• Title/Summary/Keyword: Data Breach

Search Result 73, Processing Time 0.026 seconds

A Blocking Distribution Channels to Prevent Illegal Leakage in Supply Chain using Digital Forensic

  • HWANG, Jin-Hee
    • Journal of Distribution Science
    • /
    • v.20 no.7
    • /
    • pp.107-117
    • /
    • 2022
  • Purpose: The scope of forensic investigations serves to identify malicious activities, including leakage of crucial corporate information. The investigations also identify security lapses in available networks. The purpose of the present study is to explore how to block distribution channels to protect illegal leakage in supply chain through digital forensic method. Research design, data and methodology: The present study conducted the qualitative textual analysis and its data collection process entails five steps: identifying and collecting data, determining coding categories, coding the content, checking validity and reliability, and analyzing and presenting the results. This methodology is a significant research method due to its high quality of previous resources. Results: Applying previous literature analysis to the results of this study, the author figured out that there are four solutions as an evidences to block distribution channels, preventing illegal leakage regarding company information. The following subtitles show clear solutions: (1) Communicate with Stakeholders, (2) Preventing and addressing illegal leakage, (3) Victims of Data Breach, (4) Focusing Solely on Technical Teams. Conclusion: There are difficult scenarios that continue to introduce difficult questions surrounding engagement with digital evidence. Consequently, it is important to enhance data handling to provide answers for organizations that suffer due to illegal leakages of sensitive information.

Two-Dimensional Flood Inundation Analysis Resulting from Irrigation Reservoir Failure - Focused on the Real Case with the Minimal Data Set - (농업용 저수지 붕괴에 따른 2차원 홍수범람해석 -계측자료가 부족한 실제사례를 중심으로-)

  • Lee, Jae Young;Kim, Byunghyun;Park, Jun Hyung;Han, Kun Yeun
    • KSCE Journal of Civil and Environmental Engineering Research
    • /
    • v.36 no.2
    • /
    • pp.231-243
    • /
    • 2016
  • This study presents the applicability of two-dimensional (2D) flood inundation model by applying to real irrigation reservoir failure with limited available data. The study area is Sandae Reservoir placed in Gyeongju and downstream area of it and the reservoir was failured by piping in 2013. The breach hydrograph was estimated from one-dimensional (1D) hydrodynamic model and the discharge was employed for upstream boundary of 2D flood inundation model. Topography of study area was generated by integrating digital contour map and satellite data, and Cartesian grids with 3m resolution to consider geometry of building, road and public stadium were used for 2D flood inundation analysis. The model validation was carried out by comparing predictions with field survey data including reservoir breach outflow, flood extent, flood height and arrival time, and identifying rational ranges with allowed error. In addition, the applicability of 2D model is examined using different simulation conditions involving grid size, building and roughness coefficient. This study is expected to contributed to analysis of irrigation reservoirs were at risk of a failure and setting up Emergency Action Plan (EAP) against irrigation reservoir failure.

Recent Developments in Law of International Electronic Information Transactions (국제전자정보거래(國際電子情報去來)에 관한 입법동향(立法動向))

  • Hur, Hai-Kwan
    • THE INTERNATIONAL COMMERCE & LAW REVIEW
    • /
    • v.23
    • /
    • pp.155-219
    • /
    • 2004
  • This paper focuses on two recent legislative developments in electronic commerce: the "Uniform Computer Information Transactions Act" ("UCITA") of USA and the "preliminary draft convention on the use of data message in [international trade] [the context of international contracts]" ("preliminary draft Convention") of UNCITRAL. UCITA provides rules contracts for computer information transactions. UCITA supplies modified contract formation rules adapted to permit and to facilitate electronic contracting. UCITA also adjusts commonly recognized warranties as appropriate for computer information transactions; for example, to recognize the international context in connection with protection against infringement and misappropriation, and First Amendment considerations involved with informational content. Furthermore, UCITA adapts traditional rules as to what is acceptable performance to the context of computer information transactions, including providing rules for the protection of the parties concerning the electronic regulation of performance to clarify that the appropriate general rule is one of material breach with respect to cancellation (rather than so-called perfect tender). UCITA also supplies guidance in the case of certain specialized types of contracts, e.g., access contracts and for termination of contracts. While for the most part carrying over the familiar rules of Article 2 concerning breach when appropriate in the context of the tangible medium on which the information is fixed, but also adapting common law rules and rules from Article 2 on waiver, cure, assurance and anticipatory breach to the context of computer information transactions, UCITA provides a remedy structure somewhat modeled on that of Article 2 but adapted in significant respects to the different context of a computer information transaction. For example, UCITA contains very important limitations on the generally recognized common law right of self-help as applicable in the electronic context. The UNCITRAL's preliminary draft Convention applies to the use of data messages in connection with an existing or contemplated contract between parties whose places of business are in different States. Nothing in the Convention affects the application of any rule of law that may require the parties to disclose their identities, places of business or other information, or relieves a party from the legal consequences of making inaccurate or false statements in that regard. Likewise, nothing in the Convention requires a contract or any other communication, declaration, demand, notice or request that the parties are required to make or choose to make in connection with an existing or contemplated contract to be made or evidenced in any particular form. Under the Convention, a communication, declaration, demand, notice or request that the parties are required to make or choose to make in connection with an existing or contemplated contract, including an offer and the acceptance of an offer, is conveyed by means of data messages. Also, the Convention provides for use of automated information systems for contract formation: a contract formed by the interaction of an automated information system and a person, or by the interaction of automated information systems, shall not be denied on the sole ground that no person reviewed each of the individual actions carried out by such systems or the resulting agreement. Further, the Convention provides that, unless otherwise agreed by the parties, a contract concluded by a person that accesses an automated information system of another party has no legal effect and is not enforceable if the person made an error in a data message and (a) the automated information system did not provide the person with an opportunity to prevent or correct the error; (b) the person notifies the other party of the error as soon as practicable when the person making the error learns of it and indicates that he or she made an error in the data message; (c) The person takes reasonable steps, including steps that conform to the other party's instructions, to return the goods or services received, if any, as a result of the error or, if instructed to do so, to destroy such goods or services.

  • PDF

Detecting Rogue AP using k-SVM method (k-SVM을 이용한 Rogue AP 탐지 기법 연구)

  • Lee, Jae-Wook;Lee, Si-Young;Moon, Jong-Sub
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.1
    • /
    • pp.87-95
    • /
    • 2014
  • Under only authorized AP is allowable environment, rogue AP which is generated by a smartphone tethering can be a serious security breach. To solve rogue AP problem, this paper proposes classifying algorithm of Kernel Support Vector Machine using features of RTT data. Through our experiment, we can detect rogue AP from LTE mobile network.

The Study for Establishment of Security Threat Measures for Secure NFC Service (안전한 NFC 서비스 활용 활성화를 위한 보안 위협 대책 마련을 위한 고찰)

  • Choi, Heesik;Cho, Yanghyun
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.14 no.4
    • /
    • pp.219-228
    • /
    • 2018
  • The utilization of NFC has been continuously increasing due to the spread of smart phones and the development of short-range wireless communication networks. However, it has been suggested that stability and security of convenient NFC short-range wireless communications can be unstable and problematic. The unstable causes for NFC are the lack of security technologies for NFC, the controversy about personal information infringement, and the lack of social awareness on security breach against data settlement. NFC service can be conveniently used by simply touching other NFC devices and NFC tags through the NFC device. This thesis analyzes that NFC authentication technology, which is convenient for user are one of the unstable causes of security of NFC. This thesis suggest that ministry should research countermeasures and promote how users can use NFC safely. It also suggests that users should have awareness when they use payment and authentication service through NFC to prevent from security threat.

Analysis on Cyber Security and Its Challenges to Society

  • Shashank Mishra;Raghav Sandhane
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.6
    • /
    • pp.141-152
    • /
    • 2024
  • Cyber security plays an important role in the field of IT industry and other industry too. Whenever we talk about cyber security, the word cybercrime pops out. Cybercrime is the biggest issues we are facing right now. Every 39 seconds an attacker is hacking something. Since 2008 to 2019 there are more than 8800 data breach cases is being found or filed. Even as we are aware of cybercrime and its stats, only 5% organization are fully secured and other 95% are not fully secured. According to survey 56% organization have weak controls. Basically they are not secured. Apart from taking measures cyber security are facing huge challenges or disturbs to many. This paper mainly focuses on dare to cyber security and also center of attraction is cyber security expertise, morals with changing in technology with time. [1]

A Study on Privacy Protection in Financial Mydata Policy through Comparison of the EU's PSD2 (유럽 PSD2 시행에 따른 금융분야 마이데이터 정책의 개인정보보호 강화 방안 연구)

  • Song, Mi-Jung;Kim, In-Seok
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.5
    • /
    • pp.1205-1219
    • /
    • 2019
  • As the ability to use data becomes competitive power in the data-driven economy, the effort to create economic value by using personal data is emphasized as much as to protect personal data. EU's PSD2(the second Payment Service directive) became the initiative of the Open Banking trends all over the world, as it is the Mydata policy which protects the data subject's right by empowering the subject to control over the personal data with the right to data portability and promotes personal data usages and transfer. Korean government is now fast adopting EU's PSD2 in financial sector, but there is growing concerns in personal data abuse and misuse, and data breach. This study analyzes domestic financial Mydata policy in comparison with EU's PSD2 and focus on Personal information life-cycle risks of financial Mydata policy. Some suggestions on how to promote personal information and privacy in domestic financial Mydata Policy will be given.

Ethics for Artificial Intelligence: Focus on the Use of Radiology Images (인공지능 의료윤리: 영상의학 영상데이터 활용 관점의 고찰)

  • Seong Ho Park
    • Journal of the Korean Society of Radiology
    • /
    • v.83 no.4
    • /
    • pp.759-770
    • /
    • 2022
  • The importance of ethics in research and the use of artificial intelligence (AI) is increasingly recognized not only in the field of healthcare but throughout society. This article intends to provide domestic readers with practical points regarding the ethical issues of using radiological images for AI research, focusing on data security and privacy protection and the right to data. Therefore, this article refers to related domestic laws and government policies. Data security and privacy protection is a key ethical principle for AI, in which proper de-identification of data is crucial. Sharing healthcare data to develop AI in a way that minimizes business interests is another ethical point to be highlighted. The need for data sharing makes the data security and privacy protection even more important as data sharing increases the risk of data breach.

Companies Entering the Metabus Industry - Major Big Data Protection with Remote-based Hard Disk Memory Analysis Audit (AUDIT) System

  • Kang, Yoo seok;Kim, Soo dong;Seok, Hyeonseon;Lee, Jae cheol;Kwon, Tae young;Bae, Sang hyun;Yoon, Seong do;Jeong, Hyung won
    • Journal of Integrative Natural Science
    • /
    • v.14 no.4
    • /
    • pp.189-196
    • /
    • 2021
  • Recently, as a countermeasure for cyber breach attacks and confidential leak incidents on PC hard disk memory storage data of the metaverse industry, it is required when reviewing and developing a remote-based regular/real-time monitoring and analysis security system. The reason for this is that more than 90% of information security leaks occur on edge-end PCs, and tangible and intangible damage, such as an average of 1.20 billion won per metaverse industrial security secret leak (the most important facts and numerical statistics related to 2018 security, 10.2018. the same time as responding to the root of the occurrence of IT WORLD on the 16th, as it becomes the target of malicious code attacks that occur in areas such as the network system web due to interworking integration when building IT infrastructure, Deep-Access-based regular/real-time remote. The concept of memory analysis and audit system is key.

Models for Privacy-preserving Data Publishing : A Survey (프라이버시 보호 데이터 배포를 위한 모델 조사)

  • Kim, Jongseon;Jung, Kijung;Lee, Hyukki;Kim, Soohyung;Kim, Jong Wook;Chung, Yon Dohn
    • Journal of KIISE
    • /
    • v.44 no.2
    • /
    • pp.195-207
    • /
    • 2017
  • In recent years, data are actively exploited in various fields. Hence, there is a strong demand for sharing and publishing data. However, sensitive information regarding people can breach the privacy of an individual. To publish data while protecting an individual's privacy with minimal information distortion, the privacy- preserving data publishing(PPDP) has been explored. PPDP assumes various attacker models and has been developed according to privacy models which are principles to protect against privacy breaching attacks. In this paper, we first present the concept of privacy breaching attacks. Subsequently, we classify the privacy models according to the privacy breaching attacks. We further clarify the differences and requirements of each privacy model.