• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.693-696
• /
• 2013

Information protection system (Information protection system)-based IT environment built popularity in public agencies and businesses take advantage of the resources for the integration of the information system one essential environment began to recognize, cloud systems (Cloud System), cloud security (Cloud Security), big data (Big Data), big data security (Big Data Security), industrial security (Security Industry), as well as the issue. Due to the influence of these information protection system (Information protection system) in response to my external security threats based on the analysis plan. In this paper, data protection systems (Information protection system), resulting in the introduction, there are a number of security threats and particularly industrial security aspects and internal and external security threats in response by lighting about aspects of the plan is based on knowledge.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.1
• /
• pp.89-98
• /
• 2012

According to the enforcement of Personal Information Protection Act as of September 2011, the laws and regulations for the protection of personal information that were applied only to the certain sectors such as information & communication network, financial institutions, public sector etc. for the time being has been expanded to apply to all public and private sectors to process personal information. In particular, because the public institutions are obliged to be mandatorily conducted of the Privacy Impact Assessment, it will be enforced in earnest for each agency's informationization business that handles personal information. In this paper, I examine the most derived vulnerability and set up the improvement measure to supplement it with the examples of 10 of all the institutions conducting the Privacy Impact Assessment in the year 2011. And, I suggest the measures to be prepared by the institutions to observe the Personal Information Protection Act.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.8
• /
• pp.811-818
• /
• 2004

The spreading of internet, combined with the computerization of industry and the life whole has created an incereased demand on the private life protection and information portection, but due to the lack of specialty manpower on the information protection industry field there are many difficulties. Therefore, in this paper a curriculum for an information protection specialty manpower training is proposed. The proposed curriculum indispensability 1,2 and classified with a selection 1,2 and classified with a selection 1,2. The information protection application field into 9 segments of domains, and to carry out the curriculum in a ring structure. The curriculum based on the information security field's 9 domains and related field practical business, and the course offered after graduation to deepen the specialty, need to be carried out by each domain in order to continuously carry out the information security deepening process.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.11
• /
• pp.5654-5673
• /
• 2016

Participatory sensing applications rely on recruiting appropriate participants to share their surrounding conditions with others, and have been widely used in many areas like environmental monitoring, health care, and traffic congestion monitoring, etc. In such applications, how to ensure the privacy of a participant is important, since incentive mechanisms are used to maintain their enthusiasm for sustainable participation by offering certain amount of reward. In this paper, we propose a pseudonym-based privacy protection scheme, that takes both privacy protection and user incentives into consideration. The proposed scheme uses the pseudonym mechanism and one-way hash function to achieve user incentives, while protecting their identity. We also show extensive analysis of the proposed scheme to demonstrate that it can meet the security and performance the requirement of a participatory sensing application.

• Korea Journal of Hospital Management
• /
• v.24 no.2
• /
• pp.56-66
• /
• 2019

PURPOSE: To demonstrate that the training of information protection for members at medical institutions increases the information protection activities of employees. METHODS: We used the chi-square test and the logistic regression model to analyze the data of the "Healthcare Information and Communication Status Survey in 2017" (n = 2002) conducted by the Korea Health Industry Development Institute RESULTS: As a result of the analysis, the information protection activity increased when the education was received and the number of received more than the education was not received. Especially, when the management receives education, it affects the information protection activities of the employees. CONCLUSION: In order to protect medical information, medical institutions need to provide education on information protection for management and employees.

• Journal of Information Technology Services
• /
• v.10 no.4
• /
• pp.21-32
• /
• 2011

The recently revised "Telecommunications Business Promotion and Personal Data Protection Act" is an important legal milestone in promoting the Korean telecommunications infrastructure and industry as well as protecting individuals' personal data and individuals' rights to privacy. Special characteristics of information security and privacy protection services including public goods' feature, adaptiveness, relativity, multi-dimensionality, and incompleteness, are reviewed. The responsibility of chief security/privacy officers in the IT industry, and the fairness and effectiveness of the criminal negligence in the Telecommunications Act are analyzed. An assessment of the rationale behind the act as well as a survey of related laws and cases in different countries, offers the following recommendations : i) revise the act and develop new systems for data protection, ii) grant a stay of execution or reduce the sentence given extenuating circumstances, or iii) use technical and managerial measures in data protection for exemption from criminal negligence.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.2
• /
• pp.57-66
• /
• 2008

There have been proposed various copyright protection protocols in network-based digital multimedia distribution framework. However, most of conventional copyright protection protocols are focused on the stability of copyright information embedding/extracting and the access control to data suitable for user's authority but overlooked the privacy of copyright owner and user in authentication process of copyright and access information. In this paper, we propose a solution that builds a privacy-preserving proof of copyright ownership of digital contents in conjunction with keyword search scheme. The appeal of our proposal is three-fold: (1) content providers maintain stable copyright ownership in the distribution of digital contents; (2) the proof process of digital contents ownership is very secure in the view of preserving privacy; (3) the proposed protocol is the copyright protection protocol added by indexing process but is balanced privacy and efficiency concerns for its practical use.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.1
• /
• pp.37-48
• /
• 2017

As the risk of technical leakage is increasing, technology protection support systems for small and medium-sized businesses have gained attention. This paper analyzed the perception gap of the user and policy-maker regarding technology protection support systems. First, to identify key elements of technology protection support systems and construct measurement factors, interviews with experts are conducted. Then, surveys are conducted to analyze the perception differences between the users and policy-makers. Factor analysis and ANOVA have been utilized to analyze survey results. The result shows that the perception gaps exist in the following areas: management system, cost reduction, copyright protection, customer satisfaction, leakage prevention, and awareness. To enhance the effectiveness of technology protection support systems, this paper suggests technology protection support systems should be customized in terms of the company's size and type of busines.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.2
• /
• pp.113-125
• /
• 2017

In today's highly competitive environment, the importance of technology protection cannot be overemphasized. To evaluate technology protection competency of Small and Medium-sized Enterprises(SMEs), Government has conducted surveys every year but its effectiveness is still in question. To enhance the effectiveness of technology protection for SMEs, a customized evaluation model of technology protection competency has been suggested in this study. Surveys are conducted to measure the relative importance of evaluation areas that can be influenced by the size and type of business. The analysis shows that there exists significant differences between evaluation areas. This study suggests that the effectiveness of technology protection can be enhanced by utilizing a customized evaluation model depending on the size and type of business. Also, the proposed model can be used for SMEs to identify and enhance their weakness in technology protection. Overall, it is expected that the proposed model can be effectively used to protect valuable technologies in various SMEs.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.3
• /
• pp.87-109
• /
• 2016

This study intends to present an effective and efficient development plan about the information protection of medical institutions, by establishing the improvement plan about Personal Information Management System(PIMS) appropriate to the characteristics of medical information focusing on medical institutions generating and using domestic medical information, and doing an empirical study on medical information protection plan. For this, in view of the medical characteristics of the existing Information Security Management System(ISMS), the study presented a study model appropriated to medical institutions based on Personal Information Management Systems index specialized for personal information, and through this, presented the vulnerability diagnosis and vulnerability improvement plan. Based on ISMS index, it designed an improvement index of personal information protection management about each index. The study conducted a survey for executives and employees about PIMS. Accordingly, it presented vulnerability diagnosis items of the current management system indexes from the viewpoint of the people who establish and mange the personal information protection about patients' medical information targeting executives and employees who serve at hospitals and can access medical information.