• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.59-74
• /
• 2014

The social network service is a online service letting users express the personality and enhancing the human network. However, these features result in side effects which diffuse personal information and make users access to treacherous information. Therefore, various access control models have been proposed. However, the access control mechanisms which encrypt data are only able to be applied for controlling access from direct node, and the access control mechanisms without data encryption allow service provider to access all the information. Moreover, both mechanisms do not consider dynamic changes in reliability of the users. In this paper, we propose relationship-based dynamic access control model including encryption of sensitive data, which consider the characteristics of SNS and improves the security of SNS.

• Journal of Internet Computing and Services
• /
• v.13 no.2
• /
• pp.51-57
• /
• 2012

The warming up of the recent competition in the smart phone industry followed by rapid increase of open platforms and app stores have led the mobile terminals to adopt the general purpose operating system. The mobile device utilizing this OS is vulnerable to mobile malignant code which is highly transferable. As a result, the scale of mobile attack and harm increase. However, compared to the malicious code and virus which keep increasing, the elements for security to prevent are insufficient. Therefore, this paper describe about the Context Aware Service that eliminates the potentially risky elements on the smart phone service, which could threaten the usability of the service including invasion of personal information. The proposed system prevents from disclosure of personal information by giving the procedure of information, and realizes the service that is able to change the sequence of identifying the users' information to prepare for emergency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.407-416
• /
• 2018

Instagram is a Social Network Service(SNS) that has recently become popular among people of all ages and it makes people to construct social relations and share hobbies, daily routines, and useful information. However, since the uploaded information can be accessed by arbitrary users and it is easily shared with others, frauds, stalking, misrepresentation, impersonation, an infringement of copyright and malware distribution are reported. For this reason, it is necessary to analyze Instagram from a view of digital forensics but the research involved is very insufficient. So in this paper, We performed reverse engineering and dynamic analysis of Instagram from a view of digital forensics in the Android environment. As a result, we checked three database files that contain user behavior analysis data such as chat content, chat targets, posted photos, and cookie information. And we found the path to save 4 files and the xml file to save various data. Also we propose ways to use the above results in digital forensics.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.227-230
• /
• 2013

Financial transactions using a mobile terminal and the Internet is activated, it is a stock exchange enabled using mobile devices and the Internet. Koscom in charge of IT operations of securities transaction-related in (securities ISAC), to analyze the vulnerability of information security related to securities transactions, which corresponds to running the integrated security control system. Online stock trading is a subject to the Personal Information Protection Act, electronic systems of related, has been designated as the main information and communication infrastructure to, damage financial carelessness of the user, such as by hacking is expected to are. As a result, research on the key vulnerabilities of information security fields related to securities business cancer decoding of the Securities and Exchange packet, through the analysis of security events and integrated security control is needed.

• Journal of the Korea Society for Simulation
• /
• v.29 no.2
• /
• pp.73-81
• /
• 2020

HCCL stands for Heterogenous Container Class Library. HCCL is a library that allows heterogeneous types of data to be stored in a container as a single record and to be constructed as a list of the records to be stored in database. With HCCL, encryption/decryption can be done based on the unified data type. Recently, IoT sensor which is embedded in smartphone enables developers to provide various convenient services to users. However, it is also true that infringement of personal information may occur in the process of transmitting sensor information to API and users need to be prepared for this situation in some sense. In this study, we developed a data model that enhances existing security using SEED cryptographic algorithms while managing information of sensors based on HCCL. Due to the fact that the Android environment does not provide permission management function for sensors, this study decided whether or not to encrypt sensor information based on the user's choice so that the user can determine the creation and storage of safe data. For verification of this work, we have presented the performance evaluation by comparing with the situation of storing the sensor data in plaintext.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.67-75
• /
• 2008

RFID(Radio Frequency Identification) system is an automated identification system that consists of tags and readers. They communicate with each other by RF signal. As a reader can identify many tags in contactless manner using RF signal, RFID system is expected to do a new technology to substitute a bar-code system. But RFID system creates new threats to the security and privacy of individuals, Because tags and readers communicate with each other in insecure channel using RF signal. So many people are trying to study various manners to solve privacy problems against attacks, but it is difficult to apply to RFID system based on low-cost Gen2. Therefore, We will propose a new encryption scheme using matrix based on Gen2 in RFID system in paper, and We will analyze our encryption scheme in view of the security and efficiency through a simulation and investigate application environments to use our encryption scheme.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.12
• /
• pp.161-169
• /
• 2022

With the development of mobile devices and global positioning systems, various location-based services can be utilized, which collects user's location information and provides services based on it. In this process, there is a risk of personal sensitive information being exposed to the outside, and thus Geo-indistinguishability (Geo-Ind), which protect location privacy of LBS users by perturbing their true location, is widely used. However, owing to the data perturbation mechanism of Geo-Ind, it is hard to accurately obtain the density distribution of LBS users from the collection of perturbed location data. Thus, in this paper, we aim to develop a novel method which enables to effectively compute the user density distribution from perturbed location dataset collected under Geo-Ind. In particular, the proposed method leverages Expectation-Maximization(EM) algorithm to precisely estimate the density disribution of LBS users from perturbed location dataset. Experimental results on real world datasets show that our proposed method achieves significantly better performance than a baseline approach.

• Journal of Digital Convergence
• /
• v.10 no.8
• /
• pp.1-14
• /
• 2012

The purpose of this study is to explore the causality among technostress creators. In doing so, we can suggest the ways how to reduce a technostress of employees. Research results suggest that pace of change has a positive effect on the work overload and has a negative effect on work-home conflict. Complexity of technology positively influences not only work overload but job insecurity. Work overload has a significant effect on work-home conflict. Finally, work-home conflict has a positive effect on job insecurity. Conclusions and implications are discussed.

• Journal of the Korean Home Economics Association
• /
• v.46 no.2
• /
• pp.59-71
• /
• 2008

The purpose of this study was to discuss the role of mothers in children's privacy protection on the Internet. Specifically, the study explored 1)children's privacy protection efforts on the Internet, 2)types of personal information children provided at Web sites, and 3)the effect of mothers' privacy protection efforts on their children's privacy protection levels. The Internet survey was conducted and total of 153 mothers and their children aged 12-13 were included for statistical analysis. The descriptive statistics and Ordinary Least Squares were used. The results yield that children showed relatively high levels in providing personal information on the Internet, while they have no sufficient competency at privacy protection. The effect of mothers' privacy protection efforts on children's privacy protection was partially supported. The longer hours of Internet use and frequent participation in online events increased the potential consequences of children's privacy invasion. Providing privacy standards for online service providers and marketers targeting children could help protect children's privacy. Moreover, education program targeting parents and children could contribute them reduce potential consequences of children's privacy invasion.

• Journal of Korean Society for Quality Management
• /
• v.45 no.3
• /
• pp.583-594
• /
• 2017

Purpose: The purpose of this study is how personal information protection risks affect the intention to use domestic smart banking services. VAM(Value based Adoption Model) model is validated as a theoretical background, selecting ease of use, usefulness and perceived security as a benefit factor, and considers perceived cost, technical complexity, and risk of personal information leakage as a sacrifice factor. Methods: The method of this study used questionnaire survey to collect 365 data on suer's perception on smart banking services, and also performed a structural equation modeling method using by AMOS 23. Results: The result of this paper shows that all hypothesis are accepted statistically significant except 1 hypothesis. Conclusion: This research is concluded that perceived value is affected on statistically positive impact on ease of use, usefulness and perceived security, and negative impact on perceived cost and risk of personal information violation, not statistically technical complexity.