• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.04a
• /
• pp.695-698
• /
• 2012

개인정보보호법이 제정 및 시행됨에 따라서 고유식별정보를 처리하는 경우 그 고유식별정보가 분실, 도난, 유출, 변조 또는 훼손 되지 않아야 한다[1]. 하지만 현재 운송업계의 택배 서비스를 이용 시 고유식별정보가 고스란히 노출 되어있으며, 위 변조 또한 가능하다. 이러한 주소, 성명, 전화번호 등 개인을 식별할 수 있는 개인정보를 악용하여, 명의 도용이나 피싱 등의 심각한 문제가 발생될 수 있다. 현재 택배 시스템은 발신, 수신, 배송에 대한 사고 및 논쟁 발생 시 그에 따른 증거자료가 부족하기 때문에 책임이 불명확하다. 이를 사전에 방지하기 위해서는 관련된 증거를 생성, 수집, 유지, 활용, 검사하는 절차와 그 역할을 담당할 신뢰된 제3의 기관이 필요하다. 본 논문에서는 현재의 택배 시스템을 점검해 보고 개인정보보호 차원에서의 해결방안을 모색하는 것과 발신, 수신, 배송의 부인방지 서비스 적용을 목표로 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.915-920
• /
• 2015

The commitment of top management is still insufficient for information security even the core of information security governance is dependent on the leadership of top management. In this situation, information security committee can be a good way to vitalize the commitment of top management and its activities are essential for implementing information security governance. The purpose of this study is to test that information security committee affects implementing information security governance and security effect. For a empirical analysis, questionnaire survey was conducted and the PLS(Partial Least Square) was used to analyze the measurement and structural model. The study result shows that a hypothesis related value delivery is not accepted and it is required to study various methods about how the information security provides positive value to business.

• The Journal of the Korea Contents Association
• /
• v.16 no.1
• /
• pp.585-594
• /
• 2016

This study is aimed at researching and analyzing the students' recognition and practice of the patents medical information, who are majoring in medical records and will be working as medical records technician, letting them recognize the importance of information, and at offering basic data required for development of medical records curriculum and for establishment of medical records protection policy. This study was conducted from 18th May through 6th June 2015, targeting 340 students enrolled four universities, by t-test, variance analysis, Pearson correlation analysis and multiple regression analysis. As a result of this study, the point of protection recognition and practice recognition is 3.55 and 3.49, respectively, out of 5. With regard to recognition of medical information protection, there was a significant difference in grade, satisfaction for major, experience of medical information protection education and recognition of law, while for recognition of practice, in grade, satisfaction for major, educational experience and damage of medical information exposure. Recognition of protection and recognition of practice had a significant static correlation, and recognition of information exposure, recognition of social issue and recognition of legal system had significant positive effect on recognition of practice. In order to raise the recognition of protection and recognition of practice, based on this study, it is considered necessary for the universities to educate the damage of medical information exposure and importance of medical records management, and to raise the students' recognition.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.821-835
• /
• 2016

This study investigates the domestic and international research trends to analyze the economic effects of various information security certification systems. Results of the study can suggest future research topics for researchers, and help make rational decision-making on introducing information security management systems for practitioners.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.4 no.2
• /
• pp.119-135
• /
• 1994

위성을 이용한 통신에서 오류의 검출과 교정은 중요한 과제중의 하나이다. 이 논문에서는 위성통신에 많이 응용되는 컨벌루션 부호에 있어서 전송되는 데이터에 패리티 비트를 부가하고 인터리브를 행하여, 채널상에서 나타나는 집단적 오류에 대해 능률적으로 대처할 수 있는 방법을 제시하고 있다. 이 방법은 부호화 과정에서 패리티비트를 얻기 위한 추가적 계산이 필요 없어서 계산의 복잡도를 증가시키지 않는다. 또 부호해석 과정에서는 개선된 알고리즘의 적용을 통하여, 예상되는 오류의 발생량이 큰 경우에만 패리티 정보를 참조케함으로써 불필요한 계산량의 증가를 줄이고 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.449-461
• /
• 2016

If students are not aware of the information security, they easily let others know their information or they use others' information with no sense of guilt. The information security education is necessary to protect and prevent students from cyber crime. However, South Korea's information curriculum has no specific information security education course and it has led a school or teacher to teach contents of information ethics superficially. The purpose of this paper is to find the factors affecting the information security practice of the elementary school students. For an empirical analysis, questionnaire survey was conducted and the Partial Least Square(PLS) was used to analyze the research model. The analysis results show that the information ethics awareness and the information security awareness have a positive impact on the information security practice. The results of this study are expected to help choose the specific information security curriculum required for the information security practice of elementary school students.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.109-113
• /
• 2007

With increasing the mont of processed information over the network, the importance of database system increases rapidly. There are two types of security system for database, access control and data encryption. However, it is hard to evaluate security of database systems using the Common Criteria(CC) as there is no protection profile(PP) for these systems. In this paper, we propose a protection profile for secure database systems which can be used in formal evaluation using the Common Criteria. The proposed protection profile can be used by both developer and consumer to evaluate security of database systems.

• Korean Security Journal
• /
• no.17
• /
• pp.317-336
• /
• 2008

The purpose of this study is to progress foreign secret service's human intelligence(HUMINT) activity through case study. This study presents confrontation way of our country analyzing characteristic of foreign secret service's human intelligence(HUMINT) activity and examples concretely. The examples that is used this study is foreign secret service's human intelligence(HUMINT) in USA and Japan. The following was the result of the study. First, we need importance awareness of persons security that correspond in foreign secret service's human intelligence activity. Second, we must secure administrative means for persons security means to correspond in foreign secret service's human intelligence (HUMINT) activity. Third, we must raise anti-espionage ability that correspond in foreign secret service's human intelligence(HUMINT) activity.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.381-384
• /
• 2001

개개의 침입탐지 시스템에서 탐지한 경보(alert) 자료의 공유를 쉽게 하기 위해서, IETF(Internet Engineering Task Force)에서는 IDEF(Intrusion Detection Exchange Format)모델을 제안하였다[1]. 특히, IDEF는 최근에 관심이 모아지고 있는 다수의 침입탐지 시스템(이하 ‘통합 침입탐지 시스템’)을 통합 관리하는 방식에서 각 단말 침입 탐지시스템의 침입 경보자료의 수집 관리를 용이하게 할 수 있다. 그러나, 통합 침입탐지 시스템에서 개개의 침입 탐지 시스템에서 발견하지 못하는 침입을 판단하거나 판단의 정확성을 높이기 위해서는 기존의 IDEF에 추가적인 자료가 요구되어 진다. 본 논문에서는 통합 침입탐지 시스템의 상위 시스템에서 수집된 경보 자료를 IDEF의 관계형 데이터베이스 스키마로 변환하는 방식을 제시하였다. 그리고, 통합 침입탐지시스템에서 추가적으로 필요한 자료에 의거하여 DDoS공격탐지에 필요한 자료형을 IDEF에 확장하였다.

• Journal of Digital Convergence
• /
• v.18 no.10
• /
• pp.345-352
• /
• 2020

This study was conducted to investigate 820 university students in C and G areas to analyze the effects of ethical values of health administration major college students on the perception of patient personal information protection and to present important basic data for the development of education programs. The data were analyzed through SPSS/WIN 18.0 Program. As a result of analysis, the average of personal information protection of college students majoring in health administration was low at 2.04 ± 0.24, and ethical values were idealistic tendency 2.51 ± 0.32 points, and relativistic tendency was 2.34 ± 0.34 points, which showed a high idealistic tendency. Ethical values were also significantly related to idealistic ethics and relativistic ethics in terms of the level of awareness of patient personal information protection and the perception of patient personal information protection exposure. Therefore, in order to increase the protection of patients' personal information of university students majoring in health administration, the correct ethical values should be established, and systematic and continuous education is needed for this purpose.