• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.4
• /
• pp.193-201
• /
• 2017

Financial firms strengthen to protect personal information from the leakage, introducing various security solutions such as print output security, internet network Isolation system, isolationg strorage of customer information, encrypting personal information, personal information detecting system, data loss prevention, personal information monitoring system, and so on. Financial companies are also entering the era of cutthroat competition due to accept of the new channels and the paradigm shift of financial instruments. Accordingly, The needs for security for customer information held by financial firms are keep growing. The large security accidents from the three card companies on January 2014 were happened, the case in which one of the outsourcing personnel seized customer personal information from the system of the thress card companies and sold them illegally to a loan publisher and lender. Three years after the large security accidents had been passed, nevertheless the security threat of the IT outsourcing workforce still exists. The governments including the regulatory agency realted to the financail firms are conducting a review efforts to prevent the leakage of personal information as well as strengthening the extent of the sanction. Through the analysis on the application of security policy for outsourcing personnel in case of large-scale Financial IT projects and the case study of appropriate security policies for security compliance, the theis is proposing a solution for both successfully completing large-scale financial IT Project and so far as possible minizing the risk from the security accidents by the outsouring personnel.

• Ecology and Resilient Infrastructure
• /
• v.7 no.1
• /
• pp.26-42
• /
• 2020

Soils are the basis for plant rooting and ecosystem creation, the site of life for humankind, and require much time for their creation, so there will be no disagreement about the importance and necessity of soil conservation and management. Soil resilience is the ability of soils to maintain their original structure and function (resistance and recovery) from various kinds of disturbances, and is an indispensable field of study that prepares for a future with high uncertainty and unpredictability. Therefore, this study summarizes the concept and necessity of soil resilience, which is not yet widely known in Korea, and the contents of previous studies were reviewed. This study was carried out with the aim of contributing to lowering the threshold for entry into resilience research for domestic and foreign researchers who are new to soil resilience. In the first part of this study, we introduced resilience and soil resilience, and in the second part, we summarized the main causes of stress or disturbance that have been studied by many soil resilience researches. This makes it easy to find the references authors need. It is virtually impossible to find the same soil environment because there is no same area on the earth with all the same rock, climate, human activity, and culture, suggesting that each soil has its own uniqueness. Therefore, the researcher who wants to utilize the results of this study should take into consideration the specificity of the soil and the region to which the soil resilience is introduced, and modify it if necessary. In addition, efforts should be made to strengthen the network of soil resilience researchers to create a basis for sharing and actively utilizing the research results.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.87-92
• /
• 2012

In the early 2012, European Union proposed new legal framework, including the right to be forgotten, for the protection of personal data. The new Proposal articulates kind of sweeping new privacy right and there has been debates on its potential threat to free speech in the digital age. While the situation is similar in Korea, I want to introduce the right to be forgotten in the Proposal. Then, I will analyze current legal system in Korea regarding the new privacy right and suggest some guidelines in searching direction for the coming legislation with respect to the right to be forgotten. The right to be forgotten should not have been promulgated without considering fully its effect on the free speech, especially in the society where the voice toward direct democracy or movement toward participation of the citizen, mainly through cyber space or Social Network Services, has risen much higher in Korea. Especially, the new right seems not to cover the control of data subject on a third party where the third party expressing his opinion by posting himself other's personal data on his blog or others.

• Informatization Policy
• /
• v.25 no.3
• /
• pp.29-51
• /
• 2018

As the core technology of the Fourth Industrial Revolution, the Internet of Things has been developed and has enabled various services, and personal information has been handled freely in the process. However, the infringement threat of personal information is increasing as more convenient services are provided and more information devices including smart devices are connected to the network. Therefore, this study is to analyze prioritizing personal information protection policy indicators in order to provide IoT services by constructing secure environment for implementing the Internet of things as the core technology of the 4th Industrial Revolution. This study reviewed personal information protection policy indicators based on the literature survey, and identified 3 fields, 9 areas, and 25 indicators through Delphi analysis for experts. The weights were calculated based on the AHP survey for 66 experts and the results were used to present the relative importance and priority of the policy indexes. The results of this study found the policy field was the most important, followed by the technical field, and the administrative field. Of the three areas of the policy field, strengthening the personal information protection laws related to IoT is the most important, while among the indicators, promoting and revising the personal information protection law related to IoT is the most important. Comparisons of the fields, areas, and indicators of IoT-related personal information protection policies found consistent values. The personal information protection policy indicators derived this way will contribute to the nation's competitiveness by expanding secure IoT policies in the future.

• The Korean Journal of Air & Space Law and Policy
• /
• v.1
• /
• pp.87-123
• /
• 1989

The purpose of this thesis is to do a research on suppression of peacetime international terrorism and penal system of terrorists by political and economic means. International terrorism means wanton killing, hostage taking, hijacking, extortion or torture committed or threatened to be comitted against the innocent civilian in peacetime for political motives or purposes provided that international element is involved therein. This research is limited to international terrorism of political purposes in peacetime, especially, hijacking of civil aircraft. Hijacking of civil aircraft include most of international terrorism element in its criminal act and is considered to be typical of international terrorism in view of multinationality of its crews, passengers and transnational borders involved in aircraft hijacking. Civil air transportation of today is a indispensable part of international substructure, as it help connect continuously social cultural and economic network of world community by dealing with massive and swift transportation of passengers and all kinds of goods. Current frequent hijacking of civil aircraft downgrade the safety and trust of air travel by mass slaughter of passengers and massdestruction of goods and endanger indispensable substructure of world community. Considering these facts, aircraft hijacking of today poses the most serious threat and impact on world community. Therefore, among other thing, legal, political, diplomatic and economic sanctions should be imposed on aircraft hijacking. To pursue an effective research on this thesis aircraft hijacking by six Chineses on 5th May, 1983, from mainland China to Seoul, Korea, is chosen as main theme and the Republic of Korea's legal, political and diplomatic dealing and settlement of this hijacking incident along with six hijackers is reviewed to find out legal, political diplomatic means of suppression and solution of international terrorism. Research is focused on Chinese aircraft hijacking, Korea-China diplomatic negotiation, Korea's legal diplomatic handling and settlement of Tak Chang In, mastermind of aircraft hijacking and responses and position of three countries, Korea, China and Taiwan to this case is thoroughly analyzed through reviewing such materials as news reportings and comments of local and international mass media, Korea-China Memorandum, statements of governments of Korea, China and Taiwan, verdicts of courts of Korea, prosecution papers and oral argument by the defendants and lawyers and three antiaircraft hijacking conventions of Hague, Tokyo and Montreal and all the other instruments of international treaties necessary for the research. By using above-mentioned first-hand meterials as yardsticks, legal and political character of Chinese aircraft hijacking is analyzed and reviewed and close cooperation among sovereign states based on spirit of solidarity and strict observance of international treaties such as Hague, Tokyo and Montreal Conventions is suggested as a solution and suppressive means of international terrorism. The most important and indispensable factor in combating terrorism is, not to speak, the decisive and constant resolution and all-out effort of every country and close cooperation among sovereign states based on "international law of cooperation."

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.295-310
• /
• 2014

DCS (Distributed Control System), the main control system of power plants, is an automated system for enhancing operational efficiency by monitoring, tuning and real-time operation. DCS is becoming more intelligent and open systems as Information technology are evolving. In addition, there are a large amount of investment to enable proactive facility management, maintenance and risk management through the predictive diagnostics. However, new upcoming weaponized malware, such as Stuxnet designed for disrupting industrial control system(ICS), become new threat to the main control system of the power plant. Even though these systems are not connected with any other outside network. The main control systems used in the power plant usually have been used for more than 10 years. Also, this system requires the extremely high availability (rapid recovery and low failure frequency). Therefore, installing updates including security patches is not easy. Even more, in some cases, installing security updates can break the warranty by the vendor's policy. If DCS is exposed a potential vulnerability, serious concerns are to be expected. In this paper, we conduct the penetration test by using NESSUS, a general-purpose vulnerability scanner under the simulated environment configured with the Ovation version 1.5. From this result, we suggest a log analysis method to detect the security infringement and react the incident effectively.

• Journal of Korean Philosophical Society
• /
• v.147
• /
• pp.239-260
• /
• 2018

Is an artificial intelligence robot, a non-human beings newly emerging in the age of technology, a threat to human beings, or a mutual cooperation or ensemble with human beings? The desire to control nature through the use of the power of science and technology is manifested in the fear that humans can annihilate themselves. This study attempts to identify the problems of Cartesian epistemology underlying these questions and fears and to answer these questions based on Merleau - Ponty 's ontological ontology using the Ontology and Latour' s ontology and technological philosophy. The cogito derived from the Cartesian philosophy became the basis of the structure of dichotomous epistemology of 'subjectivity and objectivity' based on human - reason. In the human-centered world, all non-human beings were tools or controls for humans. The problem of the modern people is not only to get help from the natural scientific methods to control the nature including man, but also to think that scientific method is the only way to understand the world. In criticizing this, Merleau-Ponty shows that the body mediates between human beings and non-human beings, and provides a possible ontological basis for the ontology. Merleau - Ponty 's phenomenological methodology and ontology are newly developed by Simondon under the influence of phenomenological philosopher and phenomenology. The relationship between human beings and nonhuman beings by Simondon appears as an ensemble of human and technical objects or a mutual co - operation of human and technical objects. In particular, Latour goes a step further in Simondon and defines all the bodies living in the world as actor-network theory, denying the core concept of modernity. Merleau - Ponty 's phenomenological view can be a new possible basis for the philosophical discussion of the technological age. We will see that the problem itself can be solved by shifting modern fear to a phenomenological attitude.

• KIPS Transactions on Computer and Communication Systems
• /
• v.8 no.9
• /
• pp.217-224
• /
• 2019

Recently, sensor networks are built and used on many kinds of fields such as home, traffic, medical treatment and power grid. Sensing data manipulation on these fields could be a serious threat on property and safety. Thus, a proper way to block sensing data manipulation is necessary. In this paper, we propose IoT(Internet of Things) sensing data validation mechanism based on data obfuscation and variance analysis to remove manipulated sensing data effectively. IoT sensor device modulates sensing data with obfuscation function and sends it to a user. The user demodulates received data to use it. Fake data which are not modulated with proper obfuscation function show different variance aspect with valid data. Our proposed mechanism thus can detect fake data by analyzing data variance. Finally, we measured data validation time for performance analysis. As a result, block rate for false data was improved by up to 1.45 times compared with the existing technique and false alarm rate was 0.1~2.0%. In addition, the validation time on the low-power, low-performance IoT sensor device was measured. Compared to the RSA encryption method, which increased to 2.5969 seconds according to the increase of the data amount, the proposed method showed high validation efficiency as 0.0003 seconds.

• Journal of Legislation Research
• /
• no.54
• /
• pp.155-192
• /
• 2018

As the 'hyper-connected society' has emerged through the 'Fourth Industrial Revolution, public interests as well as social dangers have increased. Above all, the risk of infringement of information, including confidential personal information, is dramatically increasing. As the hyper-connected society has been realized, even if only one of the internet devices is hacked, there would be a danger that the ripple effect of such a hacking spreads to the whole network. Therefore, the necessity and importance of information security, including cybersecurity, has been increasing. In other words, the stability of cyberspace and internet space is becoming more important. As a result, the Korean government is seeking to build a legal system related to information security, which would be able to cope with the information infringement problem in the hyper-connected society. However, it seems that the government is still struggling with the direction of building such a legal system. In this context, a comparative review examining the legal systems of advanced foreign countries will provide meaningful implications as to what kinds of legal policies we should devise and implement for information security. In particular, the U.S. legislative act that actively responds to the cybersecurity violations is worthy of reference. For this reason, this article systematically analyzes the current status of the U.S. cybersecurity laws. Especially, this article focuses on the "Cybersecurity Information Sharing Act of 2015"(hereinafter "CISA"), that was recently enacted by the U.S. congress. The CISA prescribes the systemic and detailed information-sharing between national and private entities. The CISA, that actively promotes information-sharing, is full of suggestions for us, in that information-sharing is an effective way to properly realize information security in today's hyper-connected society.

• The Journal of the Korea Contents Association
• /
• v.21 no.3
• /
• pp.561-566
• /
• 2021

Schools are highly feared to spread widely in the event of an infectious disease, and systematic management and prompt response are needed as it can undermine students' health and learning rights. This study was conducted to identify the current status of infectious diseases common to elementary, middle and high school students and to provide basic data to protect students and faculty from the threat of infectious diseases and maintain normal school functions. Sejong City was selected for investigation. The three major infectious diseases are influenza, chickenpox and aquarium, all of which are classified as acute viral infectious diseases and have fast propagation speed and strong propagation power, which can have fatal consequences for students living in groups. The research data were analyzed using the 2019 infectious disease report data from the Education Ministry's Education Administration Information Network (NEIS), and the current status data reported by elementary, middle and high schools nationwide were analyzed. The research method was to compare the current status of infectious diseases across the country and Sejong City, compare the status of issuance by each school level, compare the status of infectious diseases by item, and analyze the status of infectious diseases by time. The results of the survey on the status of the three major infectious diseases are expected to be used as basic data for managing infectious diseases not only in Sejong City but also in the nation, so that they can be used to establish measures to manage student infectious diseases in the future.