• Culinary science and hospitality research
• /
• v.21 no.5
• /
• pp.25-37
• /
• 2015

By studying the awareness level of students, for the need to protect personal information, and also by studying students' level of perception as to which information needs protection, this study aims to show that increased education is beneficial, and necessary, across all university majors. This increased education is necessary to improve information security, and increase the responsible sharing of private data which has many benefits, specifically in the Healthcare field. Utilizing student volunteers across multiple majors at a university in South Korea. These questionnaires measured the students' awareness of private information, their perception of private information and also the students' experience in receiving university level education regarding private information and the need for its protection. This study shows that, when compared to students in other fields, students in the field of public health had a higher level of awareness regarding the consequences of personal information disclosure for both public purposes and medical research. Within the parameters of this study, this outcome can be explained as the result of exposure to educational curriculum which contained information related to personal information protection. This increased education raised the student's awareness of which information is considered private, as well as, which information is valuable when responsibly shared. As a result, this study shows that an increase in education regarding information privacy, should be included in all university majors, and gives us evidence to support that this additional education is valuable to students at all levels and should be encouraged.

• The Journal of the Korea Contents Association
• /
• v.20 no.8
• /
• pp.34-41
• /
• 2020

An era of stabilizing IoT markets and rapid expansion is coming. In an IoT environment, communication environments where objects take the lead in communication can occur depending on the situation, and communication with unspecified IoT environments has increased the need for thorough management of personal sensitive information. Although there are benefits that can be gained by changing environment due to IoT, there are problems where personal sensitive information is transmitted in the name of big data without even knowing it. For the safe management of personal sensitive information transmitted through sensors in IoT environment, the government plans to propose measures to enhance information protection in IoT environment as the use of non-identifiable personal information in IoT environment is expected to be activated in earnest through the amendment of the Data 3 Act and the initial collection method.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.7C
• /
• pp.667-673
• /
• 2007

In order to provide the efficient personalized services, the organizations and the companies collect and manage the personal information. The stored data have some slight differences among each subject. Even though the same attribute information leaks out, the personal privacy violation is different according to personal sensitivity. However, currently the organizations or the companies protect all the information as the same level. This paper reflects the sensitive attribute information of the information subject to each personal policy by the encrypting techniques. And then we propose a policy-based access control mechanism for the personal information which strictly prevents unauthorized information users from illegally accessing the personal information. In the proposed mechanism, the individuals' personal information which is encrypted with different keys is stored into the database. For the access control, information subjects set up their own access control policy for their sensitive personal information. Then it is possible to control the information access by providing the information to the information users according to personal and organizational privacy policy.

• Proceedings of the Korean Information Science Society Conference
• /
• 2010.06d
• /
• pp.77-80
• /
• 2010

최근 개인정보 및 민감한 데이터에 대한 불법적인 접근 및 유출로 인하여 사회적 문제를 야기하고, 이에 따른 경제적인 파급효과와 함께 개인정보 및 민감한 데이터에 대한 보안에 대한 관심이 더욱 증가하고 있다. 또한 법령상으로도 개인의 주민등록번호, 계좌번호, 패스워드 등 개인정보가 포함된 DB에 대하여 데이터를 암호화하여 저장, 관리하도록 규정하고있다. 본 논문에서 공개 데이터베이스인 MySQL에서 이러한 개인정보 및 민감한 데이터에 대한 암호화를 통하여 데이터를 저장, 관리하는데 있어서 데이터의 속성에 따라 적절한 암호화 기법을 사용함으로써 암호화를 통한 데이터보호와 함께 속도 등의 성능상의 오버헤드와 운영, 관리상의 효율을 높이기 위하여 지원하는 암호화 기법에 대하여 알아보고, 암호화 기법별로 성능을 시험하여 데이터의 속성에 따른 최적의 암호화 방식의 적용에 대한 방안을 제시한다.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.13 no.6
• /
• pp.66-76
• /
• 2017

In this study, we investigated how to protect personal healthcare information when constructing OMOP (Observational Medical Outcomes Partnership) CDM (Common Data Model). There are two proposed methods; to restrict data corresponding to HIPAA (Health Insurance Portability and Accountability Act) PHI (Protected Health Information) to be extracted to CDM or to disable identification of it. While processing sensitive information is restricted by Korean Personal Information Protection Act and medical law, there is no clear regulation about what is regarded as sensitive information. Therefore, it was difficult to select the sensitive information for protecting personal healthcare information. In order to solve this problem, we defined HIPAA PHI as restriction criterion of Article 23 of the Personal Information Protection Act and maps data corresponding to CDM data. Through this study, we expected that it will contribute to the spread of CDM construction in Korea as providing solutions to the problem of protection of personal healthcare information generated during CDM construction.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.5
• /
• pp.103-110
• /
• 2008

Due to the development of the e-commerce, the shopping mall such as auction collects and manages the personal information of the customers for efficient service. However, because of the leakage of the Personal information in auction, the image of the companies as well as the information subjects is damaged. Even though the organizations and the companies store the personal information as common sentences and protect using role based access control technique, the personal information can be leaked easily in case of getting the authority of the database administrator. And also the role based access control technique is not appropriate for protecting the sensitive information of the information subject. In this paper, we encrypted the sensitive information assigned by the information subject and then stored them into the database. We propose the personal policy based access control technique which controls the access to the information strictly according to the personal policy of the information subject. Through the proposed method we complemented the problems that the role based access control has and also we constructed the database safe from the database administrator. Finally, we get the control authority about the information of the information subject.

• Information and Communications Magazine
• /
• v.29 no.10
• /
• pp.55-65
• /
• 2012

u-헬스케어 서비스는 개인 의료 정보를 다루는 분야로서 단순한 건강 검진 및 치료의 수준을 넘어 생명과도 밀접한 관계가 있다. 개인 의료 정보 속성은 매우 민감하기 때문에 만약 개인 의료 정보가 불법적으로 노출되거나 악용될 경우 단순한 개인 프라이버시 침해뿐만 아니라 생명까지도 위협받을 수 있다. 이러한 이유로 안전한 개인 의료 정보 공유 및 인증방법이 가장 우선시 되어야 하며 보안성을 고려하여 u-헬스케어 시스템을 구축해야 한다. 또한 개인의 건강 정보에 대한 관리를 체계적으로 수행하여 의료 서비스기관에 의한 개인 의료 정보 남용을 방지하기 위해 보안 감사 시스템이 강화되어야 한다. 따라서 본고에서는 u-헬스케어 서비스와 관련된 다양한 보안 취약점 및 최신 정보보호 기술 동향에 관해 알아본다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.47-49
• /
• 2021

According to the revision of the Data 3 Act in 2020, personal information of medical data can be processed anonymously for statistical purposes, research, and public interest record keeping. However, unidentified data can be re-identified using genetic information, credit information, etc., and personal health information can be abused as sensitive information. In this paper, we derive the need for homomorphic encryption to protect the privacy of personal information separated by sensitive information.

• Review of KIISC
• /
• v.23 no.3
• /
• pp.56-60
• /
• 2013

본 논문은 온라인에 공개된 다양한 개인정보의 위험도를 분석하는 기술을 제안한다. 인터넷, SNS에 공개된 다양한 데이터를 수집, 분석하여 개인성향을 파악하고 타겟팅하는 가운데, 분산된 정보를 조합하고 추론하면 공개자의 의도와는 달리 신상이나 민감정보가 노출될 가능성이 크다. 본 논문에서는 이러한 데이터 수집 및 분석을 직접 수행하여 개인정보의 위험도를 분석할 수 있는 기술을 제안한다. 제안 기술이 개발되면, 개인정보 위험도에 따른 클라이언트, 웹사이트, 인터넷 전체 규모의 프라이버시 필터링이 가능해질 것으로 기대된다.

• Smart Media Journal
• /
• v.8 no.1
• /
• pp.9-18
• /
• 2019

In the era of the 4th industrial revolution, the big data industry is gathering attention for new business models in the public and private sectors by utilizing various information collected through the internet and mobile. However, although the big data integration and analysis are performed with de-identification techniques, there is still a risk that personal privacy can be exposed. Recently, there are many studies to invent effective methods to maintain the value of data without disclosing personal information. In this paper, a personal information protection system is investigated to boost big data utilization in industrial sectors, such as healthcare and agriculture. The criteria for evaluating the de-identification adequacy of personal information and the protection scope of personal information should be differently applied for each industry. In the field of personal sensitive information-oriented healthcare sector, the minimum value of k-anonymity should be set to 5 or more, which is the average value of other industrial sectors. In agricultural sector, it suggests the inclusion of companion dogs or farmland information as sensitive information. Also, it is desirable to apply the demonstration steps to each region-specific industry.