• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.47-49
• /
• 2021

According to the revision of the Data 3 Act in 2020, personal information of medical data can be processed anonymously for statistical purposes, research, and public interest record keeping. However, unidentified data can be re-identified using genetic information, credit information, etc., and personal health information can be abused as sensitive information. In this paper, we derive the need for homomorphic encryption to protect the privacy of personal information separated by sensitive information.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.3
• /
• pp.13-23
• /
• 2020

Currently, online means of replacing resident registration numbers(RRN) include I-Pin, mobile phone, credit card, MyPin, and general-purpose certificate. In order to issue alternative means based on the RRN, it must be designated through the designation review by the Korea Communications Commission(KCC) through a designation review by personal proofing agency and be subject to annual management. However, the criteria for designation and follow-up of the designation of the personal proofing agency carried out by KCC have been used in 2010 without revision, and there are problems that do not conform to the evaluation standards of various alternative means. Therefore, in this paper, we propose a method for improving the designation criteria and management system of the personal proofing service agency. The proposed method analyzes the characteristics of the alternative identification-based personal proofing service and proposes a follow-up management standard that can appropriately evaluate the analyzed characteristics and improves the designation criteria according to the emergence of new alternatives. Through the proposed method, it can be seen that it is possible to strengthen the safety of the personal proofing service based on the alternative means of RRN provided online and face-to-face and to protect the user's personal information.

• Asia-Pacific Journal of Business Venturing and Entrepreneurship
• /
• v.14 no.1
• /
• pp.139-149
• /
• 2019

The purpose of this study is to contribute to the minimization of the social cost due to the insolvency by improving the success rate of the startups by providing useful information to the founders and the start-up support institutions through analysis of non-financial information affecting the failure of the startups. This study is aimed at entrepreneurs. The entrepreneurs that are defined by the credit guarantee institutions generally refer to entrepreneurs within 5 years of establishment. The data used in the study are sampled from the companies that were supported by the start-up guarantee from January 2014 to December 2013 as the end of December 2017. The total number of sampled firms is 2,826, 2,267 companies (80.2%), and 559 non-performing companies (19.8%). The non-financial information of the entrepreneur was divided into the entrepreneur characteristics information, the entrepreneur characteristics information, the entrepreneur asset information and the entrepreneur 's credit information, and cross-tabulations and logistic regression analysis were conducted. As a result of cross-tabulations, univariate analysis showed that personal credit rating, presence in the industry, presence of residential housing, presence of employees, and presence of financial statements were selected as significant variables. As a result of the logistic regression analysis, three variables such as personal credit rating, occupation in the industry, and presence of residential house were found to be important factors affecting the failure of founding companies. This result shows the importance of entrepreneur 's personal credibility and experience and entrepreneur' s assets in business management. The start-up support institutions should reflect these results in the entrepreneur 's credit evaluation system, and the entrepreneurs need training on the importance of the personal credit and the management plan in the entrepreneurial education. The results of this analysis will contribute to the minimization of the incapacity of startups by providing useful non-financial information to founders and start-up support organizations.

• Convergence Security Journal
• /
• v.14 no.3_2
• /
• pp.3-12
• /
• 2014

The government was fully aware of the gravity of a recent massive leak of personal information of credit card users. Meanwhile, the government just took a light disciplinary action by imposing a fine, but it showed its intention to strengthen the regulations by taking the severest disciplinary action. The tightened regulations against personal information leak will be applied to the private security industry without exception to protect individual people's property and lives if such an incident occurs in that industry that deals with a wide variety of personal information such as CCTV data or privacy information all the time. The purpose of this study was to examine the state of the protection and management of personal information for service users among private security firms in an effort to suggest some reform measures. The findings of the study were as follows: First, administrators or managers who are involved with personal information protection should make a full-fledged effort to gather information. Second, counseling or related programs should be provided for small and mid-sized security firms to guarantee thorough personal information protection. Third, Korea Security Association should improve the educational system related to personal information protection to resolve problems with this education currently provided for managers and employees of these companies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.3
• /
• pp.9-21
• /
• 2010

Recently, famous online shopping websites were hit by hacking attack, and many users' personal information such as ID, password, account number, personal number, credit card number etc. were compromised. Hackers are continuing to attack online shopping websites, and the number of victims of these hacking is increasing. Especially, the exposure of credit card numbers is dangerous, because hackers maliciously use disclosed card numbers to gain money. In 2007 Financial Cryptography Conference, Ian Molly et al. firstly proposed dynamic card number generator, but it doesn't meet reuse resistant. In this paper, we analyzed security weaknesses of Ian Molly's scheme, and we proposed a new one-time virtual card number generator using a mobile device which meets security requirements of one-time virtual card numbers. Then, we propose one-time credit card number generation and transaction protocol using Integrated Authentication Center for user convenience and security enhancement.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.3
• /
• pp.195-201
• /
• 2007

ARecent advances of network technologies and internet infrastructures construct a fast and useful information-oriented society. However, these nay infringe on privacy and expose sensitive information such as user id, secret number and credit card number. Therefore, we need countermeasures for solving these problems. In this paper we try to hack personal information using Google and domestic search engines, Naver and Empas. After analyze the result, we suggest solutions to prevent personal information hacking based on these search engines.

• Convergence Security Journal
• /
• v.16 no.5
• /
• pp.33-40
• /
• 2016

Credit card is means of payment used like cash in terms of function and its users have increased consistently. With development of Internet and electronic commerce a role as payment method of credit card has been growing. But as the risk which results from centralized information and online increases, credit card fraud is also growing. Card theft and loss are decreasing due to countermeasure of card companies and financial supervisory authorities, while card forge and identity theft are increasing. Recently because of frequent personal information leakage and deregulation of financial security following easy-to-use payment enforcement, customer's anxiety about card fraud is growing. And the increase of card fraud lowers trust on credit system as well as causes social costs. In this paper, the security problems of card operating system are addressed in depth and the measures such as immediate switch to IC card terminals, introduction of new security technology, supervision reinforcement of the authorities are proposed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1549-1560
• /
• 2015

For the past few years, personal information breach incidents, great and small, occurred constantly. Accordingly, the Personal Information Protection related Ordinances are enacted and amended persistently, and the information security products also keep advancing and developing in the same way. There are the certification systems such as Common Criteria Evaluation and Validation(CC) and Korea Cryptographic Module Validation Program(KCMVP) for the information security products. These are also strictly carried out. This paper analyzes and categorizes the 5 Personal Information Protection related Ordinances in the aspects of technical protection measures by using key words. Here are the 5 related ordinances; 'the Personal Information Protection Act', 'the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc', 'the Act on the Protection, Use, Etc, of Location Information', 'the Use and Protection of Credit Information Act', and 'the Electronic Financial Transactions Act.' Moreover, this study analyzes the association between the technical protection measures in the 5 relevant laws and the information security products that are obtaining the CC Evaluation & Validation(CC) and the products that are now produced at KISIA's member companies.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.257-260
• /
• 2014

Digital Forensics in the event of an accident, the system restore files and the only way to find evidence KT Website hacking happening now, credit card companies, and leakage of personal information by three recent spills occurred, such as Skin Food Home Up Customer Information hackers to find these crimes only means as well. This study attempted to bypass the KT website hacking attacks utilizing automated programs hacking programs, and if you try to experiment on whether any information has been disclosed and if so what home attacked forensics evidence for hackers to locate the can make a report is described.

• Journal of Information Technology Services
• /
• v.21 no.3
• /
• pp.1-25
• /
• 2022

The financial MyData service has implemented in January 2022 and launched 45 services by banks, securities, credit cards and fintech companies. This study applied the Q methodology, to identify the user types of MyData services and compared the perceptions of employees of financial institutions who plan and develop the MyData services. There are three types of MyData service users: active users, limited users who focus on consumption and asset status inquiry, and sensitive users for personal information. There were two types of recognition of financial company employees. One is the active user support other is the sensitive user for personal information support. The analysis of subjective perceptions can be used as a reference for establishing a company's MyData service marketing strategy and establishing related policies to improve the MyData ecosystem.