• Journal of Information Processing Systems
• /
• v.15 no.5
• /
• pp.1036-1054
• /
• 2019

Recently, concomitant with a surge in numbers of Internet of Things (IoT) devices with various sensors, mobile crowdsensing (MCS) has provided a new business model for IoT. For example, a person can share road traffic pictures taken with their smartphone via a cloud computing system and the MCS data can provide benefits to other consumers. In this service model, to encourage people to actively engage in sensing activities and to voluntarily share their sensing data, providing appropriate incentives is very important. However, the sensing data from personal devices can be sensitive to privacy, and thus the privacy issue can suppress data sharing. Therefore, the development of an appropriate privacy protection system is essential for successful MCS. In this study, we address this problem due to the conflicting objectives of privacy preservation and incentive payment. We propose a privacy-preserving mechanism that protects identity and location privacy of sensing users through an on-demand incentive payment and group signatures methods. Subsequently, we apply the proposed mechanism to one example of MCS-an intelligent parking system-and demonstrate the feasibility and efficiency of our mechanism through emulation.

• Journal of Korea Society of Industrial Information Systems
• /
• v.15 no.5
• /
• pp.159-166
• /
• 2010

From public insecurity, access of wealth, alteration of population structure, and changes of security recognition, physical security has been continuously developed and changed. In these days, typical systems for physical security are unmanned security system using telephone network and security equipment, image recognition system using DVR and camera, and access control system by finger print recognition and RFID cards. However, physical security system is broadening its domain towards ICT based convergence with networked camera, biometrics, individual authentication, and LBS services. This paper proposes main technical trends and various security convergences for future physical security services by classifying the security categories into 3 parts; Individual security for personal protection, IT Convergence for large buildings, and Homeland Security for omni-directional security.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.5
• /
• pp.167-180
• /
• 2021

Due to the development of IT technology and the spread of infectious diseases, online non-face-to-face services are rapidly expanding. In particular, the information delivery process is also changing from the past postal branch-based to an information delivery system using mobile devices. This change is due to the change from the information delivery using the telephone line to the information delivery system using the Internet. Mobile notification service is a service that sends electronic notices to mobile devices held by users to deliver information and is validated for delivery, which has the advantage of reducing the benefits of unnecessary mail production, exposure to personal information, and misdelivery. However, user identification information must be provided to operators that provide mobile electronic notification services. In this paper, the current state of use of the mobile electronic notice service, which has been in effect since 2019, is investigated and analyzed, and the current mobile electronic notice service is to be safely provided and to take appropriate protection measures for personal information. In providing the mobile electronic notification service to users, it is possible to identify the service standards required by the sending agency, and based on this, prepare the technical standards for the mobile electronic notification service that the sending agency must comply with in advance and use it for the mobile electronic notification service.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.39 no.4
• /
• pp.97-105
• /
• 2016

As information system is getting higher and amount of information assets is increasing, skills of threatening subjects are more advanced, so that it threatens precious information assets of ours. The purpose of this study is to present a strategic direction for the types of companies seeking access to information security. The framework classifies companies into eight types so company can receive help in making decisions for the development of information security strategy depending on the type of company it belongs to. Paired comparison method survey conducted by a group of information security experts to determine the priority and the relative importance of information security management elements. The factors used in the security response strategy are the combination of the information security international certification standard ISO 27001, domestic information protection management system certification K-ISMS, and personal information security management system certification PIMS. Paired comparison method was then used to determine strategy alternative priorities for each type. Paired comparisons were conducted to select the most applicable factors among the 12 strategic factors. Paired comparison method questionnaire was conducted through e-mail and direct questionnaire survey of 18 experts who were engaged in security related tasks such as security control, architect, security consulting. This study is based on the idea that it is important not to use a consistent approach for effective implementation of information security but to change security strategy alternatives according to the type of company. The results of this study are expected to help the decision makers to produce results that will serve as the basis for companies seeking access to information security first or companies seeking to establish new information security strategies.

• Korean Security Journal
• /
• no.27
• /
• pp.129-159
• /
• 2011

Physical security has always been an extremely important facet within the security arena. A comprehensive security plan consists of three components of physical security, personal security and information security. These elements are interrelated and may exist in varying degrees defending on the type of enterprise or facility being protected. The physical security component of a comprehensive security program is usually composed of policies and procedures, personal, barriers, equipment and records. Human beings kept restless struggle to preserve their and tribal lives. However, humans in prehistoric ages did not learn how to build strong house and how to fortify their residence, so they relied on their protection to the nature and use caves as protection and refuge in cold days. Through the history of man, human has been establishing various protection methods to protect himself and his tribe's life and assets. Physical security methods are set in the base of these security methods. Those caves that primitive men resided was rounded with rock wall except entrance, so safety was guaranteed especially by protection for tribes in all directions. The Great Wall of China that is considered as the longest building in the history was built over one hundred years from about B.C. 400 to prevent the invasion of northern tribes, but this wall enhanced its protection function to small invasions only, and Mongolian army captured the most part of China across this wall by about 1200 A.D. European lords in the Middle Ages built a moat by digging around of castle or reinforced around of the castle by making bascule bridge, and provided these protections to the resident and received agricultural products cultivated. Edwin Holmes of USA in 20 centuries started to provide innovative electric alarm service to the development of the security industry in USA. This is the first of today's electrical security system, and with developments, the security system that combined various electrical security system to the relevant facilities takes charging most parts of today's security market. Like above, humankind established various protection methods to keep life in the beginning and its development continues. Today, modern people installed CCTV to the most facilities all over the country to cope with various social pathological phenomenon and to protect life and assets, so daily life of people are protected and observed. Most of these physical security systems are installed to guarantee our safety but we pay all expenses for these also. Therefore, establishing effective physical security system is very important and urgent problem. On this study, it is suggested methods of establishing effective physical security system by using system integration on the principle of security design about effective security system's effective establishing method of physical security system that is increasing rapidly by needs of modern society.

• Journal of Korean Society of Occupational and Environmental Hygiene
• /
• v.4 no.1
• /
• pp.117-126
• /
• 1994

Some of the important and vital roles performed by the Health Care Center of Pohang Iron & Steel Co., Ltd.(POSCO) are the periodic monitoring of the work sites as well as regular medical check-ups for each workers to ensure both pleasant and safe working conditions and to protect employees' health. Pohang Steel Works, which has 42 plants, 26 facilities and 12,000 employees, has an annual crude steel production capacity of 9,670,000 using 24,500,000 ton of raw materials. We have measured lots of areal and personal working environment according to Occupational Safety and Health Law semiannually. All data collected on industrial hygiene is stored and managed by personal computer. The developed of a computerized industrial hygiene control system linked to the company's main computer system will provide efficient evaluation of the working environment as well as critical informations on employees' health. Development of this system had begun in May, 1992 and was completed in March, 1994. The computerized industrial hygiene control system can; 1. store industrial hygiene data, providing key pertinent to the diagnosis of occupational related illnesses, and if necessary, the basis for improving the working environment, 2. decide type and time of medical examination of each work for exposure to specific agents, and supply proper protection periodically, 3. prevent occupational related illnesses through evaluation of environmental and biological monitoring, and performance of epidemiological surveillance, 4. facilitate proper job placement through linking of industrial hygiene control and personnel information systems, 5. monitor job processes. levels of chemical agents used, and new agents introduced, 6. and increase productivity by saving time resulting from the implementation of the computerized sysyte,

• Korean Security Journal
• /
• no.17
• /
• pp.255-276
• /
• 2008

The important items, which should be considered in Private Investigation Law, can include subjects, licenses, the scope of business, qualifying examinations, and supervisory and penal provisions. The subjects of Private Investigation Law should be permitted to be both natural persons and juridical persons in terms of providing various services, but should be permitted to be juridical persons and should be administered on a license system, even in order to ensure public interests. Concretely, the introduction scope of Private Investigation Law can be regulated to include the followings: that is, investigating the whereabouts identification of runaways and missing children, investigating the personal identification, habit, way of action, motivation, whereabouts identification, real child confirmation, association, transaction, reputation, and personality of specific persons or specific groups, investigating the whereabouts identification of missing persons, owners of government-vested properties or renounced properties, investigating the whereabouts of lost properties or stolen properties, investigating the causes of fire, character defamation, slander, damage, accident, physical disability, infringement on real estate or movable property, and investigating all sorts of accidents including traffic accidents, insurance accidents, and medical malpractices. In the qualifying examination, examinees' age should be restricted to be over age 25. The person, who is exempted from its primary examination, should be restricted to be the person, who has the career of over 20 years in related fields, in consideration of its equity with other certificates of qualification. In the supervisory institution, as the policy institution is the supervisory institution in many countries including France (the police) and Japan (public security committee), so the National Policy Agency should be the supervisory institution in consideration of management aspects. In the penal regulations, especially, we should clarify the management of personal information (personal information protection, personal information management), and so should prevent the infringement of people's basic rights, and then should ensure the public interest.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.8
• /
• pp.245-250
• /
• 2014

In recent years, the developments of medical technology and emergency medical services have been changed to home from the hospital. In this regard, the researches for the prevention or early diagnosis have become actively. In particular, bio-signal monitoring is applied to a variety of u-healthcare application services. The proposed system in this paper is to provide a security technology to protect the medical information measured from the various sensors. Especially, bio-signal information is privacy-sensitive personal information that must be protected. We applied a two-dimensional code technology, QR code, for the protection and management. In the client side, it can analyze the QR code and confirm the results on devices. Finally, with this proposed platform, we show the results of application service to verify the creation and distribution of integrated image file between the bio-signal and medical image information.

• Spatial Information Research
• /
• v.23 no.6
• /
• pp.19-29
• /
• 2015

This study was conducted with the purpose of suggesting the improvement plan of political for activating the Geo-Spatial Big Data Services. To this end, we were review the previous research for Geo-Spatial Big Data and analysis domestic and foreign Geo-Spatial Big Data propulsion system and policy enforcement situation. As a result, we have deduced the problem of insufficient policy of reaction for future Geo-Spatial Big Data, personal information protection and political basis service activation, relevant technology and policy, system for Geo-Spatial Big Data application and establishment, low leveled open government data and sharing system. In succession, we set up a policy direction for solving derived problems and deducted 5 policy issues : setting up a Geo-Spatial Big Data system, improving relevant legal system, developing technic related to Geo-Spatial Big Data, promoting business supporting Geo-Spatial Big Data, creating a convergence sharing system about public DB.

• Journal of Korea Technology Innovation Society
• /
• v.13 no.1
• /
• pp.28-43
• /
• 2010

Recently, the establishment of Project Management System for National Research and Development Projects focusing on researchers has drawn sharp attention through revision of applicable laws and regulations, and presentation of national policy tasks for the management of national R&D projects, however, it is insufficient to say that a remarkable system has been established by researchers. In this study, a National Research Automated Registry Code Numbering System was suggested by using a National R&D Projects Human Resource Declaration System for Project Management System for National R&D Projects focusing on researchers. In addition, a National Research Automated Registry Code System was sought in order to realize this system. Through this suggestion, consolidation of personal information protection can be attainted through the national career management, and by raising the participation of researchers naturally, reduction in administrative affairs, simplification of accomplishments verification, and improvement in investigation, analysis and evaluation statistic quality can be expected.