• Title/Summary/Keyword: Personal security

Search Result 1,620, Processing Time 0.027 seconds

A Study on Improving Security Controls in the Electronic Financial Transaction (전자금융거래 시 보안 통제 사항의 개선 연구)

  • Lee, Gangshin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.4
    • /
    • pp.881-888
    • /
    • 2015
  • Financial Authorities have added security controls to the Electronic Financial Transaction Act and the Supervisory Regulation according to the recent frequent personal credit information leakages. Accordingly, the security level has been upgraded. But it is necessary to study more security controls to add. This paper deduces 19 security controls over the mean value to be added to the financial area receiving 15 security consultant's help.

A Study on Security Solution for USB Flash Drive (USB 메모리를 위한 보안 솔루션에 관한 연구)

  • Lee, Sun-Ho;Lee, Im-Yeong
    • Journal of Korea Multimedia Society
    • /
    • v.13 no.1
    • /
    • pp.93-101
    • /
    • 2010
  • A USB flash drive is a portable storage device. For its promising moderate price, portability and high capacity USB flash drive users are increasing rapidly. Despite these advantages USB flash drives have critical problems as well. Such as personal information data leakage due to easy loss of the portable device. As these personal information leakage incidents increases various security measure solutions are produced and distributed. Despite these security measures and solutions it is not enough to perfectly protect personal data leakage. Hence the necessity of a more concrete, secure, user-friendly security measure solution is required. In this paper we provide you with portable USB flash drive security solution analysis and provide you with the latest secure, user-friendly security measure solutions.

A Study on the Improvement of Personal Information Protection in Small and Medium-sized Medical Institutions (중소형 의료기관의 개인정보 보안실태 및 개선방안)

  • Shin, Min ji;Lee, Chang Moo;Cho, Sung Phil
    • Convergence Security Journal
    • /
    • v.19 no.4
    • /
    • pp.123-132
    • /
    • 2019
  • Rapid developments of IT technology has been creating new security threats. There have been more attacks to get patients' sensitive personal information, targeting medical institutions that are relatively insufficient to prevent and defend against such attacks. Although the government has required senior general hospitals to get the ISMS certification since 2016, such a requirement has been burdensome for small and medium-sized medical institutions. Therefore, this study was designed to draw measures to identify and improve the privacy status of the medical institution by dividing it into management, physical and cyber areas for small and medium-sized medical institutions. The results of this study showed that the government should provide financial support and managerial supervision for the improvement of personal information protection of small and medium-sized medical institutions. They also suggested that the government should also provide medical security specialists, continuous medical security education, disaster planning, reduction of medical information management regulations not suitable for small and medium sized institutions.

Framework for assessing responsiveness to personal data breaches based on Capture-the-Flag

  • Oh, Sangik;Kim, Byung-Gyu;Park, Namje
    • Journal of Multimedia Information System
    • /
    • v.7 no.3
    • /
    • pp.215-220
    • /
    • 2020
  • Many state agencies and companies collect personal data for the purpose of providing public services and marketing activities and use it for the benefit and results of the organization. In order to prevent the spread of COVID-19 recently, personal data is being collected to understand the movements of individuals. However, due to the lack of technical and administrative measures and internal controls on collected personal information, errors and leakage of personal data have become a major social issue, and the government is aware of the importance of personal data and is promoting the protection of personal information. However, theory-based training and document-based intrusion prevention training are not effective in improving the capabilities of the privacy officer. This study analyzes the processing steps and types of accidents of personal data managed by the organization and describes measures against personal data leakage and misuse in advance. In particular, using Capture the Flag (CTF) scenarios, an evaluation platform design is proposed to respond to personal data breaches. This design was proposed as a troubleshooting method to apply ISMS-P and ISO29151 indicators to reflect the factors and solutions to personal data operational defects and to make objective measurements.

A Study on the Factors Affecting the Establishment of Personal Information Management Systems (PIMS)

  • Seo, Young-Soo;Lee, Seong-Il;Hwang, K.T.
    • Journal of Information Technology Applications and Management
    • /
    • v.19 no.3
    • /
    • pp.31-47
    • /
    • 2012
  • As the dependence on information is increasing, the protection of personal information (PI) becomes a critical issue for the organizations, causing not only financial loss but also negative impacts on corporate images and reputations. To date, academic research in this area is scarce. This study analyzes the factors affecting the establishment and/or implementation of Personal Information Management System (PIMS) and provides direction for the practice. In this study, we assume that PIMS is one of the new technology adopted by organizations, and Unified Theory of Acceptance and Use of Technology (UTAUT) model is selected as a base model for the study. Using structural equation modeling technique, both measurement and structural models are validated, and hypotheses are tested. Major findings of the study include (1) the major driver of the organizations attempting to adopt PIMS seems to be the improvement of the business outcomes, (2) organizational capability and resource are important in the establishment of PIMS, and (3) the perceived difficulty of the establishment of PIMS is not affecting the intention to adopt PIMS. Since the importance of personal information security is high, establishment of PIMS is becoming one of the critical issues in the organizations. The establishment of PIMS should be encouraged to strengthen the competitiveness of businesses and to enhance the security level of the entire nation. It is expected that this study may contribute to developing plans and policies for establishment of PIMS in practice, and to providing a foundation for further research in this area.

A Study on the Operation and Personal Information Management of Public and Private Kindergarten Homepages (공·사립 유치원 홈페이지의 운영 및 개인정보 관리 실태 연구)

  • Kim, Jong Min;Chun, Hui Young;Choi, Eun A
    • Korean Journal of Child Studies
    • /
    • v.37 no.6
    • /
    • pp.119-132
    • /
    • 2016
  • Objective: The purpose of this study was to analyze the operation and personal information management of public and private kindergarten homepages. Methods: A total of 2,846 kindergartens were selected from the I-Sarang portal service for analyzing operation, and 217 self-operating homepages were selected for evaluating management. Seven evaluation items from three domains (information gathering procedures and scope, information security, and management of file exposure protection) were used. Wireshark and Google were used for analyzing some evaluation items. Results: The operating ratio of kindergarten homepages was low and most of the kindergartens self-operated their homepages. The evaluation of the information gathering procedures and scope showed that the rule of consent process was not rigidly followed but that the rule of legality for information gathering was followed. Items related to information security were followed at very low levels. As for the management of file exposure protection, the evaluation of items related to the prevention of attachment disclosure showed that the rule of protecting personal information included in an attached file was followed but that the notice regarding information protection was not. Across all evaluation items, the level of personal information management was higher in public (vs. private) kindergartens. Conclusion: These results indicate methods to more securely and effectively manage personal information on kindergarten homepages.

Research on the Analysis and Response of Unauthorized Personal Information Collection in Foreign Applications (해외 애플리케이션의 개인정보 무단 수집 실태 분석과 대응 방안에 대한 연구)

  • Kim, Se-Hwan;Yun, Hyung-Jun;Jung, Da-Hyun;Jang, Seung-Hoon;Han, Cheol-Kyu
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.3
    • /
    • pp.453-462
    • /
    • 2021
  • The number of foreign applications available in Korea is increasing. Among them, there are many cases where applications having a large number of domestic users collect users' personal information in an unauthorized manner, causing serious problems. Unauthorized collection of personal information conducted through such applications is highly dangerous, because sensitive personal information of users can be used in a malicious way. Further, this is violation of business ethics and may interrupt the creation of the sound information technology ecosystem. This research is purposed to analyze the current status of unauthorized collection of users' personal information by foreign applications available in Korea and to derive countermeasures thereof.

A Study on Security Weakness and Threats in Personal Health Record Services (개인건강기록 서비스에서 보안취약성 및 위협요소에 관한 연구)

  • Yi, Myung-Kyu;Hwang, Hee-Joung
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.15 no.6
    • /
    • pp.163-171
    • /
    • 2015
  • Personal Health Records(PHR) service offers patients a convenient and easy-to-use solution for managing their personal health records, crucial medical files, and emergency contacts. In spite of the indispensable advantages, PHR service brings critical challenges that cannot be avoided from consumer side if the security of the data is concerned. The problem of user's privacy infringement and leaking user's sensitive medical information is increasing with the fusion of PHR technology and healthcare. In this paper, therefore, we analyze the various security aspects that are vulnerable to the PHR service and needed to be resolved. Moreover, we analyze the security requirements from the point of view of the PHR users and application service providers and provides the PHR security mechanism for addressing PHR security threats and satisfying PHR security requirements.

Intention to Use of Personal Cloud Services: Focusing on the Security Factors (보안요인을 중심으로 한 개인용 클라우드 서비스 사용의도)

  • Lee, Jae Seok;Kim, Kyoung-jae
    • Knowledge Management Research
    • /
    • v.18 no.4
    • /
    • pp.237-260
    • /
    • 2017
  • Recently, with the proliferation of smart phones and mobile devices and the increase in the speed of mobile Internet, IT services are increasingly used in smart phones and mobile devices in a different way from the past. That is, a cloud service that downloads and uses data stored in the server in real time is expanding, and as a result, the security due to the continuous Internet connection of the user becomes a problem. In this study, we analyzed the relationship between factors affecting the continuous use of personal cloud service by using technology acceptance model. In addition to the technology acceptance model, confidentiality, privacy, accessibility, innovation, and self-efficacy were extracted from the existing research with emphasis on the characteristics of the cloud service and security factors. Moreover, the difference of intention to use among genders was verified through structural equation modeling with survey data from 262 personal cloud service users.

Democratic Values, Collective Security, and Privacy: Taiwan People's Response to COVID-19

  • Yang, Wan-Ying;Tsai, Chia-hung
    • Asian Journal for Public Opinion Research
    • /
    • v.8 no.3
    • /
    • pp.222-245
    • /
    • 2020
  • In the pandemic crisis, many governments implemented harsh interventions that might contradict democratic values and civil liberties. In Taiwan, the debate over whether or not to reveal personal information of infected persons to limit the coronavirus's spread poses the democratic dilemma between public health and civil liberties. This study examines whether and explains how Taiwan's people respond to the choice between individual privacy and collective security. We used survey data gathered in May 2020 to show that, first, the democratic values did not deter the pursuit of collective safety at the cost of civil liberty; rather, people with higher social trust were more likely to give up their civil liberties in exchange for public safety. Second, people who support democratic values and pursue collective security tend to avoid violating privacy by opposing the release of personal information. This study proves that democratic values do not necessarily threaten collective safety and that the pursuit of common good can co-exist with personal privacy.