• 한국병원경영학회지
• /
• 제8권2호
• /
• pp.111-129
• /
• 2003

This study discusses the direction of legislation to strengthen the legal protection of medical records privacy in information age. The legislation trends on privacy protection of medical records in European Union and United States are analysed and the current law and regulation of Korea on medical records are compared. The issues discussed include the ownership of medical records, the patient's right of access to medical records, medical information publication for other than treatment or insurance processing use, confidentiality responsibility of provider organizations, medical information management in provider organizations, penalty for the unlawful use of patient information. This study concludes that the patients' right on medical record and provider organization's responsibility in processing patient information should be strengthened in order to protect patients' privacy and to conform to the international standard on medical record protection in the information age.

• International Journal of Computer Science & Network Security
• /
• 제21권11호
• /
• pp.105-110
• /
• 2021

Contact between Vehicle-to-vehicle and vehicle-to-infrastructural is becoming increasingly popular in recent years due to their crucial role in the field of intelligent transportation. Vehicular Ad-hoc networks (VANETs) security and privacy are of the highest value since a transparent wireless communication tool allows an intruder to intercept, tamper, reply and erase messages in plain text. The security of a VANET based intelligent transport system may therefore be compromised. There is a strong likelihood. Securing and maintaining message exchange in VANETs is currently the focal point of several security testing teams, as it is reflected in the number of authentication schemes. However, these systems have not fulfilled all aspects of security and privacy criteria. This study is an attempt to provide a detailed history of VANETs and their components; different kinds of attacks and all protection and privacy criteria for VANETs. This paper contributed to the existing literature by systematically analyzes and compares existing authentication and confidentiality systems based on all security needs, the cost of information and communication as well as the level of resistance to different types of attacks. This paper may be used as a guide and reference for any new VANET protection and privacy technologies in the design and development.

• 연구윤리
• /
• 제3권2호
• /
• pp.1-5
• /
• 2022

Purpose: Various ethical issues arise in different stages of management and business marketing research. The current study aims to take look at practices that ensure informed consent, privacy and confidentiality, deception, and legal aspect in data management in procedures involved in marketing research. Research design, data and methodology: Literature content analysis was conducted for this research and the current author has investigated journal articles mostly to guarantee a high degree of content validity and to keep the advantages of qualitative content approach. The current study explores manifest topics regarding the ethical issues of business marketing research. Results: The current study found that ethical consideration needs to be similarly significant and learning from the previous researchers' approach to handling this issue is helpful for future research and is essential to have additional guidelines. Also, four findings (Lack of Informed Consent, Deception, Invasion of Privacy and Confidentiality, and Legal Data Management) indicate that marketing researchers need to consider before undertaking any project. Conclusions: Overall, the study presents practical suggestions though unexhausted. By raising these ethical marketing issues, consumer behavior disciplines will continue to expand and contribute positively towards attaining thoughts, feelings, and decisions that positively contribute to marketing research as the foundation for effective marking practices.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권5호
• /
• pp.1313-1327
• /
• 2013

How to make people keep both the confidentiality of the sensitive data and the privacy of their real identity in communication networks has been a hot topic in recent years. Researchers proposed privacy-preserving authenticated key exchange protocols (PPAKE) to answer this question. However, lots of PPAKE protocols need users to remember long secrets which are inconvenient for them. In this paper we propose a lightweight three-party privacy-preserving authentication key exchange (3PPAKE) protocol using smart card to address the problem. The advantages of the new 3PPAKE protocol are: 1. The only secrets that the users need to remember in the authentication are their short passwords; 2. Both of the users can negotiate a common key and keep their identity privacy, i.e., providing anonymity for both users in the communication; 3. It enjoys better performance in terms of computation cost and security. The security of the scheme is given in the random oracle model. To the best of our knowledge, the new protocol is the first provably secure authentication protocol which provides anonymity for both users in the three-party setting.

• 한국정보과학회논문지:정보통신
• /
• 제36권2호
• /
• pp.108-117
• /
• 2009

데이터 병합은 무선 센서 네트워크 상에서 정보 전송시 소요되는 에너지를 줄이기 위해 잘 알려진 기법 중에 하나이다. 무선 센서 네트워크가 신뢰할 수 없고, 심지어 위험 환경에 노출되고 있으나, 기존 데이터 병합 기법은 센서 노드와 베이스 스테이션 종단간 데이터 프라이버시(데이터 기밀성 및 무결성)를 제공하지 못하는 문제점을 갖고 있다. 최근 들어 연구되고 있는 데이터 동상 암호체계 기법이 상기 위험 환경에서 종단간 프라이버시를 제공하기 위한 한 방법이 될 수 있다. 본 논문에서는 데이터 병합시 데이터 기밀성과 무결성을 보장하기 위하여 기존 동상 암호체계 기법 및 타기법 분석을 통하여 가능한 조합을 제시하고 CPU 부하 및 통신비용 측면에서 그 성능을 평가한다.

• 가족자원경영과 정책
• /
• 제11권2호
• /
• pp.133-154
• /
• 2007

This research investigated consumer's usage of, evaluation on and satisfaction of the Auction Site, with a view to analyze the key factors influencing a commission paid Auction Site. The findings of results from the analysis are summarized as follows. First of all, the consumer group at the age equal to and less than 20 years old showed the highest purchasing frequency, and the consumer group with a household income less than 2,500,000 won showed the highest number of hours on the site. Secondly, the evaluation index showed that consumers think highly of the complaint resolution process, and, especially, the aged consumer group respected the Auction Site's level of confidentiality of transaction and privacy. Thirdly, among consumers' satisfaction, subdivided by types, price satisfaction was the highest followed by quality satisfaction, settlement satisfaction, delivery satisfaction, information satisfaction and AS satisfaction, in that order. Fourthly, in the event consumers used the commission paid Auction Site, the number of times it has been used, evaluations related to information provision and evaluations on confidentiality of transactions and privacy are influential parameters.

• Journal of Information Processing Systems
• /
• 제3권2호
• /
• pp.82-88
• /
• 2007

Web services are the new building block of today's Internet, and provides interoperability among heterogeneous distributed systems. Recently in web services environment, security has become one of the most critical issues. The hackers attack one of fragile point and can misuse legitimate user privilege because all of the connected devices provide services for the user control and monitoring in real time. Also, the users of web services must temporarily delegate some or all of their rights to agents in order to perform actions on their behalf. This fact risks the exposure of user privacy information. In this paper, we propose secure delegation model based on SAML that provides confidentiality and integrity about the user information in distributed systems. In order to support privacy protection, service confidentiality, and assertion integrity, encryption and a digital signature mechanism is deployed. We build web service management server based on XACML, in order to manage services and policies of web service providers.

• 아태비즈니스연구
• /
• 제6권1호
• /
• pp.27-43
• /
• 2015

The objective of the present study is to identify the security factors that influence customer trust towards intention to continue using Internet banking in Malaysia. The participants are individual Internet banking users in Peninsular Malaysia. Data was collected through self-administered questionnaires distributed using the drop-off and pick-up (DOPU) technique to bank branch managers who then passed the questionnaires to their customers. A total of 413 respondents completed the questionnaires. The SPSS statistical analysis software package and Partial Least Squares statistical method were used for data analysis and hypothesis testing. The results show that authentication, confidentiality, data integrity and non-repudiation are significant factors that influence customer trust towards intention to continue using Internet banking. Trust plays a critical role in influencing the intention to continue using Internet banking in Malaysia while perceived privacy does not. An understanding of the factors identified in this study will enable Internet banking providers to effectively and efficiently enhance the security of services and thereby promote continued usage of Internet banking among customers. The findings of this study are thus expected to be of great use to Internet banking providers as improvements in Internet banking security will increase business in the long run.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권11호
• /
• pp.4522-4536
• /
• 2020

Nowadays, cloud is the fastest emerging technology in the IT industry. We can store and retrieve data from the cloud. The most frequently occurring problems in the cloud are security and privacy preservation of data. For improving its security, secret information must be protected from various illegal accesses. Numerous traditional cryptography algorithms have been used to increase the privacy in preserving cloud data. Still, there are some problems in privacy protection because of its reduced security. Thus, this article proposes an ElGamal Elliptic Curve (EGEC) Homomorphic encryption scheme for safeguarding the confidentiality of data stored in a cloud. The Users who hold a data can encipher the input data using the proposed EGEC encryption scheme. The homomorphic operations are computed on encrypted data. Whenever user sends data access permission requests to the cloud data storage. The Cloud Service Provider (CSP) validates the user access policy and provides the encrypted data to the user. ElGamal Elliptic Curve (EGEC) decryption was used to generate an original input data. The proposed EGEC homomorphic encryption scheme can be tested using different performance metrics such as execution time, encryption time, decryption time, memory usage, encryption throughput, and decryption throughput. However, efficacy of the ElGamal Elliptic Curve (EGEC) Homomorphic Encryption approach is explained by the comparison study of conventional approaches.

• 인터넷정보학회논문지
• /
• 제19권2호
• /
• pp.1-7
• /
• 2018

기술의 발전에 따라 유전 정보를 수월하게 얻을 수 있게 되었으며, 이것의 활용도 및 미래 가치는 매우 높다. 하지만, 유전 정보는 한 번 유출되면 변경할 수 없으며, 피해의 정도도 개인에만 국한되지 않고, 대용량 데이터이기 때문에 이를 고려한 처리 기술 또한 필요하다. 즉, 대용량에서도 프라이버시를 고려하며 유전 정보를 처리할 수 있는 기술의 개발이 필요하다. 본 논문에서는 Gentry 등의 준동형 암호 기법을 사용하여 먼저 대용량에서 프라이버시를 보호하는 내적 연산 프로토콜을 제안하고, 이 프로토콜을 활용하여 효율적인 프라이버시를 보호하는 DNA 매칭 프로토콜을 제안한다. 우리가 제안하는 프라이버시를 보호하는 DNA 매칭 프로토콜은 효율적이며, 정확성, 기밀성, 프라이버시를 만족한다.