• The Journal of Society for e-Business Studies
• /
• v.20 no.2
• /
• pp.27-36
• /
• 2015

Current leakage of industrial technologies with revealing state secret against nation is gradually increasing and scope of the spill is diversified from technology-oriented leakage to new economic security sector like information and communication, electrical and electronic, defense industry, illegal export of strategic material, economic order disturbance by foreign country, infringement of intellectual property, etc. So the spill damage can affect not only leaked company but also national interests and entire domestic industry. According to statistics from National Industrial Security Center of National Intelligence Service, a major cause of technology leakage is not only by external things about hacking and malignant code, but internal leakage of former and current employees account for about 80%. And technology leakage due to temptation of money and personal interests followed by technology leakage of subcontractor is steadily increased. Most studies in the field of security have tended to focus on measuring security capability of company in order to prevent leakage core assets or developing measurement Indicators for management rather than security activities of the company members that is most important. Therefore, this study analyzes the effect of most underlying security education in security activities on security capabilities of enterprise. As a result, it indicates that security education have a positive(+) correlation with security capabilities.

• The Korean Society of Law and Medicine
• /
• v.18 no.2
• /
• pp.3-46
• /
• 2017

Physician's Duty of Information is classified into three categories by legal function: 'Duty of Information to Report' to fulfill the patient's right to know; 'Duty of Information to Guide' patient's convalescing and staying healthy; 'Duty of Information to Contribute' to patient's self-determination. We classify the physician's duty of information because the legal effect from the breach of duty varies accordingly. The legal effect is focused on damage compensation responsibility for breach of duty. When a physician violates 'Duty of Information to Report', he subjects himself to liability of compensation for infringing on the patient's 'Right to Know'. When a physician violates 'Duty of Information to Guide', she subjects herself to liability for general medical malpractice. Finally, when a physician violates 'Duty of Information to Contribute', the physician is basically liable for violation of the patient's 'Right to Self- Determination' which refers to infringement on freedom of choice. However, in the case of situation that patient's refusal to the medical treatment would be presumed, the physician bears all liability for the patient's damage which includes both of property and mental damage.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.3
• /
• pp.24-31
• /
• 2020

Centralized systems in computing environments have various problems, such as privacy infringement due to hacking, and the possibility of privacy violations in case of system failure. Blockchain, one of the core technologies for the next generation of converged information, is expected to be an alternative to the existing centralized system, which has had various problems. This paper proposes a blockchain-based user authentication system that can identify users using EID in an online environment. Existing identification (ID)/password (PW) authentication methods require users to store personal information in multiple sites, and receive and use their respective IDs. However, the proposed system can be used without users signing up at various sites after the issuing of an EID. The proposed system issues an EID with a minimum of information, such as an e-mail address and a telephone number. By comparing the stability and efficiency of a centralized system, the proposed integrated authentication system proved to be excellent. In order to compare stability against existing systems, we chose attack methods and encroachments on the computing environment. To verify efficiency, the total throughput between the user's app, the issuance and certification-authority's servers, and the service provider's servers was compared and analyzed based on processing time per transaction.

• Korean journal of communication and information
• /
• v.25
• /
• pp.103-133
• /
• 2004

Korean citizens enjoy not only the freedom of communication but also the secrecy of electronic communication. Article 18 of the Constitution of the Republic of Korea prescribes that the secrecy of correspondence should not be infringed. Namely, all citizens enjoy guaranteed privacy of correspondence. But many people have been experiencing the infringement of those rights. The purpose of this paper is to evaluate whether Paragraph 2, Article 13 of the Act on Protection of the Secrecy of Correspondence infringes on the constitutional rights of privacy of electronic communication. The results of this study indicate that the law violates the Constitution. Paragraph 3, Article 12 (Personal Liberty, Personal Integrity) of the constitution stipulates that "Warrants issued by a judge through due process (upon the request of a prosecutor) have to be presented in case of arrest, detention, seizure, or search." However, prosecutors, the police, and National Intelligence Service have made numerous inquiries calling for the journalists' telephone records without warrants issued by a judge. So, this study suggests that the paragraph should be amended to be compatible with the Constitution. Meanwhile, journalists should make a more concerted effort to protect their news sources in exercising constitutionally protected freedom of the press.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.6
• /
• pp.9-15
• /
• 2020

In this paper, we propose a case that drone (unmanned aerial vehicle), one of the representative technologies of the 4th Industrial Revolution, threatens airport safety and privacy infringement, and describes a drone control system proposal to solve the problem. Unmanned aerial vehicle (Drone) is creating a serious problem recently, In Korea, on May 21, 19, according to the Jeju Regional Aviation Administration, drones flew over Jeju Jeongseok Airfield twice in the same month, causing problems in aircraft operation. In overseas cases, two drones near the runway of Gatwick International Airport in the UK There has been a disturbance in which the takeoff and landing of the aircraft flies for a while, and various problems have occurred, such as voyeuring the private life of an individual using a drone. This paper is equipped with an Acess Point transponder mounted on a drone (unmanned aerial vehicle), and unspecified many who want to receive flight information (coordinates, altitude, and obstacles) of the drone access the drone AP, receive and receive the flight information of the drone, and receive unspecified multiple Drone AP flight information is collected and collected to provide the information of the drone currently floating on one user interface screen. In addition, an AP transponder is proposed to operate a safe drone (unmanned aerial vehicle) and the drone's flight information is transmitted., To receive and collect and collect data.

• The Journal of the Korea Contents Association
• /
• v.21 no.2
• /
• pp.499-506
• /
• 2021

Hackers' cyber attack techniques are becoming more sophisticated and diversified, with a form of attack that has never been seen before. In terms of information security vulnerability standard code (CVE), about 90,000 new codes were registered from 2015 to 2020. This indicates that security threats are increasing rapidly. When new security vulnerabilities occur, damage should be minimized by preparing countermeasures for them, but in many cases, companies are insufficient to cover the security management level and response system with a limited security IT budget. The reason is that it takes about a month for analysts to discover vulnerabilities through manual analysis, prepare countermeasures through security equipment, and patch security vulnerabilities. In the case of the public sector, the National Cyber Safety Center distributes and manages security operation policies in a batch. However, it is not easy to accept the security policy according to the characteristics of the manufacturer, and it takes about 3 weeks or more to verify the traffic for each section. In addition, when abnormal traffic inflow occurs, countermeasures such as detection and detection of infringement attacks through vulnerability analysis must be prepared, but there are limitations in response due to the absence of specialized security experts. In this paper, we proposed a method of using the security policy information sharing site "snort.org" to prepare effective countermeasures against new security vulnerability attacks.

• Journal of Service Research and Studies
• /
• v.10 no.4
• /
• pp.43-55
• /
• 2020

Recently, as the importance of experience data increases, there are many attempts to deal with experience data from a data science perspective. In the case of approaching as a collection method of a quantitative survey method that seeks to quantify numerically such as big data, it is difficult to interpret the value of experience in a wide range, and it is relatively expensive and time consuming, and personal information infringement There is a limit to the analysis due to the risk of However, since ethnography, a procedure for collecting experience data based on qualitative research, is mainly carried out in the natural real environment of future customers from the perspective of users, it is possible to confirm the nature that customers face with a small sample. In addition, it is also easy to interpret the relational dimension of the empirical data. Although the ethnography method of collecting experiential data is economical and efficient, it is important to reduce errors in the collection process because the lack of scientific procedures for the data collection process can be a problem. It is important to secure the validity of whether the correct measurement tool is used for ethnography-based experiential data collection and to secure the reliability of the use of a valid measurement tool and method by accurately selecting the measurement target. From this point of view, it is necessary to verify the reliability of the research method that clearly selects the measurement target and secures the validity for the development of the correct measurement method and tool for the collection of ethnography experience data. Therefore, in this study, a verification study was conducted on the data and methodology cases of the'I know you_AI' service that analyzes the customer experience of self-employed based on the ethnography method of collecting experience data..

• Journal of Arbitration Studies
• /
• v.26 no.4
• /
• pp.3-41
• /
• 2016

This paper reviews the problems on the arbitral awards enforcement in the 2016 Korean Arbitration Act. In order to get easy and rapid enforcement of the arbitral awards, the new arbitration act changed the enforcement procedure from an enforcement judgement procedure to an enforcement decision procedure. However, like the old arbitration act, the new act is still not arbitration friendly. First of all, there are various problems in the new act because it does not approve that an arbitral award can be a schuldtitel (title of enforcement) of which the arbitral award can be enforced. In this paper, several problems of the new act are discussed: effect of arbitral award, approval to res judicata of enforcement decision, different trial process and result for same ground, possibility of abuse of litigation for setting aside arbitral awards and delay of enforcement caused by setting aside, infringement of arbitration customer's right to be informed, and non-internationality of enforcement of interim measures of protection, inter alia. The new arbitration act added a proviso on article 35 (Effect of Arbitral Awards). According to article 35 of the old arbitration act, arbitral awards shall have the same effect on the parties as the final and conclusive judgement of the court. The proviso of article 35 in the new act can be interpret two ways: if arbitral awards have any ground of refusal of recognition or enforcement according to article 38, the arbitral awards do not have the same effect on the parties as the final and conclusive judgement of the court; if arbitral awards have not recognised or been enforced according to article 38, the arbitral awards do not have the same effect on the parties as the final and conclusive judgement of the court. In the case of the former, the parties cannot file action for setting aside arbitral awards in article 36 to the court, and this is one of the important problems of the new act. In the new act, same ground of setting aside arbitral awards can be tried in different trial process with or without plead according to article 35 and 37. Therefore, progress of enforcement decision of arbitral awards can be blocked by the action of setting aside arbitral awards. If so, parties have to spend their time and money to go on unexpected litigation. In order to simplify enforcement procedure of arbitral awards, the new act changed enforcement judgement procedure to enforcement decision procedure. However, there is still room for the court to hear a case in the same way of enforcement judgement procedure. Although the new act simplifies enforcement procedure by changing enforcement judgement procedure to enforcement decision procedure, there still remains action of setting aside arbitral awards, so that enforcement of arbitral awards still can be delayed by it. Moreover, another problem exists in that the parties could have to wait until a seventh trial (maximum) for a final decision. This result in not good for the arbitration system itself in the respect of confidence as well as cost. If the arbitration institution promotes to use arbitration by emphasizing single-trial system of arbitration without enough improvement of enforcement procedure in the arbitration system, it would infringe the arbitration customer's right to be informed, and further raise a problem of legal responsibility of arbitration institution. With reference to enforcement procedure of interim measures of protection, the new act did not provide preliminary orders, and moreover limit the court not to recognize interim measures of protection done in a foreign country. These have a bad effect on the internationalization of the Korean arbitration system.

• Journal of Intelligence and Information Systems
• /
• v.17 no.2
• /
• pp.97-107
• /
• 2011

Nowadays there are a lot of issues about copyright infringement in the Internet world because the digital content on the network can be copied and delivered easily. Indeed the copied version has same quality with the original one. So, copyright owners and content provider want a powerful solution to protect their content. The popular one of the solutions was DRM (digital rights management) that is based on encryption technology and rights control. However, DRM-free service was launched after Steve Jobs who is CEO of Apple proposed a new music service paradigm without DRM, and the DRM is disappeared at the online music market. Even though the online music service decided to not equip the DRM solution, copyright owners and content providers are still searching a solution to protect their content. A solution to replace the DRM technology is digital audio watermarking technology which can embed copyright information into the music. In this paper, the author proposed a new audio watermarking algorithm with two approaches. First, the watermark information is generated by two dimensional barcode which has error correction code. So, the information can be recovered by itself if the errors fall into the range of the error tolerance. The other one is to use chirp sequence of CDMA (code division multiple access). These make the algorithm robust to the several malicious attacks. There are many 2D barcodes. Especially, QR code which is one of the matrix barcodes can express the information and the expression is freer than that of the other matrix barcodes. QR code has the square patterns with double at the three corners and these indicate the boundary of the symbol. This feature of the QR code is proper to express the watermark information. That is, because the QR code is 2D barcodes, nonlinear code and matrix code, it can be modulated to the spread spectrum and can be used for the watermarking algorithm. The proposed algorithm assigns the different spread spectrum sequences to the individual users respectively. In the case that the assigned code sequences are orthogonal, we can identify the watermark information of the individual user from an audio content. The algorithm used the Walsh code as an orthogonal code. The watermark information is rearranged to the 1D sequence from 2D barcode and modulated by the Walsh code. The modulated watermark information is embedded into the DCT (discrete cosine transform) domain of the original audio content. For the performance evaluation, I used 3 audio samples, "Amazing Grace", "Oh! Carol" and "Take me home country roads", The attacks for the robustness test were MP3 compression, echo attack, and sub woofer boost. The MP3 compression was performed by a tool of Cool Edit Pro 2.0. The specification of MP3 was CBR(Constant Bit Rate) 128kbps, 44,100Hz, and stereo. The echo attack had the echo with initial volume 70%, decay 75%, and delay 100msec. The sub woofer boost attack was a modification attack of low frequency part in the Fourier coefficients. The test results showed the proposed algorithm is robust to the attacks. In the MP3 attack, the strength of the watermark information is not affected, and then the watermark can be detected from all of the sample audios. In the sub woofer boost attack, the watermark was detected when the strength is 0.3. Also, in the case of echo attack, the watermark can be identified if the strength is greater and equal than 0.5.

• The Korean Journal of Air & Space Law and Policy
• /
• v.35 no.1
• /
• pp.63-101
• /
• 2020

'Flight safety zone' means a zone that the Minister of National Defense designates under Articles 4 and 6 of the Protection of Military Bases and Installations Act (hereinafter 'PMBIA') for the safety of flight during takeoff and landing of military aircrafts. The purpose of flight safety zone is to contribute to the national security by providing necessary measures for the protection of military bases and installations and smooth conduct of military operations. In this case, when the state set and used the flight safety zone, the landowner claimed restitution of unjust enrichment against the country. This article is an analysis based on the existing legal theory regarding the legitimacy of plaintiff's claim, and the summary of the discussion is as follows. A person who without any legal ground derives a benefit from the property or services of another and thereby causes loss to the latter shall be bound to return such benefit (Article 741 of the Civil Act). Since the subject matter is an infringing profit, the defendant must prove that he has a legitimate right to retain the profit. The State reserves the right to use over the land designated as a flight safety zone in accordance with legitimate procedures established by the PMBIA for the safe takeoff and landing of military aircrafts. Therefore, it cannot be said that the State gained an unjust enrichment equivalent to the rent over the land without legal cause. Expropriation, use or restriction of private property from public necessity and compensation therefor shall be governed by Act: provided, that in such a case, just compensation shall be paid (Article 23 (1) of the Constitution of The Republic of KOREA). Since there is not any provision in the PMBIA for loss compensation for the case where a flight safety zone is set over land as in this case, next question would be whether or not it is unconstitutional. Even if it is designated as a flight safety zone and the use and profits of the land are limited, the justification of the purpose of the flight safety zone system, the appropriateness of the means, the minimization of infringement, and the balance of legal interests are still recognized; thus just not having any loss compensation clause does not make the act unconstitutional. In conclusion, plaintiff's claim for loss compensation based on the 'Act on Acquisition of and Compensation for land, etc. for Public Works Projects', which has no provision for loss compensation due to public limits, is unjust.