• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2012년도 추계학술대회
• /
• pp.787-790
• /
• 2012

최근 컴퓨터의 보급과 정보사회의 발달로 인해 개인 신상 정보에 대한 관심이 증대되고, 이와 관련된 정책과 기술이 발전함에 따라서 개인 신상 정보를 보호하려는 시도가 다양하게 이루어지고 있다. 본 논문에서는 컴퓨터를 사용하면서, 개인의 중요한 자료나 신상정보 또는 회사의 기밀 내용을 다루는 기관 및 부서를 대상으로 중요한 자료와 신상정보 및 회사의 기밀을 보호하는 방안을 제안 하였다. 결과적으로 공공기관 또는 개인기관 내에서 타인의 정보를 악의적으로 도용하거나 도취하는 것을 방지하고, 기관 내의 시스템들 사이에서 정보가 오가는 동안 중요한 자료와 신상 정보들의 노출을 1차적으로 막을 수 있다.

• 한국IT서비스학회지
• /
• 제16권2호
• /
• pp.97-110
• /
• 2017

Due to development of IT, various Internet services via the non-face-to-face are increasing rapidly. In the past, the resident registration numbers (RRN) was used a mean of personal identification, but the use of RRN is prohibited by the relevant laws, and the personal identification services using alternative means are activated. According to the prohibition policy of RRN, i-PIN service appeared as an alternative means to identify a person. However, the user's knowledge-based i-PIN service continues to cause fraudulent issuance, account hijacking, and fraud attempts due to hacking accidents. Due to these problems, the usage rate of i-PIN service which performs a nationwide free personal identification service, is rapidly decreasing. Therefore, this paper proposes a technical safety enhancement method for security enhancement in the i-PIN-based personal identification service. In order to strengthen the security of i-PIN, this paper analyzes the encryption key exposure, key exchange and i-PIN authentication model problems of i-PIN and suggests countermeasures. Through the proposed paper, the i-PIN can be expected to be used more effectively as a substitution of RRN by suggesting measures to enhance the safety of personal identification information. Secured personal identification services will enable safer online non-face-to-face transactions. By securing the technical, institutional, and administrative safety of the i-PIN service, the usage rate will gradually increase.

• 디지털산업정보학회논문지
• /
• 제6권3호
• /
• pp.91-101
• /
• 2010

By using the U-Healthcare environment, it is possible to receive the health care services anywhere anytime. However, since the user's personal information can be easily exposed in the U-Healthcare environment, it is necessary to strengthen the security system. This thesis proposes the technique which can be used to protect the personal medical records at hospital safely, in order to avoid the exposure of the user's personal information which can occur due to the frequent usage of the electronic chart according to the computerization process of medical records. In the proposed system, the following two strategies are used: i) In order to reduce the amount of the system load, it is necessary to apply the partial encryption process for electronic charts. ii) Regarding the user's authentication process for each patient, the authentication number for each electronic chart, which is in the encrypted form, is transmitted through the patient's mobile device by the National Health Insurance Corporation, when the patient register his or her application at hospital. Regarding the modern health care services, it is important to protect the user's personal information. The proposed technique will be an important method of protecting the user's information.

• 정보보호학회논문지
• /
• 제26권2호
• /
• pp.415-423
• /
• 2016

스마트그리드 시스템은 전력공급자와 소비자간 실시간 정보 교환이 가능함으로써 많은 편리성을 가져다 준다. 그러나 사용자의 개인정보 노출에 대한 위험성은 항시 존재한다. 스마트그리드 환경의 특성에 따라, 기존과 같이 개인정보의 라이프사이클에 따른 개인정보 노출의 위협 뿐만 아니라 에너지 소비 패턴 분석 등에 따른 다양한 정보도 함께 노출될 우려가 크다. 본 논문에서는 현행 스마트그리드의 개인정보보호 관련 법제를 분석하고, 이에 대한 개선안을 제시하고자 한다.

• 정보보호학회논문지
• /
• 제23권5호
• /
• pp.977-983
• /
• 2013

페이스북과 트위터 한국인 이용자 계정 934만개를 조사하여 개인정보 노출 현황을 분석해보니 다양한 개인정보가 많이 노출되어 있었다. 이메일, 전화번호 같은 식별정보는 1% 미만으로 많이 노출되어 있지 않았지만, 이름, 학교같은 비식별 정보를 통해 개인을 특정할 수 있는 경우가 많았는데, 이름이 유일하여 개인을 특정할 수 있는 계정이 35만개에 달했으며, 2개 이상의 정보를 조합하여 개인을 특정할 수 있는 경우는 297만 명에 달했다. 또한, 동일인이 소유한 페이스북과 트위터 계정의 연결 가능성을 분석하였는데, 동일인일 가능성이 있는 계정 쌍 34만개를 찾을 수 있었다. 계정을 연결할 수 있다는 것은 개인을 식별하고 특정했음을 의미한다. 비식별정보를 통한 특정 가능성과 연결가능성을 통해 식별정보만을 필터링하는 기존 개인정보보호방안에 한계가 있음을 알 수 있다.

• 디지털융복합연구
• /
• 제18권10호
• /
• pp.345-352
• /
• 2020

본 연구는 보건행정 전공 대학생들의 윤리적 가치관이 환자 개인정보 보호 인지에 미치는 영향을 분석하여 교육프로그램 개발에 중요한 기초 자료를 제시하고자 C지역과 G지역 대학생 820명을 대상으로 조사하였고 SPSS/WIN 18.0 Program을 통해 자료를 분석하였다. 분석결과 보건행정 전공 대학생들의 개인정보 보호인지에 대한 평균은 2.04 ± 0.24으로 낮은 수준으로 나타났고, 윤리적 가치관은 이상주의 성향 2.51 ± 0.32점, 상대주의 성향은 2.34 ± 0.34점으로 이상주의적 성향이 높게 나타났다. 윤리적 가치관이 환자 개인정보 보호에 대한 인식수준과 환자 개인정보 보호노출에 대한 인식에서도 이상주의적 윤리성향과 상대주의적 윤리성향에서 유의한 관련이 있었다. 따라서 보건행정 전공대학생들의 환자 개인정보 보호인지를 높이기 위해서는 올바른 윤리적 가치관이 확립되어야 하며, 이를 위한 체계적이고 지속적인 교육이 필요하다고 판단된다.

• 한국정보시스템학회지:정보시스템연구
• /
• 제23권1호
• /
• pp.73-91
• /
• 2014

Microblog is emerging as a new communication service because of its usefulness and real-time accessability. Recently, microblog services, such as twitter and me2day in Korea, are getting a great attention. Continuous use intention is critical to sustain the service. However, most recent studies are based on Technology Acceptance Model(TAM) and Expectation Confirmation Model(ECM). These models are only focused on individual factors and overlook social influence factors. Social influence has been indicated as a critical factor of technology adoption and diffusion in social context(Davis, 1989; Fulk et al., 1987). In this study, we explore factors related to social influence which effect on continuous use intention for 'me2day' that is one of the most famous microblog in Korea. The purpose of this study is to understand continuous use intention and examine the relationship among social influence factors, social presence, and continuous use intention. To understand the phenomenon of continuous use intention in microblog service, this study employed social influence theory and expanded it by adding personal network exposure and group norm as additional social influence factors. The results show that social identity, group norms, and social presence positively influences continuous use intention. Contrary to our expectation, personal network exposure does not influence on continuous use intention. Academically, this research can contribute to microblog research field through elucidating the relationship among social influence factors, social presence, and continuous use intention. Although there is not enough research which is considered social influence factors as major explanation for continuous use intention, this study can give novel point of view to understand continuous use intention of microblog. Practically, service providers could consider ways to encourage users to continually use microblog service by reinforcing social influence factors and social presence.

• 한국산업보건학회지
• /
• 제27권1호
• /
• pp.23-37
• /
• 2017

Objectives : This study was conducted to evaluate the level of exposure to volatile organic compounds (VOCs) among workers handling rust preventive oils. Methods : A total of 30 bulk samples and 54 personal air samples were collected using diffusive samplers at 22 workplaces handling rust preventive oils in Daegu and Gyongsangbuk-do Province from March to October 2013. We also investigated detailed information on the related work conditions, such as kinds of products, handling methods, local exhaustive ventilation systems, and the status of the wearing personal protective equipment. All bulk samples and air samples were analyzed using gas chromatography mass spectrometry (GC-MS) to identify components to which workers potentially were exposed. Quantitative airborne concentrations of VOCs were confirmed using gas chromatography with flame ionized detectors. Results : In terms of qualitative analyses for the 30 bulk samples, we found carcinogenic, mutagenic and reproductive toxic(CMR) substances such as butane(carcinogenic Group 1A, mutagenic Group 1B), butoxy ethanol(carcinogenic Group 2), cumene (carcinogenic Group 2), ethyl benzene(carcinogenic Group 2), methyl isobutyl ketone(carcinogenic Group 2) and toluene (reproductive toxic, Group 2). As a result of full-shift based personal air samples, eight substances such as n-hexane, n-heptane, octane, nonane, decane, toluene, ethyl benzene and xylene were detected. Among them, n-hexane and n-heptane were detected in all of 54 air samples with $13.13mg/m^3$ and $8.61mg/m^3$ of maximum concentration, respectively. The level of airborne concentration from all of samples were bellow the occupational exposure limit in Korea. Conclusions : Based on the results of this study, workers handling rust preventive oils could be exposed to CMR substances contained in rust preventive oils and n-hexane and n-heptane were found as the most frequent sources of VOC exposure.

• 한국컴퓨터정보학회논문지
• /
• 제21권10호
• /
• pp.43-48
• /
• 2016

This study is to examine how big data collects user's information and is used; the status quo of exposures of user's information, and various measures of self-control by the user. This study is also to look their ethical issues and discuss problems of privacy concerning big data. As a way for users to self-control their information, they need to check the log-in state of web portal sites and set up their account so that customized advertisement and location information cannot be tracked. When posting a blog, the value of posting should be controlled. When becoming a member of a web site, users must check the access terms before agreement and beware of chained agreements and/or membership joins in order to control the exposure of their personal information. To prevent information abuse through big data through which user's information is collected and analyzed, all users must have the right to control, block or allow personal information. For an individual to have the right to control over his information, users must understand the concept of user's information and practice ethics accompanied by newly given roles in the Internet space, which will lead to the establishment of the sound and mature information society on the Internet.

• Asia pacific journal of information systems
• /
• 제18권4호
• /
• pp.1-26
• /
• 2008

Rapid progress of information technology and widespread use of the personal computers have brought various conveniences in our life. But this also provoked a series of problems such as hacking, malicious programs, illegal exposure of personal information etc. Information security threats are becoming more and more serious due to enhanced connectivity of information systems. Nevertheless, users are not much aware of the severity of the problems. Using appropriate password is supposed to bring out security effects such as preventing misuses and banning illegal users. The purpose of this research is to empirically analyze a research model which includes a series of factors influencing the effectiveness of passwords. The research model incorporates the concept of risk based on information systems risk analysis framework as the core element affecting the selection of passwords by users. The perceived risk is a main factor that influences user's attitude on password security, security awareness, and intention of security behavior. To validate the research model this study relied on questionnaire survey targeted on evening class MBA students. The data was analyzed by AMOS 7.0 which is one of popular tools based on covariance-based structural equation modeling. According to the results of this study, while threat is not related to the risk, information assets and vulnerability are related to the user's awareness of risk. The relationships between the risk, users security awareness, password selection and security effectiveness are all significant. Password exposure may lead to intrusion by hackers, data exposure and destruction. The insignificant relationship between security threat and perceived risk can be explained by user's indetermination of risk exposed due to weak passwords. In other words, information systems users do not consider password exposure as a severe security threat as well as indirect loss caused by inappropriate password. Another plausible explanation is that severity of threat perceived by users may be influenced by individual difference of risk propensity. This study confirms that security vulnerability is positively related to security risk which in turn increases risk of information loss. As the security risk increases so does user's security awareness. Security policies also have positive impact on security awareness. Higher security awareness leads to selection of safer passwords. If users are aware of responsibility of security problems and how to respond to password exposure and to solve security problems of computers, users choose better passwords. All these antecedents influence the effectiveness of passwords. Several implications can be derived from this study. First, this study empirically investigated the effect of user's security awareness on security effectiveness from a point of view based on good password selection practice. Second, information security risk analysis framework is used as a core element of the research model in this study. Risk analysis framework has been used very widely in practice, but very few studies incorporated the framework in the research model and empirically investigated. Third, the research model proposed in this study also focuses on impact of security awareness of information systems users on effectiveness of password from cognitive aspect of information systems users.