• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.781-799
• /
• 2024

Recently, the US and EU have been institutionally introducing and promoting Coordinated Vulnerability Disclosure(CVD) to strengthen the response to security vulnerabilities in ICT products and services, based on collaboration with white-hat hackers. In response to these changes in cybersecurity, we propose a three-step approach to introduce CVD through the Information and Communications Network Act(ICNA). In the first step, to comprehend the necessity and requirements for legislating CVD, we survey the current situation in Korea and the trends of CVD in the US, EU, and OECD. In the second step, we analyze the necessity for legislating CVD and derive the requirements for its legislation. In this paper, we analyze the necessity for legislating CVD from three perspectives: the need for introducing CVD, the need for institutionalization based on law, and the suitability of the ICNA as the legislation. The derived requirements for CVD legislation include the establishment and publication of Vulnerability Disclosure Policy(VDP), legal protection for white-hat hackers, and designation and role assignments of coordinator. In the third step, we introduce approaches to apply the requirements for CVD legislation to the ICNA, which is the law governing prevention and response to cybersecurity incidents in private sector.

• Proceedings of the Korea Contents Association Conference
• /
• 2006.05a
• /
• pp.337-341
• /
• 2006

Spam email is an electronic mail sent to a large number of netizen who do not want it. Criminals have been to take an advantage of this tool easily through harmful activities such as phishing. Recently the spam mail containing commercial information is broadly accepted as an illegal commitment to endangering the network. According some report, it could cause real damages. For the better policy on controlling spam mail we need new Efficient Countermeasure. Several laws have been enacted in Korea for controlling spam mail. The most important acts is the Using and Protecting Communication Act. Main targets of this law is virus spreading, computer hacking, cyber pornography, intellectual property breaching, private or public information abusing and cyber terrorism. But the Using and Protecting Communication Act is insufficient to control spam mail. For the better policy on controlling spam mail we need new Efficient Countermeasure. Therefore, this research wishes to present way to control for efficient spam mail through enactment of conversion, induction of clash action system degree, special law of national regulation form for spam mail.

• The Journal of the Korea Contents Association
• /
• v.20 no.2
• /
• pp.226-239
• /
• 2020

The study seeks to present ways to form and express political opinions while monitoring, regulating and critically accepting the production and distribution of false information and platforms, which are spread channels, through the participation of citizens. First, it logically identified the unfairness of legal regulations on false information. In other words, it is often practically impossible to judge whether false information is false or not, and even false information can sometimes fall within the category of freedom of expression protection. It also revealed that voluntary regulation by platform operators was limited. As an alternative, it was theoretically clear whether civil society should participate in the maintenance and development of democratic public debate sites and create social discourse. The specific method is to find and classify false information and share it with citizens to raise awareness. Second, it forms an autonomous cooperative system with platform operators and others. Third, develop critical media capacity of citizens. Fourth, it responds to producers and platform operators of false information while engaging in community activities as a direct practitioner.

• The Journal of the Convergence on Culture Technology
• /
• v.8 no.3
• /
• pp.191-201
• /
• 2022

In this study, we are going to derive problems for fire and safety management in multiple-user Buildings and suggest improvement measures to prevent recurrence through analysis of legal operation status for safety management of multiple-user Buildings and case studies of large-scale fires in multiple-user Buildings. For this study, first, the current state of the industry and fire occurrence status were investigated through theoretical considerations of the multi-use industry, and then the previous research on the multi-use industry was analyzed. and by analyzing the legal and institutional status of multiple-user Buildings, problems were derived through cases such as the Jecheon fire in Chungcheongbuk-do, the Inhyeon-dong fire in Incheon, and the Songpa-gu fire in Seoul. As a result, first, the necessity of strengthening the initial fire response capability. Second, thorough maintenance and management of emergency exits. Third, the need for rational regulation of upholstery. Fourth, reinforcement of fire safety education and training. Fifth, strengthening of installation standards for firefighting and safety facilities. Sixth, we derive the result that it is necessary to raise awareness about safety management, compare and analyze it with legal and institutional contents, and suggest solutions accordingly. When looking at the causes of fires in multi-use buildings, building owners, business owners, and employees think that there is no possibility of a fire occurring in their business premises, so there is a lack of awareness. It is necessary to raise awareness through education and publicity of firefighters and related administrative agencies.

• The Journal of the Korea Contents Association
• /
• v.15 no.4
• /
• pp.168-178
• /
• 2015

The police have executed the priority projects for the eradication of school violence as part of governmental comprehensive measures and the role of the police as law enforcement agencies to combat school violence is expected to be further strengthened. In this regard, this study proposes several alternative policies for police activities of school violence prevention. First, it is required to establish clear legal basis for activities of school police and recruitment and education programs to enhance their professionalism. Second, we must look for ways to ensure the accountability of parties involved in school violence such as school and parents. Third, it is necessary to promote 117 call actively which has comprehensive hotline function in school violence and enhance the professionalism of counselors for promoting the victim reporting. Finally, there is a need for differential police response according to the degree of risk of school violence.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.5
• /
• pp.177-183
• /
• 2012

There occur various crimes in cyber space hiding behind anonymity to avoid punishment by criminal law. One of the most serious crimes committed in cyber space is defamation against others under the cloak of freedom of expression. The infringements by defamations in cyber space are made all of a certain and widespread that the victims have no time to react, and for that reason, the shocks by the defamation are much serious and severe compared with that committed in off line. However, press and publication shouldn't infringe on other's honors, right, public order or social ethics in liberal democrat society which values much the human dignities and values as stipulated in Article 21 section 4 of the Constitution. Protection of personal honor is also the basic rights guaranteed by the Constitution as much as the freedom of expression, and by extension, such harmful behaviour shouldn't be included in the freedom of expression area. In this way, slander can be considered as the minimum limitation of the freedom of expression.

• Journal of Convergence Society for SMB
• /
• v.5 no.2
• /
• pp.1-6
• /
• 2015

Small and medium-sized companies lack countermeasures to secure the safety of a information system. In this circumstance, they have difficulties regarding the damage to their images and legal losses, when the information is leaked. This paper examines the information leakage of the system and hacking methods including APT attacks. Especially, APT attack, Advanced Persistent Threats, means that a hacker sneaks into a target and has a latency period of time and skims all the information related to the target, and acts in the backstage and neutralize the security services without leaving traces. Because he attacks the target covering up his traces not to reveal them, the victim remains unnoticed, which increases the damage. This study examines attack methods and the process of them and seeks a countermeasure.

• Journal of Digital Convergence
• /
• v.13 no.10
• /
• pp.69-80
• /
• 2015

The Purpose of this study is to establish efficient and balanced development and to make transparent marketing system, environment which is to protect small business, consumer's. This Goal of this study is that focus on development of regional and national economy. Especially, to protect small businessmen, to reserve consumer's buying choice. First of all, to examine causes of distribution maintenance and to will be analysed legal controversy of big distributive markets since local autonomy business limits. It is this study that concentrate on big distributive mart shutdown of business hours, Problems and Countermeasures. The main focus of in this study is as follows: First, to examine the ruling of the court that protest and accept of business hour in big distributive mart' problem and regulation, Second, to understand each of the judgement and problems of distributive shutdown systems, Third, to suggest the good distributive business trade act and the possible collaboration with focus on small and big mart System in Korea. This paper to analyze case of conflict and focus on establishment of transparent distribution since business limits.

• Informatization Policy
• /
• v.31 no.3
• /
• pp.3-33
• /
• 2024

This paper summarizes the legal problems and issues raised in relation to generative AI. In addition, we looked at what regulatory discussions individual countries or international organizations have in order to solve or respond to these issues or to minimize the risks posed by generative AI. Infringement of individual basic rights raised by generative AI, the emergence and control of new crimes, monopolization of specific markets and environmental issues are mainly discussed, and although there are some differences in the necessity and direction of regulation, most countries seem to have similar views. Regarding AI, the issues that are currently being raised have been discussed continuously from the beginning of its appearance. Although certain issues have been discussed relatively much, there are some differences between countries, and situations that require consideration of phenomena different from the past are emerging. It seems that regulations and policies are being refined according to the situation of individual countries. In a situation where various issues are rapidly emerging and changing, measures to minimize the risk of AI and to enjoy the utility and benefits of AI through the use of safe AI should be sought. It will be necessary to continuously identify and analyze international trends and reorganize AI-related regulations and detailed policies suitable for Korea.

• Convergence Security Journal
• /
• v.13 no.5
• /
• pp.117-127
• /
• 2013

Even though, the Korean private Security Guard's industry is developing, it did not reached at the expected quality services because of the below cost tendering from flooded small security companies, consequently low pays and fragile benefits occur therefore, the skill level and morale decreased. Also, the private security guards field's education, training and development of expert certification system is not enough. One of the plans to solve these problems can be invigorate the certification system. The improving ways are suggested after the research and the analysis of the certification system as below. First, the qualification system to become a security leader will need to add directly related subject, skill examination and continuous refresh training. Moreover, it needs accurate needed the number of the securities and the reduction of the 1st examination exemption object. Second, the qualified system to be become securities will need to strengthen on standard of qualification and focus on skill evaluation, the job education need to state by the law, also exemption for applicant who approached requirements.