• 한국도서관정보학회지
• /
• 제35권4호
• /
• pp.41-63
• /
• 2004

수용자가 지니는 기본권 중에서 도서관을 설치$\cdot$운영함으로써 그들의 권리 보호에 커다란 영향을 줄 수 있는 기본권 영역 즉 알권리와 정보 접근권, 형사피고인과 형사피의자의 권리, 교육을 받을 권리 등을 중심으로 이들 기본권의 내용에 대해 법령과 판례를 근거로 분석하고, 기본권 보장을 위해 도서관을 설치해야 할 필요성에 대해 검토하였으며, 제도화를 위한 방향을 제시하였다.

• Journal of Information Science Theory and Practice
• /
• 제9권3호
• /
• pp.31-41
• /
• 2021

The growing number of threats to society through the uncontrolled distribution of information is forcing library communities in many countries to reconsider their views on free access to collections. Based on the content of numerous documents of international importance, it can be concluded that in any democratic country access to information is one of the most important human rights, along with the right to life, liberty, and security of person. However, the state has the right to restrict citizens' access to information within the framework of existing legislation. Constantly, restrictions on access to information are established in order to protect the ethical foundations of the constitutional order, morality, health, rights, and legitimate interests of others, to ensure the country's defense and state security. It goes without saying that each country has the right to independently decide where the boundaries lie between permitted and prohibited information, including printed information, contained in library collections. This article describes three levels of access restriction: foreign, state, and regional. The authors have analyzed the legal and regulatory documents that govern libraries, as well as the reasons and methods of limitation. A comparative analysis of the restriction of access to information in the countries of Europe and Asia is presented.

• 보건의료산업학회지
• /
• 제5권4호
• /
• pp.15-26
• /
• 2011

This study assessed and compared the expectation levels of in- and out-patients at hospitals of different size in relation to patients' view of their rights. A survey of out-patients visiting university hospitals (204 patients) and small to mid size community hospitals (215 patients) in Seoul and Kyeongki Province was conducted, where the respondents reported their perceptions of patient rights. Based on the survey, their respective expectation levels for the medical services that they would receive was assessed and analyzed for exploring possible factors for their selecting small to mid sized hospitals over larger hospitals. The results showed difference in perceptions between patients visiting or staying in lager and smaller hospitals. Namely, for out-patients, those at university hospitals had higher perceptions only about their rights to privacy while in hospital, whereas in the case of in-patients, those at small to mid size hospitals had higher perceptions only about their rights to access to inspection information. With respect to the results from analysis of difference in the expectation level for medical services between university and non-university hospital patients, it was found that in-patients at university hospitals had higher perceptions about their rights to choose to see hospital visitors while in hospital and rights to access to religious facilities.

• 반도체디스플레이기술학회지
• /
• 제17권1호
• /
• pp.12-20
• /
• 2018

Recently, web-based service software has been used as to combine various information or to share information according to the needs of users and the convergence of specialized fields and individual dependent systems. According to the necessity of the user, the proper service environment and the selective service environment according to the purpose and the needs of the user have been studied in a variety of specialized and combined professional research fields and industries. Software based on cloud systems and web services is being used as a tool for appropriate group and user groups and roles. A service system combined dynamically needs a module to manage a user through internal logic and grant a service access authentication. Therefore, it has been considered various approaches that a user who accesses the system is given a service access authority for a certain period of time. Also, when the deadline is over, the authority that you are given to access system will go through the process of expire the right. In this paper, we define the roles of users who access web services, manage user rights according to each role, and provide appropriate service resources to users according to their rights and session information. We analyzed the procedure of constructing the algorithm for the service according to the procedure of each user accessing the web service, granting the service resource and constructing a new role.

• Journal of Information Processing Systems
• /
• 제17권4호
• /
• pp.834-850
• /
• 2021

IT security companies have been releasing file system filter driver security solutions based on the whitelist, which are being used by several enterprises in the relevant industries. However, in February 2019, a whitelist vulnerability was discovered in Microsoft Edge browser, which allows malicious code to be executed unknown to users. If a hacker had inserted a program that executed malicious code into the whitelist, it would have resulted in considerable damage. File system filter driver security solutions based on the whitelist are discretionary access control (DAC) models. Hence, the whitelist is vulnerable because it only considers the target subject to be accessed, without taking into account the access rights of the file target object. In this study, we propose an industrial device security system for Windows to address this vulnerability, which improves the security of the security policy by determining not only the access rights of the subject but also those of the object through the application of the mandatory access control (MAC) policy in the Windows industrial operating system. The access control method does not base the security policy on the whitelist; instead, by investigating the setting of the security policy not only for the subject but also the object, we propose a method that provides improved stability, compared to the conventional whitelist method.

• 한국컴퓨터정보학회논문지
• /
• 제20권8호
• /
• pp.35-43
• /
• 2015

Recently, internal information leaks is increasing rapidly by internal employees and authorized outsourcing personnel. In this paper, we propose a method to integrate internal control systems like system access control system and Digital Rights Managements and so on through expansion model of SIEM(Security Information Event Management system). this model performs a analysis step of security event link type and validation process. It develops unit scenarios to react illegal acts for personal information processing system and acts to bypass the internal security system through 5W1H view. It has a feature that derives systematic integration scenarios by integrating unit scenarios. we integrated internal control systems like access control system and Digital Rights Managements and so on through expansion model of Security Information Event Management system to defend leakage of internal information and customer information. We compared existing defense system with the case of the expansion model construction. It shows that expanding SIEM was more effectively.

• 한국도서관정보학회지
• /
• 제36권4호
• /
• pp.255-284
• /
• 2005

본 연구에서는 오픈액세스(개방접근) 환경에서의 국내외 저작권관리시스템 사례연구를 토대로 현재 국내 개방접근환경의 기반 마련을 위해 개발 중인 dCollection 라이선스관리시스템을 분석하고 발전과제를 제시하였다. 연구를 위해 첫째, 개방접근의 장벽으로 작용하는 저작권과 라이선스 그리고 저작권관리(DRM)의 기본적인 개념과 기술적 요소를 살펴봄으로 개방형시스템들이 추구하는 이론과 기반 기술들이 어떻게 접목가능한지 이해를 높이고자 했다. 둘째, 개방접근 환경에서 저작권 보호를 위한 다양한 연구 중 해외 사례로 Creative Commons, ROMEO, Dspace시스템 분석과 국내 사례로 경북대학교와 서울대학교의 저작권관리시스템을 분석하였다. 마지막으로는 국내 개방접근환경에서 콘텐츠의 저작권보호와 유통활성화를 목적으로 개발 중인 dCollection 라이선스관리시스템 분석을 통해 발전 과제를 제시함으로 국내 상황을 직시하고 미래 발전 방향을 예측해 보고자 한다.

• International Journal of Computer Science & Network Security
• /
• 제22권5호
• /
• pp.320-326
• /
• 2022

The use of the Internet has become commonplace for billions of people on the planet. The rapid development of technology, in particular, mobile gadgets, has provided access to communication anywhere, anytime. At the same time, there are growing concerns about the behavior of people on the Internet, in particular, towards each other and social groups in general. This raises the issue of human rights in today's information society. In this study, we focused on human rights such as the right to privacy, confidentiality, freedom of expression, the right to be forgotten, etc. We point to some differences in this regard, in particular between the EU, etc. In addition, we describe the latest legal regulation in this aspect in European countries. Such methods as systemic, factual, formal and legal, to show the factors of formation and development of human rights in the context of digitalization were used. The authors indicate which of them deserve the most attention due to their prevalence and relevance. Thus, we concluded that the technological development of social communications has laid the groundwork for a legal settlement of privacy and opinion issues on the Internet. Simultaneously, jurisdictions address issues on every aspect of human rights on the Internet, based on previous norms, case law, and principles of law. It is concluded that human rights legislation on the Internet will continue to be actively developed to ensure a balance of private and public interests, safe online access and unimpeded access to it.

• 정보관리연구
• /
• 제42권2호
• /
• pp.1-21
• /
• 2011

저작권법은 저작권 소유자의 권리와 이용자의 권리 간에 균형을 유지함으로써 지식정보에 대한 접근을 촉진하는 최선의 법적 도구이다. 이러한 측면에서 도서관을 위한 저작권의 제한 및 예외는 학습과 연구를 지원하고 정보의 흐름을 촉진하며, 대중에게 공정한 정보접근을 제공하고 지적 문화유산을 보존하는 데 중요하다. 이에 본 연구는 국내 저작권법의 도서관관련 권리제한조항을 축조분석하여 도서관 보관자료의 보존 및 제공용 복제, 도서관에서 인터넷 정보의 출력과 송신, 재생수단의 입수가 곤란한 자료 및 정부간행물의 보존용 복제와 제공, 장애인을 위한 도서관의 복제와 공중송신에 대한 개선방안을 제시하고 공정이용을 위한 일반규정의 도입방안을 제안하였다.

• 정보보호학회논문지
• /
• 제20권5호
• /
• pp.59-67
• /
• 2010

본 논문에서는 유비쿼터스 컴퓨팅 환경에서 내부자가 합법적인 권한을 이용하여 불법적인 정보 유출 행위를 차단하는 접근통제 모델 IM-ACM(Insider Misuse-Access Control Model)을 제안하였다. IM-ACM은 상황역할과 개체의 보안속성을 활용하여 보안성을 강화시킨 CA-TRBAC(Context Aware-Task Role Based Access Control)에 오용 모니터 기능을 추가하여 내부자가 데이터를 올바르게 사용하는지 감시한다. 내부자에 의한 정보 유출은 합법적인 접근권한, 접근시스템에 대한 풍부한 지식 등의 내부자의 특성으로 인해 차단하기가 곤란하다. IM-ACM은 CA-TRBAC의 장점인 상황과 보안속성을 이용하여 서로 상이한 보안등급의 객체간 정보 흐름을 방지하고 오용 모니터를 활용하여 내부자의 실제 진행 프로세스를 최근 역할, 직무와 작업 프로세스 패턴 프로파일과 비교하여 내부자의 오용행위을 차단한다.