• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.181-195
• /
• 2011

There's a controversy about an invasion of privacy which includes a leakage of private information and linking of user's behavior on internet. Although many solutions for this problem are proposed, we think anonymous authentication, authorization, and payment mechanism is the best solution for this problem. In this paper, we propose an effective anonymity-based method that achieves not only authentication but also authorization. Our proposed method uses anonymous qualification certificate and group signature method as an underlying primitive, and combines anonymous authentication and qualification information. An eligible user is legitimately issued a group member key pair through key issuing process and issued some qualification certificates anonymously, and then, he can take the safe and convenience web service which supplies anonymous authentication and authorization. The qualification certificate can be expanded according to application environment and it can be used as payment token.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.4
• /
• pp.105-114
• /
• 2009

Messages exchanged among vehicles must be authenticated in order to provide collision avoidance and cooperative driving services in VANET. However, digitally signing the messages can violate the privacy of users. Therefore, we require authentication systems that can provide conditional anonymity. Recently, Zhang et al. proposed conditionally anonymous authentication system for VANET using tamper-resistant hardware. In their system, vehicles can generate identity-based public keys by themselves and use them to sign messages. Moreover, they use batch verification to effectively verify signed messages. In this paper, we provide amelioration to Zhang et al.'s system in the following respects. First, we use a more efficient probabilistic signature scheme. Second, unlike Zhang et al., we use a security proven batch verification scheme. We also provide effective solutions for key revocation and anonymity revocation problems.

• Knowledge Management Research
• /
• v.22 no.4
• /
• pp.41-70
• /
• 2021

The use of social media has many advantages such as knowledge sharing, social networking, and communicating with other people. However, it has given rise to various side effects including stress, Which is defined as social network stress in this study. This study aims to conceptualize social network stress and investigate its effect on switching behavior in social media. For this purpose, we present a research model that consists of the antecedents and consequences of social network stress and test it empirically using LISREL 8.7 based on the structural equation model. The empirical results showed that knowledge sharing and self-disclosure had positive impact on social network stress, which in turn positively influenced social media switching behaviors. In conclusion, we discussed both theoretical and practical implications of this research and suggested its limitations.

• Smart Media Journal
• /
• v.11 no.10
• /
• pp.76-88
• /
• 2022

Personal information leakage is very harmful as it can lead to additional attacks using leaked information as well as privacy invasion, and it is primarily caused by hacking server databases of institutions that collect and store personal information. We propose a scheme that allows a service-requesting user to authorize a secure delegated transfer of his personal information to the service provider via a reliable authority and enables only the two parties of the service to retrieve the provided information stored on a blockchain ensuring data confidentiality. It thus eliminates the necessity of storing customer information in the service provider's own database. As a result, the service provider can serve customers without requiring membership registration or storing personal information in the database, so that information leakage through the server database can be completely blocked. In addition, the scheme is free from the risk of information leakage and subsequent attacks through smartphones because it does not require a user's smartphone to store any authentication credential or personal information of its owner.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.18 no.3
• /
• pp.421-426
• /
• 2023

Among artificial intelligence convergence technologies, Chatbot is an artificial intelligence-based interactive system and refers to a system that can provide interaction with humans. Chatbots are being re-examined as chatbots develop into NLP, NLU, and NLG. However, artificial intelligence chatbots can provide biased information based on learned data and cause serious damage such as privacy infringement and cybersecurity concerns, and it is essential to understand artificial intelligence technology and foster AI literacy. With the continued evolution and universalization of artificial intelligence, AI Literacy will also expand its scope and include new areas. This study is meaningful in raising awareness of artificial intelligence technology and proposing the use of human respect technology that is not buried in technology by cultivating human AI literacy capabilities.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.6 no.6
• /
• pp.103-110
• /
• 2016

The recent frequent cases of damage due to leakage of medical data and the privacy of medical patients is increasing day by day. The government says the Privacy Rule regulations established for these victims, such as prevention. Medical data guidelines can be seen 'national medical privacy guidelines' is only released. When replacing the image data between the institutions it has been included in the image file (JPG, JPEG, TIFF) there is exchange of data in common formats such as being made when the file is leaked to an external file there is a risk that the exposure key identification information of the patient. This medial image file has no protection such as encryption, This this paper, introduces a masking technique using a mosaic technique encrypting the image file contains the application to optical character recognition techniques. We propose pseudonymization technique of personal information in the image data.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.7
• /
• pp.77-84
• /
• 2023

This research originated from the need to enhance the security of secure multiparty computation by ensuring that participants involved in multiparty computations provide truthful inputs that have not been manipulated. While malicious participants can be involved, which goes beyond the traditional security models, malicious behaviors through input manipulation often occur in real-world scenarios, leading to privacy infringements or situations where the accuracy of multiparty computation results cannot be guaranteed. Therefore, in this study, we propose a signature scheme applicable to secure multiparty technologies, combining it with secret sharing to strengthen the accuracy of inputs using authentication techniques. We also investigate methods to enhance the efficiency of authentication through the use of batch authentication techniques. To this end, a scheme capable of input certification was designed by applying a commitment scheme and zero-knowledge proof of knowledge to the CL signature scheme, which is a lightweight signature scheme, and batch verification was applied to improve efficiency during authentication.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.99-107
• /
• 2022

The use of smart home appliances and Internet of Things (IoT) devices is growing, enabling new interactions and automation in the home. This technology relies heavily on mobile services which leaves it vulnerable to the increasing threat of hacking, identity theft, information leakage, serious infringement of personal privacy, abnormal access, and erroneous operation. Confirming or proving such security breaches have occurred is also currently insufficient. Furthermore, due to the restricted nature of IoT devices, such as their specifications and operating environments, it is difficult to provide the same level of internet security as personal computers. Therefore, to increase the security on smart home IoT devices, attention is needed on (1) preventing hacking and user authority theft; (2) disabling abnormal manipulation; and (3) strengthening audit records for device operation. In response to this, we present a plan to build a cloud security authentication platform which features security authentication management functionality between mobile terminals and IoT devices.

• KIPS Transactions on Software and Data Engineering
• /
• v.12 no.10
• /
• pp.437-444
• /
• 2023

Location-based services play a vital role in our daily lives. While these services enhance user convenience, user's privacy is at risk because they lead to a rapid surge in collecting and utilizing location information for a user. In this paper, we design and implement an application that securely records and manages user location information. We enhance the privacy protection aspect concerning location information by providing some features. Utilizing Room DB, we store collected personal location information in the user's local database instead of the server of the location-based service provider. Furthermore, user can initiate and terminate recording at their discretion, thereby enhancing the protection of personal information related to location data. User's unease regarding their movement paths is reduced by empowering them to have control over their own location information.

• Annual Conference of KIPS
• /
• 2007.11a
• /
• pp.991-994
• /
• 2007

최근 컴퓨터 기술의 발전과 네트워크의 개방화 그리고 무선 모바일 통신 기술의 비약적인 보급으로 인하여 컴퓨팅 환경을 이루고 있는 각종 장치(PC, 모바일 단말, 저장장치, 네트워크 기기 등)가 다양한 형태의 보안 위협에 노출되어 데이터의 유실, 조작, 유출되어 금전적인 피해를 입거나 프라이버시 침해를 받고 있다. 이러한 문제를 근본적으로 해소하기 위하여 설립된 TCG(Trusted Computing Group)는 세계적인 IT 핵심기업들을 중심으로 구성된 비영리 단체로서 PC 혹은 모바일 기기 등의 단말과 서버 장비 그리고 저장 장치 및 네트워크로 구성된 컴퓨팅 환경에서 보안성 향상 및 데이터의 신뢰성을 제고하기 위하여 TPM(Trusted Platform Module)이라는 반도체 칩을 신뢰의 기반(root of trust)으로 한 신뢰 플랫폼을 제안하고 있다. 한편 SaaS(Software as a Service)는 패키지 형태의 소프트웨어를 네트워크 서비스 형태로 바꾸어 사용량에 비례한 요금제로 과금하는 방식을 채택하고 사용자가 온디맨드로 요청한 서비스를 적시에 제공하는 기술로 최근 전세계적으로 각광을 받고 있다. 이때 다양한 컴퓨팅 환경 안의 사용자에게 높은 신뢰성과 보안성 그리고 연속성을 갖는 SaaS 서비스를 제공하고 데이터의 무결성 및 비밀유지와 정확한 서비스 사용시간을 기록하고 업로드하는 기능들을 제공하는 SaaS 플랫폼은 TPM기반의 신뢰컴퓨팅 기술을 통하여 쉽게 구현될 수 있다. 본 논문에서는 일시적으로 네트워크와 차단된 상태의 PC 혹은 모바일 단말에서도 위의 조건들을 만족하는 SaaS 서비스를 지원하는 신뢰 플랫폼이 가져야 할 기능들에 대하여 분석-도출한 후 그러한 기능들을 제공하는 컴포넌트로 구성된 신뢰형 SaaS 사용자 플랫폼을 설계하였다.