Technical Protection Measures for Personal Information in Each Processing Phase in the Korean Public Sector
- Authors
- Shim, Mina; Baek, Seungjo; Park, Taehyoung; Seol, Jeongseon; Lim, Jongin
- Issue Date
- 30-10월-2009
- Publisher
- KSII-KOR SOC INTERNET INFORMATION
- Keywords
- Personal information protection; PET; PIA; information security management
- Citation
- KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, v.3, no.5, pp.548 - 574
- Indexed
- SCIE
SCOPUS
KCI
OTHER
- Journal Title
- KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS
- Volume
- 3
- Number
- 5
- Start Page
- 548
- End Page
- 574
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/119091
- DOI
- 10.3837/tiis.2009.05.008
- ISSN
- 1976-7277
- Abstract
- Personal information (hereinafter referred to as "PI") infringement has recently emerged as a serious social problem in Korea. PI infringement in the public and private sector is common. There were 182,666 cases of PI in 2,624 public organizations during the last three years. Online infringement cases have increased. PI leakage causes moral and economic damage and is an impediment to public confidence in public organizations seeking to manage e-government and maintain open and aboveboard administration. Thus, it is an important matter. Most cases of PI leakage result from unsatisfactory management of security, errors in home page design and insufficient system protection management. Protection management, such as encryption or management of access logs should be reinforced urgently. However, it is difficult to comprehend the scope of practical technology management satisfied legislation and regulations. Substantial protective countermeasures, such as access control, certification, log management and encryption need to be established. It is hard to deal with the massive leakage of PI and its security management. Therefore, in this study, we analyzed the conditions for the technical protection measures during the processing phase of PI. In addition, we classified the standard control items of protective measures suited to public circumstances. Therefore, this study provides a standard and checklist by which staff in public organizations can protect PI via technical management activities appropriate to laws and ordinances. In addition, this can lead to more detailed and clearer instructions on how to carry out technical protection measures and to evaluate the current status.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - School of Cyber Security > Department of Information Security > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.