• The Journal of the Korea Contents Association
• /
• 제10권11호
• /
• pp.262-274
• /
• 2010

In Welfare Center for the disabled, under the Government's information acceleration plan, the computer system has been developed starting from work standardization in 2001 but it has been emphasized only on the technical and customer convenience side leaving out preparation for the side effects of them. Therefore this article will seek the necessity of personal information protection, legal basis in the Welfare Center for the disabled. Additionally after analyzing current status for the personal security of Welfare Center for the disabled, establishing an alternative plan for personal security policy's way could be addressed. Increasing education for awareness stress of personal information security, and preparing institutional protection apparatus from applying life cycle of personal information would be an alternative plan for personal information protection for Welfare Center for the disabled. Also frequent monitoring of accessing personal information from the computerized system should be achieved. It is impossible to recover damage caused by leak of personal information although post actions are progressed. From this essay, awareness of personal information protection should be newly revised for both the Social Welfare Organization and the Disabled welfare center, and also technical, institutional strategy's action should be arranged.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• 제22권1호
• /
• pp.69-74
• /
• 2018

Recently, personal information leakage has caused phishing and spam. Previously developed systems focus on preventing personal information leakage. Therefore, there is a problem that the leakage of personal information can not be discriminated if there is already leaked personal information. In this paper, we propose a personal information hazard classification system based on web document analysis that calculates the hazard. The system collects web documents from the Twitter server and checks whether there are any user-entered search terms in the web documents. And we calculate the hazard classification weighting of the personal information leaked in the web documents and confirm the authority of the Twitter account that distributed the personal information. Based on this, the hazard can be derived and the user can be informed of the leakage of personal information of the web document.

• International Journal of Knowledge Content Development & Technology
• /
• 제4권1호
• /
• pp.53-78
• /
• 2014

As instances of private information leak increase, taking steps to protect such information becomes a necessity. In this study of public library patrons, we strove for a comprehensive understanding of library usage records to suggest viable solutions for private information safety in public libraries. To this end, we investigated the patrons' understanding of library usage records and determined the relationship between different user characteristics and privacy knowledge or leaks. The results show that a high number of patrons perceived these records as their own private information, but that there was no necessity for legal procedures or consent for the use of these records. Also, even though the understanding of these usage records showed that there was a relationship between the frequency of library visits and leaks of personal information, the correlation was not particularly strong.

• Convergence Security Journal
• /
• 제18권3호
• /
• pp.27-35
• /
• 2018

The certificate is electronic information issued by an accredited certification body to certify an individual or to prevent forgery and alteration between communications. Certified certificates are stored in PCs and smart phones in the form of encrypted files and are used to prove individuals when using Internet banking and smart banking services. Among the rapidly growing Android-based malicious applications are malicious apps that leak personal information, especially certificates that exist in the form of files. This paper proposes a method for judging whether malicious codes leak certificates by using DroidBox, an Android-based dynamic analysis tool.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 한국정보통신학회 2015년도 추계학술대회
• /
• pp.275-277
• /
• 2015

This paper proposed have been the business card information to the computer when creating business card printing agency saved to a file, there is always the risk of personal information leakage. Application file organization information into the card, the name, phone number, email address information, such as is capable of easily accessible because it is not encrypted. This paper proposed it encrypts the information entered on the Business Card application file to automate the process of the card application and simplifying the business card application process minimizes the work of staff and linked directly to the print shop how to automatically delete the print file after the completion of business card printing and research.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 한국정보통신학회 2022년도 춘계학술대회
• /
• pp.203-205
• /
• 2022

As digital transformation and remote work environment advanced by Covid-19 become more common, the scale of leakage damage to industrial secrets and personal information caused by information leakage attacks is increasing. Recently, advanced and persistent information leakage attacks have become a serious security threat because they do not quickly leak large amounts of information, but continuously leak small amounts of information over a long period of time. In this study, we propose a framework for detecting advanced and persistent information leakage attacks based on traffic characteristics. The proposed method can effectively detect advanced and persistent information leakage attacks using traffic patterns, packet sizes, and metadata, even if the payload is encrypted.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제23권4호
• /
• pp.757-766
• /
• 2013

The Malicious code that targets Android is growing dramatically as the number of Android users are increasing. Most of the malicious code have an intention of leaking personal information. Recently in Korea, a malicious code 'chest' has appeared and generated monetary damages by using malicious code to leak personal information and try to make small purchases. A variety of techniques to detect personal information leaks have been proposed on Android platform. However, the existing techniques are hard to apply to the user's smart-phone due to the characteristics of Android security model. This paper proposed a technique that detects and blocks file approaches and internet connections that are not allowed access to personal information by using the system call hooking in the kernel and white-list based approach policy. In addition, this paper proved the possibility of a real application on smart-phone through the implementation.

• Convergence Security Journal
• /
• 제12권1호
• /
• pp.71-77
• /
• 2012

Along with the development of Internet services such as Social Network Service (SNS) and blog Service, the privacy is very important in these services. But personal data is not safety from exposure to internet service. If personal data is leak out, the privacy is disclosed to hacker or illegal person and the personal information can be used in a cyber crime as phishing attacks. Therefore, the model and method that protects to disclose privacy is requested in SNS and blog services. The model must evaluate degree of exposure to protect privacy and the method protects personal information from Internet services. This paper proposes a model to evaluate risk for privacy with property of personal data and exposure level of internet service such as bulletin board. Also, we show a method using degree of risk to evaluate with a proposed model at bulletin board.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• 제23권2호
• /
• pp.15-20
• /
• 2023

Recently, digitalization is accelerating in all industries, and the use of information and personal information produced and used in the process of it is very important for the success or failure of a company. However, malicious attempts to steal or leak major information and personal information of a company as an adverse effect continue to increase, and appropriate defense and response are absolutely necessary. However, in the case of small and medium-sized enterprises, the priority of information protection and the possession of professional manpower are very insufficient compared to large enterprises. This paper studies the certification and audit implemented in Korea, and suggests ways to expand the certification of the information protection system suitable for SMEs and improve the effectiveness of the support system through the expansion of the privacy law notification standard and operation of support system.

• The Journal of Society for e-Business Studies
• /
• 제19권4호
• /
• pp.135-150
• /
• 2014

As the collection and use of personal information increases, the accidents that abuse and leak personal information are continuously increasing. The nation has established new laws and strengthened related laws for the prevention of the mass leakage of personal information and the secondary damage due to the leaked personal information. The nation also established the guidelines that need to be implemented by the institutions handling personal information for the safety of the personal information. For the efficient implementation of guidelines under the limited time and resources, it is necessary to establish the priorities between guidelines. This paper compares the relative importance of the guidelines by AHP (Analytic Hierarchy Process) technique. We performed the analysis on two expert groups, the group of consultants working in information security consulting company and the group of information security staffs handling personal information directly in the company. We compared the differences between groups and recommended the relative importances of the guidelines.