• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.2
• /
• pp.253-261
• /
• 2020

This study examines the technologies and application processes related to the use of pseudonym data of companies after the passage of the Data 3 Act to activate the data economy in earnest, and what companies should prepare to use pseudonym data and what will happen in the process It was intended to contribute to the elimination of uncertainty. In the future, companies will need to extend the information security management system from the perspective of the existing IT system to manage and control data privacy protection and management from a third party provisioning perspective. In addition, proper pseudonym data use control should be implemented even in the data use environment utilized by internal users. The economic effect of market change and heterogeneous data combination due to the use of pseudonymized data will be very large, and standards for appropriate non-identification measures and risk assessment criteria for data utilization and transaction activation should be prepared in a short time.

• Journal of Convergence for Information Technology
• /
• v.10 no.5
• /
• pp.16-22
• /
• 2020

In this paper, the technology and capabilities required for the job of developing security software recommended by the Cybersecurity Human Resources Development Framework of the National Initiative for Cybersecurity Education (NICE) were studied. In this paper, we describe what security skills are needed for the task of developing security software and what security capabilities should be held. The focus of this paper is to analyze the consistency between security technologies (core and specialized technologies) required for security software development tasks and the curriculum of information protection-related departments located in Seoul, Korea. The reason for this analysis is to see how the curriculum at five universities in Seoul is suitable for performing security software development tasks. In conclusion, if the five relevant departments studied are to intensively train developers of development tasks for security software, they are commonly required to train security testing and software debugging, how secure software is developed, risk management, privacy and information assurance.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.4
• /
• pp.73-78
• /
• 2018

In this paper, we consider a system where multiple sources are encrypted in separated nodes and sent through their respective public communication channels into a joint sink node. We are interested at the problem on protecting the security of an already existing system such above, which is found out to have correlated encryption keys. In particular, we focus on finding a solution without introducing additional secret keys and with minimal modification to minimize the cost and the risk of bringing down an already running system. We propose a solution under a security model where an eavesdropper obtains all ciphertexts, i.e., encrypted sources, by accessing available public communication channels. Our main technique is to use encoders of universal function to encode the ciphertexts before sending them to public communication channels.

• Smart Media Journal
• /
• v.8 no.1
• /
• pp.9-18
• /
• 2019

In the era of the 4th industrial revolution, the big data industry is gathering attention for new business models in the public and private sectors by utilizing various information collected through the internet and mobile. However, although the big data integration and analysis are performed with de-identification techniques, there is still a risk that personal privacy can be exposed. Recently, there are many studies to invent effective methods to maintain the value of data without disclosing personal information. In this paper, a personal information protection system is investigated to boost big data utilization in industrial sectors, such as healthcare and agriculture. The criteria for evaluating the de-identification adequacy of personal information and the protection scope of personal information should be differently applied for each industry. In the field of personal sensitive information-oriented healthcare sector, the minimum value of k-anonymity should be set to 5 or more, which is the average value of other industrial sectors. In agricultural sector, it suggests the inclusion of companion dogs or farmland information as sensitive information. Also, it is desirable to apply the demonstration steps to each region-specific industry.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.4
• /
• pp.231-237
• /
• 2021

Over a decade ago, Krasnova et al. identified the factors that influence Facebook users' self-disclosure. These factors include perceived risks, relationship building, relationship maintenance, self-presentation, and enjoyment. Meanwhile, during the past 10 years, there have been significant changes in terms of function, media, and competition. SNSs have been functionally enhanced, used in mobile environment, and had many competitors. Based on these facts, it is believed that the influence of the factors on self-disclosure is different from those of Krasnova et al. The purpose of this study is to verify through a replication study whether the factors adopted in the study of Krasnova et al. are still important in explaining self-exposure. The study empirically find the result significantly different from those of Krasnova et al. Based on the result, the study provides meaningful implications and suggestions for future research.

• Smart Media Journal
• /
• v.11 no.10
• /
• pp.76-88
• /
• 2022

Personal information leakage is very harmful as it can lead to additional attacks using leaked information as well as privacy invasion, and it is primarily caused by hacking server databases of institutions that collect and store personal information. We propose a scheme that allows a service-requesting user to authorize a secure delegated transfer of his personal information to the service provider via a reliable authority and enables only the two parties of the service to retrieve the provided information stored on a blockchain ensuring data confidentiality. It thus eliminates the necessity of storing customer information in the service provider's own database. As a result, the service provider can serve customers without requiring membership registration or storing personal information in the database, so that information leakage through the server database can be completely blocked. In addition, the scheme is free from the risk of information leakage and subsequent attacks through smartphones because it does not require a user's smartphone to store any authentication credential or personal information of its owner.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.769-771
• /
• 2005

유비쿼터스 컴퓨팅의 기반 설비인 센서 네트워크는 많은 수의 센서 노드들로 구성되며, 각 센서 노드의 하드웨어는 매우 작은 규모이다. 또한 최소한의 전력 소모를 위하여 센서 노드들은 동적으로 재구성되며, 노드들 간의 통신은 무선 네트워크를 통하여 이루어진다. 센서 네트워크는 구축 목적에 따라 네트워크 토폴로지 및 라우팅 방식이 결정되어야 하고, 이와 더불어 센서 노드의 하드웨어와 소프트웨어도 필요에 따라 다양하게 변경되어야 한다. 따라서 센서 네트워즈가 구현되기 전에 시스템 동작과 성능을 예측할 수 있고 소프트웨어 개발 환경도 제공해주는 시뮬레이터가 사용 가능하다면, 시스템 개발 기간을 크게 단축시킬 수 있을 것이다. 기존의 센서 네트워크 시뮬레이터들은 특별한 응용을 위한 특정 기반의 하드웨어와 운영체제에 국한되어 개발되었기 때문에 다양한 센서 네트워크 환경을 지원하기에는 한계가 있으며, 센서 네트워크 설계상의 주요 요소인 전력 소모량 분석이 포함되지 않았다. 따라서 본 연구에서는 특정한 응용이나 운영체제에 제한을 받지 않으면서 다양하게 센서 네트워크 환경을 설계 및 검증할 수 있고 전력 소모량 추정도 가능한 시뮬레이터를 개발하는 것을 목표로 하였다. 본 연구에서 개발한 시뮬레이터는 기계명령어-레일(machine instruction-level)의 이산-사건 시뮬레이션(discrete-event simulation) 기법을 이용함으로써 실제 센서 노드의 프로그램 실행 및 관련 동작들을 세부적으로 예측하는 데 사용될 수 있도록 하였다. 시뮬레이션의 작업부하(Workload)인 명령어 트레이스(instruction trace)로는 ATmega128L 마이크로컨트롤러용으로 크로스 컴파일된 인텔 헥스-레코드 형식(.hex) 또는 S-레코드 형식(.srec)의 파일을 사용한다.들을 해결하고자 프라이버시보호에 새로운 키 생성 방법을 통한 강력한 프로토콜을 제안 한다.하였으나 사료효율은 증진시켰으며, 후자(사양, 사료)와의 상호작용은 나타나지 않았다. 이상의 결과는 거세비육돈에서 1) androgen과 estrogen은 공히 자발적인 사료섭취와 등지방 침적을 억제하고 IGF-I 분비를 증가시키며, 2) 성선스테로이드호르몬의 이 같은 성장에 미치는 효과의 일부는 IGF-I을 통해 매개될 수도 있을을 시사한다. 약 $70 {\~} 90\%$의 phenoxyethanol이 유상에 존재하였다. 또한, 미생물에 대한 항균력도 phenoxyethanol이 수상에 많이 존재할수록 증가하는 경향을 나타내었다. 따라서, 제형 내 oil tomposition을 변화시킴으로써 phenoxyethanol의 사용량을 줄일 수 있을 뿐만 아니라, 피부 투과를 감소시켜 보다 피부 자극이 적은 저자극 방부시스템 개발이 가능하리라 보여 진다. 첨가하여 제조한 curd yoghurt는 저장성과 관능적인 면에서 우수한 상품적 가치가 인정되는 새로운 기능성 신제품의 개발에 기여할 수 있을 것으로 사료되었다. 여자의 경우 0.8이상이 되어서 심혈관계 질환의 위험 범위에 속하는 수준이었다. 삼두근의 두겹 두께는 남녀 각각 $20.2\pm8.58cm,\;22.2\pm4.40mm$으로 남녀간에 유의한 차이는 없었다. 조사대상자의 식습관 상태는 전체 대상자의 $84.4\%$가 대부분이 하루 세끼 식사를 규칙적으로 하고 있었으며 식사속도는 허겁지겁 빨리 섭취하는 경우가 남자는 $31.0\%$, 여자는 $21.4\%$로 나타났고 이들을 제외한 나머지 사람들은 보통 속도 혹은 충분한 시간을 가지고 식사를 하였

• Korean journal of communication and information
• /
• v.76
• /
• pp.151-182
• /
• 2016

The right to be forgotten (RTBF) has been a population notion to address privacy issues associated with the digitalization of information and the dissemination of such information over the global digital network. In May 2014, the European Court of Justice (ECJ) laid down a landmark RTBF decision to grant individuals the right to be de-listed from search results. ECJ's RTBF decision sparked an increased interest in RTBF in South Korea. Academic and non-academic commentators have provided a mistaken or outstretched interpretation of RTBF in claiming that removal of news articles should be read into RTBF in Korean law. Moreover, the Press Arbitration Commission of Korea (PAC) has proposed revising the Press Arbitration Act (PAA) to allow the alleged victims of news reporting to request the deletion of news stories. This article examines the notion of RTBF from its origin to the latest development abroad and also critically explores Korean laws regulation freedom of expression to evaluate if Korea needs the proposed PAA revision.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.87-92
• /
• 2012

In the early 2012, European Union proposed new legal framework, including the right to be forgotten, for the protection of personal data. The new Proposal articulates kind of sweeping new privacy right and there has been debates on its potential threat to free speech in the digital age. While the situation is similar in Korea, I want to introduce the right to be forgotten in the Proposal. Then, I will analyze current legal system in Korea regarding the new privacy right and suggest some guidelines in searching direction for the coming legislation with respect to the right to be forgotten. The right to be forgotten should not have been promulgated without considering fully its effect on the free speech, especially in the society where the voice toward direct democracy or movement toward participation of the citizen, mainly through cyber space or Social Network Services, has risen much higher in Korea. Especially, the new right seems not to cover the control of data subject on a third party where the third party expressing his opinion by posting himself other's personal data on his blog or others.

• Journal of the Korea Convergence Society
• /
• v.8 no.9
• /
• pp.1-7
• /
• 2017

As the network environment develops and speeds up, a lot of smart devices is developed, and a high-speed smart society can be realized while allowing people to interact with objects. As the number of things Internet has surged, a wide range of new security risks and problems have emerged for devices, platforms and operating systems, communications, and connected systems. Due to the physical characteristics of IoT devices, they are smaller in size than conventional systems, and operate with low power, low cost, and relatively low specifications. Therefore, it is difficult to apply the existing security solution used in the existing system. In addition, IoT devices are connected to the network at all times, it is important to ensure that personal privacy exposure, such as eavesdropping, data tampering, privacy breach, information leakage, unauthorized access, Significant security issues can arise, including confidentiality and threats to facilities. In this paper, we investigate cases of security threats and cases of network of IoT, analyze vulnerabilities, and suggest ways to minimize property damage by Internet of things.