• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.2
• /
• pp.317-322
• /
• 2013

Personal information is defined information related to users' privacy data. It can be verified information through social security number, image, and means relating to individual can verify. Such personal information is in accordance with the privacy act in law for the collection and usage in enterprises and institutions. However, it can be induced privacy problem when it is exposed information without attention. This user's inadvertent disclosure of personal information has occurred due to social engineering and intelligent cyber-crime occurred in order to solve these problems. A variety of protection solutions for personal information have been developed. Web privacy filtering firewall and solutions related with server have been developed among developed many solutions, web privacy filtering and firewall solutions is proposed in this paper.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.415-423
• /
• 2016

Smart grid systems can be real-time information exchange between suppliers and consumers, and provides a lot of convenience. However, the risk to the user's personal information exposure is ever-present. Depending on the characteristic of the smart grid environment, there is a threat of the disclosure of personal information based on the personal information life-cycle, and can also be exposed a variety of information based on energy consumption pattern analysis. In this paper, we analyze the existing privacy act in the smart grid and propose improvements for the existing directive.

• Journal of the Korea Safety Management & Science
• /
• v.16 no.3
• /
• pp.433-441
• /
• 2014

Increasing the outsourcing of personal information treatment, the safe management and director for fiduciary is very important. In this paper, under the personal information protection management systems the current situation of fiduciary management and direction was reviewed and the certification system was analysed in terms of availability of the controled items. Under the basis of legal compliance at the time of the Privacy Act, the characteristics of outsourcing type was also analyzed and derived new controled items. As a result of the proposed research, new controled items for fiduciary could be used as a standard for the managing Director.

• Journal of Internet Computing and Services
• /
• v.16 no.4
• /
• pp.141-148
• /
• 2015

The Personal Information Protection Act enacted in March 2011 stated that the application target of this law includes all personal information processors in the public and private sector, and established the protection standard by phase such as collection, use and provision of personal information. There was an introduction of the Privacy Impact Assessment system that enables personal information processors to perform impact assessment autonomously if there are great concerns over the fact that making and expanding personal information files will influence the protection of personal information, while also making impact assessment compulsory for public institutions in specific reasons with great concerns for violating the rights of the subjects of information. This Act still has the problem that it is generally difficult to understand. This paper deals with the Korean legal practices about the personal information protection with regard to ambiguity and promotional system.

• Convergence Security Journal
• /
• v.12 no.2
• /
• pp.13-21
• /
• 2012

The purpose of this study is to profile actual conditions of personal information protection systems operated in overseas countries and examine major considerations of personal information that security service providers must know in the capacity of privacy information processor, so that it may contribute to preventing potential occurrence of any legal disputes in advance. Particularly, this study further seeks to describe fundamental idea and principle of said Personal Information Protection Act; enhancement of various safety measures (e.g. collection/use of privacy data, processing of sensitive information/personal ID information, and encryption of privacy information); restrictions on installation/operation of video data processing devices; and penal regulations as a means of countermeasure against leakage of personal information, while proposing possible solutions to cope with these matters. Using cases among foreign countries for this study.

• Convergence Security Journal
• /
• v.11 no.5
• /
• pp.99-108
• /
• 2011

The purpose of this study is to profile actual conditions of personal information protection systems operated in overseas countries and examine major considerations of personal information that security service providers must know in the capacity of privacy information processor, so that it may contribute to preventing potential occurrence of any legal disputes in advance. Particularly, this study further seeks to describe fundamental idea and principle of said Personal Information Protection Act; enhancement of various safety measures (e.g. collection / use of privacy data, processing of sensitive information / personal ID information, and encryption of privacy information); restrictions on installation / operation of video data processing devices; and penal regulations as a means of countermeasure against leakage of personal information, while proposing possible solutions to cope with these matters. Using cases among foreign countries for this study. Possible solutions proposed by this study can be summed up as follows: By changing minds with sufficient legal reviews, it is required for security service providers to 1) clearly and further specify any purposes of collecting and using privacy information, if possible, 2) obtain any privacy information by legitimate means as it is necessary to collect such information, 3) stop providing any personal information for the 3rd parties or for any other purposes except fundamental purposes of using privacy information, and 4) have full knowledge about duty of safety measure in accordance with safe maintenance of privacy information and protect any personal information from unwanted or intentional leakage to others.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.05a
• /
• pp.456-460
• /
• 2012

Privacy Protection Act of 30 March 2012 was performed. In general, personal information management to enhance security in the DB server has a security system but, PC for the protection of the privacy and security vulnerability analysis is needed to research on self-diagnosis. In this paper, from a PC to search information relating to privacy and enhance security by encrypting and for delete file delete recovery impossible. In pc found vulnerability analysis is Check user accounts, Checking shared folders ,Services firewall check, Screen savers, Automatic patch update Is checked. After the analysis and quantification of the vulnerability checks through the expression, enhanced security by creating a checklist for the show, PC security management, server management by semi-hwahayeo activates. In this paper the PC privacy and PC security enhancements a economic damage and of the and Will contribute to reduce complaints.

• The Korean Journal of Archival Studies
• /
• no.29
• /
• pp.225-268
• /
• 2011

The general public are interested in the politics and form public opinion and keep in check the government for true democracy. The general public have the right to be furnished information from the government. And the government should enact the Freedom of Information Act to provide the public's right to know. At the same time, the government should enact the Data Protection Act to provide the public's right to privacy. There is a friction between the Freedom of Information Act and the Data Protection Act. It's hard to maintain the proper balance between the Freedom of information Act and the Data Protection Act, but many countries try to do so. The UK enacted the Data Protection Act 1998(DPA), which entered into force on 2000, to comply with EU Directive 1995. The Freedom of Information Act 2000(FOI), which came fully into force on 2005, was passed in 2000. The FOI imposes significant duties and responsibilities on public authorities to give access to the information they hold. The purpose of this study is to consider the provisions of the personal data in FOI and DPA. Besides this, it identifies the complaint cases on public authorities about the disclosure and exemption of the personal data in comparison with the acts. If information is the personal data of the person making the request, it will disclose under the DPA. If information is the personal data of a third party, it will disclose under the FOI. These acts interact each other to make up for the weak points in the other to make a proper application of the act on public authorities. This study may have any limitation in making a comparative study of the disclosure and exemption of the personal data in Korea. But it is expected to provide a basis for understanding the disclosure and exemption of the personal data in the UK.

• Journal of the Korea Convergence Society
• /
• v.9 no.3
• /
• pp.231-240
• /
• 2018

Recently, personal information processing are becoming more important in the behavioral advertising based on online and mobile platform. The behavioral advertising analyzes and utilizes individual's search & purchase history, hobbies, and tendency based on the personal behavior information collected using the automatic collection device. Therefore, it collects and stores other types of personal information which did't defined in Privacy Act and can analyze personal behavior. This characteristics may cause disclosure of personal information and exposure to intrusion. In this paper, we investigate and analyze the privacy policy of the advertising agencies, and discussded the measures to be taken in collecting, storing and using personal information suitable for behavior information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.99-106
• /
• 2012

Numerous private corporations and public institutions are collecting personal information through the diverse methods for the purpose of sales, promotion and civil services, and using personal information for the profits of the organizations and services. However, due to immaturity of the technical, managerial measures and internal control for the collected personal information, the misuse, abuse and the leaks of personal information are emerged as major social issues, and the government also is promoting implementation of the act on the privacy protection by recognizing the importance of the personal information protection. This research describes on the measures to detect the anomaly by analyzing personal information treatment patterns managed by the organizations, and on the measures to coup with the leaks, misuse, and abuse of personal information. Particularly, this research is intended to suggest privacy leakage monitoring system design, which can be managed by making the elements related to personal information leaks to numeric core risk indexes to be measured objectively.