• Journal of Information Technology Services
• /
• v.22 no.3
• /
• pp.29-47
• /
• 2023

With the recent advancement of information and communication technologies such as artificial intelligence, big data, cloud computing, and 5G, data is being produced and digitized in unprecedented amounts. As a result, data has emerged as a critical resource for the future economy, and overseas countries have been revising laws for data protection and utilization. In Korea, the 'Data 3 Act' was revised in 2020 to introduce institutional measures that classify personal information, pseudonymized information, and anonymous information for research, statistics, and preservation of public records. Among them, it is expected to increase the added value of data by combining pseudonymized personal information, and to this end, "the Expert Data Combination Agency" and "the Expert Data Agency" (hereinafter referred to as the Expert Data Processing Agency) system were introduced. In comparison to these domestic systems, we would like to analyze similar overseas systems, and it was recently confirmed that the Vermont government in the United States enacted the first "Data Broker Act" in the United States as a measure to protect personal information held by data brokers. In this study, we aim to compare and analyze the roles and functions of the "Expert Data Processing Agency" and "Data Broker," and to identify differences in designated standards, security measures, etc., in order to present ways to contribute to the activation of the data economy and enhance information protection.

• Composites Research
• /
• v.22 no.4
• /
• pp.50-53
• /
• 2009

This paper mainly describes the armor materials, especially the ceramic materials for the personal protection. In the ceramic armor materials, B4C ceramics and SiC ceramics are the most popular materials. The $B_4C$ ceramics which consists of 4 atoms of boron and I atom of carbon is very light and strong. It is usually used to personal protection armor and chair protection in the helicopter. This material must be sintered at very high temperature because it melts at $2400^{\circ}C$. In order to have a good armor property, it must have very high density which is achieved by hot press or subsidiary sintering aid methods such as reducing the particle size of raw materials or mixing the sintering agents to the raw materials.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.41-48
• /
• 2019

In the era of Internet of Things and Artificial Intelligence, it has become essential to digitize mass data, which leads 'data-driven economy'. Digitalized personal data can be easily collected, stored, duplicated and analyzed. As ICT technology is evolving the concept of traditional personal data has changed. The United States, the European Union, Japan, Korea and many countries have introduced new concept of personal data into law such as de-identification, anonymization, and pseudonymization to protect and utilize digitalized personal information. These concepts are distinguishable depending on countries. Therefore, this study will be done by researching and analyzing personal data related policies of several countries. Based on this study, this paper will suggest policy on di-identification to draw the right balance between personal data protection and use, which contributes to the development of digital economy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.169-179
• /
• 2011

Recent personal data breach incidences draw the public's attention to their privacy and personal rights. The new personal data protection law effective in September 2009 imposes additional legal responsibility on personal data controllers and processors. For instance, if a data breach occurs, this new law requires that the processors must notify individuals (data subjects) and data protection authorities of the nature of incidents. This research reviews the U.S. forty six state laws and related acts, and offers a framework for managing incidents. This framework includes five major components: (1) type of personal data required to be reported and notified, (2) the ultimate subject notifying data subjects, (3) event occurrence and notification time phases, (4) notification message details, and (5) direct/indirect communication media. Along with this framework, we also offer directions for effective/manageable guidelines on data breach notification act.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.53-63
• /
• 2011

An SNS(Social Network Service) enables people to form a social network on online as in the real world. With the rising popularity of the service, side effects of SNSs were issued. Therefore we propose and implement a policy-based privacy protection module and access control policy language for ensuring the right of control of personal information and sharing data among SNSs. The policy language for protecting privacy is based on an attribute-based access control model which grants an access to personal information based on a user's attributes. The policy language and the privacy protection module proposed to give the right of control of personal information to the owner, they can be adopted to other application domains in which privacy protection is needed as well as secure sharing data among SNSs.

• Journal of dental hygiene science
• /
• v.17 no.2
• /
• pp.99-107
• /
• 2017

The purpose of this study was to identify knowledge awareness, and performance of dentist and dental staff regarding protection of patient's personal information. In addition, this research was conducted to highlight the importance of protection of patient's personal information and provide a guideline for establishing measures in this regard. A survey was conducted on 506 dentists or dental staff working in Seoul, Gyeonggi and Chungcheong provinces. The data was analyzed using t-test, one-way ANOVA, $x^2$, Pearson's correlation coefficient, and Scheffe test, using the PASW Statistics ver. 18.0 program. We found that the participants' knowledge and perception of the protection of patient's personal information were relatively low compared to those of other professionals. Such knowledge and perception were especially and significantly low in dental hygienists. In addition, a high level of knowledge and awareness showed a positive correlation with the extent of performance. Therefore, it is important that dentists and dental staff are aware of issues regarding the protection of patients' personal information. For this purpose, educational and training programs on such issues appear essential.

• The Journal of Society for e-Business Studies
• /
• v.20 no.2
• /
• pp.93-106
• /
• 2015

Providing trading partners with personal information to establish an e-commerce financial transaction is inevitable. Most e-commerce companies keep personal information and transaction data for user's convenience and develop additional services as their applications. However, keeping personal information increases the likelihood of identity theft causing direct or indirect damage while it may simplify repetitive financial transactions. This study introduces risk management methods based on quantitative and qualitative analysis including demand-supply curve model and Gordon & Loeb model to analyze the risks for security management. The empirical analysis with survey results from KISA (Korea Information Security Agency) shows that the root cause of different statistics of personal information leakage incidents according to core business of internet companies is the difference in their Loss Expectancy caused by them. Also we suggest disciplinary compensation and higher standard for personal information protection as a solution to prevent the variation of investment on it between individual companies.

• Journal of Radiation Protection and Research
• /
• v.24 no.3
• /
• pp.143-154
• /
• 1999

Panasonic UD-809P type albedo neutron TL dosimeters mounted on a water phantom were used to measure neutron personal dose equivalent in a Korean nuclear power plant. From the measured TL readings, personal dose equivalents from thermal, epithermal and fast neutrons were evaluated by using a method adopted in a neutron dose calculation algorithm for Panasonic UD-809P type albedo neutron TL dosimeters, which was suggested in a Panasonic TLD System User's Manual. The results showed that personal dose equivalent from fast neutrons could not be adequately evaluated in a field with high thermal neutron fraction to be encountered in a nuclear power plant. This seems to be related to the incomplete incidence of albedo thermal neutrons to the TL dosimeters. In order to evaluate appropriately the personal dose equivalent from fast neutrons in the field condition, new method fer the neutron dose calculation algorithm was suggested. In this new method, neutrons are grouped into thermal neutrons and fast neutrons. For each neutron component, equations for TL response, sensitivity factor, calibration factor and personal dose equivalent were derived.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.35-43
• /
• 2023

Since the Personal Information Protection Act was enacted in 2011, it has played a role in safely protecting people's personal information and protecting their rights. Personal information controller must comply with the duty of safeguards for safe personal information management. Even though administrative regulation is an accompanying issue, it is not clear to whom, when and how it applies. According to the imposition of duties, the scope, standards, safety measures, procedures, etc. for the target person should be clearly and specifically specified, but the current legal system is insufficient .In this study, problems and reasonable improvement plans were presented for the classification criteria for applicable subjects, the criteria for the criteria for determining the targets, and the criteria for measures to ensure safety. Through this, we intend to contribute to enhancing the effectiveness of the system by presenting reasonable measures by clarifying and specifying the scope and standards of application.

• Journal of KIISE:Information Networking
• /
• v.30 no.2
• /
• pp.189-198
• /
• 2003

As people are damaged increasingly by personal information leakage, awareness about user privacy infringement is increasing. However, the existing DRM system does not support the protection of user's personal information because it is not necessary for the protection of copyrights. This paper is suggesting a license administration protocol which is more powerful to protect personal information in DRM. To protect the exposure of users identifier, this protocol uses temporary ID and token to guarantee anonymity and it uses a session key by ECDH to cryptography and Public-Key Cryptosystem for a message so that it can protect the exposure of personal information and user's privacy.