• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.213-216
• /
• 2013

Big data, the use of privacy has been increasing to the development of wireless network infrastructure or technology development and wired Internet. By the way, Enforcement of private data preservation law the infringement accident which is still caused by despite with private data outflow occurs. The private data outflow avoids finance and to become the fire tube. Analyzes the pattern of private data from search of private data and detection process and the research which it extracts and the research is necessary in about perfection elimination of the private data which is unnecessary. From the research which it sees it researched a pattern extraction research and a complete elimination method in about private data protection and it did the pattern extraction and a complete elimination experiment of private data.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.143-146
• /
• 2012

Enforcement of private information preservation law the infringement accident which is still caused by despite with private information outflow occurs. The private information outflow avoids finance and to become the fire tube. Analyzes the pattern of private information from search of private information and detection process and the research which it extracts and the research is necessary in about perfection elimination of the private information which is unnecessary. From the research which it sees it researched a pattern extraction research and a complete elimination method in about private information protection and it did the pattern extraction and a complete elimination experiment of private information.

• The KIPS Transactions:PartC
• /
• v.17C no.2
• /
• pp.159-164
• /
• 2010

The data wiping is a technique which perfectly deletes data in a storage to prevent data recovery. Currently, management of stored data is important because of increasing an accident of personal information leakage. Especially, if you need to discard data contained personal information, using a wiping tool which permanently deletes data to prevent unnecessary personal information leakage. The data wiping is also used for data security and privacy protection. However the data wiping can be used intentionally destruction of evidence. This intentionally destruction of evidence is important clues of forensic investigation. This paper demonstrates the methods for detecting the usage of wiping tools in digital forensic investigation.

• Review of KIISC
• /
• v.19 no.6
• /
• pp.9-14
• /
• 2009

IT 기술이 발전함에 따라 인터넷을 통한 개인정보의 수집 이용이 용이해지고 있다. 하지만 이에 대한 역기능으로 웹사이트를 통하여 개인정보가 노출되어 공개되어 있거나, 악의적인 사용자에 의해 개인정보가 유출되어 악용되는 사건이 지속적으로 발생하고 있다. 이렇게 노출 및 유출이 된 개인정보는 오 남용이 되어 국민에게 정신적 금전적 피해를 준다. 이를 해결하기 위해 한국인터넷진흥원은 2006년부터 인터넷 상의 개인정보 노출에 대해 지속적인 삭제조치 등의 노력을 하고 있으나 여전히 개인정보가 노출되고 있다. 따라서, 한국인터넷진흥원은 개인정보 노출을 최소화하기 위해 예방 대응 사후 관리를 종합적으로 할 수 있도록 "개인정보 노출대응 체계(Privacy Incident Response SysTem)"를 2009년 11월에 구축하여, 개인정보를 신속히 검색하여 삭제 및 대응할 수 있는 체계를 마련하였다. 본 논문에서는 개인정보 노출대응 체계에 대하여 소개하고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.69-80
• /
• 2007

To protect personal information when releasing data, a general privacy-protecting technique is the removal of all the explicit identifiers, such as names and social security numbers. De-identifying data, however, provides no guarantee of anonymity because released information can be linked to publicly available information to identify them and to infer information that was not intended for release. In recent years, two emerging concepts in personal information protection are k-anonymity and $\ell$-diversity, which guarantees privacy against homogeneity and background knowledge attacks. While these solutions are signigicant in static data environment, they are insufficient in dynamic environments because of vulnerability to inference. Specially, the problem appeared in record deletion is to deconstruct the k-anonymity and $\ell$-diversity. In this paper, we present an approach to securely anonymizing a continuously changeable dataset in an efficient manner while assuring high data quality.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.254-257
• /
• 2007

정보기술의 발달로 정보를 수집, 관리, 공유하기가 용이해 짐에 따라 여러 조직이나 기관에서는 개인정보를 수집해 관리하고 있다. 수집한 개인정보를 통계나 연구 등을 목적으로 배포할 때 개인의 프라이버시를 보호하기 위해 k-anonymity 와 l-diversity 원리가 제안되었고 이를 기반으로 하는 프라이버시 보호 기법들이 제안되었다. 그러나 기존 방법들은 정적인 데이터를 단 한번 배포하는 것을 가정하기 때문에 지속적으로 데이터에 삽입이나 삭제가 발생하는 동적 데이터 환경에 그대로 적용하기 적합하지 않다. 본 논문에서는 동적 데이터 환경에서 l-diversity 을 유지하면서 데이터 삽입과 삭제를 효율적으로 처리할 수 있는 기법을 제안한다. 제안 기법은 일반화를 사용하지 않기 때문에 일반화에서 발생하는 정보의 손실이 발생하지 않고 삽입과 삭제의 처리가 간단한 것이 특징이다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.6
• /
• pp.37-42
• /
• 2015

Although online search engine service provide a convenient means to search for information on the World Wide Web, it also poses a risk of disclosing privacy. Regardless of such risk, most of users are neither aware of their personal information being exposed on search results nor how to redress the issue by requesting removal of information. According to the 2015 parliamentary inspection of government offices, many government agencies were criticized for mishandling of personal information and its leakage on online search engine such as Google. Considering the fact that the personal information leakage via online search engine has drawn the attention at the government level, the online search engine and privacy issue needs to be rectified. This paper, by examining current online search engines, studies the degree of personal information exposure on online search results and its underlying issues. Lastly, based on research result, the paper provides a sound policy and direction to the removal of exposed personal information with respect to search engine service provider and user respectively.

• Review of KIISC
• /
• v.22 no.8
• /
• pp.21-25
• /
• 2012

최근 해킹 및 개인정보 유출로 인한 관공서 개인정보 취급에 대한 사회적 불신감 팽배, 신뢰도 저하 문제가 발생하고 있다. 개인정보보호법, 정보통신망법의 강화에도 불구하고, 업무에 활용된 명부 등이 저장된 위치를 기억하지 못하여 그대로 방치되고 있으며, 자료공유시스템 등 웹사이트를 통해 열람(접근)된 개인정보파일이 개인 PC내 임시파일로 PC의 하드디스크에 저장되어 있다. 개인정보보호법은 2011년 3월 29일 공포되었고, 9월 30일부터 전면 실시되었다. 본 논문에서는 PC의 개인정보를 검색하고 검색된 파일을 암호화, 파일숨김을 하여 파일을 안전하게 보관하게 하며, 사용기간이 지난 파일의 경우 완전삭제를 하여 PC에서 개인정보보호법에 대응 방안을 제시한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.999-1012
• /
• 2020

As the utilize of personal health records increases in recent years, research on cryptographic protocol for protecting personal information of personal health records has been actively conducted. Currently, personal health records are commonly encrypted and outsourced to the cloud. However, this method is limited in verifying the integrity of personal health records, and there is a problem with poor data availability because it is essential to use it in decryption. To solve this problem, this paper proposes a verifiable cloud-based personal health record management scheme using Redactable signature scheme and zero-knowledge proof. Verifiable cloud-based personal health record management scheme can be used to verify the integrity of the original document while preserving privacy by deleting sensitive information by using Redactable signature scheme, and to verify that the redacted document has not been deleted or modified except for the deleted part of the original document by using the zero-knowledge proof. In addition, it is designed to increase the availability of data than the existing management schemes by designing to recover deleted parts only when necessary through the Redact Recovery Authority. And we propose a verifiable cloud-based personal health record management model using the proposed scheme, and analysed its efficiency by implementing the proposed scheme.

• Journal of KIISE:Computing Practices and Letters
• /
• v.13 no.6
• /
• pp.422-426
• /
• 2007

Personal mobile devices equipped with non-volatile storage such as MP3 player, PMP, cellular phone, and USB memory require safety for the stored data on the devices. One of the safety requirements is secure deletion, which is removing stored data completely so that the data can not be restored illegally. In this paper, we study how to design the secure deletion on Flash memory, commonly used as storage media for mobile devices. We consider two possible secure deletion policy, named zero-overwrite and garbage-collection respectively, and analyze how each policy affects the performance of Flash memory file systems. Then, we propose an adaptive file deletion scheme that exploits the merits of the two possible policies. Specifically, the proposed scheme applies the zero-overwrite policy for small files, whereas it employs the garbage-collection policy for large files. Real implementation experiments show that the scheme is not only secure but also efficient.