• Journal of Internet Computing and Services
• /
• v.16 no.4
• /
• pp.141-148
• /
• 2015

The Personal Information Protection Act enacted in March 2011 stated that the application target of this law includes all personal information processors in the public and private sector, and established the protection standard by phase such as collection, use and provision of personal information. There was an introduction of the Privacy Impact Assessment system that enables personal information processors to perform impact assessment autonomously if there are great concerns over the fact that making and expanding personal information files will influence the protection of personal information, while also making impact assessment compulsory for public institutions in specific reasons with great concerns for violating the rights of the subjects of information. This Act still has the problem that it is generally difficult to understand. This paper deals with the Korean legal practices about the personal information protection with regard to ambiguity and promotional system.

• Convergence Security Journal
• /
• v.14 no.3_2
• /
• pp.3-12
• /
• 2014

The government was fully aware of the gravity of a recent massive leak of personal information of credit card users. Meanwhile, the government just took a light disciplinary action by imposing a fine, but it showed its intention to strengthen the regulations by taking the severest disciplinary action. The tightened regulations against personal information leak will be applied to the private security industry without exception to protect individual people's property and lives if such an incident occurs in that industry that deals with a wide variety of personal information such as CCTV data or privacy information all the time. The purpose of this study was to examine the state of the protection and management of personal information for service users among private security firms in an effort to suggest some reform measures. The findings of the study were as follows: First, administrators or managers who are involved with personal information protection should make a full-fledged effort to gather information. Second, counseling or related programs should be provided for small and mid-sized security firms to guarantee thorough personal information protection. Third, Korea Security Association should improve the educational system related to personal information protection to resolve problems with this education currently provided for managers and employees of these companies.

• Asia pacific journal of information systems
• /
• v.18 no.3
• /
• pp.45-65
• /
• 2008

The rapid growth of the Internet has increased the amount of transmission of personally identifiable information. At the same time, with new Internet related technologies, organizations are trying to collect and access more personal information than before, which in turn makes individuals concern more about their information privacy. For their successful businesses, organizations have tried to alleviate these concerns in two ways: (1) by offering privacy policies that promise certain level of privacy protection; (2) by offering benefits such as financial gains or convenience. In this paper, we interpret these actions in the context of the information processing theory of motivation. This paper follows Hann et al.(2007)'s methods to analyze Internet users privacy concerns in Korea and tries to compare the findings. Our research objectives are as follows: First, we analyze privacy concern mitigation strategies in the framework of the expectancy theory of motivation. Subsequently, we show how the expectancy theory based framework is linked o the conjoint analysis. We empirically validate the predictions that the means to mitigate privacy concerns are associated with positive valences resulting in an increase in motivational score. In order to accommodate real-life contexts, we investigate these means in trade-off situation, where an organization may only be able to offer partially complete privacy protection and/or promotions and/or convenience, While privacy protection (secondary use, improper access) are associated with positive valences, we also find that financial gains can significantly increase the individuals' motivational score of a website in Korea. One important implication of this empirical analysis is that organizations may possess means to actively manage the privacy concerns of Internet users. Our findings show that privacy policies are valued by users in Korea just as in the US or Singapore. Hence, organizations can capitalize on this, by stating their privacy policy more prominently. Also organizations would better think of strategies or means that may increase online users' willingness to provide personal information. Since financial incentives also significantly increase the individuals' motivational score of website participation, we can quantify the value of website privacy protection in terms of monetary gains. We find that Korean Internet users value the total privacy protection (protection against errors, improper access, and secondary use of personal information) as worthy as KW 25,550, which is about US 28. Having done this conjoint analysis, we next adopt cluster analysis methodology. We identify two distinct segments of Korea's internet users-privacy guardians and information sellers, and convenience seekers. The immediate implication of our study is that firms with online presence must differentiate their services to serve these distinct segments to best meet the needs of segments with differing trade-offs between money and privacy concerns. Information sellers are distinguished from privacy guardians by prior experience of information provision, To the extent that businesses cannot observe an individual's prior experience, they must use indirect methods to induce segmentation by self-selection as suggested in classic economics literature of price discrimination, Businesses could use monetary rewards to attract information sellers to provide personal information. One step forward from the societal trends that emphasize the need of legal protection of information privacy, our study wants to encourage organizations and related authorities to have the viewpoints to consider both importance of privacy protection and the necessity of information trade for the growth of e-commerce.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.8
• /
• pp.811-818
• /
• 2004

The spreading of internet, combined with the computerization of industry and the life whole has created an incereased demand on the private life protection and information portection, but due to the lack of specialty manpower on the information protection industry field there are many difficulties. Therefore, in this paper a curriculum for an information protection specialty manpower training is proposed. The proposed curriculum indispensability 1,2 and classified with a selection 1,2 and classified with a selection 1,2. The information protection application field into 9 segments of domains, and to carry out the curriculum in a ring structure. The curriculum based on the information security field's 9 domains and related field practical business, and the course offered after graduation to deepen the specialty, need to be carried out by each domain in order to continuously carry out the information security deepening process.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.1011-1020
• /
• 2021

Throughout the years, cybersecurity incidents related to the shipbuilding and maritime industries are occurring more frequently as the IT industry develops. Accordingly, expertise in the information protection industry is necessary, and effective education contents on information protection are needed for this purpose. Recently, there have been more and more cases of increasing user experience by applying Metaverse technology to the educational field. Therefore, this study analyzes the existing information protection education and training and the information protection education contents in the maritime industries and proposes four directions for content development (i.e., online education and seminars, cybersecurity threat learning of virtual ships, accident reproduction, and maritime cybersecurity exhibition operation).

• Knowledge Management Research
• /
• v.20 no.3
• /
• pp.91-106
• /
• 2019

In the era of the 4th Industrial Revolution, the importance of information protection is increasing day by day with the advent of the 'hyper-connection society', and related government financial investment is also increasing. The source of the government's fiscal investment projects is taxpayers' money. Therefore, the government needs to evaluate the effectiveness and feasibility of the project by comparing the public benefits created by the financial investment projects with the costs required for it. At present, preliminary feasibility study system which evaluates the feasibility of government financial investment projects in Korea has been implemented since 1994, but most of them have been actively carried out only in some fields such as large SOC projects. In this study, we discuss the feasibility evaluation of public projects for the purpose of information security. we introduce the case study of the personal information protection program of Korean public institutions and propose a cost-effectiveness analysis method that can be applied to the feasibility study of the information protection field. Finally, we presented the feasibility study and criteria applicable in the field of information security.

• Journal of Korean society of Dental Hygiene
• /
• v.15 no.4
• /
• pp.743-750
• /
• 2015

Objectives: The purpose of the study is to examine the correlation and influencing factors among ethics position, self-esteem, and perception of patient medical information protection in the dental hygiene students. Methods: This is a cross sectional study using the structured questionnaire. A self-reported questionnaire was completed by 202 dental hygiene students using the stratified sampling method from September 1 to November 1, 2013. The questionnaire was modified and complemented from Ethics Position Questionnaire (EPQ). The questionnaire included EPQ, self-esteem, and perception of patient medical information protection. Data were analyzed by independent t-test, one way ANOVA, Duncan's multiple comparison analysis, Pearson's correlation analysis, and stepwise multiple regression analysis using IBM SPSS Statistics 21.0 program. Results: There was a positive correlation among all the variable including idealism position, self-esteem, and perception of patient medical information protection, The factors influencing on the perception of patient medical information protection were idealism position (${\beta}=0.271$, p<0.001) and self-esteem (${\beta}=0.248$, p<0.001). The corrected explanation power of the model was 15.1%. Conclusions: As the idealism position and self-esteem become higher, the perception of patient medical information protection gets higher. Therefore, this study suggests that it is needed to develop and vitalize implement the appropriate programs enhancing ethics consciousness, proper position, and self-esteem in the dental hygiene students receiving the education for their professionalism in the dental hygiene curricula.

• Journal of Digital Convergence
• /
• v.18 no.10
• /
• pp.345-352
• /
• 2020

This study was conducted to investigate 820 university students in C and G areas to analyze the effects of ethical values of health administration major college students on the perception of patient personal information protection and to present important basic data for the development of education programs. The data were analyzed through SPSS/WIN 18.0 Program. As a result of analysis, the average of personal information protection of college students majoring in health administration was low at 2.04 ± 0.24, and ethical values were idealistic tendency 2.51 ± 0.32 points, and relativistic tendency was 2.34 ± 0.34 points, which showed a high idealistic tendency. Ethical values were also significantly related to idealistic ethics and relativistic ethics in terms of the level of awareness of patient personal information protection and the perception of patient personal information protection exposure. Therefore, in order to increase the protection of patients' personal information of university students majoring in health administration, the correct ethical values should be established, and systematic and continuous education is needed for this purpose.

• The Journal of Korean Association of Computer Education
• /
• v.12 no.5
• /
• pp.1-13
• /
• 2009

Systematic information protection education is necessary to evoke the importance of information protection to the students and to provide them with alternatives to cope with malicious attacks. However, there have been too little development of the methods of systematic education and teaching materials to allow an effective education of information protection in the classrooms today. In this paper, we developed principle-oriented visual learning materials using UCC (User Created Content) for an effective education of information protection and evaluated the effectiveness of our approach with independent sample t-test method after being used in two classes, a test group and a control group. In particular, using UCCs, which have become the most frequently used contents in the Internet, as visual material for the education of information protection, proved to be effective in promoting the interest of students in classes and highly useful in education.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1209-1223
• /
• 2018

Android apps are made up of bytecode, so they are vulnerable to reverse engineering, and protection services are emerging that robustly repackage the app to compensate. Unlike cryptographic algorithms, the robustness of these protection services depends heavily on hiding the protection scheme. Therefore, there are few systematic discussions about the protection method even if destruction techniques of the protection service are various. And it is implemented according to the intuition of the developer. There is a need to discuss systematic protection schemes for robust security chains, rather than simple deployment of techniques disrupting static or dynamic analysis. In this paper, we analyze bangcle, a typical commercial Android app protection service, to examine the protection structure and vulnerable elements. We propose the requirements for robust structure and principles of protection structure.