Study on SW Quality Certification Improvement Model Considering Personal Information Protection

  • Seok Kwan Kim
  • Gab Sang Ryu

Abstract

Background/Objectives: To date, CMMI has been instrumental in improving the internal and external development process. However, CMMI is somewhat inadequate to address security issues in the area of privacy.

Methods/Statistical analysis: This study aims to investigate the process at each level of CMMI and management and technical protection measures of personal information protection in Korea.In particular, the administrative, management and technical requirements for privacy in Korea are very similar to ISO27001.That especially includes establishment and implementation of internal management plan, Access control, Encryption of personal information. Through these studies, we found protective measures to maximize effectiveness.

Findings: In this study, we found some privacy measures applicable to CMMI. First, we proposed an overall security policy by establishing an internal security management system, and proposed to operate CISO positions independently for effective personal information protection activities. Through this, it can contribute to strengthening personal information protection capability, preventing cyber infringement, and minimizing damage in case of an accident. Second, the DMZ, server area, and DB area were divided to protect internal personal information from the outside for network access control. In addition, in order to block the exposure of internal IP address from outside, NAT (Network Address Translate) is used to isolate inside and outside. In particular, the introduction of private IP can fundamentally block access from the outside. Finally, to protect your privacy, we proposed an encryption algorithm. This minimizes the damage caused by illegal hacking and the leakage of personal information. Secure encryption algorithms include Symmetric Key Cryptographic Algorithm, Public key cryptographic algorithm and One-way encryption algorithm.

Improvements/Applications: Through this study, by applying technical and managerial stability measures for personal information protection, we can secure the stability by adding a personal information protection process to the CMMI. 

Keywords: Personal Information, Privacy, CMMI, Security, Safe,SW Quality

Published
2019-09-27
How to Cite
Kim, S. K., & Ryu, G. S. (2019). Study on SW Quality Certification Improvement Model Considering Personal Information Protection. International Journal of Advanced Science and Technology, 28(5), 233 - 238. Retrieved from http://sersc.org/journals/index.php/IJAST/article/view/341
Issue
Vol. 28 No. 5 (2019)
Section
Articles