• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.3 no.5
• /
• pp.548-574
• /
• 2009

Personal information (hereinafter referred to as "PI") infringement has recently emerged as a serious social problem in Korea. PI infringement in the public and private sector is common. There were 182,666 cases of PI in 2,624 public organizations during the last three years. Online infringement cases have increased. PI leakage causes moral and economic damage and is an impediment to public confidence in public organizations seeking to manage e-government and maintain open and aboveboard administration. Thus, it is an important matter. Most cases of PI leakage result from unsatisfactory management of security, errors in home page design and insufficient system protection management. Protection management, such as encryption or management of access logs should be reinforced urgently. However, it is difficult to comprehend the scope of practical technology management satisfied legislation and regulations. Substantial protective countermeasures, such as access control, certification, log management and encryption need to be established. It is hard to deal with the massive leakage of PI and its security management. Therefore, in this study, we analyzed the conditions for the technical protection measures during the processing phase of PI. In addition, we classified the standard control items of protective measures suited to public circumstances. Therefore, this study provides a standard and checklist by which staff in public organizations can protect PI via technical management activities appropriate to laws and ordinances. In addition, this can lead to more detailed and clearer instructions on how to carry out technical protection measures and to evaluate the current status.

• Proceedings of the KSRS Conference
• /
• 2003.11a
• /
• pp.1188-1190
• /
• 2003

Taipei Watershed Management Bureau (WRATB) is a government agency entitled for water resources protection at two major watersheds in order to provide drinking water for about four millions population in Taipei on a sustainable basis. At WRATB, there are two major public sewage treatment facilities which can convert sewage in each watershed into an acceptable state before they were discharged into rivers. More than 82% of household wastewater have been collected and treated by the two public sewage systems. However, households at remote area still need more effective sewage management prescriptions. The objective of this paper is to implement geographic information systems in order to provide more effective approaches that sewage management can be easier and cost effective. ArcIMS was implemented for Internet browsing and map server of those sewage facilities on personal computers, laptop computers. In the open field, ArcPAD was implemented with personal digital assistant (PDA) such that compact flash type's global positioning systems (GPS) and digital camera can be utilized with PDA. All sewage facilities digital files were convert into ArcMap format files. MapObjects and visual BASIC were used to create sewage application modules to meet every single technician personal flavor. ASP.NET was implemented for Internet database manipulations of all sewage databases. Mobile GIS was the key component of GIS applications in the open field for sewage management on a basis of house by house. Houses at remote area, which can not cover by the two public sewage systems, were managed by PDA and laptop computers with GPS and digital camera. Sewage management at Taipei Watershed Management Bureau is easier both in the open field and in the office. Integration of GPS, GIS, and PDA makes sewage management in the open field much easier. ArcIMS, MapObjects, ASP.NET and visual BASIC make sewage management can be done in the office and over Internet.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.616-617
• /
• 2010

This paper presents a model of e-learning based on ubiquitous computing configuration. The proposed e-learning model as following. we propose the e-learning system's hardware and software configurations which are server and networking systems. Also, we construct the proposed e-learning systems's services. There are attendance and absence service, class management service, common knowledge service, score processing service, facilities management service, personal management service, personal authorization issue management service, campus guide service, lecture-hall management service. Also, we propose the laboratory equipment management service, experimental materials management service etc.

• Asia pacific journal of information systems
• /
• v.22 no.1
• /
• pp.53-77
• /
• 2012

Financial firms, especially large scaled firms such as KB bank, NH bank, Samsung Card, Hana SK Card, Hyundai Capital, Shinhan Card, etc. should be securely dealing with the personal financial information. Indeed, people have tended to believe that those big financial companies are relatively safer in terms of information security than typical small and medium sized firms in other industries. However, the recent incidents of personal information privacy invasion showed that this may not be true. Financial firms have increased the investment of information protection and security, and they are trying to prevent the information privacy invasion accidents by doing all the necessary efforts. This paper studies how effectively a financial firm will be able to avoid personal financial information privacy invasion that may be deliberately caused by internal staffs. Although there are several literatures relating to information security, to our knowledge, this is the first study to focus on the behavior of internal staffs. The big financial firms are doing variety of information security activities to protect personal information. This study is to confirm what types of such activities actually work well. The primary research model of this paper is based on Theory of Planned Behavior (TPB) that describes the rational choice of human behavior. Also, a variety of activities to protect the personal information of financial firms, especially credit card companies with the most customer information, were modeled by the four-step process Security Action Cycle (SAC) that Straub and Welke (1998) claimed. Through this proposed conceptual research model, we study whether information security activities of each step could suppress personal information abuse. Also, by measuring the morality of internal staffs, we checked whether the act of information privacy invasion caused by internal staff is in fact a serious criminal behavior or just a kind of unethical behavior. In addition, we also checked whether there was the cognition difference of the moral level between internal staffs and the customers. Research subjects were customer call center operators in one of the big credit card company. We have used multiple regression analysis. Our results showed that the punishment of the remedy activities, among the firm's information security activities, had the most obvious effects of preventing the information abuse (or privacy invasion) by internal staff. Somewhat effective tools were the prevention activities that limited the physical accessibility of non-authorities to the system of customers' personal information database. Some examples of the prevention activities are to make the procedure of access rights complex and to enhance security instrument. We also found that 'the unnecessary information searches out of work' as the behavior of information abuse occurred frequently by internal staffs. They perceived these behaviors somewhat minor criminal or just unethical action rather than a serious criminal behavior. Also, there existed the big cognition difference of the moral level between internal staffs and the public (customers). Based on the findings of our research, we should expect that this paper help practically to prevent privacy invasion and to protect personal information properly by raising the effectiveness of information security activities of finance firms. Also, we expect that our suggestions can be utilized to effectively improve personnel management and to cope with internal security threats in the overall information security management system.

• Journal of Korean Society of Archives and Records Management
• /
• v.6 no.1
• /
• pp.5-42
• /
• 2006

The personal praying sentence in personal praying scripts of Koryo Dynasty should be very important source for study of Koryo buddhism's history as well as historics, bibliographics and art historics. Especially it would be good source for study of official position in Koryo Dynasty because in the personal praying scripts the prayers expressed their own official position when compared to the official positions presented in Bekguanji(all officer's magazine) in Koryosa(history of Koryo Dynasty). As the characteristic of script is presented in the contents of personal praying sentence, it would be remarkable source for study on the history of buddhism's thought. Through the personal praying sentence it is possible to make clear the hopes of donor and high monks who were the key members for writing praying script. Also study on the personal praying sentences in Koryo scripts would be helpful for understanding the profile of society of Koryo Dynasty.

• Journal of the Korean Society for information Management
• /
• v.32 no.1
• /
• pp.85-108
• /
• 2015

Personal Information Protection Act was first enacted in March, 2011, amended in September, 2011 and became effective. Nevertheless, the risk of interfering with personal information protection still remains, associated with collection, plagiarism, leakage, and even sales of personal information. The public libraries are not an exception. Accordingly, this study investigates the status of personal information protection in public libraries of Seoul and Gyeonggi province. Also, it tries to discover problems associated with the act and presents a model scheme to improve this situation. The scheme relates to (1) securing of a sufficient budget; (2) reinforcing professional education related to personal information; (3) developing detailed guidelines for public libraries.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.961-968
• /
• 2014

In order to prevent leakage of personal information by insiders a large number of companies install pc security solutions like DRM(Digital Right Management), DLP(Data Loss Prevention), Personal information filtering software steadily. However, despite these investments anomalies personal information occurred. To establish proper security policy before implementing pc security solutions, companies can prevent personal information leakage. Furthermore by analyzing the log from the solutions, companies verify the policies implemented effectively and modify security policies. In this paper, we define the required security solutions installed on PC to prevent disclosure of personal information in a variety of PC security solution, plan to integrate operations of the solutions in the blocking personal information leakage point of view and propose security policies through PC security solution log analysis.

• Journal of Digital Convergence
• /
• v.17 no.3
• /
• pp.215-220
• /
• 2019

The block chain technology is a technique that prevents manipulation of data and ensures integrity and reliability. Ethereum is building a smart contract environment as a type of encryptionenabled system based on block chains. Smart contracts can be implemented when conditions are met, thus increasing confidence in digital data. However, smart contracts that are being tried in various ways are not covered by information security and personal information protection. The structure in which the network participant can view the open transaction ledger is exposed to data or personal information listed in the block chain. In this study, it is possible to manage the data of personal information recorded in the block chain directly. This study is protected personal information by preventing the exposure of personal information and by executing time code, it is possible to erase recorded information after a certain period of time has elapsed. Based on the proposed system in the future, it is necessary to study the additional management techniques of unknown code defects or personal information protection.

• Journal of IKEEE
• /
• v.27 no.4
• /
• pp.548-555
• /
• 2023

With the advancement of the internet, the use of personal information in online interactions has increased, underscoring the significance of data protection. Breaches of personal data due to unauthorized access can result in psychological and financial damage to individuals, and may even enable wide-ranging societal attacks aimed at those associated with the victims. In response to such threats, there is active research into security measures using blockchain to safeguard personal information. This study proposes a system that uses middleware and IAM (Identity and Access Management) services to protect personal information in a BaaS (Blockchain as a Service) environment where blockchain is provided via the Internet. The middleware operates on servers where IAM roles and policies are applied, authenticates users, and performs access control to allow only legitimate users to access blockchain data existing in the cloud. Additionally, to understand the impact of the proposed personal information protection method on the system, we measure the response time according to the time taken and the number of users under three assumed scenarios, and compare the proposed method and research related to personal information protection using blockchain in terms of security characteristics such as idea, type of blockchain, authentication, and confidentiality.

• Journal of Environmental Health Sciences
• /
• v.32 no.3
• /
• pp.207-214
• /
• 2006

This study was designed to assess the level of nitrogen dioxide from several microenvironments including inside the home, outdoors near the home, inside the school, outdoors near the school, and on the road for 42 primary schoolchildren during the month of December 2002 in Seoul, Korea. The average personal, indoor, outdoor $NO_2$ levels, and indoor/outdoor ratio were 45.08 ppb, 27.89 ppb, 30.96 ppb, and 0.89, respectively. The indoor $NO_2$ concentrations were significantly associated with the presence of a smoker with a gas stove. The estimated personal $NO_2$ exposure using time-weighted average equation of $34.64{\pm}5.29$ ppb was significantly lower than the measured personal exposure of $45.08{\pm}5.50$ ppb. Our results indicate that indoor $NO_2$ levels were associated with the presence of a smoker and a gas stove. Moreover, personal $NO_2$ exposure with a gas stove in the house was significantly higher than those without a gas stove.