• 디지털산업정보학회논문지
• /
• 제10권3호
• /
• pp.107-117
• /
• 2014

The personal information extrusion accident(hacking, improper maintenance) by the internet has been increased rapidly during the last ten-year period. The personal information includes Korean resident registration number, name, cellphone number, home telephone number, E-mail address, home address, etc. Korean resident registration number is unchangeable from the cradle to the grave. Illegally accessed personal information can be wrongfully resoled or used at phishing scam. In this paper, we propose a alternative means of Korean resident registration number using the authorized certificate. The authorized certificate is in use safely in Internet. The authorized certificate(included Chinese name) is in used in offline service, the authorized certificate(included English name) is used in online(for government service) and the authorized certificate(not included name) is used in online(for private service). The authorized certificates are possible for discard, republication. The method can reduce the possibility of the personal information extrusion.

• International journal of advanced smart convergence
• /
• 제11권4호
• /
• pp.20-27
• /
• 2022

In this paper, we propose to improve the designation examination criteria of agencies that provide personal identity proofing based on the resident registration number (RRN), a 13-digit number uniquely assigned by the government to identify Korean citizens. In online commerce, etc., the personal identity proofing agency (PIPA) is a place where online users can prove their personal identity by presenting an alternative means instead of their RRN. The designation examination criteria for PIPAs established in 2012 is a revision of the relevant current laws, and there is a problem in applying the designation examination for alternative means of RRN as the current examination standard. Therefore, in this paper, we propose a method to make the current examination criteria applicable to the newly designated examination of the personal identity proofing service provider based on the current RRN alternative method. According to the current designation examination criteria, only those who satisfy all the examination criteria are designated as the PIPA. However, in reality, it is not in line with the purpose of regulatory reform to require that all examination criteria be satisfied. In the proposed method, it is proposed to apply the standard score system for designation of PIPAs, to make the law current, to secure legal compliance, and to establish a new examination standard to provide a new alternative means of personal identity proofing service. By applying the proposed method to the PIPA designation examination, various alternative means of RRN can be utilized in the online commerce service market.

• 디지털산업정보학회논문지
• /
• 제11권2호
• /
• pp.11-22
• /
• 2015

The almost of Web page has been gathered the personal information(Korean resident registration number, name, cell-phone number, home telephone number, E-mail address, home address, etc.) using the membership and log-in. The all most user of Web page are concerned for gathering of the personal information. I-pin is the alternative means of resident registration number and has been used during the last ten-year period in the internet. The accident of I-pin mass illegal issue was happened by hacker at February, 2015. In this paper, we analysis the problems of I-pin system about I-pin mass illegal issue accident and propose a improvement method of it. First, I-pin issue must be processed by the off-line of face certification in spite of user's inconvenience. Second, I-pin use must be made up through second certification of password or OTP. The third, the notification of I-pin use must be sent to the user by the text messaging service of cell-phone or the E-mail. The forth, I-pin must be used an alternative means of Korean resident registration number in Internet. The methods can reduce the problems of I-pin system.

• 디지털산업정보학회논문지
• /
• 제15권2호
• /
• pp.29-42
• /
• 2019

As online services become more and more popular due to the development of IT, non-face-to-face transactions are continuously increasing rather than face-to-face transactions. The personal identity proofing service(PIPS) based on the alternative method of the resident registration number is used for the purpose of confirming the identity of the other party on the Internet. However, in the case of the current PIPS, the personal information of the PIPS user is excessively provided to the online service provider. As a result, privacy problems of online users, shortage of choice of information providing options, and lack of differentiation of authentication methods are becoming problems. Therefore, this paper proposes a method to improve the PIPS based on the current resident registration number alternative method and to provide a method to differentiate the provision of excessive personal information. In the proposed method, we analyze trends and current status of overseas online PIPS in order to provide a method of providing differentiation of personal information and proposes an effective improvement method applicable to domestic.

• 디지털산업정보학회논문지
• /
• 제16권3호
• /
• pp.13-23
• /
• 2020

Currently, online means of replacing resident registration numbers(RRN) include I-Pin, mobile phone, credit card, MyPin, and general-purpose certificate. In order to issue alternative means based on the RRN, it must be designated through the designation review by the Korea Communications Commission(KCC) through a designation review by personal proofing agency and be subject to annual management. However, the criteria for designation and follow-up of the designation of the personal proofing agency carried out by KCC have been used in 2010 without revision, and there are problems that do not conform to the evaluation standards of various alternative means. Therefore, in this paper, we propose a method for improving the designation criteria and management system of the personal proofing service agency. The proposed method analyzes the characteristics of the alternative identification-based personal proofing service and proposes a follow-up management standard that can appropriately evaluate the analyzed characteristics and improves the designation criteria according to the emergence of new alternatives. Through the proposed method, it can be seen that it is possible to strengthen the safety of the personal proofing service based on the alternative means of RRN provided online and face-to-face and to protect the user's personal information.

• 정보보호학회논문지
• /
• 제25권3호
• /
• pp.673-689
• /
• 2015

주민등록번호는 정보 관리의 효과적이고 편리한 특성으로 인해 개인을 식별하는 수단으로 오랜 동안 공공 및 민간기관에서 광범위하게 사용되어 오고 있다. 근래에 다수의 주민등록번호를 포함한 개인 정보 유출 사고들의 발생으로 인해 유출된 정보로 인한 잠재적 피해 가능성 및 국민의 불안감이 커짐에 따라 기 유출된 주민등록번호와 개인 정보의 연결을 끊을 수 있는 제도적 개선에 대한 사회적 요구가 발생하고 있으며, 여러 방안들이 논의되고 있다. 본 연구에서는 현행 주민등록번호체계가 가지는 특성에서 기인하는 한계와 변경 필요성 및 새로운 번호체계가 가져야 할 기본 특성들을 제시하고, 최근 논의되고 있는 주민등록번호 변경 대안들을 비교하여 정보보호 효과의 측면과 체계 전환 및 개선비용의 측면, 그리고 국민 불편 및 혼란 가능성 측면의 분석을 통해 효과성이 높은 대안을 선택하여 제안한다.

• 문화기술의 융합
• /
• 제7권3호
• /
• pp.453-462
• /
• 2021

최근 전자서명법 개정으로 인해 공인인증서(현. 공동인증서) 지위가 만료됨에 따라 전자서명 기반의 공인인증서도 주민등록번호 대체수단에서 지휘가 상실되었다. 이로 인해 공인인증기관들은 방송통신위원회로부터 주민등록번호 대체수단 기반의 본인확인기관 지정심사를 통해 본인확인서비스 제공 기관으로 최근 지정받은 바 있다. 하지만, 기존의 주민등록번호 대체수단인 아이핀, 휴대폰, 그리고 신용카드들과 달리 인증서 발급 신청자의 신원확인 절차가 기존 대체수단들과는 상이한 부분이 존재하고 있다. 특히, 발급 신청자의 신원을 등록대행기관이 수행하고 있다. 본 연구에서는 전자서명 기반의 본인확인서비스 제공 시 대체수단 발급 과정에서 신원확인, 허무인 확인, 신원보증인 확인 등에 대한 개선방안들을 제안한다. 제안한 방안은 전자서명 기반의 본인확인서비스에 적용함으로써 이용자 개인정보보호와 보편·타당하고 안전한 본인확인서비스 제공이 가능함을 알 수 있다.

• 한국IT서비스학회지
• /
• 제16권2호
• /
• pp.97-110
• /
• 2017

Due to development of IT, various Internet services via the non-face-to-face are increasing rapidly. In the past, the resident registration numbers (RRN) was used a mean of personal identification, but the use of RRN is prohibited by the relevant laws, and the personal identification services using alternative means are activated. According to the prohibition policy of RRN, i-PIN service appeared as an alternative means to identify a person. However, the user's knowledge-based i-PIN service continues to cause fraudulent issuance, account hijacking, and fraud attempts due to hacking accidents. Due to these problems, the usage rate of i-PIN service which performs a nationwide free personal identification service, is rapidly decreasing. Therefore, this paper proposes a technical safety enhancement method for security enhancement in the i-PIN-based personal identification service. In order to strengthen the security of i-PIN, this paper analyzes the encryption key exposure, key exchange and i-PIN authentication model problems of i-PIN and suggests countermeasures. Through the proposed paper, the i-PIN can be expected to be used more effectively as a substitution of RRN by suggesting measures to enhance the safety of personal identification information. Secured personal identification services will enable safer online non-face-to-face transactions. By securing the technical, institutional, and administrative safety of the i-PIN service, the usage rate will gradually increase.

• 문화기술의 융합
• /
• 제7권4호
• /
• pp.735-743
• /
• 2021

모바일 전자고지서비스는 지류를 사용하여 우편으로 송달하던 고지서 대신 공인전자문서중계자를 통해 모바일 전자고지서를 본인명의 스마트폰으로 송달하는 서비스이다. 전자고지서비스 제공을 위해서는 발송기관과 공인전자문서중계자가 간의 동일한 이용자를 식별하기 위해 정보가 필요하다. 본 논문에서는 모바일 전자고지서비스를 위해 이용자 식별정보로 사용하는 연계정보 (Connecting Information: CI)의 안전한 변환과 활용을 위한 기준을 제안한다. 제안한 방안에서는 전자고지문 발송요청기관인 민간기관이 이용자의 주민등록번호를 본인확인기관에게 제공하여 연계정보로 변환할 시 그 적정성에 대해 검증하기 위한 기술적 관리적 심의기준과 처리 및 활용방안을 제안함으로써 안전하고 효율적인 모바일 전자고지서비스가 가능할 것이다. 주민등록번호를 연계정보로 변환 요청 시 적정성 심의기준을 제시함으로써 관련 기관들이 보다 효과적으로 전자고지서비스를 제공할 수 있을 것이다. 제안한 방안을 모바일 전자고지서비스에 적용함으로써 서비스 활성화와 이용자 개인정보 보호 강화에 기여할 수 있다.