• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.199-213
• /
• 2018

Since 2008, large-scale personal information breach incidents have occurred frequently. Even though national education, policy, and laws have been enacted and implemented to resolve the issue, personal information breaches still occur. Currently, individuals cannot confirm detailed information about what personal information has been affected, and they cannot respond to the breaches. Therefore, it is desirable to develop various methods for preventing and responding to personal information infringement caused by breach and leakage incidents and move to privacy protection behaviors. The purpose of this study is to create understanding of personal information security and information breach, to present services that can prevent breaches of personal information, to investigate the necessity of and analyze the potential public demand for such services, and to provide direction for future privacy-related information services.

• Journal of Information Processing Systems
• /
• v.16 no.5
• /
• pp.1034-1047
• /
• 2020

The personal authentication technique is an essential tool in this complex and modern digital information society. Traditionally, the most general mechanism of personal authentication was using alphanumeric passwords. However, passwords that are hard to guess or to break, are often hard to remember. There are demands for a technology capable of replacing the text-based password system. Graphical passwords can be an alternative, but it is vulnerable to shoulder-surfing attacks. This paper looks through a number of recently developed graphical password systems and introduces a personal authentication system using a machine learning technique with electroencephalography (EEG) signals as a new type of personal authentication system which is easier for a person to use and more difficult for others to steal than other preexisting authentication systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1245-1255
• /
• 2015

As cloud computing services become popular, the concern on the data security of cloud services increases and the efforts for the data security become essential. In this paper, we describe the pros and cons of cloud computing including the definition of cloud. Then, we discuss the regulations about the protection of user data defined in cloud promotion act. Previous studies related to the privacy protection and the entrustment of personal information in cloud computing are reviewed. We examine how to store the personal information depending on the cloud service model. As a result, we argue that the entrustment of personal information should vary according to the cloud service model and we propose how to protect the personal information on IaaS and SaaS cloud service models.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.3
• /
• pp.33-39
• /
• 2012

Since the passing of the Personal Information Act in March 2011 and its initial introduction in September, over the one year to date diverse security devices and solutions have been flowing into the market to enable observance of the relevant laws. Beginning with security consulting, corporations and institutions have focused on technology-based business in order to enable observance of those laws competitively in accordance with 6-step key procedures including proposal, materialization, introduction, construction, implementation, and execution. However there has not been any investment in human resources in the field of education such as technology education and policy education relative to the most important human resources field nor investment in professionals in the organization for the protection of personal information or in human resources for operating and managing IT infrastructure for actual entire personal information such as special sub-organizations. In this situation, as one process of attracting change from the nature of the technology-based security market toward a professional human resource-based security infrastructure market, it is necessary to conduct research into standardization modeling concerning special organizational composition and a management system for the protection of personal information.

• Journal of Korea Multimedia Society
• /
• v.18 no.1
• /
• pp.42-51
• /
• 2015

In this paper, we analyze the quality status of Health and Welfare division's standardized log and asses the characteristics of the institutions' logs analysis to establish the criteria to minimize hazards and control the quality of log's institutional details to limit extraction. As a result, extraction condition's proposed development direction to adequately assess and control health and welfare abuses privacy control target log. This improvement over the status and quality of information shared with relation to institutional work of the log quality characteristics is made possible. In addition, quality control and inspection standards were prepared in accordance with the institutional log characteristics. Future research will include performing continuous analysis and improvement activities on the quality of logs with integrated control of sharing personal information and distributing information about logs' quality to proactively target organ. Therefore, we expect that correcting proactive personal information misuse and leakage is possible to achieve.

• Journal of Information Technology Applications and Management
• /
• v.29 no.3
• /
• pp.57-74
• /
• 2022

Recently, big data services have been used in various fields. In this situation, this research studied the intention to provide personal information from users, which is necessary to provide useful big data services. A survey was conducted on college students and ordinary people who have understood big data services. And path analysis was performed through Amos' structural equation. As a result of the study, it was found that privacy risks, trust in service providers, individual innovativeness, service incentives, social influence, and service design are major variables influencing the intention to provide personal information. And it was found that trust in service providers plays a mediating role in influencing the intention to provide personal information. In addition, big data services were classified into types for information acquisition and types related to purchase. Accordingly, it was further analyzed whether major variables differ in the path affecting the intention to provide personal information, and new implications were found. Companies that actually develop and provide big data services should establish different strategies by reflecting research results depending on the type of big data service provided.

• The Journal of Information Systems
• /
• v.29 no.1
• /
• pp.51-74
• /
• 2020

Purpose Since the number of personal information breach incidents increased, many people have perceived the importance of personal information protection, in the recent. Especially, the number of personal information breach targeting middle-aged and elderly people rapidly increases. Therefore, the purpose of this study is to identify the factors which influence to fail of online information security behaviors among the elderly. Design/methodology/approach This study made a research model by adopting the factors deducted from the protection motivation theory. To analyze the research model, we conducted an online survey targeted on the elderly and middle ages users who have nations of Korean and Chinese respectively. Findings According to the empirical analysis result, we identified that only perceived severity and perceived vulnerability affected information security awareness. On contrast, it was also discovered that perceived barriers, self-efficacy, and response efficacy did not affect information security awareness. Additionally, the awareness of information security also did not affect information security behaviors. Middle-aged and elderly people with personal information protection education did more information security behaviors than people those who no education experiences. Korean middle-aged and elderly people with education significantly did more information protection behaviors than the people without the education.

• Journal of Digital Convergence
• /
• v.15 no.9
• /
• pp.1-14
• /
• 2017

As we enter the era of big data, the value of personal information is becoming ever more important. However, personal information protection laws in Korea have several issues. Furthermore, existing research are limited in their ability to facilitate a comprehensive understanding of measures to improve personal information protection laws. Accordingly, this study analyzes improvements to be made in the current personal information protection laws based on existing research. A total of 39 research articles discussing the problems of the personal information protection law were selected and analyzed by applying the meta - analysis technique. According to the results, the various issues such as the meaning and scope of personal information, the role and obligations of relevant parties, provision of personal information to third parties, and redundant and imbalanced regulations in special acts in each field. that exist in the current personal information protection laws were confirmed. This study contributes to the improvement of inconsistency between information protection laws and related special laws in each field in practice. Academically, it will contribute to understanding the problems of th law from the macro perspective and suggesting the integrated improvement ways of the law.

• Journal of Convergence for Information Technology
• /
• v.10 no.7
• /
• pp.20-32
• /
• 2020

This study is to develop and provide a personal information protection framework that enables IoT service providers to safely and systematically operate personal information of IoT service subjects in the overall process of providing IoT devices and services. To this end, a framework for personal information framework was derived through literature survey, and FGI with experts, it was divided into three stages, each of three stages: IoT service provision process and IoT personal information processing process. The study conducted an e-mail survey of related experts using AHP techniques to determine the importance of the components of the selected personal information protection framework. As a result, in the IoT service provision process, the IoT product and service design and development stage (0.5413) is the most important, and in the IoT personal information processing process, personal information protection in the collection and retention of personal information (0.5098) is the most important. Therefore, based on this research, as the IoT service is spreading, it is expected that a safe personal information protection framework will be realized by preventing security threats and personal information infringement accidents.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.1
• /
• pp.36-44
• /
• 2016

This study examined the nursing student's preliminary knowledge and awareness of patient's personal information protection. 187 respondents, who were trained in 2 different nursing colleges in Kyungpook province, participated in the survey from May 18 to June 12, 2015. Using the data collected, descriptive statistics, T-test and one-way ANOVA were implemented. As a result, the student nurses, who had heard about the Personal Information Protection Act showed a significantly higher awareness score of patient's personal information protection behavior than those who did not. The respondents educated in personal information protection were reported to have a higher score of awareness about the patient's personal information protection behavior. In this regard, it is vital for university organizers to develop education associated with ethics and information security, which could enhance the perceptions of personal information protection for student nurses before their working career begins.