• Journal of the Korea Society of Computer and Information
• /
• v.12 no.4
• /
• pp.127-136
• /
• 2007

With the construction of vast networks, Internet based services such as online games and Internet banking are steadily increasing. As dysfunctions of the trend, various threats from worms/viruses to hacking are proliferating and new types and variations of worms/viruses are emerging. In response to the problems, telecommunication carriers and the government we establishing systems to cope with infringement accidents and resultant damages. However, in case of nationwide emergencies like the 1.25 Accident, infringement may spread rapidly while analyzing what kind of infringement it is and that may result in enormous losses. Thus, the paper purposed to analyze the states of infringement accidents occurring at each network and coping methods and checklist, based on the results. and to propose strategies for controlling services in case of large scale infringement accidents.

• Journal of Convergence for Information Technology
• /
• v.12 no.5
• /
• pp.1-14
• /
• 2022

This study tried to suggest crisis management compliance to prevent personal information infringement accidents that may occur in the process because the data including personal information is being processed in the artificial intelligence (AI) service process. To this end, first, the AI service provision process is divided into 3 processes such as service planning/data design and collection process, data pre-processing and purification process, and algorithm development and utilization process. And 3 processes are subdivided into 9 stages following to personal information processing stages to infringe personal information. All processes were investigated with literature and experts' Delphi. Second, the investigated personal information infringement factors were selected through FGI, Delphi, etc. for experts. Third, a survey was conducted with experts on the severity and possibility of each personal information infringement factor, and the validity and adequacy of the 94 responses were verified. Fourth, to present appropriate risk management compliance for personal information infringement factors in AI services, a method for calculating the risk level of personal information infringement is prepared by utilizing the asset value of personal information, personal information infringement factors, and the possibility of infringement accidents. Through this, the countermeasures for personal information infringement incidents were suggested according to the scored risk level.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.2
• /
• pp.231-242
• /
• 2020

In the case of damages caused by personal information infringement accidents caused by information infringer such as hackers, the information subject will usually claim damages to the information controller rather than the information infringer who is the perpetrator, and the information controller who has been claimed will claim damages again to the information security enterprise that has entrusted the information protection business. These series of claims for damages, which are expected to be carried out between the information subject, the information controller and the information security enterprise, are nothing but quarrels for transferring of liability among themselves who are also victims of infringement. So the problem of damage compensation should be discussed from the perspective of multi-faceted rational distribution of the damages among the subjects who make up the information security industry ecosystem rather than the conventional approach. In addition, due to the nature of personal information infringement accidents, if a large amount of personal information infringement occurs, the amount of compensation can be large enough to affect the survival of the company and so this study insist that a concrete and realistic alternatives for society to share damages is needed.

• Journal of Navigation and Port Research
• /
• v.46 no.2
• /
• pp.99-109
• /
• 2022

A report released by the Chinese Maritime Court found that the natural environment and other objective factors have greatly reduced the risk of ship collision accidents with the advancement of technologies. However, collisions between merchant ships and fishing boats occur frequently along the coast during fishing seasons, which should be highly valued. International conventions and domestic legislation in China comprise detailed laws with respect to ship collisions, but the theory of ship collision infringement needs to be improved, enriched, and developed. Meanwhile, the development of the tort liability law provides theoretical support for ship collision infringement. As far as China's ship tort legal system is concerned, the research on ship collision tort damage compensation is relatively extensive, and the constitutive elements and causality of ship collision tort liability have also been studied in depth. The purpose of this paper is to explore the domestic legislation applicable to disputes related to ship collisions in China. As these laws are unclear on the resolution of disputes resulting from ship collisions, significant attention has been focused on the final judgments by the Supreme Court of China (SPC), as well as the judicial judgments set by the Maritime Court of China.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.20 no.4
• /
• pp.1-12
• /
• 2021

Emergence of the COVID 19 pandemic has resulted in a sharp increase in the number of two-wheeler vehicular traffic accidents, prompting the introduction of numerous efforts for their prevention. This study applied XGBoost to determine the factors that affect severity of two-wheeled vehicular traffic accidents, by examining data collected over the past 10 years and analyzing the influence of each factor. Among the total factors assessed, variables affecting the severity of traffic accidents were overwhelmingly high in cases of signal violations, followed by the age group of drivers (60s or older), factors pertaining only to the car, and cases of centerline infringement. Based on the research results, a reasonable legal reform plan was proposed to prevent serious traffic accidents and strengthen safety management of two-wheeled vehicles. Based on the research results, we propose a reasonable legal reform plan to prevent serious traffic accidents and strengthen safety management of two-wheeled vehicles.

• Korean Security Journal
• /
• no.17
• /
• pp.255-276
• /
• 2008

The important items, which should be considered in Private Investigation Law, can include subjects, licenses, the scope of business, qualifying examinations, and supervisory and penal provisions. The subjects of Private Investigation Law should be permitted to be both natural persons and juridical persons in terms of providing various services, but should be permitted to be juridical persons and should be administered on a license system, even in order to ensure public interests. Concretely, the introduction scope of Private Investigation Law can be regulated to include the followings: that is, investigating the whereabouts identification of runaways and missing children, investigating the personal identification, habit, way of action, motivation, whereabouts identification, real child confirmation, association, transaction, reputation, and personality of specific persons or specific groups, investigating the whereabouts identification of missing persons, owners of government-vested properties or renounced properties, investigating the whereabouts of lost properties or stolen properties, investigating the causes of fire, character defamation, slander, damage, accident, physical disability, infringement on real estate or movable property, and investigating all sorts of accidents including traffic accidents, insurance accidents, and medical malpractices. In the qualifying examination, examinees' age should be restricted to be over age 25. The person, who is exempted from its primary examination, should be restricted to be the person, who has the career of over 20 years in related fields, in consideration of its equity with other certificates of qualification. In the supervisory institution, as the policy institution is the supervisory institution in many countries including France (the police) and Japan (public security committee), so the National Policy Agency should be the supervisory institution in consideration of management aspects. In the penal regulations, especially, we should clarify the management of personal information (personal information protection, personal information management), and so should prevent the infringement of people's basic rights, and then should ensure the public interest.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.745-756
• /
• 2016

As infringement accidents of personal information have often occurred and estimates of damages are too large, the government introduces many certifications related with personal information management system for protecting personal information. Among them, PIMS and PIPL share many points in common, so many complaints about duplicate regulation have been suggested. This study evaluates the duplication of two certifications in order to examine redundancy between PIMS and PIPL both of which have been controversial.

• IEIE Transactions on Smart Processing and Computing
• /
• v.3 no.2
• /
• pp.65-73
• /
• 2014

An overall responding security-centered framework is necessary required for infringement accidents, failures, and cyber threats. On the other hand, the correspondence structures of existing administrative, technical, physical security have weakness in a system responding to complex attacks because each step is performed independently. This study will recognize all internal and external users as a potentially threatening element. To perform connectivity analysis regarding an action, an intelligent convergence security framework and road map is suggested. A suggested convergence security framework was constructed to be independent of an automatic framework, such as the conventional single solution for the priority defense system of APT of the latest attack type, which makes continuous reputational attacks to achieve its goals. This study suggested the next generation convergence security framework to have preemptive responses, possibly against an APT attack, consisting of the following five hierarchical layers: domain security, domain connection, action visibility, action control, and convergence correspondence. In the domain, the connection layer suggests a security instruction and direction in the domains of administrative, physical and technical security. The domain security layer has consistency of status information among the security domain. A visibility layer of an intelligent attack action consists of data gathering, comparison and decision cycle. The action control layer is a layer that controls the visibility action. Finally, the convergence corresponding layer suggests a corresponding system of before and after an APT attack. The administrative security domain had a security design based on organization, rule, process, and paper information. The physical security domain is designed to separate into a control layer and facility according to the threats of the control impossible and control possible. Each domain action executes visible and control steps, and is designed to have flexibility regarding security environmental changes. In this study, the framework to address an APT attack and load map will be used as an infrastructure corresponding to the next generation security.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.10
• /
• pp.2121-2128
• /
• 2009

The application range of IEEE 802.11 wireless LAN has rapidly expanding from campus, enterprise to the public network of Hot Spot area due to the advantages of easiness of construction, mobility of wireless client station, convenience of usage and so on. However the security of WLAN(Wireless LAN) is vulnerable inherently because of using RF as a medium, and so the dangers of infringement of personal information and inside data of enterprises have increased and wardriving attack searching for security vulnerability in wireless LAN has become more serious especially. In this paper, we find out the overview of various procedures and preparatory stages for wardriving attack against wireless LAN, and propose complementary methods to prevent information infringement accidents from wardriving attack in wireless LAN. For this purpose, we make an equipment which is suitable for wardriving in wireless LAN and show security vulnerability of AP(Access Point) operation in WLAN around Yangjae-Dong in Seoul as a result of using the equipment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.853-862
• /
• 2021

Today, disturbance and paralysis of information and communication infrastructure by electronic infringement of national infrastructure is emerging as a threat. Accordingly, the government regularly implements the vulnerability analysis and evaluation system of major information and communication infrastructure to protect the information system and control system of major infrastructure, and invests increased human and material resources every year to efficiently operate it. However, despite the government's efforts, as infringement accidents and attempts targeting national infrastructure continue to occur, the government's resource input to prepare the information protection foundation has little effect on the information protection activity result calculation, making the evaluation system not efficient. The question arises that it is not. Therefore, in this study, we use the DEA model to review the efficient operation of the vulnerability analysis and evaluation system for major information and communications infrastructure, and suggest improvement measures to enhance the level of information protection based on the analyzed results.