• Convergence Security Journal
• /
• v.14 no.2
• /
• pp.73-79
• /
• 2014

In the 21st century, the higher CCTV, hidden Camera, and surveillance and contra-surveillance in Cyber-space are, the higher the voices of concern about surveillance society nationally are. Nevertheless, phenomenon of panoptisme is becoming into general use. Actually, this watching system should be on the rise but this is the output playing up and advertising the positive effect of immediate convenience and offering safety that government and business made. Thus, this study wants to offer implication to warn the invasion of privacy and generalization controlled society as pointed out cause and problem of the surveillance society time according to the digital era.

• Review of KIISC
• /
• v.33 no.4
• /
• pp.117-124
• /
• 2023

최근 인공지능, 디지털 트윈, 메타버스 기반의 신규 ICT 서비스가 도입되면서 이러한 서비스에서 발생할 수 있는 프라이버시 위험의 적절한 처리는 매우 중요하게 대두되었다. 이의 대표적인 기술적 대책이 프라이버시 강화 기술의 적용이다. 이와 관련하여 개인정보보호 국제표준은 국가나 조직의 관행과 기술을 국제 표준으로 개발하여 상호 연동이 가능한 서비스를 제공하는 역할을 하며, 이로 인해 제품이나 서비스의 경쟁력을 강화하는데 활용될 수 있다. 개인정보보호 국제 표준화를 주도적으로 추진하고 있는 대표적인 국제 표준화 그룹으로는 국제표준화위원회/전기위원회 합동위원회 1/서브위원회 27/작업그룹 5 (ISO/IEC JTC 1/SC 27/WG 5)가 있으며, 독일 쾨테대학의 Kai Rannenberg 교수가 이 그룹의 의장을 맡고 있다. 2022년 ISO/IEC JTC 1/SC 27/WG 5 전자회의 이후 우리나라 주도의 국제표준은 2건 채택되었다. 차기 회의는 2023년 10월 서울에서 원격 참여가 허용된 대면회의로 개최될 예정이다. 본 고에서는 이 그룹에서 2022년 7월 이전 채택된 개인정보보호 관련 국제표준과 현재 개발 중인 주요 국제표준 동향을 살펴보고자 한다. 또한 지난 4월 SC27 WG5 회의에서 논의된 개인정보보호 관련 주요 표준화 이슈와 대응 방안을 제시한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.11a
• /
• pp.465-467
• /
• 2020

최근 정보 기술의 발전으로 클라우드 컴퓨팅은 개개인에게 편의성을 제공하도록 기능하지만, 실생활에서 디지털 정보의 의존성을 높이게 되었다. 클라우드 컴퓨팅은 실시간으로 다양한 정보를 교환함으로써 다양한 어플리케이션 서비스를 제공한다. 특히, 사용자가 가지고 있는 정보들을 로컬 서버에 관리하기 어려운 문제를 해결하기 위해 아웃소싱 클라우드 스토리지 서비스를 이용하여 해결할 수 있다. 그러나, 사용자의 데이터를 외부 클라우드 서버에 업로드하여 저장하게 되면, 클라우드 서비스 제공자로 인한 프라이버시 문제가 발생할 수 있다. 최근, 클라우드 서버에서 발생할 수 있는 프라이버시 문제를 해결하기 위해서 사용자의 데이터를 암호화하여 클라우드 서비스 제공자로부터 사용자의 정보를 보호하는 연구가 진행되고 있다. 하지만 이 연구는 시간이 지남에 따라 암호화가 복호화될 수 있으며, 특히 클라우드 서버에서 Offline Bruteforce 공격이 발생할 수 있다. 본 논문에서는 클라우드 환경에서 사용자의 개인정보를 보호하기 위한 기존 연구의 한계점을 분석한다. 기존 연구 분석을 통해 개인정보 보호를 위한 요구사항을 도출하고, 이를 기반으로 안전한 분산 데이터 관리 기법에 대해 고찰한다.

• Journal of Digital Convergence
• /
• v.11 no.9
• /
• pp.21-27
• /
• 2013

With the advent of digital media environment, distribution way of information changes, legalization of the right to be forgotten is becoming increasingly necessary. However, too much emphasis on protection of personal information to hinder the development of the Internet industry and constitutional rights, including freedom of speech and right to know might be infringed. Thus, the scope of the right to be forgotten there is a need to clarify the rules. First, the rights of personal information can be divided into two. Right to be forgotten can be applied to the right to self-determination of personal information, but the right to self-determination information about social personality cannot be applied to. Second, in the digital media environment, old news article over the internet repeatedly distribution as the new damage is generating. Because old news article is a historical record, the right to be forgotten can not be applied. Thus, appropriate for digital media environment must find new ways.

• Informatization Policy
• /
• v.30 no.2
• /
• pp.22-45
• /
• 2023

In research on the use of AI-based voice assistant services, problems related to the user's trust and privacy protection arising from the experience of service use are constantly being raised. The purpose of this study was to investigate empirically the effects of individual trust in AI and online privacy concerns on the continued use of AI-based voice assistants, specifically the impact of their interaction. In this study, question items were constructed based on previous studies, with an online survey conducted among 405 respondents. The effect of the user's trust in AI and privacy concerns on the adoption and continuous use intention of AI-based voice assistant services was analyzed using the Heckman selection model. As the main findings of the study, first, AI-based voice assistant service usage behavior was positively influenced by factors that promote technology acceptance, such as perceived usefulness, perceived ease of use, and social influence. Second, trust in AI had no statistically significant effect on AI-based voice assistant service usage behavior but had a positive effect on continuous use intention. Third, the privacy concern level was confirmed to have the effect of suppressing continuous use intention through interaction with trust in AI. These research results suggest the need to strengthen user experience through user opinion collection and action to improve trust in technology and alleviate users' concerns about privacy as governance for realizing digital government. When introducing artificial intelligence-based policy services, it is necessary to disclose transparently the scope of application of artificial intelligence technology through a public deliberation process, and the development of a system that can track and evaluate privacy issues ex-post and an algorithm that considers privacy protection is required.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.839-845
• /
• 2018

Sensitive data is encrypted and stored as privacy policy is strengthened through frequent leakage of personal information. For this reason, the cryptographically owned encrypted data is a very important analysis from the viewpoint of digital forensics. Until now, the digital evidence collection procedure only considers imaging, so hardware specific information is not collected. If the encryption key is generated by information that is not left in the disk image, the encrypted data can not be decrypted. Recently, an application for performing encryption using hardware specific information has appeared. Therefore, in this paper, hardware specific information which does not remain in file form in auxiliary storage device is studied, and hardware specific information collection method is introduced.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.7
• /
• pp.81-88
• /
• 2009

Fingerprinting scheme is a technique which supports the copyright protection to track redistributors of digital content using cryptographic techniques. These schemes enable the original merchant to identify the original buyer of the digital data by embedding fingerprints into digital contents. Asymmetric property of fingerprinting schemes is important to keep the buyer's privacy. In this paper, we propose a symmetric encryption based fingerprinting protocol without trusted third party. Our scheme enables the reduction of computational costs for the encryption using symmetric key encryption scheme. Since a trusted third party doesn't take part in making the fingerprint of each buyer, the protocol doesn't need to control the trusted third party and it is more secure against collusion attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6A
• /
• pp.151-162
• /
• 2008

As the innovative internet technologies and multimedia are being rapidly developed, digital content is a remarkable new growth industry and supplied by various channel. For example, domestic sales volume in digital contents marked an annual increase of 14.7% since 2003. Against the merits of digital content distribution, Information reengineering aspects are getting more serious issues in these days such as infringement of copyright, flood of inappropriate content, invasion and infringement of privacy, etc. In this paper, we are making a suggestion of the TDCDA-Trusted Digital Content Distribution Architecture in order to solve above problems. TDCDA is provided to how well-define and design the trusted path in digital contents distribution in internet environments using a secure distribution mechanism, digital content integrity and copyright protection. Finally, we also proposed the TDCDA algorithm and applicable guidelines for feasible approach in real computing environment.

• KSCI Review
• /
• v.15 no.1
• /
• pp.37-46
• /
• 2007

Lately, is trend that diffusion of Mobile information appliance that do various function by development of IT technology is increasing much. There is function that do more convenient and efficient life and business using portable phone that is Daepyo?? of Mobile information appliance, but dysfunction that is utilized by Beopjoe of pointed end engineering data leakage, individual's privacy infringement, threat and threat etc. relationship means to use Mobile Phone is appeared and problems were appeared much. However, legal research of statute unpreparedness and so on need research and effort to prove delete, copy, integrity of digital evidence that transfer secures special quality of easy digital evidence to objective evidence in investigation vantage Point is lacking about crime who use this portable phone. It is known that this digital Forensic field is Mobile Forensic. Is purposeful to verify actually about acquisition way of digital evidence that can happen in this treatise through portable phone that is Mobile Forensic's representative standing and present way to prove integrity of digital evidence using Hash Function.

• Journal of the Korea Convergence Society
• /
• v.13 no.4
• /
• pp.25-37
• /
• 2022

The government and private companies are endeavoring to help the digital healthcare industry grow. This includes easing regulations on the big data industry such as the amendment of the Data 3 Act. Despite these efforts, however, there have been constant demands for the amendment of laws related to the medical field and for securing medical data transmissions. In this paper, the Data 3 Act of Korea and the legal system related to healthcare are examined. Then the legal, institutional, and technical aspects of the strategies are compared to understand the issues and implications. Based on this, a legal and institutional strategy suitable for the digital healthcare industry in Korea is suggested. Additionally, a direction to improve social perception along with technical measures such as safe de-identification processing and data transmission are also proposed. This study hopes to contribute to the spread of various convergent industries along with the digital healthcare industry.