• Convergence Security Journal
• /
• v.14 no.3_2
• /
• pp.3-12
• /
• 2014

The government was fully aware of the gravity of a recent massive leak of personal information of credit card users. Meanwhile, the government just took a light disciplinary action by imposing a fine, but it showed its intention to strengthen the regulations by taking the severest disciplinary action. The tightened regulations against personal information leak will be applied to the private security industry without exception to protect individual people's property and lives if such an incident occurs in that industry that deals with a wide variety of personal information such as CCTV data or privacy information all the time. The purpose of this study was to examine the state of the protection and management of personal information for service users among private security firms in an effort to suggest some reform measures. The findings of the study were as follows: First, administrators or managers who are involved with personal information protection should make a full-fledged effort to gather information. Second, counseling or related programs should be provided for small and mid-sized security firms to guarantee thorough personal information protection. Third, Korea Security Association should improve the educational system related to personal information protection to resolve problems with this education currently provided for managers and employees of these companies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.705-715
• /
• 2017

Today, the world is evolving into a huge community that can communicate with real-time information sharing and communication based on the rapid advancement of scientific technology and information. Behind this information, the adverse effects of information assets, such as hacking, viruses, information assets, and unauthorized disclosure of information assets, are continually increasing as a serious social problem. Each time an infringement of the invasion and personal information leaks occur, many regulatory policies have been announced, including stricter regulations for protecting the privacy of the government and establishing comprehensive countermeasures. Also, companies are making various efforts to increase awareness of the importance of information security. Nevertheless, information security accidents like the leaks of industrial secrets are continuously occurring and the frequency is not lessening. In this thesis, I proposed a customized security policy methodology that supports users with various business circumstances and service and also enables them to respond to the security threats more confidently and effectively through not a monotonous and technical but user-centered security policy.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.382-383
• /
• 2012

홈페이지를 통한 개인정보 노출이나 개인정보 보유자의 부주의로 인한 개인정보 유출사고는 개인정보 보유자가 저장하고 있는 파일에 포함된 개인정보를 통해 발생하고 있고 이러한 문제를 해결하기 위해서 현재는 하드웨어 개인정보 필터링 제품이 출시되고 적용되어 사용하고 있지만 적용 및 운영이 매우 어렵고 적용하였다 하더라도 사용자가 등록하는 개인정보 필터를 하는데 있어서 부하가 많은 부분이 있고 심각하게는 서버가 데드록 현상이 발생하여 운영에 문제가 되는 경우가 있었다. 이러한 문제점들을 해결하기 위해서 HTML5 기술을 이용한 개인정보필터링 필터링 시스템을 제안하고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.2
• /
• pp.263-277
• /
• 2020

Children's use of the Internet is growing. Each company collects children's personal information. However, it is also difficult for children to recognize the concept of personal information. In this study, based on the analysis of newspaper children's personal information leakage, we investigated the occurrence of personal information leakage in children through ground theory, one of qualitative research methods used in the social science field. The ground theory is thought to be able to derive a causal relationship by identifying the leakage of children's personal information. As a result of the study, it was collected through the consent of the legal representative, but depending on the situation, the consent process was not performed. Even with the consent, it was found that due to insufficient measure to protect personal information, various situation(criminal damage, anxiety, embarrassment, anger, etc.) occurred the legal representative. As a result, children's personal information collection providers paid fines according to the situation.

• Electronics and Telecommunications Trends
• /
• v.28 no.3
• /
• pp.30-38
• /
• 2013

PC 및 스마트기기의 사용이 일반화됨에 따라, 최근 개인의 민감한 정보가 외부로 유출되는 사고가 빈번히 발생하고 있다. 그럼에도 불구하고, 일반적인 사용환경에서는 개인의 데이터가 평문 파일 형태로 관리되고 있는 실정이며, 이러한 상황에서는 공격자가 수월하게 공인인증서 및 개인정보 유출이 가능하다. 본고에서는 데이터를 보다 안전하게 저장 관리하기 위한 안전 저장장치에 대한 개념 및 기술 동향에 대하여 살펴본다. 특히, 현재까지 사용되고 있는 소프트웨어와 하드웨어 기반의 안전 저장장치 전반에 걸친 기술 동향 및 각 모듈의 특징을 분석하고 향후 연구 방향에 대하여 논한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.721-737
• /
• 2014

The Resident Registration Number(RRN) system has been effectively acted as a national identification system since it was enforced. On the other hand, there are some problems such as leakages of personal informations including RRNs on a large scale and each RRN makes a pair with each person in all areas of the society. Nevertheless leakages of them might cause a big damage, there is no radical countermeasure for they are never changed in actual fact. In Republic of Korea, a RRN acts as a primary key of a database, so it has to be protected by severing the connectivity between leaked RRNs and the other personal data. In this paper, the Unconnected Random Personal Identification Number system is proposed for preventing damage of data spills by removing a dependency which the RRN has. Furthermore, this paper suggests the solutions against some potential issues in the system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.153-162
• /
• 2009

When a private information security incident occurs, the people who own the information are not acknowledged about their information leakage until those affairs appear in public media. This research aims at developing a mobile alarm system for acknowledging suspicious events to the information owners. The mobile alarm system was designed considering the limited user interface of mobile terminal and concept of "personal information leakage message tree" is deployed. The message tree contains every possible situation about personal information leakage and the leaves of the tree has several choices that the information owner can select. This message tree concept enables each information owner to manager his or her information leakage situation by just pushing a few buttons of mobile device. The contribution of this paper is in design of a comprehensive alarm message tree and development of mobile alarm system containing the message tree concept.

• Journal of Digital Convergence
• /
• v.11 no.1
• /
• pp.107-119
• /
• 2013

The purpose of this study is to find an answer why internet users are unconcern about their privacy information. We found that perceived privacy risk and website usability have a significant effect on privacy unconcern. That is, individuals who have experiences privacy incidents are more likely to be unconcern about their privacy information. Accordingly, organizations who supply services on the web have to pay more attention to these individuals to increase a privacy concern. Implications and Conclusions are discussed.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.11
• /
• pp.1993-1998
• /
• 2008

Web robot engine for searching web sever vulnerability and malicious code is proposed in this paper. The main web robot function is based on searching technology which is derived from analyses of private information threat. We implemented the detecting method for phishing, pharming and malicious code on homepage under vulnerable surroundings. We proposed a novel approachm which is independent of any specific phishing implementation. Our idea is to examine the anomalies in web pages.

• Journal of the Korea Convergence Society
• /
• v.9 no.3
• /
• pp.231-240
• /
• 2018

Recently, personal information processing are becoming more important in the behavioral advertising based on online and mobile platform. The behavioral advertising analyzes and utilizes individual's search & purchase history, hobbies, and tendency based on the personal behavior information collected using the automatic collection device. Therefore, it collects and stores other types of personal information which did't defined in Privacy Act and can analyze personal behavior. This characteristics may cause disclosure of personal information and exposure to intrusion. In this paper, we investigate and analyze the privacy policy of the advertising agencies, and discussded the measures to be taken in collecting, storing and using personal information suitable for behavior information.