• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.5-14
• /
• 2017

Many web services which use OAuth Protocol offer users to log in using their personal profile information given by resource servers. This method reduces the inconvenience of the users to register for new membership. However, at the time a user finishes using OAuth client web service, even if he logs out of the client web service, the resource server remained in the login state may cause the problem of leaking personal information. In this paper, we propose a solution to mitigate the threat by providing an additional security behavior check: when a user requests to log out of the Web Client service, he or she can make decision whether or not to log out of the resource server via confirmation notification regarding the state of the resource server. By utilizing the proposed method, users who log in through the OAuth Protocol in the public PC environment like department stores, libraries, printing companies, etc. can prevent the leakage of personal information issues that may arise from forgetting to check the other OAuth related services. To verify our study, we implement a Client Web Service that uses OAuth 2.0 protocol and integrate it with our security behavior check. The result shows that with this additional function, users will have a better security when dealing with resource authorization in OAuth 2.0 implementation.

• Journal of KIISE:Computer Systems and Theory
• /
• v.30 no.2
• /
• pp.78-92
• /
• 2003

In related to mobile communication environment, many researchers have studied problems concerning current locations of mobile users and exposure of their movements in the privacy aspect so far [1,2,3,4,5,6,7,8,9]. Among them, Kesdogan and Pfitzmann [3,6] proposed effective solutions using temporary pseudonym identification, called TP(Temporary Pseudonym ) to solve them. After that, Kesdogan et al. proposed an improved method protecting mobile users from some types of attacks of network providers in [8]. However, among their methods, in particular the method, attaching the other new device (so-called Reachability Manager) to system against active attack of network providers, is alterative rather than practical and is not clear. Moreover, it requires the other cost and overhead. Therefore we propose a practical method against active attack of network providers without attaching new device in original environments. The basie idea of proposed method is to protect a fraud act of network provider as a inside user by exchanging a secret information, which only users and network providers know, via network provider between mobile user and the trusted third party (so-called Trust Device). Moreover, we introduce a new payment protocol which applied our method.

• Proceedings of the Korea Contents Association Conference
• /
• 2009.05a
• /
• pp.532-536
• /
• 2009

Recently the entertainment and sports/advertisement industry have developed rapidly, and the name or identities of celebrities such as entertainers or athletics for the advertisement so that following troubles are occurred continually. Some celebrities actually started a suit for there right of publicity was violated, and won the case. Meanwhile, the right of publicity has become a growing issue in the society. In the States, the right of publicity which controls using one's identity for commercial use, and it is recognized as a right of property separated from the right of privacy. But in Germany, the right of publicity is protected as a human right. On the other hand, in Korea, there is an argument that the mental human right and the right of publicity which has property-characteristic are not separated clearly, and also the attitude of precedent toward the right of publicity is not unified. Especially in Korea, where it is taking the written laws principally, it is not easy to recognize the right of publicity which is a monopoly and exclusion without basis such as any actual laws such as regulation of agreement or any conventional laws. Therefore, as the right protection of celebrities is becoming the social state and there is an agreement with the constituents of the society, now Korea shall progress legislation about the right of publicity, and prepare a legal basis which regulates the remedies for the realization condition, alienation, inheritance, objectives, duration and violation of the right of publicity.

• 한국노년학
• /
• v.29 no.2
• /
• pp.477-488
• /
• 2009

Purpose: This study was conducted to investigate newly admitted nursing home resident's experience and adjustment problems in the early stage of institutionalization. Method: In depth interviews was done on 6 elderly residents who were newly admitted. Data from the interview were analyzed using theme analysis method. Results: Results showed that reasons for Institution admission were decreasing physical health and cognitive functioning. Residents reported that difficulties they experienced in institution life were lack of individualized care, loss of autonomy and privacy associated with the demands of group living, and loss of control over activities of daily living. Conclusion: Efforts need to be made to maintain the residents' decision-making and autonomy. Listening intentionally, offering choices, and promoting personal identity might be utilized to reduce relocation stress and enhance adaptation to nursing home living.

• Journal of Arbitration Studies
• /
• v.17 no.2
• /
• pp.167-187
• /
• 2007

As Korea has reached a free trade agreement with the United States of America, it is required to provide an appropriate procedure to ".kr" domain name disputes based on the principles established in the Uniform Domain Name Dispute Resolution Policy(UDRP). Currently, Internet address Dispute Resolution Committee(IDRC) established under Article 16 of the Act on Internet Address Resources provides the dispute resolution proceedings to resolve ".kr" domain name disputes. While the IDRC's proceeding is similar to the UDRP administrative proceeding in procedural aspects, the Domain Name Dispute Mediation Policy that is established by the IDRC and that applies to disputes involving ".kr" domain names is very different from the UDRP for generic Top Level Domain (gTLD) in substantial aspects. Under the Korea-U.S. Free Trade Agreement(KORUS FTA), it is expected that either the Domain Name Dispute Mediation Policy to be amended to adopt the UDRP or the IDRC to examine the Domain Name Dispute Mediation Policy in order to harmonize it with the principles established in the UDRP. It is a common practice of cybersquatters to warehouse a number of domain names without any active use of these domain names after their registration. The Domain Name Dispute Mediation Policy provides that the complainant may request to transfer or delete the registration of the disputed domain name if the registrant registered, holds or uses the disputed domain name in bad faith. This provision lifts the complainant's burden of proof to show the respondent's bad faith because the complainant is only required to prove one of the three bad faiths which are registration in bad faith, holding in bad faith, or use in bad faith. The aforementioned resolution procedure is different from the UDRP regime which requires the complainant, in compliance with paragraph 4(b) of the UDRP, to prove that the disputed domain name has been registered in bad faith and is being used in bad faith. Therefore, the complainant carries heavy burden of proof under the UDRP. The IDRC should deny the complaint if the respondent has legitimate rights or interests in the domain names. Under the UDRP, the complainant must show that the respondent has no rights or legitimate interests in the disputed domain name. The UDRP sets out three illustrative circumstances, any one of which if proved by the respondent, shall be evidence of the respondent's rights to or legitimate interests in the domain name. As the Domain Name Dispute Mediation Policy provides only a general provision regarding the respondent's legitimate rights or interests, the respondent can be placed in a very week foundation to be protected under the Policy. It is therefore recommended for the IDRC to adopt the three UDRP circumstances to guide how the respondent can demonstrate his/her legitimate rights or interests in the disputed domain name. In accordance with the KORUS FTA, the Korean Government is required to provide online publication to a reliable and accurate database of contact information concerning domain name registrants. Cybersquatters often provide inaccurate contact information or willfully conceal their identity to avoid objection by trademark owners. It may cause unnecessary and unwarranted delay of the administrative proceedings. The respondent may loss the opportunity to assert his/her rights or legitimate interests in the domain name due to inability to submit the response effectively and timely. The respondent could breach a registration agreement with a registrar which requires the registrant to submit and update accurate contact information. The respondent who is reluctant to disclose his/her contact information on the Internet citing for privacy rights and protection. This is however debatable as the respondent may use the proxy registration service provided by the registrar to protect the respondent's privacy.

• Journal of the Korean Institute of Landscape Architecture
• /
• v.44 no.3
• /
• pp.13-24
• /
• 2016

What are the roles and functions of urban gardening created by citizens in Sujin 2-dong, Seongnam-si? This study has looked into urban gardening in everyday life in a bid to find possible solutions for sustainable urban regeneration. The paper has examined the types, functions, and characteristics of urban gardens in Sujin 2-dong, where the urban restoration project is in progress. This study has conducted primarily on-site inspections and interviews. The research findings are as follows. Most urban gardens in Sujin 2-dong have a vertical structure rather than a regular ground-based one due to lack of land. Six major locations of building a garden include the front of a building, rooftop, top of a gate, stairs, wall, and yard. Rooftop gardens are most common and are built mostly for production purposes. Due to architectural characteristics of this village, there are relatively many stair gardens built mostly for aesthetic purposes. The garden in front of a building has served multiple functions, including formation of entry, privacy protection, and prevention of unauthorized parking. Other than those, detached houses have quality urban gardens built with greater effort and care, while multi-household houses have seen a decrease of stair gardens and an increase of vertical gardens due to their comparatively limited space. By utilizing this research, we hope to show that it is important to understand the local's wisdom and voice for a sustainable urban environment as well as keep these findings in mind during the construction of new buildings. This study would be expected to be useful as primary research for urban gardening in everyday life and alternative ways of urban regeneration.