• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.391-400
• /
• 2012

This study focused on the role of the center for private information, which can manage and share the personal data from data breach incidents. Especially, this study addresses on the importance of establishing information management systems for preventing secondary misappropriation of breached personal data and private information. The database of breached personal data can be used for reducing privacy worries of potential victims of secondary misuse of personal data. Individuals who use the same IDs and passwords on multiple websites may find this service more effective and necessary. The effectiveness of this breached data center on reducing secondary privacy infringement may differ depending on the extend of data being shared and the conditions of data submission. When businesses experienced data breach and submission of data to this center is required by the law, the accuracy and effectiveness of this service can be enhanced. In addition, centralized database with high quality data set can increase matching for private information and control the secondary misappropriation of personal data or private information better.

• 한국디지털정책학회:학술대회논문집
• /
• 2005.06a
• /
• pp.107-143
• /
• 2005

Mobile service that geography, position by development of space Information Technology and technology of communications, space are various to us now becoming limelight as point contents and infra information that customers do demand based on radio superhigh speed authentication net on highly information society by offer infringement problem about individual's privacy or information by political and scientific interest be injured. Purpose of this study grasps use factor of LBS application Mobile service, and it is that analyze actual proof through questionnaire to grasp whether some relation is with value and action determination that is felt of LBS application Mobile service. Distributed all question of 190 copies but disk floret inclination did valid data 171 that clear question and omission remove a lot of questions by type of study among questionnaire of collected 182 wealths. Analyzed factor analysis and authoritativeness to search validity and confidence of questionnaire and used single regression analysis and multiple regression analysis for hypothetical verification. According to verification result, Mobile service that apply position base service usefulness and system quality, adaptedness of Mobile service that apply position base service by leading person affecting in use, acted for connection healthy and felt value is important factor immediately. Usability and social effect, felt expense, privacy did not appear by leading person that keep in mind in this study. Is been related with step that Mobile service that apply position base service is placed. That is, as present childhood, a person who have experience that use service to look for friend is few and usability fairly in last in wide application boundary and this very important person was removed finally in model. This study has sense in terms of study systematically about LBS application service use leading person that is getting into the spotlight worldwide among Mobile service that is injured newly.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.4
• /
• pp.109-115
• /
• 2016

Life log started with the simple purpose of recording or sharing mainly data regarding one's personal life, but with the introduction of advanced specialized analytic methods by many corporations, a new type of business based on the life log recently emerged, with an aim of improving the quality of people's personal lives. In spite of the indispensable advantages, however, personal health lifelog service brings critical challenges that cannot be avoided from user side if the security of the data is concerned. The problem of user's privacy infringement and leaking user's sensitive medical information is increasing with the revitalization of personal health lifelog services. In this paper, we propose an information security reference model for the personal health lifelog services. Our proposal can contribute to increase the related industry to cultivate new market by suggesting the clear announcement of the guidelines using privacy protection reference model for user-specific healthcare services which uses personal lifelog.

• Journal of Convergence Society for SMB
• /
• v.6 no.2
• /
• pp.25-30
• /
• 2016

Personal Information Protection Act does not apply to certain personal information processings and personal information management as well as the data subject's right to access to their personal information collected by public authorities pursuant to Statistics Act. Such exclusion may lead to problems such as misuse and mishandling of personal information by data controllers as well as infringement upon the data subejct's right to control over their personal information. This study is to find solutions to the above problems, considering the public interests of statistics and the facilitation of the collection and the use of statistics. Ultimately, the study is to suggest recommendations for the Personal Information Protection Act to ensure the data subject's rights to request access and rectification as well as safe management of the collected personal information.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.6
• /
• pp.163-171
• /
• 2015

Personal Health Records(PHR) service offers patients a convenient and easy-to-use solution for managing their personal health records, crucial medical files, and emergency contacts. In spite of the indispensable advantages, PHR service brings critical challenges that cannot be avoided from consumer side if the security of the data is concerned. The problem of user's privacy infringement and leaking user's sensitive medical information is increasing with the fusion of PHR technology and healthcare. In this paper, therefore, we analyze the various security aspects that are vulnerable to the PHR service and needed to be resolved. Moreover, we analyze the security requirements from the point of view of the PHR users and application service providers and provides the PHR security mechanism for addressing PHR security threats and satisfying PHR security requirements.

• Journal of Society of Preventive Korean Medicine
• /
• v.18 no.3
• /
• pp.11-21
• /
• 2014

The rapid development and distribution of information communication industry facilitates the changes of hospital administration, introducing EMR(Electronic Medical Record) instead of paper-based medical record in the medical field. The developed countries such as U.S. have established EMR system after in the middle of 1970s because the primary advantages of EMR is to store and handle vast amounts of records efficiently and increase the quality of health care. Most of health organizations in Korea also apply medical record system to their administration. As the result, they have accomplished a scientific administration system through the use of medical record to handle a variety of patient's information including patient's confidentiality and privacy such as family history, social status, income level, and so on. However, access to and the misuse of EMR causes illegal infringement of patient's information and finally it becomes a very serious medical issue. Potential leakage and misuse of records may seriously infringe patient's privacy rights. In this respect, the related agencies in the public and private sector have been making efforts to prevent patient's records leakages. Especially, the revision bill of Medical Law in 2002 establishes the ways on the security and standards of electronic records. However, it does not provide the proper guidelines which is applied to the rapid changes of the medical environment. One of the most priorities in the hospital administration is the production and maintenance of an accurate medical records fulfilled by medical recorders. Therefore, it is very important for health care providers to hire ethical-based medical recorders. But, unfortunately most of hospitals overlook the importance of their roles. All parts including government, physician and patient must have more concerns on the problems related to EMR. Therefore, this study aims to propose the proper ways to resolve the problems coming from EMR.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.199-213
• /
• 2018

Since 2008, large-scale personal information breach incidents have occurred frequently. Even though national education, policy, and laws have been enacted and implemented to resolve the issue, personal information breaches still occur. Currently, individuals cannot confirm detailed information about what personal information has been affected, and they cannot respond to the breaches. Therefore, it is desirable to develop various methods for preventing and responding to personal information infringement caused by breach and leakage incidents and move to privacy protection behaviors. The purpose of this study is to create understanding of personal information security and information breach, to present services that can prevent breaches of personal information, to investigate the necessity of and analyze the potential public demand for such services, and to provide direction for future privacy-related information services.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.1
• /
• pp.41-49
• /
• 2007

RFID in which subminiature IC chip with the indentified information is built a core technique that can recognize, trace and manage various information of an object using radio frequency in the age of Ubiquitous. Several pressing matters about an infringement of Privacy and a security of private information should be settled as soon as possible because an information of specific circumstance can be collected and used without any awareness by others as well as a private information. In addition, various algorithms with high level of security, which is normally used in wire, can be hardly applied to RFID tag because of a lot of restrictions of tag. In this report, designed-RFID tag based on the standard of ISO/IEC 18000-6 and the problems which originated from the technical procedure of that design were analyzed, and the algorithm which could be applied to the designed-tag was also investigated.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.7
• /
• pp.935-941
• /
• 2020

People estimation is important to provide IoT services. Most people counting technologies use camera or sensor data. However, the conventional technologies have the disadvantages of invasion of privacy and the need to install extra infrastructure. This paper proposes a method for estimating the number of people using a Wi-Fi AP. We use channel state information of Wi-Fi and analyze that using deep learning technology. It can be achieved by pre-installed Wi-Fi infrastructure that reduce cost for people estimation and privacy infringement. The proposed algorithm uses a k-binding data for pre-processing process and a 1D-CNN learning model. Two APs were installed to analyze the estimation results of six people. The result of the accurate number estimation was 64.8%, but the result of classifying the number of people into classes showed a high result of 84.5%. This algorithm is expected to be applicable to estimate the density of people in a small space.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.21-31
• /
• 2008

Ubiquitous environment is constructed by development of an IT technology, offer environment of many service changed to mobile environment. Also, existed service offered at fixed position like home or company, but according to development of mobile device. user require service as moving. Wibro can offer as user moving using mobile device. As requirement should be included authentication, in case of authentication between UICC and AAA authentication server is offered in Wibro, service is available. However, when UICC requires initial authentication to AAA authentication server, identification information of UICC expose as plaintext, so privacy infringement of mobile device occurs. Therefore, identification information of terminal generate randomly using OTP(One-Time Password) that generated in mobile terminal, and we proposed mechanism of privacy protection. Also, we proposed mechanism that offer secure service to user as offer authentication from OTP framework, and offer OTP combination authentication detailedly.