• Ocean and Polar Research
• /
• v.29 no.2
• /
• pp.155-165
• /
• 2007

Recently, coastal erosion has become an important issue in relation to keeping territorial integrity of a nation as well as protecting the coastal marine ecosystem. This study examines some apprehensions about the effectiveness of the existing legal system concerning prevention of coastal erosion. After examining several case studies in Scotland, the USA, and the Netherlands, this study proposes appropriate revisional legal measures that can be applied in Korea: first, the coastal management act should be revised for stronger, enforceable and practical legal grounds emphasizing minimal coastal erosion; second, the proposed "Comprehensive Coastal Erosion Prevention Plan" should be established and implemented in four steps such as characterization of issues through surveys of stakeholders and demand assessment, plan establishment, execution, and maintenance and management; third, there is a demand to establish and implement a legal framework to support monitoring activities which provide important data and information to prevent coastal erosion; fourth, the chronic region of damage is designated as the "Vulnerable Area" to be protected and managed accordingly; fifth, the "Coastal Coordination council" is established and operated for developing an integrated coastal management policy and visions for sustainable coastal zone, as well as coordinating and intervention of any activities which may cause coastal erosion.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.107-113
• /
• 2019

Data security is the planning, implementation and implementation of security policies and procedures for the proper audit and authorization of access to and use of data and information assets. In addition, data serviced through internal / external networks, servers, applications, etc. are the core objects of information protection and can be said to focus on the protection of data stored in DB and DB in the category of information security of database and data. This study is a preliminary study to design a proper Data Security Management System (DSMS) model based on the data security certification system and the US Federal Security Management Act (FISMA). And we study the major security certification systems such as ISO27001 and NIST's Cybersecurity Framework, and also study the state of implementation in the data security manager solution that is currently implemented as a security platform for preventing personal data leakage and strengthening corporate security.

• Journal of the Society of Disaster Information
• /
• v.10 no.1
• /
• pp.116-122
• /
• 2014

Recently, Korea has enacted the Framework Act on Product Safety to allow comprehensive control of product safety accidents. This is a government policy aiming to ensure product safety and customer protection by strengthening the obligation of producers. However, the framework has not yet been completed in Korea. Therefore, this paper deals with improvement assignments and directions by comparing the frameworks of applied in Korea and Japan for ensuring such production safety.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1269-1279
• /
• 2015

Korea is recognized as the most advanced nation in regards to capabilities or environments of informatization throughout the world. Nevertheless, Korea brings on itself such stigmas as a nation vulnerable to information security. Now the globe ushered in an era requiring political balances. Yet, issues of legislative supports or system adjustments for information security policies are always pushed back on the priority list. There is a need to face problems at the center of changes departing from such frames. In order to establish a proper system for information security policies, the most urgent issues are reviews of concepts and reorganizations of systems, and then to legislate information security polities by being harmonious with public opinions. This paper is to remind what measures are needed to improve the system of priority policies depending on public backgrounds and why such measures are needed. Furthermore, the paper suggests a new legislation, 'Information Security Policy Act' as one of the specific measures.

• International Journal of Advanced Culture Technology
• /
• v.7 no.2
• /
• pp.7-12
• /
• 2019

Korea's laws regarding ICT must follow the Void for vagueness doctrine, the Principle of forbidden general delegation, the Principle of justification of system and the Principle of balancing test in the Constitution. The Act for the Promotion and Convergence and so on of Information and Communication in the Future should be improved as follows. It is desirable to improve the part where the principle of system justification of the Constitution is problematic in relation to existing laws. It is desirable to improve the ICT's policies on industry and convergence technologies so that they are well balanced between promotion and regulation of ICT's industries. It is desirable to improve the information service policy and legislative makeup relationship between various government agencies related to ICT. It is therefore desirable to improve the institutional complement to the post-regulatory framework for the protection of users of ICT in the future. It is desirable to create a device to replace the functions of the Information Service Budget Council in the special law of ICT.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.67-81
• /
• 2010

As wide propagation of smartphones, e-commerce with smartphones increases rapidly. Such as transfer or stock trade systems. It has prospect that most of financial companies going to offer e-commerce systems via smartphones. And e-commerce via smartphones will be increased, hence the nature of smartphone that can be used whenever, wherever. However, legislation of e-commerce in Korea does not reflect these characteristics of smartphones, because it has set standards in regular PC. So that this study is security threat and feature of smartphones considering that the current legal system will use Certificate constraints, ensuring the safety of e-commerce and install security programs for protection of users, e-commerce responsible for the accident analysis has focused on the issues presented for this improvement.

• Journal of Convergence for Information Technology
• /
• v.8 no.6
• /
• pp.173-186
• /
• 2018

While cloud services are expanding, many users are having difficulty in adopting cloud services. This is because there is no information as to which cloud services can be trusted by users. loud service level agreement (Cloud SLA) is an agreement between cloud service providers and cloud service consumers using qualitative and quantitative indicators including quality and performance, etc. of cloud services. In this study, we propose a framework for cloud SLA that can be applied to the domestic cloud industry to improve service levels for cloud service providers and to protect users and also derive the detailed components of cloud SLA applicable to the domestic cloud industry using the proposed framework. Through this result, it is expected that the government will utilize the policy to enhance the reliability between cloud service providers and users under "the Act on the Development of Cloud Computing and Protection of Users", and eventually to activate cloud services by improving the quality and performance level of domestic cloud services and building a user trust.

• Informatization Policy
• /
• v.28 no.2
• /
• pp.98-113
• /
• 2021

This study presents implications of the Global Data Law & Policy by comparing national data strategies, data regulations and policies, and governance in South Korea, the United States, the United Kingdom, and the European Union. According to the result of the comparative analysis, the biggest difference is in data governance, in other words, the management and coordination of policies at the pan-government level and data ethics. Therefore, this study proposes the establishment of a presidential special committee on data policy or the creation of a 'National Digital Innovation Office' at the Presidential Secretariat as a national CDO for the governance of data policies. Furthermore, this paper suggests a) to enact 'the Framework Act on the Development of Data Industry' that can regulate data practices in the private sector, b) to institutionalize the data-centric security and data protection, c) to settle the public ethics and personnel management based on data expertise and professional ethics, including explainability and responsibility, and d) the education and training systems.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.22 no.5
• /
• pp.147-157
• /
• 2022

The purpose of this study is to establish policy recommendations for the promotion of AI service impact assessment based on the definition of impact assessment and analysis of domestic and foreign AI service impact assessment cases. The direction of implementation was analyzed based on the case of impact evaluation promoted in various fields at home and abroad and the case of impact evaluation at home and abroad of artificial intelligence services. As a step-by-step implementation plan, in the first stage, quantitative indicators such as AI level survey-based economic effects are developed, and in the second stage, information culture such as safety and reliability and artificial intelligence ethics described in the Framework Act on Intelligence Information, social, economic, information protection, and people's daily lives are prepared. In the third stage, discussion on detailed metrics and methods will be expanded and impact assessment results will be evaluated. This study requires analysis through various participants such as policy designers, artificial intelligence service developers, and civic groups in the future.

• Korean Security Journal
• /
• no.18
• /
• pp.169-190
• /
• 2009

Today, the rapid advance of scientific technologies has brought about fundamental changes to the types and levels of terrorism while the war against the world more than one thousand small and big terrorists and crime organizations has already begun. A method highly likely to be employed by terrorist groups that are using 21st Century state of the art technology is cyber terrorism. In many instances, things that you could only imagine in reality could be made possible in the cyber space. An easy example would be to randomly alter a letter in the blood type of a terrorism subject in the health care data system, which could inflict harm to subjects and impact the overturning of the opponent's system or regime. The CIH Virus Crisis which occurred on April 26, 1999 had significant implications in various aspects. A virus program made of just a few lines by Taiwanese college students without any specific objective ended up spreading widely throughout the Internet, causing damage to 30,000 PCs in Korea and over 2 billion won in monetary damages in repairs and data recovery. Despite of such risks of cyber terrorism, a great number of Korean sites are employing loose security measures. In fact, there are many cases where a company with millions of subscribers has very slackened security systems. A nationwide preparation for cyber terrorism is called for. In this context, this research will analyze the current status of Korea's cyber security systems and its laws from a policy perspective, and move on to propose improvement strategies. This research suggests the following solutions. First, the National Cyber Security Management Act should be passed to have its effectiveness as the national cyber security management regulation. With the Act's establishment, a more efficient and proactive response to cyber security management will be made possible within a nationwide cyber security framework, and define its relationship with other related laws. The newly passed National Cyber Security Management Act will eliminate inefficiencies that are caused by functional redundancies dispersed across individual sectors in current legislation. Second, to ensure efficient nationwide cyber security management, national cyber security standards and models should be proposed; while at the same time a national cyber security management organizational structure should be established to implement national cyber security policies at each government-agencies and social-components. The National Cyber Security Center must serve as the comprehensive collection, analysis and processing point for national cyber crisis related information, oversee each government agency, and build collaborative relations with the private sector. Also, national and comprehensive response system in which both the private and public sectors participate should be set up, for advance detection and prevention of cyber crisis risks and for a consolidated and timely response using national resources in times of crisis.