• Journal of Digital Convergence
• /
• v.9 no.6
• /
• pp.81-90
• /
• 2011

Companies using internet as a kind of marketing means are increasing rapidly according to the expansion trend of e-commerce through internet and consumers also use internet as the common means of purchasing necessary articles. E-commerce using internet has advantages without limitation to temporal and spatial accessibility and general consumers and unspecified individuals also use internet to purchase their goods as well as general transactions such as advertisement, contract, payment and claim settlement. 'In the age of information, invasion of personal information resulted from the development of information and communication technology is one of the greatest problems all the countries in the world face. Therefore, Personal information protection Act is one of basic laws to protect personal information and rights and it is also an essential law in the age of information. In that sense, new Personal information protection Act is the advanced act containing various items to minimize the national damages from the leaking of private information and protect right to informational self-determination in the information society. It is expected that this legislation contributes to reduce the leaking of private information, enhance the level of privacy protection and develop privacy related industries. However, active participation of all members of our society and improvement of their recognition should be preceded for the rational and legal use of private information and the settlement of its protection culture. While the purpose of Personal information protection Act can protect privacy from collection, leaking, misuse and abuse of private information and enhance national interests and protect personal dignity and value, it also must perform the roles of balancing privacy protection with liberal information flow.

• 정보화사회
• /
• s.175
• /
• pp.60-61
• /
• 2005

정부는 지난 2005년 1월 27일 위치정보의 유출, 오.남용으로부터 사생활의 비밀 등을 보호하고 위치정보의 안전한 이용환경을 조성하여 위치정보 이용 활성화 도모를 위해 법률을 제정한 바 있다. 정통부는 이 법률의 위임사항 및 시행에 필요한 사항을 규정하기 위해 하위법령 제정(안)을 마련했다.

• The KIPS Transactions:PartD
• /
• v.12D no.3 s.99
• /
• pp.499-506
• /
• 2005

A hash chain is a structure organized by hash function with high speed in computation. Systems using the hash chain are using extensively in various cryptography applications such as one-time passwords, server-supported signatures and micropayments. However, the most hash chain based on the system using pre-paid method provides anonymity but has the problem to increase payment cost. In this paper, we propose a new hash chain based on the micropayment system to keep user anonymity safe through blind signature in the withdrawal process of the root value without disclosing privacy information, and to improve efficiency by using secret key instead of public key in the system without the role of certificate.

• Korean journal of communication and information
• /
• v.25
• /
• pp.103-133
• /
• 2004

Korean citizens enjoy not only the freedom of communication but also the secrecy of electronic communication. Article 18 of the Constitution of the Republic of Korea prescribes that the secrecy of correspondence should not be infringed. Namely, all citizens enjoy guaranteed privacy of correspondence. But many people have been experiencing the infringement of those rights. The purpose of this paper is to evaluate whether Paragraph 2, Article 13 of the Act on Protection of the Secrecy of Correspondence infringes on the constitutional rights of privacy of electronic communication. The results of this study indicate that the law violates the Constitution. Paragraph 3, Article 12 (Personal Liberty, Personal Integrity) of the constitution stipulates that "Warrants issued by a judge through due process (upon the request of a prosecutor) have to be presented in case of arrest, detention, seizure, or search." However, prosecutors, the police, and National Intelligence Service have made numerous inquiries calling for the journalists' telephone records without warrants issued by a judge. So, this study suggests that the paragraph should be amended to be compatible with the Constitution. Meanwhile, journalists should make a more concerted effort to protect their news sources in exercising constitutionally protected freedom of the press.

• The Korean Society of Law and Medicine
• /
• v.21 no.2
• /
• pp.75-103
• /
• 2020

There is a growing voice that medical information should be shared because it can prepare for genetic diseases or cancer by analyzing and utilizing medical information in big data or artificial intelligence to develop medical technology and improve patient care. The utilization and protection of patients' personal information are the same as two sides of the same coin. Medical institutions or medical personnel should take extra caution in handling personal information with high environmental distinct characteristics and sensitivity, which is different from general information processors. In general, the patient's personal information is processed by medical personnel or medical institutions through the processes of collection, creation, and destruction. Still, the use of terms related to personal information in the Medical Service Act is jumbled, or the scope of application is unclear, so it relies on the interpretation of precedents. For the medical personnel or the founder of the medical institution, in the case of infringement of Article 24(4), it cannot be regarded that it means only medical treatment information among personal information, whether or not it should be treated the same as the personal information under Article 23, because the sensitive information of patients is recorded, saved, and stored in electronic medical records. Although the prohibition of information leakage under Article 19 of the Medical Service Act has a revision; 'secret' that was learned in business was revised to 'information', but only the name was changed, and the benefit and protection of the law is the same as the 'secret' of the criminal law, such that the patient's right to self-determination of personal information is not protected. The Privacy Law and the Local Health Act consider the benefit and protection of the law in 'information learned in business' as the right to self-determination of personal information and stipulate the same penalties for personal information infringement such as leakage, forgery, alteration, and damage. The privacy regulations of the Medical Service Act require that the terms be adjusted uniformly because the jumbled use of terms can confuse information subjects, information processors, and shows certain limitations on the protection of personal information because the contents or scope of the regulations of the Medical Service Law for special corporations and the Privacy Law may cause confusion in interpretation. The patient's personal information is sensitive and must be safely protected in its use and processing. Personal information must be processed in accordance with the protection principle of Privacy Law, and the rights such as privacy, freedom, personal rights, and the right to self-determination of personal information of patients or guardians, the information subject, must be guaranteed.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.9 no.3
• /
• pp.787-793
• /
• 2008

This paper investigates the issuance of medical records of patients and caregivers who have obtained medical records from the Medical Record Information Center of "a university" in Daejeon from January through March in 2006. According to the structural equation, "the time zone for issuance of medical records" was -0.01 as a path coefficient against "how medical records are issued" and +0.86 against "ordinary characteristics." As shown above, privacy and confidentiality are what really matters in the management of medical records. Therefore, they must be protected regardless of whether the medical records are hard or electronic copies.

• Journal of Korean Society of Archives and Records Management
• /
• v.17 no.1
• /
• pp.193-216
• /
• 2017

The purpose of this study is to understand issues related to the Personal Information Act recently emerging in the field of oral history, and to prepare countermeasures for oral history academics and archives. The Personal Information Act is intended to protect the confidentiality and freedom of the constitutional privacy, and to assure the right to self-determination of information, thereby realizing the dignity and value of the individual. Oral history is intended for living persons; therefore, strict ethical standards are needed to protect the morality of the person behind the sound recordings and appears as the subject of oral history. However, if the uniform application of the Personal Information Act is made, it is a requirement to make the process of consenting and notifying excessively complex and almost impossible to realize, making collection and service of oral history resource improbable. The mechanical and strict application of the Personal Information Act does not come into being because it has the aspect of undermining the inherent intrinsic value of oral history resources and making it difficult to maintain the authenticity of the records. To solve these problems, it is necessary to revise Article 58 (4) of the Personal Information Act of Korea. In addition, it is necessary to establish a guideline for the establishment of independent ethical standards of oral history itself, especially for the protection of the moral rights of third parties.

• Korean Security Journal
• /
• no.14
• /
• pp.465-484
• /
• 2007

Our society's modernization created many opportunities for us to need a private investigation service system. Variation of international environment due to joining in the OECD, opportunity of individual legal, collect evidence during judgement, prevention of damage criminal, security of business in company, free trade economy's system etc and don't need to enumerate how important of introduction of private investigation service system. In addition to there are lots of objection opinions, such as possibility of person's private life, invade of lawyer's area, confliction with investigation team, gap of wealth and poverty that make preponderance of information. So this research can be considerate from objective opinion, and can obtain conclusion just like below. First, private detective agencies that encroach on the individual rights will naturally deteriorate after the implementation of private investigation service system. Through this, the probability of civil rights encroachment will be lower, and for this to happen there needs to be a thorough maintenance of the system. Secondly, mutually beneficial solution should be found not by a conflict between two sides. Detective business sector should not cause social confusion from conflicts with other investigation organization such as police, or investigators, rather, it must get on the demand of the diversified citizen and maintain the diverse sector inter-cooperate right, and to do that law and institution must be made for the base. Thirdly, investigation used depending on the gap between wealth and poverty does not mean the actualization of the rights and interests of the citizen. If the duty of investigation sector is to find the evidence and collect or manufacture of the evidence, then the problems which the nation can't handle will be more enlarged and then finally end up with strengthening the capability of national public security demand.

• Journal of Internet of Things and Convergence
• /
• v.6 no.2
• /
• pp.93-100
• /
• 2020

Although various home services are developed as increasing the number of home devices with wire and wireless connection, privacy infringement and private information leakage are occurred by unauthorized remote connection. It is almost caused by without of device authentication and protection of transmission data. In this paper, the devices' secret value are stored in a safe memory of a smartphone. A smartphone processes device authentication. In order to prevent leakage of a device's password, a shadow password multiplied a password by the private key is stored in a device. It is proposed mutual authentication between a smartphone and a device, and session key agreement for devices using recovered passwords on SRP. The proposed protocol is resistant to eavesdropping, a reply attack, impersonation attack.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.6
• /
• pp.1-8
• /
• 2019

Medical information is an important personal information for patients, and it must be protected. In particular, when medical personnel approach electronic medical records, authentication for enhanced security is essential. However, the existing public certificate-based certification model did not reflect the security characteristics of the electronic medical record(EMR) due to problems such as personal key management and authority delegation. In this study, we propose a fingerprint recognition-based authentication model with enhanced security to solve problems in the approach of the existing electronic medical record system. The proposed authentication model is an EMR system based on fingerprint recognition using PEMS (Private-key Escrow Management Server), which is applied with the private key commission protocol and the private key withdrawal protocol, enabling the problem of personal key management and authority delegation to be resolved at source. The performance experiment of the proposed certification model confirmed that the performance time was improved compared to the existing public certificate-based authentication, and the user's convenience was increased by recognizing fingerprints by replacing the electronic signature password.