• Journal of Navigation and Port Research
• /
• v.40 no.4
• /
• pp.213-222
• /
• 2016

Recently, as cases of organizations' information disclosure occur continuously, it is urgent to manage security of information and establish measures to enhance security of information by an organization itself. Especially, members of an organization should be prepared with measures for information security, and an organization should do its efforts to raise its members' awareness toward information security. I set a research model to verify what effects an organization's fulfillment of regulations to secure information brings to performance of information security and selected members from maritime and port organizations and financial and insurance institutes as sample. Results of the analysis to identify factors affecting information security performance among members of maritime and port organizations are as follows. Firstly, I found that the factors affecting information security awareness are information security attitude and information security standards. Secondly, the factor giving influence on information security policy of an organization was found to be information security standards. In contrast, information security punishments and information security training were verified not to give influence on compliance of information security policy. Thirdly, information security awareness was identified to give significant influence on compliance of information security policy, information security competence and information security behavior. Fourthly, compliance of information security policy was verified to be those factors that give influence on information security competence and information security behavior. Lastly, information security competence and information security behavior were found to be such factors that give influence on information security performance.

• Journal of the Korea Convergence Society
• /
• v.8 no.10
• /
• pp.67-73
• /
• 2017

In this study, we mainly inquired into structural reforms of the current legal system that could minimize the side effects and protect financial customers as the use of AI robo-advisor were increasing. First, regarding a specific reform, it is necessary to introduce and establish a rapid detection system for unusual transactions by the Robo-advisor management company, the strict liability of the management company, the management company's mandatory obligation to obtain indemnity insurance, and limited criminal penalties. Furthermore, it is necessary to establish a comprehensive basic law regarding AI. In this basic law, the promotion of the development of AI technology and the minimization of side effects should be dealt with in harmony with each other. Like the approach of this study, we hope that similarly detailed and practical discussions will be made on the AI era from various perspectives in the future.

• Journal of radiological science and technology
• /
• v.31 no.4
• /
• pp.347-353
• /
• 2008

This study is to prepare an evaluation standard about personal information protection and security management of a medical institution and to build up a grade standard of evaluation in PACS environment. We built up evaluation index based on 10 detailed items in four big categories (political security, technical security, data management security and physical security) by referring to ISO17799 (BS 7799), HIPPA (Health Insurance and Portability and Accountability Act of 1996) and domestic medical law. We have investigated at the thirty places where medical facility with the extracted security criteria and security evaluation index. Average score of physical security list, one of the big categories, was 18.5/20 (93%) at all medical institutions. Political security score was 18.5/30 (62%), data management security score was 12/20 (60%) and technical security score was 17.5/30 (58%). Therefore, security evaluation score was average 67 in 30 general hospitals, which was 4th level. The results showed that it is necessary to establish evaluation and management standard about personal information protection and security consciousness which are weak in PACS environment.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.769-772
• /
• 2012

Personal Information Article2 defines personal authentication information, secret information, bio information for personal information and it is stipulated under article29 that the one who have duties must take adequate technological, administrative, physical measures to prevent from illegal reading and sneaking. Also it is stipulated under information communication network law28(1), enforcement regulation9, Korea Communications Commitee notice. To satisfy this, the one who have to take security actions of personal information are required to take technological measures and establish positive measures to continuously manage it.The insurance of technological security is possible by encryption of personal information, secure management and operation of encryption key,taking personal information security level of providin access control of personal information reading and audit.In this paper, we will analyze various technologies of personal information encryption which are essencial component in technological security measuresof personal information. This paper will help choose which technological measures you should take in personal information security.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2007.05a
• /
• pp.84-102
• /
• 2007

Security is crucial for the successful deployment of large distributed systems. Many of these systems provide services to people across different administrative domains. The traditional identity-based access control mechanisms are un scalable and difficult to manage. Unlike the closed systems, open systems provide services to people from different security domains. Healthcare systems need to be highly available in order for the patients to get a timely treatment. The health care information should be available to authorized users both inside the administrative domain and outside the domain, such as pharmacies and insurance companies. In this paper, we first analyzed the necessities and advantages of importing attribute-based trust-management models into open distributed systems. Then we reviewed traditional access-control models and presented the basic elements of the new trust-management model.

• Journal of Cadastre & Land InformatiX
• /
• v.45 no.2
• /
• pp.87-100
• /
• 2015

Currently, Korea government has strongly recommended the storm and flood insurance system to reduce the damage caused by natural disasters. The storm and flood insurance operated by private insurance company is the type of policy insurance. and is supervised by Minister of Public Safety and Security. It is the advanced disaster management system which is able to protect the public interests through unexpected natural disaster by assisting some part of the insurance premium from a central or local government. The main purpose of the present investigation is to build the insurance object GIS DB which should be necessary to calculate the premium rate in the map for storm and flood insurance, and also, to perform GIS analysis. The service model in this study is aimed to general single house, apartment and green house. The service management plan targeting the whole country has been investigated in terms of building DB and service operation.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.239-246
• /
• 2021

This article substantiates the scientific provisions for modelling the level of Ukraine's public financial security taking into account the impact of budget policy, in the process of which identified indicators of budget policy that significantly affect the public financial security and the factors of budget policy based on regression analysis do not interact closely with each other. A seven-factor regression equation is constructed, which is statistically significant, reliable, economically logical, and devoid of autocorrelation. The objective function of maximizing the level of public financial security is constructed and strategic guidelines of budget policy in the context of Ukraine's public financial security are developed, in particular: optimization of the structure of budget revenues through the expansion of the resource base; reduction of the budget deficit while ensuring faster growth rates of state and local budget revenues compared to their expenditures; optimization of debt serviced from the budget through raising funds from the sale of domestic government bonds, mainly on a long-term basis; minimization of budgetary risks and existing threats to the public financial security by ensuring long-term stability of budgets etc.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.437-454
• /
• 2020

According to the privacy regulations of the health insurance portability and accountability act (HIPAA), patients' control over electronic health data is one of the major concern issues. Currently, remote access authorization is considered as the best solution to guarantee the patients' control over their health data. In this paper, a new biometric-based key management scheme is proposed to facilitate remote access authorization anytime and anywhere. First, patients and doctors can use their biometric information to verify the authenticity of communication partners through real-time video communication technology. Second, a safety channel is provided in delivering their access authorization and secret data between patient and doctor. In the designed scheme, the user's public key is authenticated by the corresponding biometric information without the help of public key infrastructure (PKI). Therefore, our proposed scheme does not have the costs of certificate storage, certificate delivery, and certificate revocation. In addition, the implementation time of our proposed system can be significantly reduced.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.11
• /
• pp.167-173
• /
• 2018

The Korean government announced its goal of commercializing autonomous vehicle by year 2020. With such changes, it is expecting to decrease car accident mortality by half. To commercialize autonomous car, not only worries on safety of autonomous vehicle has to be solved but at the same time, institutional system has to be clear to distinguish legal responsibilities in case of accident. This paper will present the legal improvement direction of the introduction of autonomous vehicles as follows. First, it is necessary to re-establish concept of 'driver' institutionally. Second, it is appropriate to focus on Level 3 autonomous vehicle which is about to be commercialized in year 2020 and organize legal responsibility. Third, we should have a clear understanding on how level 3 autonomous vehicle will be commercialized in the future. Fourth, it is necessary to revise The Traffic Law, Act on Special Cases concerning the Settlement of Traffic Accident, and Automobile Accident Compensation Security Law in line with level 3 autonomous vehicle. Fifth, it is necessary to review present car insurance system. Sixth, present Product Liability Law is limited to movable products (Article 2), however, it is necessary to include intangible product which is software. Seventh, we should review on making special law related to autonomous car including civil, criminal, administrative, and insurance perspectives.

• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.16-22
• /
• 2021