• Review of KIISC
• /
• v.20 no.4
• /
• pp.42-51
• /
• 2010

Government legislates a private sector preparedness act related to disasters such as natural, technological, and social ones. According to the law, it announces new standard for private sector preparedness. This paper illustrates a mitigation action plan based on the standard in terms of a cyber disaster. This plan includes organization, policy, assessment, impact analysis, strategy, plan, action, evaluation, and feedback. It will also help for business to mitigate a cyber disaster. Private sector accreditation and certification preparedness program which introduces on the law is the realization that enterprise disaster management will be expected as a great tipping-point.

• Management & Information Systems Review
• /
• v.12
• /
• pp.1-15
• /
• 2003

As a rapid development of electronic commerce transactions in these days, the security and private protection problems became more important matters under the electronic transaction base. Because electronic transaction using electronic documents be carried without direct person to person meeting, there can be the possibility to use other's identity illegally without notice, and very hard to verify authenticity of transaction as well. In addition, it is very hard to find out that the electronic documents on the process of submitting is forged documents or not, and also have much difficulty in maintaining transmitting secret. Therefore, to solve such problems on electronic commerce transactions and electronic documents, the digital signature and certification system with cryptography skill is inevitably necessary. As the wide use of digital signature together with beginning of digital government and financial transaction, not only the issuance of electronic certification, but certification market came to gradually expand. In Korea, after enacting digital signature act in 1999, the act contents were expanded to the wide range of contents complying with global standards from the end of 2001 to April, 2002, including the new clause of certification problems. And the act was put into operation now. Therefore, in this paper, we'd like to suggest development scheme through the investigation on electronic certification related problems, such as, concepts, procedures, service conditions here and abroad.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.20
• /
• pp.495-522
• /
• 2003

As a rapid development of electronic commerce transactions in these days, the security and private protection problems became more important matters under the electronic transaction base. Because electronic transaction using electronic documents be carried without direct person to person meeting, there can be the possibility to use other's identity illegally without notice, and very hard to verify authenticity of transaction as well. In addition, it is very hard to find out that the electronic documents on the process of submitting is forged documents or not, and also have much difficulty in maintaining transmitting secret. Therefore, to solve such problems on electronic commerce transactions and electronic documents, the digital signature and certification system with cryptography skill is inevitably necessary. As the wide use of digital signature together with beginning of digital government and financial transaction, not only the issuance of electronic certification, but certification market came to gradually expand. In Korea, after enacting digital signature act in 1999, the act contents were expanded to the wide range of contents complying with global standards from the end of 2001 to April, 2002, including the new clause of certification problems. And the act was put into operation now. Therefore, in this paper, we'd like to suggest development scheme through the investigation on electronic certification related problems, such as, concepts, procedures, service conditions here and abroad.

• Journal of Korea Port Economic Association
• /
• v.19 no.1
• /
• pp.223-245
• /
• 2003

As a rapid development of electronic commerce transactions in these days, the security and private protection problems became more important matters under the electronic transaction base. Because electronic transaction using electronic documents be carried without direct person to person meeting, there can be the possibility to use other's identity illegally without notice, and very hard to verify authenticity of transaction as well. In addition, it is very hard to find out that the electronic documents on the process of submitting is forged documents or not, and also have much difficulty in maintaining transmitting secret. Therefore, to solve such problems on electronic commerce transactions and electronic documents, the digital signature and certification system with cryptography skill is inevitably necessary. As the wide use of digital signature together with beginning of digital government and financial transaction, not only the issuance of electronic certification, but certification market came to gradually expand. In Korea, after enacting digital signature act in 1999, the act contents were expanded to the wide range of contents complying with global standards from the end of 2001 to April, 2002, including the new clause of certification problems. And the act was put into operation now. Therefore, in this paper, we'd like to suggest development scheme through the investigation on electronic certification related problems, such as, concepts, procedures, service conditions here and abroad.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1091-1102
• /
• 2012

With a recent rapid increase in infringement on privacy information, a need to protect privacy information is called for more than ever. Keeping pace with such concern and demands of the times, Korea has established and executed "Privacy Information Protection Act" on September 30th, 2011. This regulation was enacted from an individually regulated method to a basic regulation that includes public and private institutions. Also, the regulation includes diverse contents for the sake of protecting privacy information by expanding a range of protection subjects and limiting the process of uniquely identifiable information. In this context, the study has suggested a direction for development on Korea's Privacy information Protection Act by taking a look at the status on privacy information protection acts from home and foreign nations and conducting a comparative analysis between domestic and foreign acts.

• Journal of the Korea Convergence Society
• /
• v.13 no.4
• /
• pp.25-37
• /
• 2022

The government and private companies are endeavoring to help the digital healthcare industry grow. This includes easing regulations on the big data industry such as the amendment of the Data 3 Act. Despite these efforts, however, there have been constant demands for the amendment of laws related to the medical field and for securing medical data transmissions. In this paper, the Data 3 Act of Korea and the legal system related to healthcare are examined. Then the legal, institutional, and technical aspects of the strategies are compared to understand the issues and implications. Based on this, a legal and institutional strategy suitable for the digital healthcare industry in Korea is suggested. Additionally, a direction to improve social perception along with technical measures such as safe de-identification processing and data transmission are also proposed. This study hopes to contribute to the spread of various convergent industries along with the digital healthcare industry.

• Journal of Arbitration Studies
• /
• v.32 no.1
• /
• pp.71-91
• /
• 2022

The legal integration in the European Union that seeks a unified system in consumer disputes and the German Consumer Dispute Mediation Act based on this pursues the procedural fairness of consumer disputes and the equality of results. The role and legal status of the dispute mediator, who plays a very important role in this process, and the stable operation of the dispute resolution system and the guarantee of reasonable results through the guarantee of fairness and independence are very important values. In particular, the dispute mediator under the Act is conceptually different from the existing mediator or mediator, and through this distinction, the duties and contents of the dispute mediator are also distinguished. For this reason, the qualifications of dispute mediators that affect the outcome of dispute mediation are strictly stipulated. There have been some criticisms of this strictness, and such strictness is also seen as an excessive limitation. However, these standards can be understood as one of the efforts to make the dispute mediation procedure more systematic and to operate objectively in accordance with laws and procedures. In addition, in relation to the issue of independence and impartiality of the dispute mediator, the status of the dispute mediator is guaranteed in various aspects. In economic terms, it is not influenced by external factors, and furthermore, in order to guarantee job stability, the results of job security and dispute resolution are not linked. By examining the appropriate level of discipline for these dispute mediators, we expect the developmental growth of the consumer dispute resolution system under our Act.

• Journal of Legislation Research
• /
• no.54
• /
• pp.155-192
• /
• 2018

As the 'hyper-connected society' has emerged through the 'Fourth Industrial Revolution, public interests as well as social dangers have increased. Above all, the risk of infringement of information, including confidential personal information, is dramatically increasing. As the hyper-connected society has been realized, even if only one of the internet devices is hacked, there would be a danger that the ripple effect of such a hacking spreads to the whole network. Therefore, the necessity and importance of information security, including cybersecurity, has been increasing. In other words, the stability of cyberspace and internet space is becoming more important. As a result, the Korean government is seeking to build a legal system related to information security, which would be able to cope with the information infringement problem in the hyper-connected society. However, it seems that the government is still struggling with the direction of building such a legal system. In this context, a comparative review examining the legal systems of advanced foreign countries will provide meaningful implications as to what kinds of legal policies we should devise and implement for information security. In particular, the U.S. legislative act that actively responds to the cybersecurity violations is worthy of reference. For this reason, this article systematically analyzes the current status of the U.S. cybersecurity laws. Especially, this article focuses on the "Cybersecurity Information Sharing Act of 2015"(hereinafter "CISA"), that was recently enacted by the U.S. congress. The CISA prescribes the systemic and detailed information-sharing between national and private entities. The CISA, that actively promotes information-sharing, is full of suggestions for us, in that information-sharing is an effective way to properly realize information security in today's hyper-connected society.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.12
• /
• pp.2961-2967
• /
• 2014

Nowadays, a private protection act has come into effect which demands for the protection of personal image information obtained by the CCTV. According to this act, the object out of interest has to be mosaicked such that it can not be identified before the image is sent to the investigation office. Meanwhile, the demand for digital videos obtained by CCTV is also increasing for digital forensic. Therefore, due to the two conflicting demands, the demand for a solution which can automatically mask an object in the CCTV video is increasing and related IT industry is expected to grow. The core technology in developing a target masking solution is the object tracking technique. In this paper, we propose an object tracking technique which suits for the application of CCTV video object masking as a postprocess. The proposed method simultaneously uses the motion and the color information to produce a stable tracking result. Furthermore, the proposed method is based on the centroid shifting method, which is a fast color based tracking method, and thus the overall tracking becomes fast.

• IEIE Transactions on Smart Processing and Computing
• /
• v.5 no.2
• /
• pp.94-99
• /
• 2016

Application layer attacks have for years posed an ever-serious threat to network security, since they always come after a technically legitimate connection has been established. In recent years, cyber criminals have turned to fully exploiting the web as a medium of communication to launch a variety of forbidden or illicit activities by spreading malicious automated software (auto-ware) such as adware, spyware, or bots. When this malicious auto-ware infects a network, it will act like a robot, mimic normal behavior of web access, and bypass the network firewall or intrusion detection system. Besides that, in a private and large network, with huge Hypertext Transfer Protocol (HTTP) traffic generated each day, communication behavior identification and classification of auto-ware is a challenge. In this paper, based on a previous study, analysis of auto-ware communication behavior, and with the addition of new features, a method for classification of HTTP auto-ware communication is proposed. For that, a Not Only Structured Query Language (NoSQL) database is applied to handle large volumes of unstructured HTTP requests captured every day. The method is tested with real HTTP traffic data collected through a proxy server of a private network, providing good results in the classification and detection of suspicious auto-ware web access.