• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.2
• /
• pp.135-141
• /
• 2010

This research examines technologies and systems regarding right to control information in the network era. For this purpose, It attempts an integrated analysis of technologies and systems on the basis of the tree components of cyberspace. And it examines the prior researches and cases on privacy, personal information, and right to control information with emphasis on technologies and systems of the cyberspace. To protect privacy information, it analyses vulnerability of element technology, platform service technology, and individual technology. In particular, it describes, from the perspective of right to control information, the risk and security measures for personal information to be used as relation-context in the Web 2.0 environment. The research result will assist the methodology of future researches for grand theory on privacy information and help understanding the interaction between technology and society.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.317-326
• /
• 2012

Internet service provider is able to collect personal information to prevent the violations of the rights of service providers and customers using internet. But there are still many debates going on between a personal privacy and a regulation. Proxy servers are used in various technical purposes include bypass access. Although the proxy server users are increasing but there are not any proper institutional mechanisms and regulations to protect users. In this study, we discuss the two sides of a proxy service includes its privacy protection function and the cyber-crime threat and propose supplementary measures to mediate between the interests of public and private.

• The Journal of the Korea Contents Association
• /
• v.12 no.7
• /
• pp.156-168
• /
• 2012

As the increase of violent crimes such as robbery, murder, and rape has become a social problem, the government is considering institutionalizing the identification of criminals to prevent crime and to guarantee people's right to know. Such an atmosphere led to the approval of the revision of 'Special Law On the Punishment of Specific violent Crimes' in the National Assembly in April 2010. The revision allows the revelation of the profiles of crime suspects including the pictures of their faces at the investigation stage. However, whether the revision had been effective in preventing crime has not been demonstrated empirically. Moreover, identity revelation is a grave intrusion into privacy and an abuse of human rights such as personal rights and the right to a fair trial, since personal information of criminal suspects would be released to the media prior to the court's final judgements. Also it violates the principle of presumption of innocence, the principles of due process, the principle of double jeopardy, the principle of prohibition against excessive, the principles of clarity, and the principle of liability.

• Korean Security Journal
• /
• no.44
• /
• pp.199-223
• /
• 2015

The purpose of this study is to find the development of the personal protection business plan based on the problem that guards are now aware of personal protection service. In order to achieve the objectives of this study, we analyzed the data after expert survey and interview conducted by seven experts engaged in personal protection services more than 15 years. The guard who perform personal protection service proposed a development plan of personal protection services as follows. First, the current education system for new employees' training is required to improve the educational program of 40 hours in subjects related to personal protection duties by reorganization Second, the personal protection service training for guards also appropriate to switch to 8-hour training program for three months through an educational organization controlled by country. Third, the personal protection guards should be proceeding the practical programs required in the field and quality education in the different section by competent and professional instructors. Fourth, it should be revised Regulating that on the site of collective civil petition including in Events related to events across the board in the security services law. Fifth, there needs to be a change of recognition between police and private security firms, and to be set up the organization for supervision of management by police and private security firms jointly. Sixth, there needs to be organized a subcommittee which is consisting of experts in each task on Korea Security Association, and founded Korea Personal Protection Association for development associated with the personal protection service and to protect the rights of personal protection guards.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.3
• /
• pp.513-525
• /
• 2022

The immutability of blockchain is core elements of security of blockchain and guarantee data integrity. However, the characteristic that the data recoreded once in the blockchain cannot be modified has place for abuse by a specific user. In fact improper contents that is inappropriate to be recorded on the blockchain, such as harmful data and user personal data, is exposed on Bitcoin. As a way to manage improper content existing in the blockchain, there is a redactable blockchain using chameleon hash proposed for the first time by Ateniese. The redactable blockchain meet the right to be forgotten of GDPR by allowing data modification and deletion. Recently, Research on personal data management is being conducted in a redactable blockchain. Research by Jia et al. proposed a model that enables users to manage their personal data in the redactable blockchain. However, semi trusted regulators, which are blockchain participation nodes, have powerful authority in the blockchain, such as modification rights and deprivation of transaction rights for all blocks, which may cause side effects. In this paper, to weaken the authority of regulators in Y. Jia et al., we propose a method of authority subject altering and authority sharing, and propose a redactable blockchain-based authority change and access control system model based on applicable scenarios.

• Information Systems Review
• /
• v.20 no.1
• /
• pp.159-177
• /
• 2018

With an extensive proliferation of information and communication technology, the volume and amount of digital information collected and utilized on the Internet have been increasing rapidly. Also on the rapid rise are side effects such as unintended breach of accumulated personal information and consequent invasion of personal privacy. Informational self-determination is rarely practiced, despite various states' legal efforts to redress data subjects' damage. Personal health information, in particular, is a subcategory of personal information where informational self-determination is hardly practiced enough. The observation is contrasted with the socio-economic inconvenience that may follow due to its sensitive nature containing individuals' physical and health conditions. This research, therefore, reviews factors of self-determination on personal health information while referring to the protection motivation theory (PMT), the long-time framework to understand personal information protection. Empirical analysis of 200 data surveyed reveals threat-appraisal (perceived vulnerability and perceived severity of threats) and coping-appraisal (perceived response effectiveness), in addition to individual levels of concern regarding provided personal health information, influence self-determination to protect personal health information. The research proposes theoretical findings and practical suggestions along with reference for future research topics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.215-227
• /
• 2018

As Korea is rapidly becoming an IT powerhouse in the short term, various side effects such as cyber violence, personal information leakage and cyber terrorism are emerging as new social problems. Especially, the seriousness of leakage of personal information, which is the basis of safe cyber life, has been highlighted all over the world. In this regard, it is necessary to estimate the amount of the damage cost due to the leakage of personal information. In this study, we propose four evaluation methods to calculate the cost of damages due to personal information leakage according to average real transactions value, personally recognized value, compensation amount basis, and comparison to similar countries. We analyzed data from 2007 to 2016 to collect personal information leakage cases for 10 years and estimated the cost of damages. The number of cases used in the estimation is 65, and the total number of personal information leakage is about 430 million. The estimated cost of personal information leakage in 2016 was estimated to be at least KRW 7.4 billion, up to KRW 220 billion, and the 10 year average was estimated at from KRW 10.7 billion to KRW 307 billion per year. Also, we could find out the singularity that the estimated damage due to personal information leakage increases every three years. In the future, this study will be able to provide an index that can measure the damage cost caused by the leakage of personal information more accurately, and it can be used as an index of measures to reduce the damage cost due to personal information leakage.

• Journal of Platform Technology
• /
• v.11 no.3
• /
• pp.56-67
• /
• 2023

Recently, de-identification of personal information, which has been a long-cherished desire of the data-based industry, was revised and specified in August 2020. It became the foundation for activating data called crude oil[2] in the fourth industrial era in the industrial field. However, some people are concerned about the infringement of the basic rights of the data subject[3]. Accordingly, a development study was conducted on the Batch De-Identification Tool, a personal information de-identification automation tool. In this study, first, we developed an image labeling tool to label human faces (eyes, nose, mouth) and car license plates of various resolutions to build data for training. Second, an object recognition model was trained to run the object recognition module to perform de-identification of personal information. The automated personal information de-identification tool developed as a result of this research shows the possibility of proactively eliminating privacy violations through online services. These results suggest possibilities for data-based industries to maximize the value of data while balancing privacy and utilization.

• Journal of The Korean Association of Information Education
• /
• v.19 no.3
• /
• pp.299-310
• /
• 2015

This study was conducted with the goal to identify the degree to which elementary school students' knowledge about personal information protection practices impacted their actual behavior with regard to privacy protection. To fulfill this goal, knowledge about personal information protection was set as (1) knowledge about concepts of personal information, (2) knowledge of the rights of information holders, (3) knowledge about the code of conduct for information protection, and (4) awareness of the value of personal information. As for students' behaviors to ensure their personal information protection those were set as their habits to comply with the personal in-formation protection code of conduct and their efforts to respond and recover from any personal information violation. This study was conducted targeting 510 elementary students. The degree of the students' knowledge and their behaviors was measured by first distributing a self-report survey to the students and then analyzing their responses. The results of the analysis revealed the following: First, it was found that there are no differences among the four factors of knowledge and behavior according to the status of their education. Second, the two factors that primarily affected their personal information protection behavior were found to be their awareness of the information protection code of conduct and awareness of the value of personal information. This study holds significance in that it makes suggestions as to how personal protection practices should be taught to public school students.

• Journal of the Korean Society for information Management
• /
• v.20 no.1
• /
• pp.301-320
• /
• 2003

The rapidly increasing use of the Internet and advancement of the communication network, the explosive growth of digital contents from personal home pages to professional information service the emerging file exchange service and the development of hacking techniques . these are some of the trends contributing to the spread of illegal reproduction and distribution of digital contents, thus threatening the exclusive copyrights of the creative works that should be legally protected Accordingly, there is urgent need for a digital copyright management system designed to provide centralized management while playing the role of bridge between the copyright owners and users for smooth trading of the rights to digital contents, reliable billing, security measures, and monitoring of illegal use. Therefore, in this study, I examined the requirements of laws and systems for the introduction of the centralized management system to support smooth distribution of digital contents, and also researched on the current status of domestic and international centralized management system for copyrights. Furthermore, 1 tried to provide basic materials for the standardization of digital contents copyright management information through the examination of the essential elements of the centralized digital contents management such as the system for unique identification the standardization for data elements, and the digital rights management (DHM) .