• The Korean Journal of Air & Space Law and Policy
• /
• v.29 no.2
• /
• pp.135-161
• /
• 2014

An unmanned aerial vehicle (UAV), commonly known as a drone and also referred to as an unpiloted aerial vehicle and a remotely piloted aircraft (RPA) by the International Civil Aviation Organization (ICAO), is an aircraft without a human pilot aboard. ICAO classify unmanned aircraft into two types under Circular 328 AN/190. Unmanned aircraft, which is the core of the development of the aviation industry. However, there are also elements of the legal dispute. Unmanned aircraft are manufactured in small size, it is possible to shoot a record peripheral routes stored in high-performance cameras and sensors without the consent of the citizens, there is a risk of invasion of privacy. In addition, the occurrence of the people of invasion of privacy is expected to use of civilian unmanned aircraft. If the exposure of private life that people did not want for unmanned aircraft has occurred, may occur liability to the operator of unmanned aircraft, this is a factor to be taken into account for the development of unmanned aircraft industry. In the United States, which is currently led by the unmanned aircraft industry, policy related to unmanned aircraft, invasion of privacy is under development, is preparing an efficient measures making. Unmanned aircraft special law has not been enforced. So there is a need for legal measures based on infringement of privacy by the unmanned aircraft. US was presented Privacy Protection Act of unmanned aircraft (draft). However Korea has many laws have been enacted, to enact a new law, but will be able to harm the legal stability, there is a need for the enactment of laws for public safety of life. Although in force Personal Information Protection Law, unmanned aerospace, when the invasion of privacy occurs, it is difficult to apply the Personal Information Protection Law. So, it was presented a privacy protection bill with infringement of privacy of unmanned aircraft in the reference US legislation and the Personal Information Protection Act.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.1
• /
• pp.45-50
• /
• 2005

Recently, ubiquitous Computing is being actively researched and one of the main technology in ubiquitous computing environments is recognized as RFID system. The RFID system has much benefits but simultaneously has some problems such as user's privacy violation. Therefore, in this paper, we analyze the privacy problems of previous methods and propose more secure and effective authentication method to protect user's privacy. The proposed protocol is secure against replay attack, spoofing attack and tracking by an attacker.

• Journal of Internet Computing and Services
• /
• v.7 no.1
• /
• pp.31-38
• /
• 2006

The importance of the Security Risk Analysis has emerged as security breaches and information leaks has occurred in the companies and organization: threats toward information system and its vulnerabilities has grown up as the dependence on the information-communication systems goes higher as a result of technological advances in IT industry, A Risk Analysis Tool helps to mitigate overall risk of an organization by analysing and evaluating critical information systems and providing security measures against threats to systems and its vulnerabilities as a means to identify the inherent dangers and prevent security intrusion incident, This paper defines risk analysis process by introducing Common Criteria Scheme and suggest a risk analysis tool that can be easily implemented by an information security manager.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.8
• /
• pp.39-45
• /
• 2020

Despite the increasing interest in cyber security in recent years, the emergence of new technologies has led to a shortage of professional personnel to efficiently perform the cyber security. Although various methods such as cyber rage are being used to cultivate cyber security experts, there are problems of limitation of virtual training system, scenario-based practice content development and operation, unit content-oriented development, and lack of consideration of learner level. In this paper, we develop a fuzzy rule-based user-customized training scenario automatic generation system for improving user's ability to respond to infringement. The proposed system creates and provides scenarios based on advanced persistent threats according to fuzzy rules. Thus, the proposed system can improve the trainee's ability to respond to the bed through the generated scenario.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1141-1147
• /
• 2017

An unmanned aerial vehicle(UAV), commonly known as a drone, is an aircraft without a human pilot aboard, which is operated by wireless device. A drone provides the capability for the aerial search and traffic control as a police equipment. It has benefits for the missions for the aerial photography with the high resolution camera which can replace eye-dependent search processes. Moreover it has advantage of retrieving several times for the recorded videos. However, if the law enforcement agency misuse and overuse a drone for investigations and search missions without certain regulations and principles, it breaches privacy and personal information infringement. In this paper, we issue a lawful challenges on drone operations and discuss solutions to those challenges.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.913-921
• /
• 2012

On the strength of the rapid development and propagation of U-healthcare service, the service technologies are full of important changes. However, U-healthcare service has security problem that patient's biometric information can be easily exposed to the third party without service users' consent. This paper proposes a distributed model according authority and access level of hospital officials in order to safely access patients' private information in u-Healthcare Environment. Proposed model can both limit the access to patients' biometric information and keep safe system from DoS attack using time stamp. Also, it can prevent patients' data spill and privacy intrusion because the main server simultaneously controls hospital officials and the access by the access range of officials from each hospital.

• The KIPS Transactions:PartC
• /
• v.11C no.1
• /
• pp.55-62
• /
• 2004

The web-based technology allows anybody who has access to the Internet to get all kinds of information from the World Wide Web. It brings about issues regarding intellectual property and copyright threats. After content is downloaded, no further protection is provided on the content that has been accessed. DRM (Digital Right Management) technologies came out to ensure the protection of copyrighted content and information. In this paper, we propose architecture of license-based digital rights management system for protection of contents and principles' rights such as contents creators, providers, distributors, and uses in contents distribution value-chain over Internet. This system makes on-line processing of all value-chain from creator to purchaser possible, compared with existing DRM products only supporting only limited distribution between distributor and purchaser.

• Journal of Digital Convergence
• /
• v.18 no.6
• /
• pp.17-32
• /
• 2020

This study analyzes the regulatory issues of stakeholders, the firm, the government, and the individual, in the data industry using the principal-agent theory. While the importance of data driven economy is increasing rapidly, policy regulations and restrictions to use data impede the growth of data industry. We applied descriptive case analysis methodology using principal-agent theory. From our analysis, we found several meaningful results. First, key policy actors in data industry are data firms and the government among stakeholders. Second, two major concerns are that firms frequently invade personal privacy and the global companies obtain monopolistic power in data industry. This paper finally suggests policy and strategy in response to regulatory issues. The government should activate the domestic agent system for the supervision of global companies and increase data protection. Companies need to address discriminatory regulatory environments and expand legal data usage standards. Finally, individuals must embody an active behavior of consent.

• Journal of the Korea Convergence Society
• /
• v.9 no.4
• /
• pp.31-45
• /
• 2018

Recent dramatical development of computer technology related to internet technology intensifies the dispute over software of computer or smart device. Research on software has been flourished with political issuing of fierce competition among nations for software development. Particularly industrial growth in ethernet based big data and IoT (Internet of Things) has promoted to build and develop open source programs based on java, xcode and C. On these circumstances, issue on software piracy has been confronted despite the basic security policy protecting intellectual property rights of software and thus it is of substantial importance to protect the rights of originality of source program license. However, the other issue on source technology protection of developer is the possibility of hindrance to advancement in industry and culture by developing programs. This study discuss the way of enhancing legal stability of IoT application program development and reinforcing precision in inspection of program plagiarism by analyzing the source programs with newly introducing text mining technique, thus suggests an alternative protective way of infringement of personal information due to duplicating program.

• Journal of Korea Multimedia Society
• /
• v.15 no.11
• /
• pp.1349-1357
• /
• 2012

In recent years, security accidents which are becoming the socially hot issue not only cause financial damages but also raise outflow of private information. Most of the accidents have been immediately caused by the software weakness. Moreover, it is difficult for software today to assure reliability because they exchange data across the internet. In order to solve the software weakness, developing the secure software is the most effective way than to strengthen the security system for external environments. Therefore, suggests that the coding guide has emerged as a major security issue to eliminate vulnerabilities in the coding stage for the prevention of security accidents. Developers or administrators effectively in order to use secure coding coding secure full set of security weaknesses organized structurally and must be managed. And the constant need to update new information, but the existing Secure Coding and Security weakness is organized structurally do not. In this paper, we will define and introduce the structured weakness for mobile applications by the surveys of existing secure coding and coding rules for code analysis tools in Java.