• Journal of Convergence for Information Technology
• /
• v.11 no.1
• /
• pp.71-79
• /
• 2021

This study looked at the conflict between the aspect of the use of personally non-identifiable information for the development of the big data industry and the digital advertising industry and the aspect of personal information protection. In order to achieve the research purpose, this study focused on literature research such as thesis, legal texts, administrative regulations, and recent media articles. As a result of this study, the main issues related to the protection of personally non-Identifiable Information in digital behavioral advertising were 'conflict between freedom of advertising expression and personal rights', 'personalization of unidentifiable information', 'information imbalance'. In this regard, as measures to protect personally non-identifiable information in digital behavioral advertising, it was proposed to 'harmonize with freedom of advertising expression and personal rights, 'improve notification and consent. process', and 'reinforce the right to control personal information'.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.977-983
• /
• 2013

This paper presents result of researching personal information exposure of Korean twitter and facebook users. Personally identifiable information such as e-mail and phone numer is exposed in the accounts less than 1%. However there are many cases that a person is identified by non personally identifiable information. For example, 350 thousands accounts are distinguished with other accounts because its name is unique. Using combination of information such as name and high school, we can distinguish 2.97 millions accounts. We also found 170 thousands account pairs that are candidate of one users' own account. Linkability between two accounts in two different domains means that the person is identified. Currently, only personally identifiable information is protected by policy. This paper shows that the policy has limited effects under the circumstances that a person can be identified by non personally identifiable information and the account linking is possible.

• International Journal of Fuzzy Logic and Intelligent Systems
• /
• v.11 no.3
• /
• pp.197-203
• /
• 2011

Personal Identifiable Information (PII) is considered information that identifies or can be used to identify, contact, or locate a person to whom such information pertains or that is or might be linked to a natural person directly or indirectly. In order to recognize such data processed within information and communication technologies such as PII, it should be determined at which stage the information identifies, or can be associated with, an individual. For this, there has been ongoing research for privacy protection mechanism to protect PII, which now becomes one of hot issues in the International Standard as privacy framework and privacy reference architecture. Data processing flow models should be developed as an integral component of privacy risk assessments. Such diagrams are also the basis for categorizing PII. The data processing flow may not only show areas where the PII has a certain level of sensitivity or importance and, as a consequence, requires the implementation of stronger safeguarding measures. This paper propose a standard format for satisfying the ISO/IEC 29100 "Privacy Framework" and shows an implementation example for privacy reference architecture implementing privacy controls for the processing of PII in information and communication technology.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.10a
• /
• pp.807-808
• /
• 2016

With the recent rise in nuclear families and single-member families, there is a need for the kind of home management unaffected by neither space nor time. Moreover, electronic devices in and around the home need to be managed efficiently and prevented from overheating, and there is an increasing risk of fire, theft, and leak of personal data with these devices, which is leading to an increase in the economic costs. Accordingly, there is a growing need for an efficient and secure smart home management system. This paper proposes a home management system that uses smart devices. This system has addressed the shortcomings of a conventional Internet-based home network. Furthermore, it communicates with IoT-enabled devices and features intelligent information home appliances that are isolated from personally identifiable information and which are secure against advanced persistent threats, a type of cyber-attack.

• Electronics and Telecommunications Trends
• /
• v.38 no.5
• /
• pp.61-70
• /
• 2023

We investigated technological trends in an electrocardiogram (ECG)-based biometric cryptosystem that uses physiological features of ECG signals to provide personally identifiable cryptographic key generation and authentication services. The following technical details of the cryptosystem were investigated and analyzed: preprocessing of ECG signals, extraction of personally identifiable features, generation of quantified encryption keys from ECG signals, reproduction of ECG encryption keys under time-varying noise, and new security applications based on ECG signals. The cryptosystem can be used as a security technology to protect users from hacking, information leakage, and malfunctioning attacks in wearable/implantable medical devices, wireless body area networks, and mobile healthcare services.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.19 no.2
• /
• pp.160-167
• /
• 2009

This paper describes how to protect the personal information of a biometric reference provider wherein biometric reference and personally identifiable information are bounded in a biometric system. To overcome the shortcomings of the simple personal authentication method using a password, such as identify theft, a biometric system that utilizes physical and behavioral characteristics of each person is usually adopted. In the biometric system, the biometric information itself is personal information, and it can be used as an unique identifier that can identify a particular individual when combining with the other information. As a result, secure protection methods are required for generating, storing, and transmitting biometric information. Considering these issues, this paper proposes a method for ensuring confidentiality and integrity in storing and transferring personally identifiable information that is used in conjunction with biometric information, by extending the related X9.84 standard. This paper also outlines the usefulness of the proposition by defining a standard format represented by ASN.1, and implementing it.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.259-273
• /
• 2016

After realizing through the three large-scale data leakage incidents that intentional or accidental insider jobs are more serious than external intrusions, financial companies in Korea have been taking measures to prevent data leakage from occuring again. But, the IT system architecture reflecting the domestic financial environment is highly complicated and thereby difficult to grasp. It is obvious that despite administrative, physical, and technical controls, insider threats are likely to cause personal data leakage. In this paper, we present a process that based on metadata defines and manages personally identifiable attribute data, and that through inter-table integration identifies personal information broadly and controls access. This process is to decrease the likelihood of violating compliance outlined by the financial supervisory authority, and to reinforce internal controls. We derive and verify a decision-making model that reflects the proposed process.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.12
• /
• pp.101-108
• /
• 2017

The study proposed a system that filters the data that is entered when analyzing big data such as SNS and BLOG. Personal information includes impersonal personal information, but there is also personal information that distinguishes it from personal information, such as religious institution, personal feelings, thoughts, or beliefs. Define these personally identifiable information as sensitive information. In order to prevent this, Article 23 of the Privacy Act has clauses on the collection and utilization of the information. The proposed system structure is divided into two stages, including Big Data Processing Processes and Sensitive Information Filtering Processes, and Big Data processing is analyzed and applied in Big Data collection in four stages. Big Data Processing Processes include data collection and storage, vocabulary analysis and parsing and semantics. Sensitive Information Filtering Processes includes sensitive information questionnaires, establishing sensitive information DB, qualifying information, filtering sensitive information, and reliability analysis. As a result, the number of Big Data performed in the experiment was carried out at 84.13%, until 7553 of 8978 was produced to create the Ontology Generation. There is considerable significan ce to the point that Performing a sensitive information cut phase was carried out by 98%.

• The Journal of Korean Association of Computer Education
• /
• v.14 no.6
• /
• pp.75-81
• /
• 2011

Cookie is simple text file, which contains records of web service which provided to user. some of data included in Cookie has user's private information. When attacker has Cookie which included user's private information, will causing financial losses. In this paper we designed security section which can improve vulnerable Cookie's security level. Through research and vulnerability analysis of Cookie file, we find out how to implement security area to offer efficient security area and design security area for cookie file. Also we checked security level to performance evaluation. Through this security level, we can keep user's private information secure using Cookie's improve security level which stored in user's personal computer.

• The Journal of the Convergence on Culture Technology
• /
• v.2 no.3
• /
• pp.23-28
• /
• 2016

As a large portal sites are beginning to replace the function of the mass media, new risks began to raise. It remained without being deleted that data written to the internet was a serious privacy problem occurs. The sensitive information was inferred based on the personal data recorded in the past and also another personal information leakage itself. Witch-hunt through the personally identifiable rob has emerged as a serious social problem and damage to the parties not be able to live a normal life. In this paper, we propose the study on the need for a 'right to be forgotten' to delete the personal information relating to on-line through international case studies and activation measures. At the same time, we proposed improvement measures, such as encryption management, ownership inheritance, and blind treatment.