• Title, Summary, Keyword: Privacy Protection

Search Result 706, Processing Time 0.041 seconds

Improvement Proposals for Biometric Information Protection Guideline based on the Analysis of Global Bio Information Privacy Issues (글로벌 바이오정보 프라이버시 논점 분석을 기반으로 한 바이오정보 보호 가이드라인 개선 방안)

  • Jung, Boo-geum;Kwon, Hun-yeong;Park, Hea-sook;Lim, Jong-in
    • Convergence Security Journal
    • /
    • v.18 no.3
    • /
    • pp.87-94
    • /
    • 2018
  • Privacy means the right not to interfere with the private life of an individual. Bio data is the most private personal information about the person itself, and according to advancement of technology, it is possible to analyze and judge individual as well as identify individual. The Personal Information Protection Act is based on global privacy principles, but the legislation for the protection of bio information has yet to be enacted. Therefore, it is time to protect biometric data as more sensitive information than general personal information. We will review the global privacy discussions for protecting biometric information and propose additional privacy principles and measures for utilization that should be defined in the biometric information protection guideline.

  • PDF

The Protecton of Privacy on Secondary Use of Personal Health Imformation (의료기관 개인건강정보의 이차적 이용)

  • Kim, Jang-Han
    • The Korean Society of Law and Medicine
    • /
    • v.11 no.1
    • /
    • pp.117-143
    • /
    • 2010
  • Along with the development of digital technologies, the information obtained during the medical procedures was working as a source of valuable assets. Especially, the secondary use of personal health information gives the ordeal to privacy protection problems. In korea, the usage of personal medical information is basically regulated by the several laws in view of general and administrative Act like Medicine Act, Public institutions' personal information protection Act, Information-Network Act etc. There is no specific health information protection Act. Health information exchange program for the blood donor referral related with teratogenic drugs and contagious disease and medical treatment reporting system for income tax convenience are the two examples of recently occurred secondary use of health information in Korea. Basically the secondary use of protected health information is depend on the risk-benefit analysis. But to accomplish the minimal invasion to privacy, we need to consider collection limitation principle first. If the expected results were attained with alternative method which is less privacy invasive, we could consider the present method is unconstitutional due to the violation of proportionality rule.

  • PDF

Audit Method for Personal Information Protection in On-line Games (온라인게임에서 개인정보보호 감리 모형)

  • Kim, Hee-Wan;Shin, Joong-Won;Kim, Dong-Soo
    • Journal of Digital Convergence
    • /
    • v.10 no.3
    • /
    • pp.23-37
    • /
    • 2012
  • Illegal game players' hacking and propagation of malignant code in online game exposes privacy of online game customers. So, online game companies have to support the standardized systems and operations of customers' privacies. Since online game companies implement authentication of information protection, which focuses on assets or physical, systemic security, they need a more professional system that is related to protection of individual privacy. We analyzed the individual information protection system, which includes ISO27001, ISMS of KISA, GMITS, ePrivacy, online game privacy protection guide, and BS10012. Using the suggested systems, we proposed the systemic tools that measure the level of individual information protection, which includes process and check items of each phase.

Security and Privacy Protection for Mobile Environments (모바일 환경을 위한 프라이버시 보안 기술)

  • Kim, Heeyoul
    • 한국정보기술학회논문지
    • /
    • v.15 no.11
    • /
    • pp.23-30
    • /
    • 2017
  • Recently various mobile devices have been utilized actively and they provide new experiences to users. However, there are concerns regarding the invasion of users' privacy in mobile environments, and the risk is very high due to the high portability and the continuous usage of mobile devices and the complexity of mobile ecosystem. This kind of concerns should be resolved in order to expand and improve the mobile market. In this paper, major security threats against mobile privacy, previous security policies, and current mobile security techniques are analyzed. Moreover, we present a mobile privacy protection system which enables mobile users to configure their privacy policy flexibly and enforces the policy.

A Study of Privacy Protection of Location Information in Internet GIS Environment (인터넷 GIS 환경에서 위치정보 보호에 관한 연구)

  • 오충원
    • Spatial Information Research
    • /
    • v.11 no.2
    • /
    • pp.131-142
    • /
    • 2003
  • The Location Based Services comprised GIS and Telecommunication allow users to receive various services based on their geographic location. It is need to legislation to encourage the provision and use of location information by providing privacy protection to users. But the contents of the legislation proposed by Korean government have problems conflicted between protection of a person's location information and invigoration of location-based services. The purpose of this study is to search complementary measures for privacy protection of location information from a viewpoint of effective management strategy for geographic information.

  • PDF

Improving the Key Search using Parallelism in RFID Privacy Protection

  • Shin, Myeong-Sook;Kim, Choong-Woon;Lee, Joon
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.2 no.1
    • /
    • pp.19-24
    • /
    • 2007
  • Abstract. In the ubiquitous environment of the next generation, RFID is predicted to occupy an important technical location and also expected to apply to various fields. However, the properties of tags in itself which is the core of RFID have a dysfunction like an invasion of privacy for user. An existing cryptanalytic protection scheme of the information leakage have a difficult problem to apply to RFID tags for privacy protection. We applied Ohkubo et al.'s scheme to the protection of the tag's information efficiently in the RFID system environment using low-cost tags. But, this method has all informations of tagsto identify tag's ID and then performs the process of identification in sequence in the Back-end server. These processes have lots of computations so that it have problems about a scalability. In this paper, we are based on Ohkubo et al.'s scheme to solve problems, and then analyze the parallelism with the Hellman's tradeoff method, divide it into nodesin parallel. In this paper, we are based on Okubo et al.'s scheme to solve problems, and then analyze the parallelism with Hellman's tradeoff method, divide it into the ${\omega}$ node in parallel. as a result, we can reduce the computing complexity of key search to $O(\frac{m^{2/3}n^{2/3}}{\omega})$ seconds from O(mm) seconds. finally we show the results to be enhanced the scalability.

  • PDF

Personal Information Protection by Privacy Impact Assessment in Information System Audit (정보시스템 감리에서 개인정보 영향평가를 통한 개인정보 보호)

  • Kim, Hee-Wan;Ryu, Jae-Sung;Kim, Dong-Soo
    • The Journal of the Korea Contents Association
    • /
    • v.11 no.3
    • /
    • pp.84-99
    • /
    • 2011
  • As the integrated and large-scale information is extended due to an advanced information system, a possibility of leaking out privacy increases as the time passes by. As a result, the necessity of using a privacy impact assessment (PIA) is emphasized because it can analyze and minimize the element of invasion of privacy. However, an essential audit for personal information protection is not fulfilled because most of the information system audit supervises over physical, managerial, and technical security items of system architecture area so that general items are the only things being checked. Consequently, this paper proposes that in order to minimize the invasion of personal information, the privacy impact assessment should be done. It also presents a procedure and method of personal information protection audit according to the result of the assessment. After applying the suggested method to two projects, it was confirmed that the improvements for protecting personal information were drawn from this paper.

A Study on the Applicability of Anonymous Authentication Schemes for Fine-Grained Privacy Protection (개인정보보호를 위한 익명 인증 기법 도입 방안 연구)

  • Ki, Ju-Hee;Hwang, Jung-Yeon;Shim, Mi-Na;Jeong, Dae-Kyeong;Lim, Jong-In
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.6
    • /
    • pp.195-208
    • /
    • 2010
  • As information communication technologies have highly advanced, a large amount of user sensitive information can be easily collected and unexpectedly distributed. For user-friendly services, a service provider requires and processes more user information. However known privacy protection models take on a passive attitude toward user information protection and often involve serious weaknesses. In reality, information exposure by unauthorised access and mistakenly disclosure occurs frequently. In this paper, we study on the applicability of anonymous authentication services for fine-grained user privacy protection. We analyze authentication schemes and classify them according to the level of privacy newly defined in this paper. In addition, we identify security requirements that a privacy protection scheme based on anonymous authentication can achieve within legal boundary.

Development and Validation of Privacy Concern Measurement Tool in Personal Medical Information (개인의료정보 프라이버시 염려 측정도구 개발 및 타당도 검증)

  • Lee, Kiho;Chung, Youngchul;Han, Kyeongseok;Song, Taemin
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.3 no.6
    • /
    • pp.197-208
    • /
    • 2014
  • In an information society, privacy protection is one of the most important ethical issues. In medical institutes in which personal medical information is collected and stored, in addition, a privacy breach can cause a serious damage on personal lives. This study attempted to develop privacy concern measurement tool in personal medical information to measure patients' concern on their medical information from medical service consumers' perspective and verify its validity. For this, privacy concern measurement tool in personal medical information was developed based on the results of previous studies. After performing Exploratory Factor Analysis(EFA) and Confirmatory Factor Analysis(CFA) on the measurement tool, its reliability and validity were verified. It appears that the measurement tool would be useful in developing decent privacy protection policy after investigating citizens' concern on the protection of personal medical information and domains they are interested in. For medical institutes as well, they would be helpful in coming up with a reasonable plan after figuring out problems in the protection of personal medical information and current status.

A Comparative Analysis of EU GDPR with Privacy Laws in South Korea (EU GDPR과 국내 개인정보보호 법제 비교분석)

  • Kim, Sung Hyun;Lee, Chang Moo
    • Convergence Security Journal
    • /
    • v.18 no.5_1
    • /
    • pp.83-92
    • /
    • 2018
  • The GDPR implemented since 25 May 2018 is common to all EU Member States and is legally binding. It is also important and legally valuable in that it takes into account the latest trends related to privacy protection. The purpose of this study is to propose a comprehensive review and improvement direction of the personal information protection laws in South Korea through a comparative analysis of EU GDPR and privacy related laws in South Korea. As a result of this study, the differences between the GDPR and privacy related laws in South Korea are Definition of personal sensitive information, Right to data portability, Data protection officer, Transfers of personal data to third countries, Supervisory authority, and Punishment, etc. The differences in these regulations were necessary to protect the rights and interests of data subjects and to properly handle personal information of personal information controllers. Therefore, based on the results of the comparative analysis of this study and suggestions on improvement direction of the law related to personal information protection, it is expected that it will contribute to the overall inspection and improvement of the law related to personal information protection in South Korea.

  • PDF