• Title, Summary, Keyword: Personal information

Search Result 4,965, Processing Time 0.063 seconds

Development of Personal Information Protection Model using a Mobile Agent

  • Bae, Seong-Hee;Kim, Jae-Joon
    • Journal of Information Processing Systems
    • /
    • v.6 no.2
    • /
    • pp.185-196
    • /
    • 2010
  • This paper proposes a personal information protection model that allows a user to regulate his or her own personal information and privacy protection policies to receive services provided by a service provider without having to reveal personal information in a way that the user is opposed to. When the user needs to receive a service that requires personal information, the user will only reveal personal information that they find acceptable and for uses that they agree with. Users receive desired services from the service provider only when there is agreement between the user's and the service provider's security policies. Moreover, the proposed model utilizes a mobile agent that is transmitted from the user's personal space, providing the user with complete control over their privacy protection. In addition, the mobile agent is itself a self-destructing program that eliminates the possibility of personal information being leaked. The mobile agent described in this paper allows users to truly control access to their personal information.

A Model of Authority Management for the Protection of Personal Information in OLAP (OLAP 환경에서 개인정보보호를 위한 개인정보 분리 권한관리 모델)

  • Kim, Hyoung-Gyu;Kim, Min-Ho;Kwon, Jung-Sook;Choi, Yong-Lak
    • Journal of Information Technology Services
    • /
    • v.13 no.2
    • /
    • pp.163-172
    • /
    • 2014
  • Personal information has been stolen continuously and it is also affected from development of the Internet. So the government requires that companies spend more effort for protecting customers' personal information. The OLAP server also should meet this requirement, but it is hard to satisfy for the authority management. The OLAP server must use personal information to extract required information from database. This thesis suggests a model of separating between general information and personal information, so this model can help to minimize the leakage of personal information. The model is implemented and tested as a prototype. This prototype can prove that the new model is better than the original one. This study presents that the authority management on the separation between personal information and general information helps protect the personal information of customers.

Impact of Corporate Characteristics on Personal Information Breach Accident (기업의 특성이 개인정보 유출 사고에 미치는 영향)

  • Kim, Taek-Young;Kim, Tae-Sung;Jun, Hyo-Jung
    • Journal of Information Technology Services
    • /
    • v.19 no.4
    • /
    • pp.13-30
    • /
    • 2020
  • Not only does it cause damage to individuals and businesses due to the occurrence of large-scale personal information leakage accidents, but it also causes many problems socially. Companies are embodying efforts to deal with the threat of personal information leakage. However, it is difficult to obtain detailed information related to personal information leakage accidents, so there are limitations to research activities related to leakage accidents. This study collects information on personal information leakage incidents reported through the media for 15 years from 2005 to 2019, and analyzes how the personal information leakage incidents occurring to companies are related to the characteristics of the company. Through the research results, it is possible to grasp the general characteristics of personal information leakage accidents, and it may be helpful in decision making for prevention and response to personal information leakage accidents.

Risk Analysis for Protecting Personal Information in IoT Environments (사물인터넷(IoT) 환경에서의 개인정보 위험 분석 프레임워크)

  • Lee, Ae Ri;Kim, Beomsoo;Jang, Jaeyoung
    • Journal of Information Technology Services
    • /
    • v.15 no.4
    • /
    • pp.41-62
    • /
    • 2016
  • In Internet of Things (IoT) era, more diverse types of information are collected and the environment of information usage, distribution, and processing is changing. Recently, there have been a growing number of cases involving breach and infringement of personal information in IoT services, for examples, including data breach incidents of Web cam service or drone and hacking cases of smart connected car or individual monitoring service. With the evolution of IoT, concerns on personal information protection has become a crucial issue and thus the risk analysis and management method of personal information should be systematically prepared. This study shows risk factors in IoT regarding possible breach of personal information and infringement of privacy. We propose "a risk analysis framework of protecting personal information in IoT environments" consisting of asset (personal information-type and sensitivity) subject to risk, threats of infringement (device, network, and server points), and social impact caused from the privacy incident. To verify this proposed framework, we conducted risk analysis of IoT services (smart communication device, connected car, smart healthcare, smart home, and smart infra) using this framework. Based on the analysis results, we identified the level of risk to personal information in IoT services and suggested measures to protect personal information and appropriately use it.

Personal Information Management System with Blockchain Using zk-SNARK (영지식 증명을 활용한 블록체인 기반 개인정보 관리 기법)

  • Lee, Jeong-hyuk;Hwang, Jung Yeon;Oh, Hyun-ok;Kim, Ji-hye
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.2
    • /
    • pp.299-308
    • /
    • 2019
  • As the utilization value of personal information becomes higher, discussions about providing personal information are being conducted actively. One of the most common methods of providing personal information is that a group obtains a personal information with a consent of individual. However, the above method has 2 problems. First, more information is exposed than the information required by organization for utilization of personal information. Second, trusted party should provide organization with an authentication of personal information whenever they require personal information. To solve these problems, we propose a personal information management system with blockchain using zk-SNARK(zero-knowledge Succinct Non-interactive ARgument of Knowledge) for privacy. Our proposal enables individuals to guarantee reliability of their information and protect their privacy concurrently using zk-SNARK when they provid organization with their personal information. In addition, it is possible to manage the personal information data while ensuring the integrity of the data using blockchain and it is possible to share the personal information more conveniently than existing systems.

Measuring method of personal information leaking risk factor to prevent leak of personal information in SNS (SNS에서 개인정보유출방지를 위한 개인정보 유출위험도 측정 방법)

  • Cheon, Myung-Ho;Choi, Jong-Seok;Shin, Yong-Tae
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.6
    • /
    • pp.1199-1206
    • /
    • 2013
  • SNS is relationship based service and its users are increasing rapidly because it can be used in variety forms as penetration rate of Smartphone increased. Accordingly personal information can be exposed easily and spread rapidly in SNS so self-control on information management, right to control open and distribution of own personal information is necessary. This research suggest way of measuring personal information leaking risk factor through personal information leaking possible territory's, based on property value and relationship of personal information in SNS, personal information exposure frequency and access rate. Suggested method expects to used in strengthening self-control on information management right by arousing attention of personal information exposure to SNS users.

An Analysis on the Importance and Performance of Personal Information Protection for the Elderly Welfare Center Employees

  • You, Gil-Jun
    • Journal of the Korea Society of Computer and Information
    • /
    • v.23 no.11
    • /
    • pp.185-191
    • /
    • 2018
  • The purpose of this study is to present effective basic data for business management through analysis of importance and performance of personal information protection of the elderly welfare center workers. For this purpose, the questionnaire on the protection of personal information was reconstructed based on the diagnostic level of the personal information security management level of the public institution and the questionnaire was conducted on 105 employees of the elderly welfare center in Chungbuk area. Based on the responses to the importance and the degree of performance of the personal information protection of the elderly welfare center employees, technical statistics and corresponding sample T-tests were conducted and the importance-performance analysis (IPA) was used. Followings are the results of this study: First, there is a statistically significant difference between the importance and the implementation of the management system for the protection of personal information of the workers in the elderly welfare center, establishment and implementation of protection measures, establishment and implementation of infringement measures. Second, IPA analysis on the protection of personal information of the workers in the elderly welfare center shows that the establishment and implementation of protection measures are the areas to maintain good performance. Third, in IPA analysis of the sub-factors of the personal information protection of the workers in the welfare center of the elderly, in the construction and management of the management system, in performing the role of the personal information protection officer and establishing and implementing protection measures, The factors of prevention of information disclosure and exposure and the safe use and management of personal information processing system were analyzed as areas requiring intensive improvement. This study is meaningful as a basic research that can raise the awareness of the personal information protection of the workers in the elderly welfare center and induce the improvement of the related work.

Overview of Personal Information Protection Act in Korea (개인정보보호법의 개관 및 개정방향에 관한 연구)

  • Kim, Ilhwan;Sung, Jaeho
    • Journal of Internet Computing and Services
    • /
    • v.16 no.4
    • /
    • pp.141-148
    • /
    • 2015
  • The Personal Information Protection Act enacted in March 2011 stated that the application target of this law includes all personal information processors in the public and private sector, and established the protection standard by phase such as collection, use and provision of personal information. There was an introduction of the Privacy Impact Assessment system that enables personal information processors to perform impact assessment autonomously if there are great concerns over the fact that making and expanding personal information files will influence the protection of personal information, while also making impact assessment compulsory for public institutions in specific reasons with great concerns for violating the rights of the subjects of information. This Act still has the problem that it is generally difficult to understand. This paper deals with the Korean legal practices about the personal information protection with regard to ambiguity and promotional system.

Issues and Tasks of Personal Information Protection Liability Insurance (개인정보 손해배상책임 보장제도의 쟁점과 과제)

  • Lee, Suyeon;Kwon, Hun-Yeong
    • Journal of Information Technology Services
    • /
    • v.19 no.1
    • /
    • pp.37-53
    • /
    • 2020
  • Today, our society is exposed to cyber threats, such as the leakage of personal information, as various systems are connected and operated organically with the development of information and communication technology. With the impact of these cyber risks, we are experiencing damage from the virtual world to the physical world. As the number of cases of damage caused by cyber attacks has continued to rise, social voices have risen that the government needs to manage cyber risks. Thus, information and telecommunication service providers are now mandatory to have insurance against personal information protection due to amendment of "the Act on Promotion of Information and Communication Network Utilization and Information Protection". However, the insurance management system has not been properly prepared, with information and communication service providers selecting the service operators based on sales volume rather than selecting them based on the type and amount of personal information they store and manage. In order for the personal information protection liability insurance system to be used more effectively in line with the legislative purpose, effective countermeasures such as cooperation with the government and related organizations and provision of benefits for insured companies should be prepared. Thus, the author of this study discuss the current status of personal information protection liability insurance system and the issues raised in the operation of the system. Based on the results of this analysis, the authors propsoe tasks and plans to establish an effective personal information protection liability insurance system.