• Journal of Korean Society of Archives and Records Management
• /
• v.21 no.1
• /
• pp.57-73
• /
• 2021

This study seeks to grasp the current status of and suggest improvements on records disclosure management. Data were collected through a literature review, surveys, and in-depth interviews with 7 record managers and 40 office staff in local governments. Existing records disclosures were also used as references for the discussion. With this, self-reliance efforts within local governments and active roles in central records management institutions were proposed.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.18 no.5
• /
• pp.877-884
• /
• 2023

In this study, when another vehicle is parked in a designated space where a personal vehicle can park and a defined personal use time, an ultrasonic object recognition sensor is used to determine vehicle entry, and a camera sensor recognizes a license plate. If the vehicle is not recognized by the individual vehicle owner, the "private parking lot operation block" of the application server receives the individual phone number based on the National Police Agency's Vehicle Number Information Inquiry Open API. Afterwards, when parking is processed, the non-right holder receives the approval of the parking right holder, parks for the recognized time, and deposits the parking fee into the public account of the city hall. Through this study, it was possible to find an operation processing method that can most effectively manage parking in the city center in a private parking space recognized by the city hall.

• The KIPS Transactions:PartD
• /
• v.9D no.2
• /
• pp.323-328
• /
• 2002

In recent years, e-Commerce is very active on the Internet, especially the World Wide Web alone: with the popularization of Internet using high-speed networks. Especially, Circulation of Multimedia Contents like MP3 data if widely being focused as one of the popular researches. However, the existing models of AOD (Audio On Demand) System lack substantial illegal copy protection or copyright protection. In this paper, we propose an AOD System that guarantees substantial illegal copy protection and copyright protection based on the PKI (Public Key Infrastructure). As transmitting MP3 data using the user's public key, the proposed .method prevents the attack of dropper during transmitting data. Also, it guarantees the right of users and distributors by prohibiting illegal users from using MP3 data.

• The Journal of the Korea Contents Association
• /
• v.22 no.6
• /
• pp.125-134
• /
• 2022

This study aims to critically discuss the problems that need to be solved from a humanities perspective in order to utilize big data. It identifies and discusses three research problems that may arise from collecting, processing, and using big data. First, it looks at the fake information circulating with regard to problems with the data itself, specifically looking at article-type advertisements and fake news related to politics. Second, discrimination by the algorithm was cited as a problem with big data processing and its results. This discrimination was seen while searching for engineers on the portal site. Finally, problems related to the invasion of personal related information were seen in three categories: the right to privacy, the right to self-determination of information, and the right to be forgotten. This study is meaningful in that it points out the problems facing in the aspect of big data utilization from the humanities perspective in the era of big data and discusses possible problems in the collection, processing, and use of big data, respectively.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.995-1012
• /
• 2016

In Internet of Things (IoT) environments, devices or sensors everywhere can automatically collect data without the individual awareness, further combine and share data using ubiquitous network, and thus the development of IoT raises new challenges in respect of personal data protection and privacy. This study aims to identify main issues related to data protection in the IoT and propose adequate measures. We analyzed the types of personal data controllers and processors in IoT and figured out the issues regarding the processing of personal data and the rights to privacy of data subject. Accordingly, we suggested the institutional ways (e.g., establishment of user-friendly notice and flexible consent system, re-identification risk monitoring system, data protection in cross-border transfer, and user education) to improve the situation of personal data protection in IoT and finally proposed the improvement tasks to carry out first based on the degree of urgency and importance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.981-997
• /
• 2020

Blockchain technology can provide a high level security based on a decentralized distributed ledger and consensus-based structure. In order to increase the utilization of blockchain technology, it is necessary to find a way to use it in fields that require personal data processing such as health care and e-commerce. To achieve this goal, the blockchain based system should be able to comply with data privacy regulations represented by European Union(EU)'s GDPR(General Data Protection Regulation). However, because of the properties of the blockchain like the immutability and decentralized recorded data, it is difficult to technically implement the requirements of the existing privacy regulations on the blockchain. In this paper, we propose a multi-chain based access control system that can guarantee the rights of the personal data subject required by GDPR by utilizing Chameleon Hash and Attribute Based Encryption (ABE). Finally, we will show through security analysis that our system can handle personal data while maintaining confidentiality and integrity.

• The KIPS Transactions:PartD
• /
• v.16D no.1
• /
• pp.123-132
• /
• 2009

Even support-and-management efforts by government are enforced with the growing international restrictions for complying with global standard, not a few private enterprises are still suffering software management problems from lack of understanding the software asset management and carelessness of the software management. This is due to the ambiguous scope of software asset management as well as characteristics of software property such as invisibility, easiness of copy and installation. In other words, it is not easy for software managers to comply all the information throughout the software life cycle; from purchasing, procurement. distribution, preservation to disposition. Therefore, Inspector which has been developed for resolving these problems are proposed in this study. The inspection service consists of search algorithms adapted for software characteristics, standardization of software right management information, and practical use of registry information. Inspection time for a PC by using inspector make the inspection time much shorter. It is also shown that effective software management enables the enterprise to curtail software acquisition cost and to help rationalizing its business management.

• The Korean Society of Law and Medicine
• /
• v.22 no.3
• /
• pp.31-55
• /
• 2021

The Personal Information Protection Act, one of the revised 3 Data Laws, established a special cases concerning pseudonymous data. As a result, a personal information controller may process pseudonymized information without the consent of data subjects for statistical purposes, scientific research purposes, and archiving purposes in the public interest, etc. In addition, as a follow-up to the revised Personal Information Protection Act, a 'Guidelines for Utilization of Healthcare Data' was prepared, which deals with the pseudonymization in the medical sector. The guidelines are meaningful in that they provide practical criteria for accomplices by defining specific interpretations and examples that take into account the characteristics of healthcare data. However, the guidelines need to clarify the purpose of using pseudonymous data and strengthen the fairness of the composition of the data deliberation committee. The guidelines also require establishing a healthcare data compensation framework and strengthening the protection of rights for vulnerable subjects. In addition, the guidelines need to be adjusted for inconsistency with the Bioethics and Safety Act and the Medical Service Act. It is expected that this study will contribute to the creation of a safe environment for the utilization of healthcare data as well as the improvement of related laws and systems.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.695-704
• /
• 2003

As wireless Internet speads widely, circulation of various types of digital contents become active. Therefore, it is necesary to make a mobile-based DRM (Digatal Rights Management) system to protect digital contents from illegal reproduction and to give proper rights to contents users, In this paper, we present a mibile security system, which protects the copyright for digital contents offered throughout the mobile environment. Our security system is focused on presenting mobile-based DRM architecture. Especially, considering mobile device's decrying power, we adopted partial encryption scheme. For this, wecompared and evaluated the performant of each contents encryption scheme (the entire encryption scheme and the partial encription scheme) and proved that a proper DRM system for current wireless devices is the partial encryption system. Our mobile DRM system can be very efficient to protect contents on the wireless Internet environment.

• The Korean Society of Law and Medicine
• /
• v.21 no.2
• /
• pp.75-103
• /
• 2020

There is a growing voice that medical information should be shared because it can prepare for genetic diseases or cancer by analyzing and utilizing medical information in big data or artificial intelligence to develop medical technology and improve patient care. The utilization and protection of patients' personal information are the same as two sides of the same coin. Medical institutions or medical personnel should take extra caution in handling personal information with high environmental distinct characteristics and sensitivity, which is different from general information processors. In general, the patient's personal information is processed by medical personnel or medical institutions through the processes of collection, creation, and destruction. Still, the use of terms related to personal information in the Medical Service Act is jumbled, or the scope of application is unclear, so it relies on the interpretation of precedents. For the medical personnel or the founder of the medical institution, in the case of infringement of Article 24(4), it cannot be regarded that it means only medical treatment information among personal information, whether or not it should be treated the same as the personal information under Article 23, because the sensitive information of patients is recorded, saved, and stored in electronic medical records. Although the prohibition of information leakage under Article 19 of the Medical Service Act has a revision; 'secret' that was learned in business was revised to 'information', but only the name was changed, and the benefit and protection of the law is the same as the 'secret' of the criminal law, such that the patient's right to self-determination of personal information is not protected. The Privacy Law and the Local Health Act consider the benefit and protection of the law in 'information learned in business' as the right to self-determination of personal information and stipulate the same penalties for personal information infringement such as leakage, forgery, alteration, and damage. The privacy regulations of the Medical Service Act require that the terms be adjusted uniformly because the jumbled use of terms can confuse information subjects, information processors, and shows certain limitations on the protection of personal information because the contents or scope of the regulations of the Medical Service Law for special corporations and the Privacy Law may cause confusion in interpretation. The patient's personal information is sensitive and must be safely protected in its use and processing. Personal information must be processed in accordance with the protection principle of Privacy Law, and the rights such as privacy, freedom, personal rights, and the right to self-determination of personal information of patients or guardians, the information subject, must be guaranteed.