• The Korean Journal of Air & Space Law and Policy
• /
• v.35 no.2
• /
• pp.75-111
• /
• 2020

The civilian drone world has evolved in recent years from one dominated by hobbyists to growing involvement by companies seeking to profit from unmanned flight in everything from infrastructure inspections to drone deliveries that are already subject to regulations. Drone flight under the property right relation with the land owner would be deemed legal on the condition that expeditious and innocent passage of drone flight over the land be assured. The United Nations Convention on the Law of the Sea (UNCLOS) enshrines the concept of innocent passage through a coastal state's territorial sea. Passage is innocent so long as it is not prejudicial to the peace, good order or security of the coastal state. A vessel in innocent passage may traverse the coastal state's territorial sea continuously and expeditiously, not stopping or anchoring except in force majeure situations. However, the disturbances caused by drone flight may be removed, which is defined as infringement against the constitutional interest of personal rights. For example, aggressive infringement against privacy and personal freedom may be committed by drone more easily than ever before, and than other means. The cost-benefit analysis, however, has been recognjzed as effective criteria regarding the removal of disturbances or injunction decision. Applying that analysis, the civil action against such infringement may not find suitable basis for making a good case. Because the removal of such infringement through civil actions may result in only the deletion of journal article. The injunction of drone flight before taking the information would not be obtainable through civil action, Therefore, more detailed and meticulous regulation and criteria in public law domain may be preferable than civil action, at present time. It may be suitable for legal stability and drone industry to set up the detailed public regulations restricting the free flight of drone capable of acquiring visual information amounting to the infrigement against the right of personal information security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.1025-1036
• /
• 2016

The conversion of the international standard web utilization HTML5 technology is being developed for improvement of the internet environment based on nonstandard technology like ActiveX. Hyper Text Markup Language 5 (HTML5) of basic programming language for creating a web page is designed to consider the security more than HTML4. However, the range of attacks increased and a variety of security threats generated from HTML4 environment inherited by new HTML5 API. In this paper, we focus on the script-based attack such as CSRF (Cross-Site Request Forgery), Cookie Sniffing, and HTML5 API such as CORS (Cross-Origin Resource Sharing), Geolocation API related with the infringement of the personal information. We reproduced the infringement cases actually and embodied a detection module of a Plug-in type diagnosed based on client. The scanner allows it to detect and respond to the vulnerability of HTML5 previously, thereby self-diagnosing the reliability of HTML5-based web applications or web pages. In a case of a new vulnerability, it also easy to enlarge by adding another detection module.

• The Journal of the Korea Contents Association
• /
• v.20 no.7
• /
• pp.331-341
• /
• 2020

Recently the government has succeeded in shutting down the Illegal Copyrighted Websites by cracking down on the operators of the websites. But this only caused 'the Balloon Effect', similar websites were created and users shifted to the new websites. 'Follow the money' is drawing attention as a way to complement the effect of policies. It tracks the commercialization scheme and fund flows of the Illegal Copyrighted Websites and blocks the supply and publication of advertisements, which are the main source of revenue. This approach aims at self-closure of Illegal websites by blocking the revenue source. In this study, we have selected and analyzed overseas cases that adopted these measures. Many countries had different policies and campaigns, but three things are common: non-punishment measures, partnership based on voluntary participation, pursuing a variety of purposes other than protecting the copyright industry. In Korea, the reason public-private Partnerships was not properly established had been caused by the difference of views between them. Advertisers and agencies need to expand their awareness that illegal advertisements can have adverse effects such as brand image damage and enormous economic losses. Also campaigns and conferences related with the policy should be held to prevent copyright infringement through mutual understanding and cooperation.

• Journal of Broadcast Engineering
• /
• v.25 no.5
• /
• pp.734-741
• /
• 2020

This article proposes a new pedestrian avoidance algorithm for social robots that coexist and communicate with humans and do not induce stress caused by invasion of psychological safety distance(Social Distance). To redefine the pedestrian model, pedestrians are clustered according to the pedestrian's gait characteristics(straightness, speed) and a social distance is defined for each pedestrian cluster. After modeling pedestrians(obstacles) with the social distances, integrated navigation algorithm is completed by applying the newly defined pedestrian model to commercial obstacle avoidance and path planning algorithms. To show the effectiveness of the proposed algorithm, two commercial obstacle avoidance & path planning algorithms(the Dynamic Window Approach (DWA) algorithm and the Timed Elastic Bands (TEB) algorithm) are used. Four cases were experimented in applying and non-applying the new pedestrian model, respectively. Simulation results show that the proposed algorithm can significantly reduce the stress index of pedestrians without loss of traveling time.

• Informatization Policy
• /
• v.28 no.4
• /
• pp.54-75
• /
• 2021

The right to data portability needs to be introduced to strengthen the self-control of data subjects and promote personal data use. However, the right to data portability constitutes a high risk of invasion of privacy of data subjects and may infringe on the property rights of data controllers, so careful and thorough design is warranted. The right to data portability can intensify the concentration and monopoly of personal data, result in problems of overseas transfer of personal data held by public institutions, and enrich only the profits of giant platforms by burdening the data subject with high transfer cost. By contrast, SMEs are more likely to endure a personal data deprivation. From the proposed amendment to the Personal Data Protection Act are raised various legal issues such as. i) Whether to include inferred/derived data, personal data held by public institutions, activity data, sensitive data, and personal data of third parties within the scope of data portability; ii) whether SMEs are included in the data porting organization; iii) whether to exclude SMEs or large platforms from the scope of the data receiving organization; iv) Whether to allow the right to transmit to other data controllers, v) Whether to allow the overseas transfer of personal data held by public institutions, vi) How to safely exercise the right to data portability, vii) the scope of responsibility and immunity of a data porting organization, etc. The purpose of this paper is to propose the direction for legislative action based on various legal issues related to data portability.

• Journal of KIISE:Information Networking
• /
• v.28 no.4
• /
• pp.489-497
• /
• 2001

In the coming age of information warfare, information security patterns take on a more offensive than defensive stance. It is necessary to develop an active form of offensive approach to security protection in order to guard vital information infrastructures and thwart hackers. Information security products need to support an automatic response facility without human intervention in order to minimize damage to the attacked system and cope with the intrusion immediately. This paper presents an automatic intrusion response model which is developed on a Self-Extension Monitoring. It also proposes an ARTEMIS(Advanced Realtime Emergency Management and Intruder Identification System), which is designed and implemented based on the suggested model. The Self-Extension Monitoring using self-protection and replication minimizes spatial limitations on collection of monitoring information and intruder tracing. It enhances the accuracy of intrusion detection and tracing.

• Journal of Internet Computing and Services
• /
• v.14 no.4
• /
• pp.43-51
• /
• 2013

User authentication and access control are two important components in high security applications. Recently, Chen and Yeh proposed a method to integrate both of them seamlessly. However, Chen-Yeh's scheme is vulnerable to a stolen verifier attack, since it maintains a smart card identifier table in a remote server. Therefore, this paper modifies Chen-Yeh's scheme and propose a new integrated authentication and access control scheme that is resilient to the stolen verifier attack while inheriting all the merits of Chen-Yeh's scheme. Security analysis shows that the proposed scheme withstands well-known security attacks and exhibits many good features.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.993-998
• /
• 2004

As Worm Virus & DDoS attack appeares, the targets and damage of infringement accidents are extending from specific system or services to paralysis of the network itself. These attacks are expending very frequently and strongly, and ISP who will be used as the path of these attacks will face serious damages. But compare to Worm Virus & DDoS attack that generally occures in many Systems at one time with it's fast propagation velocity, network dimensional opposition is slow and disable to deal with the whole appearance for it is operated manually by the network manager. Therefore, this treatise present devices how to detect Worm Virus & DDoS attack's outbreak and the attacker(attacker IP adderss) automatically.

• Journal of Digital Convergence
• /
• v.10 no.2
• /
• pp.141-146
• /
• 2012

U-healthcare, which grafted advanced IT technology onto medical technology, is in the limelight because it can provide medical services at anytime and anywhere. U-healthcare system applied RFID technology for Implantable Medical Device (IMD), but patient's biometric information can be easily exposed to third parties. In this article, RFID-based U-healthcare authentication protocol is proposed to prevent illegal usage for personal biometric information exposed to the third patty. The proposed protocol guarantees patients' biometric information integrity as compounding random numbers between administrators and hospital/clinic managers, and uses continuous number SEQ and time stamp T to synchronize IMD/administrators and administrators/hospital managers. Also, to protect user's privacy from the third party, patients' biometric information can be safely guarded by managing patients' security identifiers by administrators.

• The Korean Journal of Air & Space Law and Policy
• /
• v.33 no.2
• /
• pp.367-418
• /
• 2018

Just as safety is the most important thing in aviation, safety is the most important in the operation of unmanned aircraft (RPA), and safety operation is the most important in the legal responsibility of the operator of the unmanned aircraft. In this thesis, the legal responsibility of the operator of the unmanned aircraft, focusing on the responsibility of the operator of the unmanned aircraft, was discussed in depth with the issue of insurance, which compensates for damages in the event of an accident First of all, the legal responsibility of the operator of the unmanned aircraft was reviewed for the most basic : definition, scope and qualification of the operator of the unmanned aircraft, and the liability of the operator of the Convention On International Civil Aviation, the ICAO Annex, the RPAS Manual, the Rome Convention, other major international treaties and Domestic law such as the Aviation Safety Act. The ICAO requires that unmanned aircraft be operated in such a manner as to minimize hazards to persons, property or other aircraft as a major principle of the operation of unmanned aircraft, which is ultimately equivalent to manned aircraft Considering that most accidents involving unmanned aircrafts fall to the ground, causing damage to third parties' lives or property, this thesis focused on the responsibility of operators under the international treaty, and the responsibility of third parties for air transport by Domestic Commercial Act, as well as the liability for compensation. In relation to the Rome Convention, the Rome Convention 1952 detailed the responsibilities of the operator. Although it has yet to come into effect regarding liability, some EU countries are following the limit of responsibility under the Rome Convention 2009. Korea has yet to sign any Rome Convention, but Commercial Act Part VI Carriage by Air is modeled on the Rome Convention 1978 in terms of compensation. This thesis also looked at security-related responsibilities and the responsibility for privacy infringement. which are most problematic due to the legal responsibilities of operating unmanned aircraft. Concerning insurance, this thesis looked at the trends of mandatory aviation insurance coverage around the world and the corresponding regulatory status of major countries to see the applicability of unmanned aircraft. It also looked at the current clauses of the Domestic Aviation Business Act that make insurance mandatory, and the ultra-light flight equipment insurance policy and problems. In sum, the operator of an unmanned aircraft will be legally responsible for operating the unmanned aircraft safely so that it does not pose a risk to people, property or other aircraft, and there will be adequate compensation in the event of an accident, and legal systems such as insurance systems should be prepared to do so.