• ETRI Journal
• /
• 제37권2호
• /
• pp.428-437
• /
• 2015

This study was conducted to analyze the effect of information security activities on organizational performance. With this in mind and with the aim of resolving transaction stability in the securities industry, using an organization's security activities as a tool for carrying out information security activities, the effect of security activities on organizational performance was analyzed. Under the assumption that the effectiveness of information security activities can be bolstered to enhance organizational performance, such effects were analyzed based on Herzberg's motivation theory, which is one of the motivation theories that may influence information protection activities. To measure the actual attributes of the theoretical model, an empirical survey of the securities industry was conducted. In this explorative study, the proposed model was verified using partial least squares as a structural equation model consisting of IT service, information security, information sharing, transaction stability, and organizational performance.

• 통상정보연구
• /
• 제4권2호
• /
• pp.57-76
• /
• 2002

This paper surveys consumer policies for the internet transaction in the developed countries. Recently the internet transaction has been witnessing a remarkable change represented by the rapid spread of "revolution of distribution". It cannot be, however, stated that internet transaction will dominates all the market places without enhancing consumer's reliability in the internet transaction. Many countries made an efforts to the consumer protection in order to develop infra-structure of information industry. We will soon discover a new paradigm that consumer protection is not a tool for development of cyber market but the goal itself. We survey the process of consumer policies discussed in the developed countries and study the point of prevailing arguments of the consumer protection in the internet transaction. The arguments discussed in OECD meetings are debatable, especially, to the degree of government intervention in the field of consumer protection between EU and US. In contrast of US insisted on the minimum intervention of the government, EU suggest the opinion of more aggressive role of government in consumer policy in the cyber market. This paper attempts to provide several guide lines of Korean consumer policy in the cyber market.

• 패션정보와 기술
• /
• 제6권
• /
• pp.27-33
• /
• 2009

• 한국정보통신학회논문지
• /
• 제22권9호
• /
• pp.1191-1198
• /
• 2018

본 논문에서는 온디맨드 비디오 스트리밍 플랫폼에 대한 콘텐츠 쿼터제 적용의 실효성 확보 방안에 관하여 분석하였다. 특히 넷플릭스(Netflix)의 EU시장 진출에 대한 공동체의 대응을 중심으로 단일시장 내 저작권 보호 및 문화산업 보호에 관한 OTT 규제의 효과성을 분석하였다. 온디맨드 비디오 스트리밍 서비스와 넷플릭스의 성장 그리고 넷플릭스의 EU 시장 진출에 대해 고찰하고 있다. 다음으로 EU 내 온디맨드 비디오 스트리밍 서비스 현황을 분석한다. 온디맨드 비디오 스트리밍 서비스 시장 대응에 관한 EU의 정책은 디지털 단일 시장 내 '이동성(portability)' 그리고 저작권 보호를 위한 콘텐츠 쿼터제 등으로 구성되며, OTT 규제의 세부지침의 고찰을 통해 시장보호 그리고 온라인 스트리밍 서비스업의 경쟁력 제고 방안 측면을 분석하였다. EU는 유럽 방송사업자에게만 적용되어 온 콘텐츠 쿼터제를 OTT 사업에 적용, 규제함으로써 역내 문화산업 보호 및 저작권 보호 강화를 도모하고 있다.

• International Journal of Internet, Broadcasting and Communication
• /
• 제11권2호
• /
• pp.59-66
• /
• 2019

The emergence of new IT technologies and convergence industries, such as artificial intelligence, bigdata and the Internet of Things, is another chance for South Korea, which has established itself as one of the world's top IT powerhouses. On the other hand, however, privacy concerns that may arise in the process of using such technologies raise the task of harmonizing the development of new industries and the protection of personal information at the same time. In response, the government clearly presented the criteria for deidentifiable measures of personal information and the scope of use of deidentifiable information needed to ensure that bigdata can be safely utilized within the framework of the current Personal Information Protection Act. It strives to promote corporate investment and industrial development by removing them and to ensure that the protection of the people's personal information and human rights is not neglected. This study discusses the strategy of deidentifying personal information protection based on the analysis of fake news. Using the strategies derived from this study, it is assumed that deidentification information that is appropriate for deidentification measures is not personal information and can therefore be used for analysis of big data. By doing so, deidentification information can be safely utilized and managed through administrative and technical safeguards to prevent re-identification, considering the possibility of re-identification due to technology development and data growth.

• Journal of Information Science Theory and Practice
• /
• 제9권3호
• /
• pp.14-30
• /
• 2021

Data innovation is at the core of the Fourth Industrial Revolution. While the catastrophic COVID-19 pandemic has accelerated the societal shift toward a data-driven society, the direction of overall data regulation remains unclear and data policy experts have yet to reach a consensus. This study identifies and examines the ideal regulator models of data-policy experts and suggests an appropriate method for developing policy in the data economy. To identify different typologies of data regulation, this study used Q methodology with 42 data policy experts, including public officers, researchers, entrepreneurs, and professors, and additional focus group interviews (FGIs) with six data policy experts. Using a Q survey, this study discerns four types of data policy regulators: proactive activists, neutral conservatives, pro-protection idealists, and pro-protection pragmatists. Based on the results of the analysis and FGIs, this study suggests three practical policy implications for framing a nation's data policy. It also discusses possibilities for exploring diverse methods of data industry regulation, underscoring the value of identifying regulatory issues in the data industry from a social science perspective.

• 정보보호학회논문지
• /
• 제28권1호
• /
• pp.155-165
• /
• 2018

의료산업은 세계적으로 빠르게 변화하고 의료서비스가 네트워크와 연결 되면서 다양한 형태의 서비스 제공이 검토되고 있다. 의료정보의 가치는 금융정보의 가치보다 높게 평가되고 있으며, 이로 인해 의료정보의 보호가 매우 중요해지고 있다. 랜섬웨어는 지속적으로 고도화 되고 있으며 정보의 가치가 높은 산업군을 대상으로 하고 있다. 특히, 2017의 랜섬웨어는 성장기를 지나 성숙기로 진입하면서 매우 다양하게 발전하고 고도화 되었다. 의료산업은 대부분 폐쇄망으로 구성되어 있었기 때문에, 악성코드의 위협에 대비가 부족하며, 이로 인해 랜섬웨어의 공격에 매우 취약하다. 단순히 의료산업의 보안표준에 명시되어 있는 기준을 충족하기 위한 보안이 아닌 실제 랜섬웨어의 유입을 효과적으로 막거나, 공격이 성공 했다 하더라도 그 피해를 최소화 하고 복구를 할 수 있는 방안이 추가 되어야 한다. 랜섬웨어는 매우 빠르게 진화하고 고도화 되고 있기 때문에 이에 대한 대비도 매우 빠르게 진행되어야 하고 실무적인 관점에서 접근을 해야 한다. ISO 27799, 27002 표준을 기준으로 진화된 랜섬웨어에 대응할 수 있는 요소를 도출하여 기존의 의료정보보호 시스템을 유지/관리 하면서도 랜섬웨어에 보다 효율적으로 대응할 수 있도록 하였다.

• 무역학회지
• /
• 제45권6호
• /
• pp.77-97
• /
• 2020

This study investigates the effects of O2O-based mobile shopping application (O2O MSA)'s information and service quality on the user's perceived privacy protection, satisfaction and loyalty. In this study, 969 questionnaire reponses were collected, out of which 555 were used to estimate the structural paths using PLS-SEM (partial least square structural equation model) for the hypothesis test. Our empirical findings are drawn from Chinese respondents that live in a 1-line city in China and use O2O MSAs serviced by China's leading companies. This study examines and confirms that qualified information and service of O2O MSA positively affect both perceived privacy protection and customer satisfaction, which finally leads to customer behavioral loyalty through the perceived privacy protection. Further, this study presents effective practical implications for application development strategy suitable for users in the O2O-based mobile shopping industry.

• 한국IT서비스학회지
• /
• 제22권5호
• /
• pp.51-70
• /
• 2023

The Personal Information Protection Commission has been promoting the adoption of co-regulation to replace/improve the existing self-regulation programs since 2022. While the Commission's co-regulation framework has received positive feedback for its contribution to address the regulatory issues, it has also faced criticism for being seen as "co-regulation in appearance only without any real differentiation from existing self-regulation." This study aims to examine the case of industry-specific co-regulation proposed by the Personal Information Protection Commission, with the objectives of 1) determining whether their approach can be categorized as a type of co-regulation with differentiation from the existing self-regulation programs, and 2) proposing improvements for successful regulation. The 'co-regulation' of the Commission can be classified as a form of co-regulation that differs with traditional self-regulation, as it involves government and private organizations collaborating to establish self regulatory codes reflecting industry-specific characteristics as well as provides interest groups with incentives to comply with the codes. The co-regulation framework is evaluated to some extent as successful, but there is still room for improvement in three major aspects. (1) When selecting the areas for co-regulation, a focus should be placed on areas where technological changes are rapid, and government regulations should be applied in areas where they are not. (2) It is necessary to enhance the expertise of regulatory agencies, and (3) ensuring the democratic nature of regulation, such as encouraging the participation of civil organizations, is necessary.

• 경영과정보연구
• /
• 제4권
• /
• pp.1-28
• /
• 2000

CALS(Commerce At Light Speed)/EC(Electronic Commerce) is drawing considerable interest as strategic part of efforts for computerization of the government and companies and for industry-wide innovation, using Internet and information superhighway that is widely expanding world-wide with the development of computers and information communication technology. In the current industry infrastructure, standardization is difficult but very important among the parties that want to share the added value, as external environmental components increase since the advent of computers. However, information security technology is not permitted to be exported in light of national interest or high amount of royalty should be paid. Moreover, if we cannot fully analyze the international standard and imported technology in order to verify the safety of using them, domestic information can be exposed according to the desire of the country exporting the technology. In particular, information security technology should be developed by ourselves, considering technology Protection and export Prevention Policies of foreign countries. Therefore, this paper presents information security technology and standardization trends for several application fields regarding CALS/EC implementation in our and foreign countries. This paper also analyzes such trends and proposes strategic direction for standardization suited for domestic environment.