• 디지털산업정보학회논문지
• /
• 제19권3호
• /
• pp.37-44
• /
• 2023

In the future society, a means to verify the identity of the information owner is required at the beginning of most services that the information owner encounters, and the emergence and gradual spread of digital identification that proves the identity of the information owner is essential. In addition, as the utilization value of personal information increases, discussions on how to provide personal information are active. Therefore, there is a need for a personal information management method necessary for building a hyper-connected society that is safe from various hacking, forgery, alteration, and theft by allowing the owner to directly manage and provide personal information management. In this study, a decentralized identity information management model that overcomes the problems and limitations of the centralized identity management method of personal information and manages and selectively provides personal information by the information owner himself and implemented a smart personal information provision system(SPIPS: Smart Personal Information Provision System) using a smartphone.

• 디지털산업정보학회논문지
• /
• 제12권3호
• /
• pp.87-109
• /
• 2016

This study intends to present an effective and efficient development plan about the information protection of medical institutions, by establishing the improvement plan about Personal Information Management System(PIMS) appropriate to the characteristics of medical information focusing on medical institutions generating and using domestic medical information, and doing an empirical study on medical information protection plan. For this, in view of the medical characteristics of the existing Information Security Management System(ISMS), the study presented a study model appropriated to medical institutions based on Personal Information Management Systems index specialized for personal information, and through this, presented the vulnerability diagnosis and vulnerability improvement plan. Based on ISMS index, it designed an improvement index of personal information protection management about each index. The study conducted a survey for executives and employees about PIMS. Accordingly, it presented vulnerability diagnosis items of the current management system indexes from the viewpoint of the people who establish and mange the personal information protection about patients' medical information targeting executives and employees who serve at hospitals and can access medical information.

• 스마트미디어저널
• /
• 제12권9호
• /
• pp.95-102
• /
• 2023

개인정보의 활용 가치가 높아짐에 따라, 개인정보를 제공하는 방법에 대한 논의가 활발하나, 개인정보 활용을 위해 기관에서 필요로 하는 정보는 필요 이상의 정보가 노출되고 있다. 따라서 개인정보 보호의 문제점과 한계를 극복하기 위한 개인의 프라이버시 보호는 필수적이다. 본 연구에서는 개인정보의 중앙집중형 ID 관리(Centralized Identity Management)방법의 문제와 한계를 극복하고, 정보 소유자 스스로 자신의 개인정보를 관리하고 선택적으로 제공하는 탈중앙화 정보 관리(Decentralized Identity Information Management)모델을 제시하고, 실험을 통하여 PBFT 합의 알고리즘에서 스마트 개인정보 제공 시스템(SPIPS: Smart Personal Information Provision System)을 구현하여 개인 정보의 우수성을 보인다.

• 인터넷정보학회논문지
• /
• 제17권4호
• /
• pp.95-113
• /
• 2016

주민번호를 포함한 개인정보의 처리업무는 상당한 전문지식과 많은 비용이 소요되어 IT 전문 업체에 위탁 처리하는 경우가 보편화 되었다. 개인정보 관련 사고는 점차 증가하고 있으며, 사고 유형의 대부분은 수탁자에 의한 누출 혹은 유출에 의해 발생하고 있다. 개인정보보호 실태점검과 관리수준 진단 결과 공공기관에서의 수탁자에 대한 개인정보 사고 예방노력과 개인정보보호 관리체계 구축 노력이 시급한 상황이다. 본 논문에서는 개인정보 보호의 효율적 제고 방안에 대하여 연구하였다. 개인정보 처리 업무위탁에 대한 법률사항을 분석하고, 관리체계 구축을 위한 법률 기준 지표를 선택하여, 수탁자에 대한 개인정보보호 관리수준 분석 방안과 수탁자 개인정보보호 관리체계 강화 방안을 제시하였다. 개인정보보호 관리체계 강화 방안으로 수탁자 개인정보보호 관리체계를 제시하였고, 세 가지 법률 강화방안을 제시하였다. 본 논문에서는 개인정보보호 관리체계 강화 방안을 구성하기 위하여 공공기관의 대표적 개인정보 처리 위탁업무 중 IT유지보수, 고지서인쇄, 콜센터와 관련된 30개 수탁자들을 대상으로 설문조사를 통해 조사하였고, 강화 방안에 대한 문헌 근거를 제시하였으며, 개인정보 위탁자와 수탁자에 대한 FGI를 통해 강화방안에 대한 검증을 실시하였다.

• 한국컴퓨터정보학회논문지
• /
• 제23권11호
• /
• pp.185-191
• /
• 2018

The purpose of this study is to present effective basic data for business management through analysis of importance and performance of personal information protection of the elderly welfare center workers. For this purpose, the questionnaire on the protection of personal information was reconstructed based on the diagnostic level of the personal information security management level of the public institution and the questionnaire was conducted on 105 employees of the elderly welfare center in Chungbuk area. Based on the responses to the importance and the degree of performance of the personal information protection of the elderly welfare center employees, technical statistics and corresponding sample T-tests were conducted and the importance-performance analysis (IPA) was used. Followings are the results of this study: First, there is a statistically significant difference between the importance and the implementation of the management system for the protection of personal information of the workers in the elderly welfare center, establishment and implementation of protection measures, establishment and implementation of infringement measures. Second, IPA analysis on the protection of personal information of the workers in the elderly welfare center shows that the establishment and implementation of protection measures are the areas to maintain good performance. Third, in IPA analysis of the sub-factors of the personal information protection of the workers in the welfare center of the elderly, in the construction and management of the management system, in performing the role of the personal information protection officer and establishing and implementing protection measures, The factors of prevention of information disclosure and exposure and the safe use and management of personal information processing system were analyzed as areas requiring intensive improvement. This study is meaningful as a basic research that can raise the awareness of the personal information protection of the workers in the elderly welfare center and induce the improvement of the related work.

• 디지털산업정보학회논문지
• /
• 제12권3호
• /
• pp.133-155
• /
• 2016

Recently, in the adoption of cloud computing are emerging as locations are key requirements of security and privacy, at home and abroad, several organizations recognize the importance of privacy in cloud computing environments and research-based transcription and systematic approach in progress have. The purpose of this study was to recognize the importance of privacy in the cloud computing environment based on personal information security methodology to the security of cloud computing, cloud computing, users must be verified, empirical research on the improvement plan. Therefore, for existing users of enhanced security in cloud computing security consisted framework of existing cloud computing environments. Personal information protection management system: This is important to strengthen security for existing users of cloud computing security through a variety of personal information security methodology and lead to positive word-of-mouth to create and foster the cloud industry ubiquitous expression, working environments.

• International Journal of Fuzzy Logic and Intelligent Systems
• /
• 제8권4호
• /
• pp.260-263
• /
• 2008

In this paper we propose Personal Information Management System for Library Database. It manages personal search pattern for the given user and provide specific book list for library book search system. With the proposed system, the conventional overlap searching time will be decreased with personalized information and search history. This system manages the individual data according to personal searching pattern, sequence and usability. Therefore, the user can locate necessary book information more accurately with their distinct interest and search history.

• 정보보호학회논문지
• /
• 제25권3호
• /
• pp.691-701
• /
• 2015

최근 개인정보를 활용하는 서비스가 증가함에 따라 공공기관들의 업무는 개인정보에 대한 의존성이 높아지고 있다. 개인정보의 활용이 불가피한 환경에서 안전한 개인정보 활용을 위해 다양한 정책과 제도를 마련하여 운영하고 있으나 개인정보 침해사고와 그 규모는 지속적으로 증가하고 있는 실정이다. 이에 우리나라는 2008년부터 공공기관의 개인정보 보호법 준수 여부와 관리수준을 진단하고 미흡한 사항에 대해 개선활동을 수행하기 위한 개인정보보호 관리수준 진단을 시행하고 있다. 그러나 관리수준 진단 결과가 높은 점수임에도 불구하고 끊이지 않는 침해사고로 인하여 진단 결과와 실제 관리수준에 대해 실효성 측면에서의 문제가 제기되고 있다. 따라서 본 연구에서는 공공기관들의 개인정보보호 활동과 기반마련에 대한 효율성을 DEA 모형으로 분석하고, 도출된 효율성을 개인정보보호 관리수준 진단 결과에 반영하여 진단 결과의 효과성과 효율성을 높이기 위한 새로운 모델을 제안하고자 한다.

• 대한안전경영과학회지
• /
• 제12권4호
• /
• pp.107-116
• /
• 2010

To give a solution to solve personal information problems issued in this study, the domestic and overseas cases about information security management system including an authentication technique are analyzed. To preserve the outflow of personal information, which is such a major issue all over the world, a new security audit check list is also proposed. We hope this study to help information system developers construct and operate confidential information systems through the three steps: Analysis of risk factors that expose personal information, Proposal to solve the problem, Verification of audit checking items.

• 디지털산업정보학회논문지
• /
• 제8권3호
• /
• pp.33-39
• /
• 2012

Since the passing of the Personal Information Act in March 2011 and its initial introduction in September, over the one year to date diverse security devices and solutions have been flowing into the market to enable observance of the relevant laws. Beginning with security consulting, corporations and institutions have focused on technology-based business in order to enable observance of those laws competitively in accordance with 6-step key procedures including proposal, materialization, introduction, construction, implementation, and execution. However there has not been any investment in human resources in the field of education such as technology education and policy education relative to the most important human resources field nor investment in professionals in the organization for the protection of personal information or in human resources for operating and managing IT infrastructure for actual entire personal information such as special sub-organizations. In this situation, as one process of attracting change from the nature of the technology-based security market toward a professional human resource-based security infrastructure market, it is necessary to conduct research into standardization modeling concerning special organizational composition and a management system for the protection of personal information.