• Korean Security Journal
• /
• no.61
• /
• pp.285-305
• /
• 2019

In the bill of [Act on Certified Detective and Certified Detective Business] (hereinafter referred to as the Certified Detective Act) proposed and represented by the member of National Assembly, Lee Wan-Yong in 2017, the legislative point of view showed that various incidents and accidents, including new crimes, are frequently increasing as society develops and becomes more complex, however, it is not possible to solve all the incidents and accidents with the investigation force of the state alone due to manpower and budget, and therefore, a certified detective or private investigator are required. According to the decision of the Constitutional Court in June 2018, Article 40 (4) of the Act on the Use and Protection of Credit Information is concerned with 'finding the location and contact information of a specific person or investigating privacy other than commerce relations such as financial transactions' are prohibited. It is for the purpose of preventing illegal acts in the process of investigation such as the location, contact information, and the privacy of a specific person and protecting the privacy and tranquility of personal privacy from misuse and abuse of the personal information etc. Such 'privacy investigation business' currently operates in the form of self-employment business, which becomes a social issue as some companies illegally collect and provide such privacy information by using illegal cameras or vehicle location trackers and also comes to be the objects of clampdown of the investigative agency. Considering this reality, because it is difficult to find a resolution to materialize the legislative purpose of the Act on the use and protection of credit information other than prohibiting 'investigation business including privacy etc' and it is possible to run a similar type of business as a detective business in the scope that the laws of credit research business, security service business, the position of the Constitutional Court is that 'the ban on the investigations of privacy etc' does not infringe the claimant's freedom to choose a job. In addition to this decision, the precedent positions of the Constitutional Court have been that, in principle, the legislative regulation of a particular occupation was a matter of legislative policy determined by the legislator's political, economic and social considerations, unless otherwise there were any special circumstances, and. the Constitutional Court also widely recognized the legislative formation rights of legislators in the qualifications system related to the freedom of a job. In this regard, this study examines the problems and improvement plans of the certified detective system, focusing on the certified detective bill recently under discussion, and tries to establish a legal basis for the certified detective and certified detective business, in order to cultivate and institutionalize the certified detective business, and to suggest methodologies to seek for the development of the businesses and protect the rights of the people.

• KIPS Transactions on Software and Data Engineering
• /
• v.2 no.9
• /
• pp.603-614
• /
• 2013

The popularity of mobile devices provides their users with a circumstance that services and information can be accessed wherever and whenever users need. Accordingly, various studies have been proposed personalized methods to improve accessibility of mobile users to information. However, since these personalized methods require users' private information, they gives rise to problems on security. An efficient way to resolve security problems is to estimate user information by using their online and offline behavior. In this paper, for this purpose, it is proposed a novel user information identification system that identifies users' personal and social information by using both his/her behavior on social network services and proximity patterns obtained from GPS data. In the proposed system, personal information of a user like age, gender, and so on is estimated by analyzing SNS texts and POI (Point of Interest) patterns, while social information between a pair of users like family and friend is predicted with proximity patterns between the users. Each identification module is efficiently designed to handle the characteristics of user data like much noise in SNS texts and missing signals in GPS data. In experiments to evaluate the proposed system, our system shows its superiority against ordinary identification methods. This result means that the proposed system can efficiently reflect the characteristics of user data.

• Journal of Internet Computing and Services
• /
• v.16 no.1
• /
• pp.91-100
• /
• 2015

Recently many companies began to feel the pressures of cost savings due to the global recession, so they have been interested in the Cloud Computing. Cloud Computing is one of using method of IT resources through the network. Users can borrow softwares or hardwares instead of buying them. Many people expect remarkable growth in Cloud Computing industry because of it's effectiveness. But Cloud Computing industry is still at an early stage. Especially, people who in the public sector hesitate to adopt Cloud Computing Services due to security issues and their conservative views. Also, they just have limited understanding, so we need to investigate what they really know and understand. Researches about the Cloud Computing generally focus on technical issues, so we can hardly find researches reference for decision making in considering the services. The study aims to investigate diverse factors for agencies' adoption decisions, such as benefits, costs, and risk in developing the most ideal type of cloud computing service for them, and performs priority analyses by applying ANP (Analytic Network Process). The results identify that features pertaining to the risk properties were considered the most significant factors. According to this research, the usage of private cloud computing services may prove to be appropriate for public environment in Korea. The study will hopefully provide the guideline to many governmental agencies and service providers, and assist the related authorities with cloud computing policy in coming up with the relevant regulations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.295-310
• /
• 2014

DCS (Distributed Control System), the main control system of power plants, is an automated system for enhancing operational efficiency by monitoring, tuning and real-time operation. DCS is becoming more intelligent and open systems as Information technology are evolving. In addition, there are a large amount of investment to enable proactive facility management, maintenance and risk management through the predictive diagnostics. However, new upcoming weaponized malware, such as Stuxnet designed for disrupting industrial control system(ICS), become new threat to the main control system of the power plant. Even though these systems are not connected with any other outside network. The main control systems used in the power plant usually have been used for more than 10 years. Also, this system requires the extremely high availability (rapid recovery and low failure frequency). Therefore, installing updates including security patches is not easy. Even more, in some cases, installing security updates can break the warranty by the vendor's policy. If DCS is exposed a potential vulnerability, serious concerns are to be expected. In this paper, we conduct the penetration test by using NESSUS, a general-purpose vulnerability scanner under the simulated environment configured with the Ovation version 1.5. From this result, we suggest a log analysis method to detect the security infringement and react the incident effectively.

• The Korean Journal of Archival Studies
• /
• no.18
• /
• pp.91-138
• /
• 2008

A fast foot of information communication technology is appearing as expansion of prompt administrative service desire and national participation desire regarding administration. This is following again by government innovation and demand of customer-oriented governmental implementation with information technology. The Ministries of Education and Human Resources Development proceeded with National Education Information System(NEIS) for the aim of educational informatization at a highest global level. NEIS that was operated from 2003 established a system in Educational Offices in 16 cities/province and the Ministry of Education and Human Resources Development, and connected all educational administration organizations and primary and middle schools with Internet. Thus, NEIS processes electronically the general administration affairs in educational administration organizations each unit school. The NEIS school affairs business system that is newly enforced is producing an important documentation (of semi-permanent level) such as personal information and grade of students including School Human Document with electronic methods. However, we need to guarantee authenticity, integrity, reliability and usability of documentation because school affairs business system is producing important documentation under poor circumstances. According to this necessity, school affairs business system analyzed how many a record management function includes by the ISO 15489 that was an international record managerial standard. On the basis of these analyses, I will present a plan for management of a school documentation in this study. These researches are meaningful in electronically analyzing a record management function of the National Education Information System(NEIS) and in documentarily approaching management plan. I expect theses researches to be able to used as useful data for documental management plan preparations regarding a productive documentation of all kinds of business systems using in public institutions as well as National Education Information System(NEIS).

• The Journal of Society for e-Business Studies
• /
• v.23 no.3
• /
• pp.129-143
• /
• 2018

Recently, the use of digital media such as computers and smart devices has been rapidly increasing, The vast and diverse information contained in the warrant of the investigating agency also includes the one irrelevant to the crime. Therefore, when confiscating the information, the basic rights, defense rights and privacy invasion of the person to be seized have been the center of criticism. Although the investigation agency guarantees the right to participate, it does not have specific guidelines, so they are various by the contexts and environments. In this process, the abuse of the participation right is detrimental to the speed and integrity of the investigation, and there is a side effect that the digital evidence might be destroyed by remote initialization. In this study, we conducted surveys of digital evidence analysts across the country based on four domains and thirty measurement items for enabling environment for participation in information storage media export and digital evidence search process. The difference between the level of importance and the performance was analyzed by the IPA matrix based on process, location, people, and technology dimensions. Seven items belonging to "concentrate here" area are one process-related, three location-related, and three people-related items. This study is meaningful to be a basis for establishing the proper policies and strategies for ensuring participation right, as well as for minimizing the side effects.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.22 no.6
• /
• pp.514-523
• /
• 2021

Recently, the proliferation of mobile simple payment services has been increasingly affecting people's lives. In addition, the increase in research from both China and Korea shows that the continuous development of simple mobile payment services will be very important in the future. The blog posts mentioning Kakao Pay and Alipay were collected, and keyword analysis was performed to investigate differences in consumers' responses to Kakao Pay and Alipay on social media. The frequency of keywords for each part of speech and the frequency of co-occurred words mentioned in one sentence were analyzed. Specifically, common words that appear in both Kakao Pay and Alipay blogs were extracted. The cooccurred words were analyzed to examine how different reactions were made on the same subject. As a result of the analysis, there were concerns among consumers about the trust of Kakao Pay and Alipay's benefits. For a mobile payment service to become competitive, it is necessary to add various additional services or solve security problems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.153-166
• /
• 2011

Recent trends in mobile device market whose services are rapidly expanding to provide wireless internet access are drawing people's attention to mobile security. Especially, since threats to information leakage are reaching to the critical level due to the frequent interchange of important data such as personal and financial information through wireless internet, various encryption algorithms has been developed to protect them. The encryption algorithms confront the serious threats by the appearance of side channel attack (SCA) which uses the physical leakage information such as timing, and power consumption, though the their robustness to threats is theoretically verified. Against the threats of SCA, researches including the performance and development direction of SCA should precede. Among tile SCA methods, the power analysis (PA) attack overcome this misalignment problem. The conventional methods require large computational power and they do not effectively deal with the delay changes in a power trace. To overcome the limitation of the conventional methods, we proposed a novel alignment method using peak matching. By computer simulations, we show the advantages of the proposed method compared to the conventional alignment methods.

• Journal of the Korea Society for Simulation
• /
• v.30 no.4
• /
• pp.9-19
• /
• 2021

Electronic voting has been recognized as an alternative to complement the limitations of existing paper voting. At the same time, security concerns are being raised. This paper presents a blockchain-based electronic voting and survey system that can guarantee reliability. Our smart contract was created using Solidity on Ethereum which is a blockchain-based distributed computing platform, and the system was implemented in connection with the Javascript based user interface. In addition, in order to protect the personal information of participants, the system is generating hash of the personal data and storing the hash of users for the contract data. Since we exploited different kinds of languages for the system, we derived items of functionality testing and presented the functionality testing result. Moreover, we made use of the Chrome's performance evaluation functionality to see the response time of the blockchain-based system. In addition, we compared the performance with the system which has the same functionality on database. The contribution of this research is design and implementation of blockchain-based electronic voting system and presentation of the functionality and performance simulation result.

• Korean Journal of Environmental Biology
• /
• v.41 no.1
• /
• pp.41-53
• /
• 2023

E171, a mixture of titanium dioxide, has been widely used as a food additive due to its whitening effect and low toxicity. However, it has been proven that E171 is no longer safe for public health. So far, there are insufficient studies on the toxic effects of E171 on organisms especially using standardized test methods. In this study, toxicity assessments of E171 to two aquatic species, water flea (Daphnia magna) and zebrafish (Danio rerio), were performed using modified standardized test methods based on the physicochemical properties of E171. The hydrodynamic diameter, polydispersity index, and turbiscan stability index (TSI) were measured to ensure the dispersion stability of E171 in exposure media during the test period. The EC₅₀ for immobilization of water flea was 141.7 mg L^-1 while zebrafish was not affected until 100 mg L^-1 of E171. Measurements of reactive oxygen species (ROS) and antioxidant enzyme activities confirmed that E171 induced oxidative stress, leading to the activation of superoxide dismutase and catalase in both water flea and zebrafish, although the expression of antioxidant enzyme genes differed between species. These results suggested the potential risk of E171 to aquatic organisms and provided toxicological insights into the impacts of E171 on the environment.