• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.301-304
• /
• 2021

4차 산업혁명 시대가 도래함에 따라 사물인터넷(IoT)이 다양한 산업의 영역에서 활용되고 있다. 특히 IoT 기술 및 서비스를 활용하는 분야 중 하나인 스마트 의료 분야는 최근 소프트웨어 및 네트워크의 연결성이 강화되면서 사이버보안 사고가 급증하고 있다. 따라서 스마트 의료 기기·서비스 개발단계부터 보안을 고려하여 안전하게 개발하는 것이 필요하며, 서비스 제공시에도 보안을 고려하여 안전하게 관리 및 서비스를 제공하는 것이 필요하다. 이에 본 연구에서는 IoT 서비스 활용 분야 중 스마트 의료 분야에서 원격의료 서비스의 개인정보 침해 요인을 도출하고 이를 토대로 어택트리 기반의 시나리오 분석을 수행하고자 한다.

• Journal of Advanced Navigation Technology
• /
• v.13 no.2
• /
• pp.272-279
• /
• 2009

A location information used in LBS provides convenience to the user, but service provider can be exploited depending on how much risk you have. Location information can be exploited to track the location of the personal privacy of individuals because of the misuse of location information may violate the user can import a lot of damage. In this paper, we classify the life cycle of location information as collection, use, delivery, storage and destroy and analyze the factors the privacy is violated. Furthermore, we analyze information security mechanism is classified as operation mechanism and policy/management mechanism and propose a security solutions of all phase in life cycle.

• Journal of Digital Convergence
• /
• v.11 no.1
• /
• pp.107-119
• /
• 2013

The purpose of this study is to find an answer why internet users are unconcern about their privacy information. We found that perceived privacy risk and website usability have a significant effect on privacy unconcern. That is, individuals who have experiences privacy incidents are more likely to be unconcern about their privacy information. Accordingly, organizations who supply services on the web have to pay more attention to these individuals to increase a privacy concern. Implications and Conclusions are discussed.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.1-12
• /
• 2016

Today, with the popularity of smart phones and the proliferation of SNS, anyone is exposed to the risk of personal information leakage. Unlike the prior studies of privacy, this research aims to identify the privacy factors affecting the provision intention of individual information from the SNS Users. This study also analyses how the perceived privacy risks and corporate trust affect the provision intention of individual information. The analysis results of empirical data show that despite experiencing the privacy leakage such as direct hacking and being aware of the risk, people are providing firms with personal information. The most influential variables to perceived privacy risk are information privacy policy, information privacy concern, previous privacy experience and information privacy awareness in the decreasing order of importance. Those to the corporate trust are information privacy policy, information privacy awareness, previous privacy concern and information privacy experience. Besides, the corporate trust and the perceived privacy risk also affect the provision intention of personal information. Finally, this study proposes the implications for personal information privacy.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.04a
• /
• pp.1453-1456
• /
• 2009

본 논문에서는 인터넷 상에 공개된 정보를 기반으로 대부분 대학에서 대행업체에 위탁하고 있는 인터넷 원서접수 업무에 있어서 개인정보보호 문제점을 다룬다. 개인정보보호와 관련된 정책, 시스템 검토, 개인정보 흐름 분석, 개인정보침해요인 분석과 위험평가 및 개선 계획 도출 등 일련의 프로세스 관점에서 개인정보영향평가를 모의 수행함으로써 동 시스템이 가지고 있는 개인정보 관련 문제점 및 개선 방안을 도출한다.

• Information Systems Review
• /
• v.20 no.1
• /
• pp.159-177
• /
• 2018

With an extensive proliferation of information and communication technology, the volume and amount of digital information collected and utilized on the Internet have been increasing rapidly. Also on the rapid rise are side effects such as unintended breach of accumulated personal information and consequent invasion of personal privacy. Informational self-determination is rarely practiced, despite various states' legal efforts to redress data subjects' damage. Personal health information, in particular, is a subcategory of personal information where informational self-determination is hardly practiced enough. The observation is contrasted with the socio-economic inconvenience that may follow due to its sensitive nature containing individuals' physical and health conditions. This research, therefore, reviews factors of self-determination on personal health information while referring to the protection motivation theory (PMT), the long-time framework to understand personal information protection. Empirical analysis of 200 data surveyed reveals threat-appraisal (perceived vulnerability and perceived severity of threats) and coping-appraisal (perceived response effectiveness), in addition to individual levels of concern regarding provided personal health information, influence self-determination to protect personal health information. The research proposes theoretical findings and practical suggestions along with reference for future research topics.

• Convergence Security Journal
• /
• v.4 no.3
• /
• pp.83-90
• /
• 2004

Preventive measures and control over cyber terrorism in Korea is a complex problem. Today laws should meet requirements made by modern technologies development, Law enforcement, special services and judicial system cooperation, their efforts coordination and their material security are priority directions, None of the country is able to prevent cyber terror independently and international cooperation in this field is vital. Taking the above into consideration, we propose and inisit that National Intelligence Service(NIS) should share cyber terror data with Police Agency and have top police authority over the cyber terror.

• Information Systems Review
• /
• v.16 no.2
• /
• pp.1-23
• /
• 2014

With side effects such as Phishing and Spam using personal information in Social Network Service, there is a growing need for studies related to harmful behaviors such as the reason for privacy violation. As such, this study assumed privacy violation to be ethical decision, making behavior and used the Theory of Planned Behavior and Motivation Theory, which are mostly used in social science to identify the factors affecting privacy violation. The results suggested that the Perceived Enjoyment and Punishment used in motivation studies affected privacy violation behaviors, and that the factors of the Theory of Planned Behavior such as Attitude toward Privacy Violation, Subjective Norms of Privacy Violation, and Perceived Behavioral Control with regard to Privacy Violation significantly influenced the Intention to Privacy Violation. On the other hand, Perceived Curiosity and Subjective Norms of Privacy Violation did not affect the Intention to Privacy Violation. Therefore, this study confirmed that the Theory of Planned Behavior was appropriate to explain the Intention to Privacy Violation, and that the variables of the Motivation Theory generally influenced the Attitude toward Privacy Violation. This study was significant since it extended the scope of theoretical privacy study from users and victims centered to inflictor and applied the Extended Theory of Planned Behavior using the variables of the Motivation Theory in the study of Intention to Privacy Violation. From the practical aspect, it provided the ground for privacy education based on the fact that the Attitude toward Privacy Violation can be curbed when education on the Privacy Concerns, Perceived Enjoyment, and Punishment with regard to privacy is strengthened. It also cited the need for the punishment of privacy violation and the practical ground to amend the terms and conditions of user license and Personal Information Protection Act to provide policy support.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.121-134
• /
• 2009

Consumer-centric marketing business is surely one of the most successful emerging business but it poses a threat to personal privacy. Between the service provider and the user there are many contrary issues to each other. The enterprise asserts that to abuse the privacy data which is anonymous there is not a problem. The individual only will not be able to willingly submit the problem which is latent. Web traffic analysis technology itself doesn't create issues, but this technology when used on data of personal nature might cause concerns. The most criticized ethical issue involving web traffic analysis is the invasion of privacy. So we need to inspect how many and what kind of personal informations being used and if there is any illegal treatment of personal information. In this paper, we inspect the operation of consumer-centric marketing tools such as web log analysis solutions and data gathering services with web browser toolbar. Also we inspect Microsoft explorer-based toolbar application which records and analyzes personal web browsing pattern through reverse engineering technology. Finally, this identified and explored security and privacy requirement issues to develop more reliable solutions. This study is very important for the balanced development with personal privacy protection and web traffic analysis industry.

• Informatization Policy
• /
• v.21 no.1
• /
• pp.3-16
• /
• 2014

The personal information is now considered more valuable and important topic in this highly improved knowledge information society. In this research, 50 research papers and government reports between 2000 and 2013 are analysed to understand a trend of academic research of the personal information. To summarize of the result of the analysis, firstly, there are many discussions and emphases to governmental protections of the personal information, mainly in the qualitative and legal system level. Secondly, there are insufficient researches of the personal information, particularly in the academic field rather than government and national research institutes. Thirdly, there are not sufficient investigations to approach influential reasons and relations of cause and effect, though there are much enough researches on the actual and present conditions of the protection of the personal information. To develop the investigation of the personal information, it needs to be considered to research more about systematic approach to the issue of personal information, expansion of research area considering the changeable IT environment, diverse methodological experiment like a metrical way, reformation of investigation system, and improved information management in the private sector.