• Journal of Legislation Research
• /
• no.54
• /
• pp.155-192
• /
• 2018

As the 'hyper-connected society' has emerged through the 'Fourth Industrial Revolution, public interests as well as social dangers have increased. Above all, the risk of infringement of information, including confidential personal information, is dramatically increasing. As the hyper-connected society has been realized, even if only one of the internet devices is hacked, there would be a danger that the ripple effect of such a hacking spreads to the whole network. Therefore, the necessity and importance of information security, including cybersecurity, has been increasing. In other words, the stability of cyberspace and internet space is becoming more important. As a result, the Korean government is seeking to build a legal system related to information security, which would be able to cope with the information infringement problem in the hyper-connected society. However, it seems that the government is still struggling with the direction of building such a legal system. In this context, a comparative review examining the legal systems of advanced foreign countries will provide meaningful implications as to what kinds of legal policies we should devise and implement for information security. In particular, the U.S. legislative act that actively responds to the cybersecurity violations is worthy of reference. For this reason, this article systematically analyzes the current status of the U.S. cybersecurity laws. Especially, this article focuses on the "Cybersecurity Information Sharing Act of 2015"(hereinafter "CISA"), that was recently enacted by the U.S. congress. The CISA prescribes the systemic and detailed information-sharing between national and private entities. The CISA, that actively promotes information-sharing, is full of suggestions for us, in that information-sharing is an effective way to properly realize information security in today's hyper-connected society.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.907-918
• /
• 2019

The purpose of this study is to understand the cybersecurity policies and critical infrastructure protection of the United States through analyzing Donald Trump's administration executive orders, the national cyber strategy, and the legislation. The analysis has three findings. First, the Department of Homeland Security (DHS) became a main agent in the cybersecurity while the role of the White House was reduced. Second, Trump's administration expanded its role and mission in the policy area by extending the meaning of critical infrastructure. Third, in the case of cyber threats, the government can be involved in the operation of critical infrastructures in the private sector. The opinions of the professional bureaucrats and DHS were more reflected in the direction of the cybersecurity policy than those of the White House. In contrast to Barack Obama's administration, the Trump administration's cybersecurity strategies were not much studied. This study provides insights for improving cybersecurity policies and critical infrastructure protection.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.355-358
• /
• 2016

Recently, As the interest of the drone has increased the fields such as broadcasting, disaster site and leisure which uses the drone has been constantly expanded. However, an invasion of a person's privacy and a threat of hacking attack also have increased as population of drone. High-resolution cameras mounted on drones can take a photo or real-time video anytime and anywhere. It causes the invasion of privacy from private houses, buildings, and hotels. In this paper, we perform a security vulnerability assessment tests on the camera's from common commercial drones and we propose the countermeasures to protect the drones against unauthorized attacker who attempts to access the drone's camera from internal or external. Through this research, we expect the Aviation Act and legislation accept the concept of security and provide the polices such as drones equipped with security devices from the production stage to promote drone industry.

• Convergence Security Journal
• /
• v.16 no.4
• /
• pp.25-34
• /
• 2016

This paper shall suggest the improvement model for invigorating cyber threat information sharing from the national level, which includes, inter alia, a comprehensive solutions such as the legislation of a guideline for information sharing, the establishment of so-called National Center for Information Sharing, the construction and management of a integrated information system, the development of techniques for automatizing all the processes for gathering, analyzing and delivering cyber threat information, and the constitution of a private and public joint committee for sharing information, so much so that it intends to prevent cyber security threat to occur in advance or to refrain damage from being proliferated even after the occurrence of incidents.

• Convergence Security Journal
• /
• v.15 no.2
• /
• pp.25-31
• /
• 2015

While information and communication develop, the Electronic commerce payment system is progressing. Recently, a government established the electronic commerce activation policy which simplified a payment Through this policy, the information which the financial company monopolizes can be fused with the other industry and create the popularization use of the electronic payment service and value added services. But on the other hand, the concern for the security is very high, Accordingly, the finnancial institute take a restriction of the requirements for the participation company according to the financial scale, this policy is led by the private institue, rather making a participation of fin tech venture difficulty. This paper tries to deal with the technical and legal problems for the activation of electronic payment system and fin tech. So I will examine the security matter that follows in grifting the innovation technology onto the existing payment service and propose a desirable way to improve the current legislation.

• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.73-83
• /
• 2021

The information space, the main components of which are information resources, means of information interaction, and information infrastructure, is a sphere of modern social life in which information communications play a leading role. The objective process is the gradual but stable entry of the national information space into the European and world information sphere, in the context of which there is a legitimate question of its protection as one of the components of the national security of Ukraine. However, the implementation of this issue in practice immediately faces the need to respect the rights and fundamental freedoms guaranteed by international regulations and the Constitution of Ukraine, especially in the field of cybersecurity. The peculiarity of the modern economy is related to its informational nature, which affects the sharp increase in cyber incidents in the field of information security, which is widespread and threatening and affects a wide range of private, corporate, and public interests. The problem of forming an effective information security system is exacerbated by the spread of cybercrime as a leading threat to information security both in Ukraine and around the world. The purpose of this study is to analyze the state of cybersecurity and on this basis to identify new areas of the fight against cybercrime in Ukraine. Methods: the study is based on an extensive regulatory framework, which primarily consists of regulatory acts of Ukraine. The main methods were inductions and deductions, generalizations, statistical, comparative, and system-structural analysis, grouping, descriptive statistics, interstate comparisons, and graphical methods. Results. It is noted that a very important component of Ukraine's national security is the concept of "information terrorism", which includes cyberterrorism and media terrorism that will require its introduction into the law. An assessment of the state of cybersecurity in Ukraine is given. Based on the trend analysis, further growth of cybercrimes was predicted, and ABC analysis showed the existence of problems in the field of security of payment systems. Insufficient accounting of cybercrime and the absence in the current legislation of all relevant components of cybersecurity does not allow the definition of a holistic system of counteraction. Therefore, the proposed new legal norms in the field of information security take into account modern research in the field of promising areas of information technology development and the latest algorithms for creating media content.

• Korean Security Journal
• /
• no.27
• /
• pp.161-195
• /
• 2011

As crimes have increased to an extent that the police cannot cope with, there have been continuous discussions for the introduction of Private Investigation (hereafter PI) in Korea. However, attempts to legislate for the introduction of PI have failed every time PI bills for the introduction of PI were proposed. This was fundamentally because arguments both for and against the introduction of PI were sharply divided depending on the priorities. However, regardless of those clash of views, an apparent need for the legislation of PI service has arisen. As Korea opens its service market to other countries through GATS and FTAs, currently existing domestic PI law has been found to be inconsistent with international agreements such as GATS and KOREA-US(KORUS) FTA. This paper found that the Act on Usage and Protection of Credit Information which regulates PI service is inconsistent with the Article 12.4(a)(i) and (iii) of KORUS FTA and the Article 7.11 and the Article 7.13 of KOREA-EU FTA. If Korea does not modify the existing laws and establish new laws in relation to PI, such inconsistencies could lead to international trade disputes which could amount to billions of dollars. In this regard, the passage of the PI bill is necessary.

• International Journal of Computer Science & Network Security
• /
• v.22 no.5
• /
• pp.320-326
• /
• 2022

The use of the Internet has become commonplace for billions of people on the planet. The rapid development of technology, in particular, mobile gadgets, has provided access to communication anywhere, anytime. At the same time, there are growing concerns about the behavior of people on the Internet, in particular, towards each other and social groups in general. This raises the issue of human rights in today's information society. In this study, we focused on human rights such as the right to privacy, confidentiality, freedom of expression, the right to be forgotten, etc. We point to some differences in this regard, in particular between the EU, etc. In addition, we describe the latest legal regulation in this aspect in European countries. Such methods as systemic, factual, formal and legal, to show the factors of formation and development of human rights in the context of digitalization were used. The authors indicate which of them deserve the most attention due to their prevalence and relevance. Thus, we concluded that the technological development of social communications has laid the groundwork for a legal settlement of privacy and opinion issues on the Internet. Simultaneously, jurisdictions address issues on every aspect of human rights on the Internet, based on previous norms, case law, and principles of law. It is concluded that human rights legislation on the Internet will continue to be actively developed to ensure a balance of private and public interests, safe online access and unimpeded access to it.

• Convergence Security Journal
• /
• v.14 no.6_1
• /
• pp.89-98
• /
• 2014

Simultaneously with the founding of the Joseon military system was reformed. On the basis of Koryo's '2gun 6wie(二軍 六衛)' reorganized into '10wie 50ryong(10衛 50領)'. But the de facto central military power was in Euhungqingunwie(義興親軍衛) that is Lee Seong-gye's Elite Guard. In addition to these make up the backbone of the central forces that were Siwiepae(侍衛牌). Also a anti-legislation Seongzhongaima(成衆愛馬) was also presented. But soon the military command and military systems will start to repair. First, reform of military command system of the unified command system shall be established for the Euhungqingunwie(義興親軍衛). And Jeongdojeon has strengthened the military education and training. But, for the establishment of Military command system the most important was the reform of the private soldier. Military systems also have been systematized. shipwie(十衛) was changed to the shipsa(十司) in Taejo. After, they are expanded to shipyisa(十二司) in Sejong. And, the Gabsa(甲士) were returned. In addition, various special branch of the army, Byelsiwie(別侍衛), Naegumewie(內禁衛), gyumsabok(兼司僕) etc, are increased and founded.

• Korean Security Journal
• /
• no.18
• /
• pp.169-190
• /
• 2009

Today, the rapid advance of scientific technologies has brought about fundamental changes to the types and levels of terrorism while the war against the world more than one thousand small and big terrorists and crime organizations has already begun. A method highly likely to be employed by terrorist groups that are using 21st Century state of the art technology is cyber terrorism. In many instances, things that you could only imagine in reality could be made possible in the cyber space. An easy example would be to randomly alter a letter in the blood type of a terrorism subject in the health care data system, which could inflict harm to subjects and impact the overturning of the opponent's system or regime. The CIH Virus Crisis which occurred on April 26, 1999 had significant implications in various aspects. A virus program made of just a few lines by Taiwanese college students without any specific objective ended up spreading widely throughout the Internet, causing damage to 30,000 PCs in Korea and over 2 billion won in monetary damages in repairs and data recovery. Despite of such risks of cyber terrorism, a great number of Korean sites are employing loose security measures. In fact, there are many cases where a company with millions of subscribers has very slackened security systems. A nationwide preparation for cyber terrorism is called for. In this context, this research will analyze the current status of Korea's cyber security systems and its laws from a policy perspective, and move on to propose improvement strategies. This research suggests the following solutions. First, the National Cyber Security Management Act should be passed to have its effectiveness as the national cyber security management regulation. With the Act's establishment, a more efficient and proactive response to cyber security management will be made possible within a nationwide cyber security framework, and define its relationship with other related laws. The newly passed National Cyber Security Management Act will eliminate inefficiencies that are caused by functional redundancies dispersed across individual sectors in current legislation. Second, to ensure efficient nationwide cyber security management, national cyber security standards and models should be proposed; while at the same time a national cyber security management organizational structure should be established to implement national cyber security policies at each government-agencies and social-components. The National Cyber Security Center must serve as the comprehensive collection, analysis and processing point for national cyber crisis related information, oversee each government agency, and build collaborative relations with the private sector. Also, national and comprehensive response system in which both the private and public sectors participate should be set up, for advance detection and prevention of cyber crisis risks and for a consolidated and timely response using national resources in times of crisis.