• The KIPS Transactions:PartD
• /
• v.11D no.5
• /
• pp.1197-1204
• /
• 2004

Rights process problem was stated among actors that participated in digital contents distribution while it was various type of digital content service. In order to solve it, It was expressed conceptual and technical elements by reflecting a system. Among them, the interoperability of metadata became a important issue. As for the metadata for contents service, necessity about standardization is stated as a basic framework composing a service system. This paper proposed the metadata element which focus on the rights process that is being a key factor of a DRM(Digital Right Management) system for digital comics contents service. Therefore, it was verified by using Context Model of MPEG-21 RDD with interoperability between metadata elements which developed a XML format and the existing MPEG-21 RDD elements. The study results will become basic materials in the system design that considered metadata element development and interoperability of digital contents of other field

• Informatization Policy
• /
• v.19 no.1
• /
• pp.74-90
• /
• 2012

This thesis analyzes the Apple Inc.'s case from the viewpoint of the necessity for the protection of information privacy related to location data as for information society and ubiquitous community. Meanwhile, the regulatory conformity to equilibrium of contradictional value between personal data protection and utilization of information is debated from the fundamental right as for constitutional law concept to the commercial and technological structure in terms of economic and business point. Therefore, this paper reaches the conclusion that the legislative system should form a harmonious relationship between legal protection and lawful utilization to reappraise the present condition of legalization on personal data protection from guaranteeing rights and interests of information subject in the perspective of human rights to information guarantee consequently. As a result, it is required to revaluate the lawfulness of the fine on the violation of administrative duty levied by KCC(Korea Communications Commission).

• Proceedings of the Korean Society of Disaster Information Conference
• /
• 2023.11a
• /
• pp.230-233
• /
• 2023

우리 헌법은 인간의 존엄과 가치 그리고 행복을 추구할 권리를 보장하고 있으며, 편의증진법과 교통약자법을 통해 장애인등이 교통수단, 여객시설 및 도로 등을 비장애인들과 차별 없이 이용하여 이동하고, 도로와 대중교통수단, 공공 건축물과 주거 등 생활 필수시설에 자유롭게 접근하기 위한 접근권을 보장하고 있다. 우리나라는 이동권의 보장을 편의시설 제도라는 독자적인 체계를 통해 이루어지고 있으며, 이를 실질적으로 보장하기 위하여 장애물 없는 환경 인증 제도(BF 인증제도)를 도입하였다. 시행 15년을 맞은 BF 인증제도는 양적으로는 많은 발전을 가져왔지만, 질적으로 특정 건축물 등 일부에 대한 인증 편중 현상이 있으며 안전취약계층에 대한 재해 안전확보에 대한 고려가 포함되지 않아 부진정한 이동성과 접근성의 보장이라는 한계를 가지고 있다. 이동권 보장이 얼마나 잘 이루어지느냐는 그 나라의 사회 안전망이 얼마나 잘 갖추어져 있는지 판단하는 척도라 할 것이며, 따라서 이러한 이동권 보장은 위험상태에서의 안전한 피난을 함축하고 있으며 중첩적으로 국가의 기본권 보호 의무의 이행과 관련된다. 이에 따라 이동권과 접근권의 증진을 위한 BF 인증 규정을 안전 규범으로 보완하여 장애인과 비장애인이 사회의 일원으로서 평등한 인격적 주체로 공동체에 기여하는 안전한 사회적 환경의 조성이 긴절히 요청된다고 할 수 있다.

• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.83-92
• /
• 2018

The GDPR implemented since 25 May 2018 is common to all EU Member States and is legally binding. It is also important and legally valuable in that it takes into account the latest trends related to privacy protection. The purpose of this study is to propose a comprehensive review and improvement direction of the personal information protection laws in South Korea through a comparative analysis of EU GDPR and privacy related laws in South Korea. As a result of this study, the differences between the GDPR and privacy related laws in South Korea are Definition of personal sensitive information, Right to data portability, Data protection officer, Transfers of personal data to third countries, Supervisory authority, and Punishment, etc. The differences in these regulations were necessary to protect the rights and interests of data subjects and to properly handle personal information of personal information controllers. Therefore, based on the results of the comparative analysis of this study and suggestions on improvement direction of the law related to personal information protection, it is expected that it will contribute to the overall inspection and improvement of the law related to personal information protection in South Korea.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.995-1012
• /
• 2016

In Internet of Things (IoT) environments, devices or sensors everywhere can automatically collect data without the individual awareness, further combine and share data using ubiquitous network, and thus the development of IoT raises new challenges in respect of personal data protection and privacy. This study aims to identify main issues related to data protection in the IoT and propose adequate measures. We analyzed the types of personal data controllers and processors in IoT and figured out the issues regarding the processing of personal data and the rights to privacy of data subject. Accordingly, we suggested the institutional ways (e.g., establishment of user-friendly notice and flexible consent system, re-identification risk monitoring system, data protection in cross-border transfer, and user education) to improve the situation of personal data protection in IoT and finally proposed the improvement tasks to carry out first based on the degree of urgency and importance.

• Journal of Digital Convergence
• /
• v.18 no.10
• /
• pp.23-31
• /
• 2020

As children's participation in online activities has recently increased, online services for children are also rapidly increasing, but children are not sufficiently guaranteed their rights. The purpose of this study is to classify and analyze issues related to the children's online privacy issues in Korea through the current status and case studies of application services mainly used by children. For this purpose, this research analyzed problems related to the children's online privacy protection according to the stage of using the application. As a result of the application content analysis, 1) issues of child identification, 2) effectiveness of notice and consent, and 3) issues of children's rights as subjects of information were derived. Based on the current status analysis, the policy implications were drawn based on the children's online privacy protection in the online environment, and suggestions were made for improvement.

• International Commerce and Information Review
• /
• v.15 no.2
• /
• pp.285-313
• /
• 2013

By the revision of the Commercial Code of Korea in 1991 and 2007, some provisions for the regulation of Time Charterparty have been introduced into our own maritime law system. But, those provisions are in their nature mainly the reproduction of the provisions prescribed in the standard forms of time charterparty which are widely used, such as BALTIME Charter and NYPE Form, and the subject matters of their regulation are restrictive, so that the applicability of the provisions is not desirable. The cargo is lost or damaged, the cargo owner should seek compensation form, or sue, the carrier as, traditionally, under the COGSA, the cargo carrier is responsible for loss of damage of cargo. However, it is difficult to determine who is the responsible carrier under charters. There is no test to determine the carrier, but the courts in every country generally consider the bill of lading. Although the master has general authority to sign bills of lading on behalf of the shipowner, he can also sign bills of lading for, and on behalf of, the charterer. In this case, the charter is considered the carrier. Furthermore, the charterer is authorized to contract with third parties on behalf of the shipowner and, as such, the responsible carrier is the shipowner. Therefore, when determining the carrier we should examine carefully the all factors and the circumstances surrounding the case. Also, negligence of a captain of a time-chartered ship causing damages to a third party. It will analyze the legal character of a time-charter contract, review judicial precedents on time-charter. The Inter-Club Agreement was drawn up and is intended to be a somewhat easier way of allocating liability for cargo claims between owners and charterers and, although there is still scope for disputes to arise, the Inter-Club Agreement does in fact to some extent make the allocation of liabilities for cargo claims easier. Finally, it will also make legislative suggestions to resolve complex issues involving maritime transportation contracts under the current Commercial Code.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.513-525
• /
• 2020

Until today, the personal information of subjects has been centralized in many companies or institutions. However, in recent days, the paradigm has gradually changed in the direction that subjects control their personal information and persue their self-sovereignty. Globally, individual data sovereignty is strengthened by the European Union's General Data Protection Regulation(GDPR) and the US California Consumer Privacy Act(CCPA). In Korea, a few alliances consist of various companies are creating technology research and service application cases for decentralized ID service model. In this paper, the current decentralized ID service model and its limitations are studied, and a improved decentralized ID service model that can solve them is proposed. The proposed model has a function of securely storing decentralized ID to the third party and a linkage function that can be interoperated even if different decentralized ID services are generated. In addition, a more secure and convenient model by identifying the security threats of the proposed model and deriving the security requirements, is proposed. It is expected that the decentralized ID technology will be applied not only to the proof of people but also to the device ID authentication management of the IoT in the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.981-997
• /
• 2020

Blockchain technology can provide a high level security based on a decentralized distributed ledger and consensus-based structure. In order to increase the utilization of blockchain technology, it is necessary to find a way to use it in fields that require personal data processing such as health care and e-commerce. To achieve this goal, the blockchain based system should be able to comply with data privacy regulations represented by European Union(EU)'s GDPR(General Data Protection Regulation). However, because of the properties of the blockchain like the immutability and decentralized recorded data, it is difficult to technically implement the requirements of the existing privacy regulations on the blockchain. In this paper, we propose a multi-chain based access control system that can guarantee the rights of the personal data subject required by GDPR by utilizing Chameleon Hash and Attribute Based Encryption (ABE). Finally, we will show through security analysis that our system can handle personal data while maintaining confidentiality and integrity.

• Journal of Digital Convergence
• /
• v.10 no.10
• /
• pp.373-382
• /
• 2012

With the paradigm shifts towards consumer-centered health service, it is expected that more health care consumers will keep their health information and manage their own health in the future. Thus, this study was conducted to compare "Understanding", "Utilization" and "Management" of Personal Health Record(PHR) between medical users(healthcare students) and health care providers(medical students). We collected data from 208 health and medical students via using self-reported questionnaires form April to June, 2011. The collected data were analyzed using frequency, t-test, Chi-square on SPSS 19.0 version. There was no significant difference in "Understanding" of PHR between two groups. Looking at the order of the importance of PHR contents, two groups equally emphasized medical records, surgical history, and test results. There was significant difference in both time and effectiveness of PHR(p=0.02). Intergrated type of PHR was preferred by both groups. Recently, PHR reflects needs and demands of users more than ever. However there are many limitations to promote the utilization. In the future, it is necessary to implement targeted strategies for the elderly groups and specific types of disease.