신기술의 혁신과정은 매우 역동적이어서 정부는 빠른 기술발전, 대중의 필요 및 변화하는 글로벌 트렌드에 맞춰 주기적인 정책 검토를 할 필요가 있다. 1990년대 인터넷은 폭발적인 성장을 하였지만 다양한 응용프로그램들의 활용이 보안 문제로 인해 제한되었고, 공개 키 기반구조 (PKI)는 이러한 문제들을 해결할 수 있는 근본적인 기술로 인식되었다. 2017년 현재에도 PKI는 개방형 네트워크에서의 전자인증에 있어 최고 기술의 하나이지만 그 사용처는 폐쇄 네트워크 내에서의 사용자 확인 및 SSL/TLS와 같은 네트워크 보안인프라 내에서의 서버 인증과 같이 한정된 부문에 한한다. PKI에 대한 기대와 현실의 차이는 2000년대 초반 인터넷 거버넌스 하에서의 새로운 인증정책의 글로벌한 도입과 함께한 인터넷의 진화에 기인한다. 새로운 인터넷 거버넌스는 다수 이해관계자간의 협력에 기반하고, 이는 기술정책과 관련한 정부의 행동방식에 변화를 가져왔다. 이 연구는 미국과 한국의 PKI 정책을 경로의존성 이론 (Path Dependence Theory)의 관점에서 분석한다. 두 국가의 다른 정책 결과는 인터넷 거버넌스의 부상을 증명하고, 또한 현재의 글로벌 인터넷 사회의 정책결정자들에게 중요한 함의를 줄 수 있을 것이다.
신기술의 혁신과정은 매우 역동적이어서 정부는 빠른 기술발전, 대중의 필요 및 변화하는 글로벌 트렌드에 맞춰 주기적인 정책 검토를 할 필요가 있다. 1990년대 인터넷은 폭발적인 성장을 하였지만 다양한 응용프로그램들의 활용이 보안 문제로 인해 제한되었고, 공개 키 기반구조 (PKI)는 이러한 문제들을 해결할 수 있는 근본적인 기술로 인식되었다. 2017년 현재에도 PKI는 개방형 네트워크에서의 전자인증에 있어 최고 기술의 하나이지만 그 사용처는 폐쇄 네트워크 내에서의 사용자 확인 및 SSL/TLS와 같은 네트워크 보안 인프라 내에서의 서버 인증과 같이 한정된 부문에 한한다. PKI에 대한 기대와 현실의 차이는 2000년대 초반 인터넷 거버넌스 하에서의 새로운 인증정책의 글로벌한 도입과 함께한 인터넷의 진화에 기인한다. 새로운 인터넷 거버넌스는 다수 이해관계자간의 협력에 기반하고, 이는 기술정책과 관련한 정부의 행동방식에 변화를 가져왔다. 이 연구는 미국과 한국의 PKI 정책을 경로의존성 이론 (Path Dependence Theory)의 관점에서 분석한다. 두 국가의 다른 정책 결과는 인터넷 거버넌스의 부상을 증명하고, 또한 현재의 글로벌 인터넷 사회의 정책결정자들에게 중요한 함의를 줄 수 있을 것이다.
In emerging technologies, innovation processes are dynamic in that the government needs to regularly review its policies to resonate with rapid technological advancements, changing public needs, and evolving global trends. In the 1990s, the Internet grew at an explosive rate, but many applications w...
In emerging technologies, innovation processes are dynamic in that the government needs to regularly review its policies to resonate with rapid technological advancements, changing public needs, and evolving global trends. In the 1990s, the Internet grew at an explosive rate, but many applications were constrained due to security concerns. Public Key Infrastructure (PKI) seemed to be the fundamental technology to address these concerns by providing security functions. As of 2017, PKI is still one of the best technologies for electronic authentication in an open network, but it is used only in limited areas: for user authentications in closed networks and for server authentications within network security infrastructure like SSL/TLS. The difference between expectation and reality of PKI usage is due to the evolution of the Internet along with the global adoption of new authentication policies under the Internet governance in the early 2000s. The new Internet governance based on the cooperation between multi-stakeholders is changing the way in which a government should act with regard to its technological policies. This paper analyzes different PKI policy approaches in the United States and Korea from the perspective of path-dependence theory. Their different policy results show evidence of the rise of the Internet governance, and may have important implications for policy-makers in the current global Internet society.
In emerging technologies, innovation processes are dynamic in that the government needs to regularly review its policies to resonate with rapid technological advancements, changing public needs, and evolving global trends. In the 1990s, the Internet grew at an explosive rate, but many applications were constrained due to security concerns. Public Key Infrastructure (PKI) seemed to be the fundamental technology to address these concerns by providing security functions. As of 2017, PKI is still one of the best technologies for electronic authentication in an open network, but it is used only in limited areas: for user authentications in closed networks and for server authentications within network security infrastructure like SSL/TLS. The difference between expectation and reality of PKI usage is due to the evolution of the Internet along with the global adoption of new authentication policies under the Internet governance in the early 2000s. The new Internet governance based on the cooperation between multi-stakeholders is changing the way in which a government should act with regard to its technological policies. This paper analyzes different PKI policy approaches in the United States and Korea from the perspective of path-dependence theory. Their different policy results show evidence of the rise of the Internet governance, and may have important implications for policy-makers in the current global Internet society.
* AI 자동 식별 결과로 적합하지 않은 문장이 있을 수 있으니, 이용에 유의하시기 바랍니다.
문제 정의
This paper is based on historical case studies and empirical analyses. Additional reasoning based on both qualitative and quantitative analyses may make this paper more concrete and reliable one.
Even though there have been several problems posed by its electronic authentication policy, the Korean government did not change its policy until 2015. This research finds the reasons by applying path dependence theory on Korean NPKI policies. Below shows a Korean NPKI model of path dependence based on basic economic model of path dependence by Simmie (Simmie, 2012)
제안 방법
This research analyzes the Korean electronic authentication policy reform case applying a new public policy model of path dependence. By comparing the US and Korean policy approaches, the analysis will show the reasons for a decade-long policy continuity of Korea and the rise of the multi-stakeholder process as a new form of governance.
참고문헌 (36)
American Bar Association, Digital Signature Guidelines, 1996
Baek, Bongsam., Korean Internet Environment, 'PCMS'.'MobileGoogle'. Retrieved September 10, 2015.
Burr, William E., Dodson, Donna F., Newton, Elaine M., Perlner, Ray A., Polk, W. Timothy., Gupta, Sarbari, & Nabbus, Emad. A., Electronic Authentication Guideline. National Institute of Standards and Technology, 2011.
Cerna, Lucie, The Nature of Policy Change and Implementation: A Review of Different Theoretical Approaches, Organization for Economic Co-operation and Development, 2013.
Clinton, J. William., Administration of Export Controls on Encryption Products. Executive Order, 13026, 1996.
Chromium Blog (2013) Saying Goodbye to Our Old Friend NPAPI, Retrived from https://blog.chromium.org/2013/09/saying-goodbye-to-our-old-friend-npapi.html
Danielle, Kehl, Wilson, Andi, & Bankston, Kevin. (2015). Doomed To Repeat History? Retrieved from https://static.newamerica.org/attachments/3407-125/LessonsFromtheCryptoWarsofthe1990s.882d6156dc194187a5fa51b14d55234f.pdf
Department of Commerce. (2000, January 10). Revised U.S. Encryption Export Control Regulations.
Grassi, Paul A., Garcia, Michael. E., & Fenton, James. L., NIST 800-63-3: Digital Identity Guidelines. National Institute of Standards and Technology, 2017.
International Telecoms Union Telecommunication Standardization Sector. (1997). International TeleX. 509 : Information technology-Open Systems Interconnection-The Directory: Public-key and at tribute certificate frameworks Retreved from: https://www.itu.int/rec/T-REC-X.509
Johnson, Chalmers., MITI and the Japanese miracle: the growth of industrial policy, 1925-1975, Stanford University Press, 1982.
Kim, Tong-hyung. (2009, September 23). Korea Paying Price for Microsoft Monoculture. Retrieved from the Korean Times,: http://www.koreatimes.co.kr/www/news/biz/2010/05/123_52401.html
Lee, Junghyun, The usage and problem of the authorized certificate in smart environment, Internet & Security Focus, Korea Internet Security Agency, 2013.
Lee, Soo Hee, & Yoo, Taeyoung, "Government Policy and Trajectories of Radical Innovation in Dirigiste States: A Comparative Analysis of National Innovation Systems in France and Korea", Technology Analysis and Strategic Management, Vol. 19, No. 4, 2007, pp. 451-470.
Lui-Kwan, M. Kalama, "Recent Developments in Digital Signature Legislation and Electronic Commerce", Berkeley Technology Law Journal, Vol. 14, Iss. 1, 1999.
Mundy, Simon. (2014, June). South Korea suffers poor cyber security controls. Retrieved from https://www.ft.com/content/7ae2b288-e29a-11e3-a829-00144feabdc0
Muller, Milton, Rulling the root: Internet governance and the taming of cyberspace, The MIT Press, Cambridge, Massachusets London, England, 2002.
National Cyber Security Center; National Security Research Institute, ActiveX Control Development Security Guideline, 2008.
Organization for Economic Co-operation and Development, National Innovation System, 1997.
Organization for Economic Co-operation and Development, Electronic Commerce. Policy Brief, 2001.
Oh, Se-Jung, Networking between Academia, Public Research Institutes and Industry-Korean Experiences [PowerPoint slides], 2012.
Park, Hun Myoung, "The Web Accessibility Crisis of the Korea's Electronic Government: Fatal Consequences of the Digital Signature Law and Public Key Certificate", 45th Hawaii International Conference on System Sciences, 2012.
Park, Jihyun, Major issues and status on deregulation of the Authorized Certificate mandate in online transactions. Korea Financial Telecommunications & Clearings Institute. Korea Financial Telecommunications & Clearings Institute, 2010.
Park, Mun Su, "An Exploratory Study for Convergence-type Technology Transfer", International Commerce and Information Review, Vol. 17 No. 1, 2015, pp.165-191.
Park, Mun Su, & Lee, Ho-hyung, "A Study of Technical Support Policy for Innovative SMEs", International Commerce and Information Review, 14(1), 2012, pp.197-218.
Saenuri Party, Public commitment of Saenuri party for 18th presidential election, 2012.
Simmie, James, "Path Dependence and New Technological Path Creation in the Danish Wind Power Industry", European Planning Studies, Vol. 20, No. 5, 2012.
Son, Yeol, "Technolgy, Institutions, Path Dependence: A compartive Study of Venture Nurturing Policies in Korea and Japan", Korean Political Science Review, Vol. 40, No. 3, 2006, pp.237-261.
Statcounter.com. (2015). StatCounter Global Stats - Browser Market Share. Retrieved from Statcounter.: http://gs.statcounter.com/browser-market-share#monthly-201501-201501-map
Statistics Korea. (2016). The government Research and Development Budget, Retrieved from http://www.index.go.kr/potal/main/EachDtlPageDetail.do?idx_cd1330
United Nations Commission on International Trade Law, Model Law on Electronic Commerce with Guide to Enactment, 1996.
United States General Accounting Office, Information Security: Advances and Remaining Challenges to Adoption of Public Key Infrastructure Technology, 2001.
Verizon, 2016 Data Breach Investigations Report. Verizon
Yoon, Min-sik. (2013, July). Korea grapples with massive personal data theft, regulatory mess. Ret rieved from The Korea Harald: http://www.koreaherald.com/view.php?ud20130719000708
Winn, Jane K., US and EU Regulatory Competition and Authentication Standards in Electronic Commerce, 2006.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.