• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.107-113
• /
• 2019

Data security is the planning, implementation and implementation of security policies and procedures for the proper audit and authorization of access to and use of data and information assets. In addition, data serviced through internal / external networks, servers, applications, etc. are the core objects of information protection and can be said to focus on the protection of data stored in DB and DB in the category of information security of database and data. This study is a preliminary study to design a proper Data Security Management System (DSMS) model based on the data security certification system and the US Federal Security Management Act (FISMA). And we study the major security certification systems such as ISO27001 and NIST's Cybersecurity Framework, and also study the state of implementation in the data security manager solution that is currently implemented as a security platform for preventing personal data leakage and strengthening corporate security.

• Informatization Policy
• /
• v.25 no.2
• /
• pp.84-96
• /
• 2018

The right to be forgotten means the right of people to request information and communication providers to delete their information online. As the number of people asking for deletion of their past embarrassing or negative online activities is increasing, discussions are being raised on the introduction of the right to be forgotten in South Korea. However, previous research on the right to be forgotten mainly deals with the legal concept, with insufficient consideration of economic value. The main purpose of this research is to examine social perception towards the right to be forgotten and to estimate its economic value quantitatively. According to the results, there are concerns about disclosure of personal information, but with lack of awareness on the right to be forgotten. The monthly average amount that a person is willing to pay to be forgotten is 1,218 Korean won (11 US dollars) and the total economic value is estimated to be about 540 billion won (490 million dollars) per year in 2017. Especially, those who have experienced leakage of personal information put higher value to the right to be forgotten. These results can be useful for making decisions about the right to be forgotten in the future.

• Journal of Digital Convergence
• /
• v.17 no.11
• /
• pp.195-200
• /
• 2019

The role of the Internet of Things in the Fourth Industrial Revolution is in the era of collecting data at the end and analyzing big data through technology to analyze the future or behavior. Therefore, due to the nature of the IoT, it is vulnerable to security and requires a lightweight security protocol. The spread of things Internet technology is changing our lives a lot. IT companies all over the world are already focusing on products and services based on things Internet, and they are going to the era of all things internet that can communicate not only with electronic devices but also with common objects. People, people, people and objects, things and things interact without limitation of time and space, collecting, analyzing and applying information. Life becomes more and more smart, but on the other hand, the possibility of leakage of personal information becomes greater. Therefore, this study proposed security threats that threaten the protection of personal information and countermeasures, and suggested countermeasures for building a secure IoT environment suitable for the Fourth Industrial Revolution.

• Convergence Security Journal
• /
• v.19 no.5
• /
• pp.37-45
• /
• 2019

Video security systems change from analog based systems to network based CCTVs. Therefore, such network based systems are always exposed not only to threats of eavesdropping and hacking, but to personal damage or public organizations' damage due to image information leakage. Therefore, in order to solve the problem, this study conducts a comparative analysis on proposes the optimal ECC(Elliptic Curve Cryptography) scalar multiplication algorithms for image information protection in data communication process and thereby proposes the optimal operation algorithm of video security system.

• Journal of Information Technology Services
• /
• v.20 no.6
• /
• pp.63-81
• /
• 2021

Joint financial network of Korea Financial Telecommunications and Clearings Institute, which is an essential facility with a natural monopoly, maintained its closedness as monopoly/public utility model, but it has evolved in the form of open banking in order to obtain domestic fintech competitiveness in the rapidly changing digital financial ecosystem such as the acceleration of Big Blur. In accordance with digital transformation strategy of financial institutions, various ICT companies are actively participating in the financial industries, which has been exclusive to banks, through the link technology called Open API. For this reason, there has been a significant change in the financial service supply chain in which ICT companies participate as users. The level of security in the financial service supply chain is determined based on the weakest part of the individual components according to the law of minimum. In addition, there is a perceived risk of personal information and financial information leakage among the main factors that affect users' intention to accept services, and appropriate protective measures against perceived security risks can be a catalyst, which increases the acceptance of open banking. Therefore, this is a study on factors affecting the introduction of open banking to achieve financial innovation by developing an open banking security control model for financial institutions, as a protective measures to user organizations, from the perspectives of cyber financial security and customer information protection, respectively, and surveying financial security experts. It is expected, from this study, that effective information protection measures will be derived to protect the rights and interests of financial customers and will help promote open banking.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.6 no.6
• /
• pp.103-110
• /
• 2016

The recent frequent cases of damage due to leakage of medical data and the privacy of medical patients is increasing day by day. The government says the Privacy Rule regulations established for these victims, such as prevention. Medical data guidelines can be seen 'national medical privacy guidelines' is only released. When replacing the image data between the institutions it has been included in the image file (JPG, JPEG, TIFF) there is exchange of data in common formats such as being made when the file is leaked to an external file there is a risk that the exposure key identification information of the patient. This medial image file has no protection such as encryption, This this paper, introduces a masking technique using a mosaic technique encrypting the image file contains the application to optical character recognition techniques. We propose pseudonymization technique of personal information in the image data.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.28 no.3
• /
• pp.87-97
• /
• 2005

This study deals with the analysis on the consciousness and image character of the internet shopping mall. As consciousness analysis result of internet shopping mall consumer, 'cheap price' and 'convenience' are evaluated high by reason that buy goods/service. 'Delivery delay' shows that deficiency of swiftness is indicated preferentially by shortcoming when the goods/service are purchased at the internet shopping mall. Consumer is prferring most 'deferred payment' with consumer's protection system of internet shopping mall. In image character of internet shopping mall, computer system speed and swiftness of reaction time, intimacy of shopping mall site design, delivery system trustability, goods/service contiguity, trustability of billing system, recognition shopping mall company, consistency about good service etc., showed high assessment, but comparative satisfaction is not high in solution at authoritativeness of personal information leakage prevention, problem occurrence.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.1
• /
• pp.243-250
• /
• 2019

In this paper, we develop a Secure File Management Security(: SFMS) based on media in a cloud environment to encrypt and decrypt cloud data on a computer using a Bluetooth - based cryptographic module. The Bluetooth cipher module makes it easy to browse files stored in the cloud, but it is never possible to browse without a module. It is a solution that fundamentally blocks the problems such as hacking and leakage of personal data that have recently become an issue.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.701-712
• /
• 2016

The number of subscriber of digital pay TV service such as Digital Cable TV and IPTV is increasing from various kind of service provider world widely. These services require personal information of users to provide VOD(Video on Demand) and customized contents. Therefore, massive amount of personal information collected by service provider can cause social confusion such as leakage of privacy and property damage. This paper investigates whether broadcasting stations are providing enough notification for privacy policy and methodology of collecting private information in proper way. Furthermore, we analyze actual network traffic of IPTV service between user and service provider to suggest solution of privacy protection along with current status analysis.

• Journal of Intelligence and Information Systems
• /
• v.23 no.1
• /
• pp.143-159
• /
• 2017

Due to the rapid development of IT in recent years, not only personal information but also the key technologies and information leakage that companies have are becoming important issues. For the enterprise, the core technology that the company possesses is a very important part for the survival of the enterprise and for the continuous competitive advantage. Recently, there have been many cases of technical infringement. Technology leaks not only cause tremendous financial losses such as falling stock prices for companies, but they also have a negative impact on corporate reputation and delays in corporate development. In the case of SMEs, where core technology is an important part of the enterprise, compared to large corporations, the preparation for technological leakage can be seen as an indispensable factor in the existence of the enterprise. As the necessity and importance of Information Security Management (ISM) is emerging, it is necessary to check and prepare for the threat of technology infringement early in the enterprise. Nevertheless, previous studies have shown that the majority of policy alternatives are represented by about 90%. As a research method, literature analysis accounted for 76% and empirical and statistical analysis accounted for a relatively low rate of 16%. For this reason, it is necessary to study the management model and prediction model to prevent leakage of technology to meet the characteristics of SMEs. In this study, before analyzing the empirical analysis, we divided the technical characteristics from the technology value perspective and the organizational factor from the technology control point based on many previous researches related to the factors affecting the technology leakage. A total of 12 related variables were selected for the two factors, and the analysis was performed with these variables. In this study, we use three - year data of "Small and Medium Enterprise Technical Statistics Survey" conducted by the Small and Medium Business Administration. Analysis data includes 30 industries based on KSIC-based 2-digit classification, and the number of companies affected by technology leakage is 415 over 3 years. Through this data, we conducted a randomized sampling in the same industry based on the KSIC in the same year, and compared with the companies (n = 415) and the unaffected firms (n = 415) 1:1 Corresponding samples were prepared and analyzed. In this research, we will conduct an empirical analysis to search for factors influencing technology leakage, and propose an early warning system through data mining. Specifically, in this study, based on the questionnaire survey of SMEs conducted by the Small and Medium Business Administration (SME), we classified the factors that affect the technology leakage of SMEs into two factors(Technology Characteristics, Organization Characteristics). And we propose a model that informs the possibility of technical infringement by using Support Vector Machine(SVM) which is one of the various techniques of data mining based on the proven factors through statistical analysis. Unlike previous studies, this study focused on the cases of various industries in many years, and it can be pointed out that the artificial intelligence model was developed through this study. In addition, since the factors are derived empirically according to the actual leakage of SME technology leakage, it will be possible to suggest to policy makers which companies should be managed from the viewpoint of technology protection. Finally, it is expected that the early warning model on the possibility of technology leakage proposed in this study will provide an opportunity to prevent technology Leakage from the viewpoint of enterprise and government in advance.