• 연구윤리
• /
• 제4권1호
• /
• pp.1-7
• /
• 2023

Purpose: Poor anonymity and confidential strategies by a researcher not only develop unprecedented and precedented harm to participants but also impacts the overall critical appraisal of the research outcomes. Therefore, understanding and applying anonymity and confidentiality in research is key for credible research. As such, this research expansively presents the importance of anonymity and confidentiality for research surveys through critical literature reviews of past works. Research design, data and methodology: This research has selected the literature content approach to obtain proper literature dataset which was proven by high degree of validity and reliability using only books and peer-reviewed research articles. The current authors have conducted screening procedure thoroughly to collect better fitted resources. Results: Research findings consistently mentioned the confidentiality and anonymity principles are preserved and implemented as a means of protecting the privacy of all individuals, establishing trust and rapport between researchers and study participants, as a way of critically upholding research ethical standards, and preserving the integrity of research processes. Conclusions: Confidentiality and anonymity are research ethical principles that help in providing informed consent to participants assuring subjects of the privacy of their personal data. As provided by research bodies and organizations, every research process has to incorporate the principles to meet credibility.

• Journal of Information Processing Systems
• /
• 제7권1호
• /
• pp.121-136
• /
• 2011

With the rapid growth of GPS-enable Smartphones, the interest on using Location Based Services (LBSs) has increased significantly. The evolution in the functionalities provided by those smartphones has enabled them to accurately pinpoint the location of a user. Because location information is what all LBSs depend on to process user's request, it should be properly protected from attackers or malicious service providers (SP). Additionally, maintaining user's privacy and confidentiality are imperative challenges to be overcome. A possible solution for these challenges is to provide user anonymity, which means to ensure that a user initiating a request to the SP should be indistinguishable from a group of people by any adversary who had access to the request. Most of the proposals that maintain user's anonymity are based on location obfuscation. It mainly focuses on adjusting the resolution of the user's location information. In this paper, we present a new protocol that is focused on using cryptographic techniques to provide anonymity for LBSs users in the smartphone environment. This protocol makes use of a trusted third party called the Anonymity Server (AS) that ensures anonymous communication between the user and the service provider.

• 정보처리학회논문지C
• /
• 제18C권4호
• /
• pp.207-212
• /
• 2011

지능형 차량 네트워크(VANET)는 차량 간 (V2V, Vehicle to Vehicle) 또는 차량과 노변장치간 (V2I, Vehicle to Infrastructure)의 통신을 통해 서비스를 제공하는 기술이다. 지능형 차량 네트워크는 통신을 통해 유통되는 정보의 중요성을 고려해 볼 때 메시지의 인증 및 보안은 필수적인 요건이다. 현재 VANET의 보안성을 향상시키기 위해 다양한 인증기법이 연구되고 있다. 그중에서도 RAISE scheme은 차량 밀집환경에서의 인증을 익명으로 수행한다. 하지만 스킴에 사용된 기법인 k-anonymity는 익명성을 제공하는 대신 차량의 ID를 얻기 위해 불필요한 전수조사 연산을 수행해야 한다. 본 논문에서는 차량 간의 통신에 사용되는 무선 신호세기의 특성을 이용하여 위치기반 인증 및 암호화 기법을 제시하며 알고리즘의 정확도를 향상시키기 위해 3차원 상에서의 위치 선정 기법을 적용한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권2호
• /
• pp.811-829
• /
• 2015

One-way authenticated key agreement protocols, aiming at solving the problems to establish secure communications over public insecure networks, can achieve one-way authentication of communicating entities for giving a specific user strong anonymity and confidentiality of transmitted data. Public Key Infrastructure can design one-way authenticated key agreement protocols, but it will consume a large amount of computation. Because one-way authenticated key agreement protocols mainly concern on authentication and key agreement, we adopt multi-server architecture to realize these goals. About multi-server architecture, which allow the user to register at the registration center (RC) once and can access all the permitted services provided by the eligible servers. The combination of above-mentioned ideas can lead to a high-practical scheme in the universal client/server architecture. Based on these motivations, the paper firstly proposed a new one-way authenticated key agreement scheme based on multi-server architecture. Compared with the related literatures recently, our proposed scheme can not only own high efficiency and unique functionality, but is also robust to various attacks and achieves perfect forward secrecy. Finally, we give the security proof and the efficiency analysis of our proposed scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권5호
• /
• pp.2768-2780
• /
• 2019

Ciphertext-policy attribute-based encryption (CP-ABE) is one of the practical technologies to share data over cloud since it can protect data confidentiality and support fine-grained access control on the encrypted data. However, most of the previous schemes only focus on data confidentiality without considering data receiver privacy preserving. Recently, Li et al.(in TIIS, 10(7), 2016.7) proposed a CP-ABE with hidden access policy and testing, where they declare their scheme achieves privacy preserving for the encryptor and decryptor, and also has high decryption efficiency. Unfortunately, in this paper, we show that their scheme fails to achieve hidden access policy at first. It means that any adversary can obtain access policy information by a simple decisional Diffie-Hellman test (DDH-test) attack. Then we give a method to overcome this shortcoming. Security and performance analyses show that the proposed scheme not only achieves the privacy protection for users, but also has higher efficiency than the original one.

• 인터넷정보학회논문지
• /
• 제11권3호
• /
• pp.139-148
• /
• 2010

기존의 센서 네트워크 보안에 대한 연구는 인증과 비밀성, 무결성, 이용성 등을 제공하는 보안 서비스에 관심이 집중되어 왔으나 최근 센서 노드의 실제 ID의 노출 문제에 대한 관심이 증가하고 있다. 센서 노드의 실제 ID가 외부 공격자에게 노출되는 것을 방지하기 위해서는 실제의 ID를 사용하지 않고 동적인 가명을 사용하는 것이 일반적이다. 그러나 가명을 생성하는데 사용되는 비밀키(또는 해쉬키)와 현재의 가명(또는 난수)이 공격자에게 노출되었을 경우에 공격자는 쉽게 가명을 생성하는 문제가 발생한다. 본 논문에서는 센서 노드들에 대한 강한 익명성이 보장되는 구조를 제안한다. 제안된 구조는 가명을 생성하는데 사용되는 비밀정보들이 공격자에게 공모되었다고 하더라도 공격자가 해당 노드의 가명 ID들을 생성할 수 있는 확률이 매우 낮다. 그리고 보안 분석을 통해 제안된 구조가 무선 센서 네트워크에 적합함을 증명한다.

• 동의생리병리학회지
• /
• 제26권3호
• /
• pp.392-398
• /
• 2012

This research aims to analyze the ethical requirements and to find the problems for the publication guidelines of oriental medicine journals. A total of 13 domestic journals, related to oriental medicine and registered in 'National Research Foundation of Korea' list, were selected for the analysis of ethical requirements. We inquired the revised year of the publication guideline and the status of ethics committee of selected journals. The ethical requirements of publication guidelines were evaluated by categorizing them into Institutional Review Board(IRB), Helsinki Declaration, Informed Consent, confidentiality and anonymity of subjects, and conflict of interest. In the case of revised year of the publication guidelines, the year of the most recently revised journal was 2011. However, the revised year of publication guidelines were not announced for three journals and a few journals haven't revised the publication guidelines since 2002. In the case of ethics committee status, four journals out of 13 journals maintained the ethics committee. In the result of ethical requirement analysis, nine journals included the information for confidentiality and anonymity of subjects, and four journals included the information for Helsinki Declaration and Informed Consent. However, only one journal included the information for IRB and conflict of interest. Recently, the importance of clinical researches has been increased to prove the effect of oriental medicine scientifically and objectively. The clinical researches should be considered in scientific side and ethical side as well, because they have potential risks to human subjects. In this sense, announcing the ethical requirements in the publication guidelines can be one way to secure the morality of researches. Thus, it is required to prepare correct publication guidelines and ethical requirements in oriental medicine journals.

• 정보보호학회논문지
• /
• 제17권2호
• /
• pp.125-137
• /
• 2007

본 논문에서는 센서 네트워크에서의 소스 위치 프라이버시를 제공하기 위한 방법을 제안하고 그 방법이 제공하는 익명성 정도를 분석하였다. 센서 네트워크에서의 소스 위치는 실제 센서의 지리적 위치이기 때문에 소스의 위치가 노출되지 않도록 보호하는 것이 매우 중요하다. 그러나 센서 네트워크에서는 내용 보호 및 인증에 관한 연구에 비해 소스 위치 프라이버시에 관한 연구는 아직 미흡하다. 더욱이 인터넷과 Ad-Hoc 네트워크에서 소스의 익명성을 제공하기 위한 기법들이 많이 제안되었지만, 이러한 기법들은 에너지 제한적인 센서 네트워크에 적합하지 않기 때문에 센서 네트워크의 특성에 맞는 익명성 제공 기법이 요구된다. 본 논문에서는 먼저 센서 네트워크에서 나타날 수 있는 Eavesdropper의 유형을 Global Eavesdropper와 Compromising Eavesdropper으로 정의하고, 이러한 Eavesdropper의 유형에 따라 소스의 익명성을 제공할 수 있는 새로운 기법을 제안하였다. 그리고 엔트로피 기반의 모델링 방법을 이용해 제안한 기법이 제공하는 익명성 정도를 분석하였다. 그 결과, 제안하는 기법을 사용할 경우가 그렇지 않은 경우 보다 소스의 익명성 정도가 높고, 센서의 전송 거리가 소스의 익명성 정도를 높이는데 중요한 요소임을 보였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권5호
• /
• pp.1313-1327
• /
• 2013

How to make people keep both the confidentiality of the sensitive data and the privacy of their real identity in communication networks has been a hot topic in recent years. Researchers proposed privacy-preserving authenticated key exchange protocols (PPAKE) to answer this question. However, lots of PPAKE protocols need users to remember long secrets which are inconvenient for them. In this paper we propose a lightweight three-party privacy-preserving authentication key exchange (3PPAKE) protocol using smart card to address the problem. The advantages of the new 3PPAKE protocol are: 1. The only secrets that the users need to remember in the authentication are their short passwords; 2. Both of the users can negotiate a common key and keep their identity privacy, i.e., providing anonymity for both users in the communication; 3. It enjoys better performance in terms of computation cost and security. The security of the scheme is given in the random oracle model. To the best of our knowledge, the new protocol is the first provably secure authentication protocol which provides anonymity for both users in the three-party setting.

• IEIE Transactions on Smart Processing and Computing
• /
• 제2권2호
• /
• pp.57-66
• /
• 2013

Wireless Sensor Networks consist of small, inexpensive, low-powered sensor nodes that communicate with each other. To achieve a low communication cost in a resource constrained network, a novel concept of signcryption has been applied for secure communication. Signcryption enables a user to perform a digital signature for providing authenticity and public key encryption for providing message confidentiality simultaneously in a single logical step with a lower cost than that of the sign-then-encrypt approach. Ring signcryption maintains the signer's privacy, which is lacking in normal signcryption schemes. Signcryption can provide confidentiality and authenticity without revealing the user's identity of the ring. This paper presents the security notions and an evaluation of an ID-based ring signcryption scheme for wireless sensor networks. The scheme has been proven to be better than the existing schemes. The proposed scheme was found to be secure against adaptive chosen ciphertext ring attacks (IND-IDRSC-CCA2) and secure against an existential forgery for adaptive chosen message attacks (EF-IDRSC-ACMA). The proposed scheme was found to be more efficient than scheme for Wireless Sensor Networks reported by Qi. et al. based on the running time and energy consumption.