜가 필요한 시점이다.

• The Journal of the Korea Contents Association
• /
• v.19 no.12
• /
• pp.376-388
• /
• 2019

One important online marketing practice to emerge in recent years is online behavioral advertising. Online behavioral advertising entails a range of issues, including the following: personal information collection and usage agreements (three conditions: no agreement, agreement, or agreement with a reward), consumers' levels of perceived personalization (low vs. high), and consumers' level of online privacy concerns (low vs. high). The effects of all these is what this study is designed to examine, as it evaluates online behavioral advertising. Study findings suggest that types of information collection and usage agreement play a pivotal role in the evaluation of online behavioral ads. Individuals who provided the informed consent form with the possible reward had a more favorable attitude toward the brand than individuals who provided the informed consent form without a possible reward. In terms of personalization, the level of perceived personalization of the advertising message impacted consumers' attitudes toward the online behavioral ad and toward the brand. Finally, online privacy concerns appear to impact consumers' attitudes toward the online behavioral ad and toward the brand. Theoretical and practical implications are also discussed.

• Information Systems Review
• /
• v.25 no.3
• /
• pp.99-120
• /
• 2023

Courier services users' experience of violating privacy affects psychology and behavior of protecting personal privacy. Depending on what privacy infringement experience (PIE) of courier services users, learning about perceived privacy infringement incidents is made, recognition is formed, affection is formed, and behavior is appeared. This paradigm of changing in privacy psychologies of courier services users has an important impact on predicting responses of privacy protective action (PPA). In this study, a theoretical research framework are developed to explain the privacy protective action (PPA) of courier services users by applying attitude theory. Based on this framework, the relationships among past privacy infringement experience (PIE), perceived privacy risk (PPR), privacy concerns (i.e., concerns in unlicensed secondary use (CIUSU), concerns in information error (CIE), concerns in improper access (CIA), and concern in information collection (CIC), and privacy protective action (PPA) are analyzed. In this study, the proposed research model was surveyed by people with experience in using courier services and was analyzed for finding relationships among research variables using structured an equation modeling software, SMART-PLS. The empirical results show the causal relationships among PIE, PPR, privacy concerns (CIUSU, CIE, CIA, and CIC), and PPA. The results of this study provide useful theoretical implications for privacy management research in courier services, and practical implications for the development of courier services business model.

• Journal of Platform Technology
• /
• v.11 no.3
• /
• pp.56-67
• /
• 2023

Recently, de-identification of personal information, which has been a long-cherished desire of the data-based industry, was revised and specified in August 2020. It became the foundation for activating data called crude oil[2] in the fourth industrial era in the industrial field. However, some people are concerned about the infringement of the basic rights of the data subject[3]. Accordingly, a development study was conducted on the Batch De-Identification Tool, a personal information de-identification automation tool. In this study, first, we developed an image labeling tool to label human faces (eyes, nose, mouth) and car license plates of various resolutions to build data for training. Second, an object recognition model was trained to run the object recognition module to perform de-identification of personal information. The automated personal information de-identification tool developed as a result of this research shows the possibility of proactively eliminating privacy violations through online services. These results suggest possibilities for data-based industries to maximize the value of data while balancing privacy and utilization.

• Information Systems Review
• /
• v.20 no.1
• /
• pp.17-39
• /
• 2018

SNS enables people to easily connect and communicate with each other. People share information, including personal information, through SNS. Users are concerned about their privacies, but they unconsciously or consciously disclose their personal information on SNS to interact with others. The privacy of a self-disclosed person can be intruded by others. A person can write, fabricate, or distribute a story using the disclosed information of another even without obtaining consent from the information owner. Many studies focused on privacy intrusion, especially from the perspective of a victim. However, only a few studies examined privacy intrusion from the perspective of an intruder on SNS. This study focuses on the intention of privacy intrusion from the perspective of an intruder on SNS and the factors that affect intention. Privacy intrusion intentions are categorized into two types. The first type is intrusion of privacy by writing one's personal information without obtaining consent from the information owner;, whereas the other type pertains to intrusion of privacy by distributing one's personal information without obtaining consent from the information owner. A research model is developed based on motivation theory to identify how these factors affect these two types of privacy intrusion intentions on SNS. From the perspective of motivation theory, we draw one extrinsic motivational factor (response cost) and four intrinsic motivational factors, namely, perceived enjoyment, experience of being intruded on privacy, experience of invading someone's privacy, and punishment behavior. After analyzing 202survey data, we conclude that different factors affect these two types of privacy intrusion intention. However, no relationship was found between the two types of privacy intrusion intentions. One of the most interesting findings is that the experience of privacy intrusion is the most significant factor related to the two types of privacy intrusion intentions. The findings contribute to the literature on privacy by suggesting two types of privacy intrusion intentions on SNS and identifying their antecedents from the perspective of an intruder. Practitioners can also use the findings to develop SNS applications that can improve protection of user privacies and legitimize proper regulations relevant to online privacy.