• Journal of Information Technology Applications and Management
• /
• v.14 no.3
• /
• pp.151-168
• /
• 2007

RFID is an emerging technology and rapidly applied to various industries due to its high-tech characteristic and convenience. Although RFID provides valuable benefits. it might also generate serious privacy problems. Previous studies show that privacy issues should be incorporated in developing RFID systems and more detailed privacy protection methods. However. they just provide basic concept, rough guideline. and simple architecture about RFID privacy protection. Industry needs more structured framework and detailed systematic process to incorporate privacy issues into the RFID system. The purpose of this paper is to develop a framework and detailed process design of RFID privacy protection issues in retail industries. A framework is developed based on individual sensitivity concept, RFID contents, and interface with EPC global standard. Case study is applied to validate the framework and it turns out to be useful. It is expected that the proposed framework and process design would provide more systematic guide lines to solving RFID privacy problems.

• The Korean Society of Law and Medicine
• /
• v.17 no.2
• /
• pp.315-346
• /
• 2016

With the development of big data processing technology, the potential value of healthcare big data has attracted much attention. In order to realize these potential values, various research using the healthcare big data are essential. However, the big data regulatory system centered on the Personal Information Protection Act does not take into account the aspect of big data as an economic material and causes many obstacles to utilize it as a research purpose. The regulatory system of healthcare information, centered on the primary purpose of patient treatment, should be improved in a way that is compatible with the development of technology and easy to use for public interest. To this end, it is necessary to examine the trends of overseas legal system reflecting the concerns about the balance of protection and utilization of personal information. Based on the implications of the overseas legal system, we can derive improvement points in the following directions from our legal system. First, a legal system that specializes in healthcare information and encompasses protection and utilization is needed. De-identification, which is an exception to the Privacy Act, should also clearly define its level. It is necessary to establish a legal basis for linking healthcare big data to create synergy effects in research. It is also necessary to examine the introduction of the opt-out system on the basis of the discussion on the foreign debate and social consensus. But most importantly, it is the people's trust in these systems.

• International Commerce and Information Review
• /
• v.11 no.1
• /
• pp.465-484
• /
• 2009

Since the launch of the GATT system, one of the most controversial topics in trade liberalization has been the conflict between culture and trade. The sticking point has been the necessity of cultural exceptions in trade rules. Some countries do not wish to allow further exceptions to basic principles even in cultural industry, while many other countries make their efforts to obtain "cultural safety valve." The latter group asserts that it is indispensable for the protection of cultural identity, whereas the former seems to doubt the truth of the assertion. That is because cultural policy measure possibly constitute a means of arbitrary or unjustifiable discrimination between countries, or a disguised barriers to trade in cultural products. Unfortunately, cultural exceptions still remain unresolved in the WTO, the successor to the GATT. This paper is to review the history and rules of multilateral trading system on cultural industry, address the critical issues to deal with in the DDA negotiations, and lastly provide some perspectives on the appropriate shape of the cultural safety valve.

• The Journal of Information Systems
• /
• v.26 no.4
• /
• pp.401-418
• /
• 2017

Purpose: Since the cost of feed for Korean pig farmers has been increasing, attracting crowdfunding for the swine industry become important. This paper applies the AHP decision-making method to build a model for the sustainable growth of crowdfunding in the swine industry. Design/methodology/approch: The result from the analysis of data collected from this research shows that both investors and borrows groups consider tangible assets to be most important for crowdfunding in the swine industry. Findings: Thus protection of investors should be resolved first by providing collateral rather than insisting on the conventional crowdfunding method that stresses the credit aspects only. The investors and borrows groups also judged the loan amount very important, suggesting that the smooth and sufficient investment should be secured for borrows group.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.2
• /
• pp.59-65
• /
• 2012

Emergency medical information center performs role of medical direction about disease consult and pre-hospital emergency handling scheme work to people. Emergency medical information system plays a major role to be decreased mortality and disability of emergency patient by providing information of medical institution especially when emergency patient has appeared. But, various attacks as a hacking have been happened in Emergency medical information system recently. In this paper, we proposed security structure which can protect the system securely by detecting attacks from outside effectively. Intrusion detection was performed using rule based detection technique according to protocol for every packet to detect attack and intrusion was reported to control center if intrusion was detected also. Intrusion detection was performed again using decision tree for packet which intrusion detection was not done. We experimented effectiveness using attacks as TCP-SYN, UDP flooding and ICMP flooding for proposed security structure in this paper.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.5
• /
• pp.199-204
• /
• 2022

The purpose of this study is to broaden the understanding of the Security Services Industry Act, and also to examine the meanings of various phenomena by analyzing the media report big data rather than the researchers' perspective on the Security Services Industry Act. In the research method, this study searched for a keyword 「Security Services Industry Act」 that prescribes the security work as an important subject of crime prevention and maintenance of public order in Korea. The data was searched from 1990 to 2021 the BIG KINDS could provide. Also, for the concrete analysis during the period of data search, it was divided into settlement period(1976~2001), growth period-quantitative(2002~2012), and growth period-qualitative(2013~2021). In the results of this study, the media report perception of the Security Services Industry Act is continuously emphasizing the social roles and importance of private security according to the flow of time. The consequent marketability of private security will play great roles in the protection of people's lives and properties in the combination with various other industries in the future. However, the private security industry that provides public peace service together with the police, could be rising as an element that hinders the development of private security industry because of various social issues caused by legal regulations and illegal problems, so it would be necessary to more strengthen its responsibility and roles accordingly.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.2
• /
• pp.73-86
• /
• 2016

The purpose of this study is to examine a security investment for firms experienced in confidential information leak. Information security is an apparatus for protection of secret information. The competence of information security is a competitiveness to avoid information leakage in changing business environment. The type of information security is divided into administrative security, technical security and physical security. It is necessary to improve the incident correspondence competence through information security investment of the three types. Therefore, the investment of information security is to enhance information-asset protection of firms. To reinforce accident response competence, an organization discussed an establishment, security technology development, expand investment and legal system of the security system. I have studied empirically targeting the only information leak of firms. This data is a technical security competence and technology leakage situation of firms happened in 2010. During recovery of the DDos virus damage on countries, company and individual, the collected data signify a reality of information security. The data also identify a security competence of firms worrying information security management. According to the study, the continuous investment of information security has a high competence of accident correspondence. In addition, the most of security accidents showed a copy and stealing of paper and computer files. Firm on appropriate security investment is an accident correspondence competence higher than no security investment regardless of a large, small and medium-sized, and venture firm. Furthermore, the rational security investment should choose the three security type consideration for firm size.

• Journal of Digital Convergence
• /
• v.18 no.4
• /
• pp.81-89
• /
• 2020

Since the Korean privacy policy was legalized in 2011, the related academical researches have been lasted in various fields. Upcoming so-called 3 data laws would be implemented, it is meaningful to review privacy policy studies for exploring future research direction. For this purpose, the total of 146 journals from 2011 to 2019 were reviewed by the content analysis following as research subjects, methodologies and constructions of studies. As results, the numbers of the researches have been conducted on protection policies themselves for improvement, comparing with other countries' policies and also digital finance information protection were deeply discussed. Some of technology based protection applications were experimented and suggested. The major research characteristics was mainly focused on case analysis and criminal laws and policies were developed as protection contingencies. However, most research objects were focused on the protection regulations, not deregulation, therefore, researchers in future study need to explore more digital industry-centric tasks which are practically applied in safer ways. Further, social agreement in using private information will be an essential to prevent indiscriminate use.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.1
• /
• pp.89-97
• /
• 2014

Recently, spread of Smartphones caused activation of mobile services, because of that Big Data such as clouding service able to proceed with large amount of data which are hard to collect, save, search and analyze. Many companies collected variety of private and personal information without users' agreement for their business strategy and marketing. This situation raised social issues. As companies use Big Data, numbers of damage cases are growing. In this Thesis, when Big Data process, methods of analyze and research of data are very important. This thesis will suggest that choices of security levels and algorithms are important for security of private informations. To use Big Data, it has to encrypt the personal data to emphasize the importance of security level and selection of algorithm. Thesis will also suggest that research of utilization of Big Data and protection of private informations and making guidelines for users are require for security of private information and activation of Big Data industries.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.111-125
• /
• 2010

There is a growing interest in "smart grid" technology, especially after the government recently announced "low-carbon green-growth industry" project. A smart grid uses "smart meters", which can be deployed in any power-consuming places like homes and factories. It has been shown that smart meters have several security weaknesses. There is, however, no protection profile available for smart meters, which means that safety with using them is not guaranteed at all. This paper analyzes vulnerabilities of smart meters and the relevant attack methods, thereby deriving the security functions and requirements for smart meters. Finally, we propose a protection profile based on Common Criterion v3.l for smart meters.