• 디지털융복합연구
• /
• 제14권12호
• /
• pp.1-12
• /
• 2016

오늘날 스마트폰의 대중화와 SNS의 확산으로 빅데이터 시대가 도래하면서 남녀노소 누구든지 개인정보 유출위험에 노출되어 있다. 본 연구는 기존의 프라이버시 연구와는 달리 SNS 이용자의 개인정보 제공의도에 영향을 미치는 프라이버시 요인을 규명하고자 한다. 또한, 인지된 프라이버시 위험요인과 기업에 대한 신뢰요인이 개인정보 제공의도에 어떠한 영향을 미치는지 알아보고자 한다. 실증 데이터를 분석한 결과, 직접적으로 해킹 등 프라이버시 유출을 경험했음에도 불구하고 위험을 인지하면서도 개인정보를 제공한 것으로 나타났다. 독립 변수 중 인지된 프라이버시 위험에 가장 강한 영향을 미치는 요인으로 프라이버시 정책, 프라이버시 염려, 개인정보 유출경험, 프라이버시 인식 순으로 나타났으며, 기업에 대한 신뢰에 가장 강한 영향을 미치는 요인으로는 프라이버시 정책, 프라이버시 인식, 프라이버시 염려, 개인정보 침해경험 순으로 나타났다. 또한, 인지된 프라이버시 위험과 기업에 대한 신뢰는 모두 개인정보 제공의도에 영향을 미치는 것으로 나왔으며, 이를 토대로 개인정보 프라이버시에 대한 시사점을 제시했다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권11호
• /
• pp.4522-4536
• /
• 2020

Nowadays, cloud is the fastest emerging technology in the IT industry. We can store and retrieve data from the cloud. The most frequently occurring problems in the cloud are security and privacy preservation of data. For improving its security, secret information must be protected from various illegal accesses. Numerous traditional cryptography algorithms have been used to increase the privacy in preserving cloud data. Still, there are some problems in privacy protection because of its reduced security. Thus, this article proposes an ElGamal Elliptic Curve (EGEC) Homomorphic encryption scheme for safeguarding the confidentiality of data stored in a cloud. The Users who hold a data can encipher the input data using the proposed EGEC encryption scheme. The homomorphic operations are computed on encrypted data. Whenever user sends data access permission requests to the cloud data storage. The Cloud Service Provider (CSP) validates the user access policy and provides the encrypted data to the user. ElGamal Elliptic Curve (EGEC) decryption was used to generate an original input data. The proposed EGEC homomorphic encryption scheme can be tested using different performance metrics such as execution time, encryption time, decryption time, memory usage, encryption throughput, and decryption throughput. However, efficacy of the ElGamal Elliptic Curve (EGEC) Homomorphic Encryption approach is explained by the comparison study of conventional approaches.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제16권10호
• /
• pp.3419-3437
• /
• 2022

Anonymization technology is an important technology for privacy protection in the process of data release. Usually, before publishing data, the data publisher needs to use anonymization technology to anonymize the original data, and then publish the anonymized data. However, for data publishers who do not have or have less anonymized technical knowledge background, how to configure appropriate parameters for data with different characteristics has become a more difficult problem. In response to this problem, this paper adds a historical configuration scheme resource pool on the basis of the traditional anonymization process, and configuration parameters can be automatically recommended through the historical configuration scheme resource pool. On this basis, a privacy model hybrid recommendation algorithm for user satisfaction is formed. The algorithm includes a forward recommendation process and a reverse recommendation process, which can respectively perform data anonymization processing for users with different anonymization technical knowledge backgrounds. The privacy model hybrid recommendation algorithm for user satisfaction described in this paper is suitable for a wider population, providing a simpler, more efficient and automated solution for data anonymization, reducing data processing time and improving the quality of anonymized data, which enhances data protection capabilities.

• 한국컴퓨터정보학회논문지
• /
• 제29권5호
• /
• pp.93-100
• /
• 2024

4차 산업혁명의 도래와 함께 인공지능, 빅데이터, 사물인터넷, 클라우드 컴퓨팅 등의 첨단 정보 기술이 다양한 산업 분야에서 혁신을 이끌고 있다. 이 기술들은 방대한 양의 데이터를 생성하고 있으며, 많은 기업들이 이를 활용하고 있다. 그러나 개인 데이터 수집 시 발생할 수 있는 프라이버시 침해 위험으로 인해 사용자들은 민감한 정보 제공을 망설이고 있다. 특히 의료 분야에서는 환자의 병명과 같은 민감한 정보 수집이 큰 도전이 되고 있으며, 프라이버시 문제가 데이터 수집과 분석의 장애가 되고 있다. 본 연구는 프라이버시 보호를 유지하면서도 통계적 정보를 효과적으로 추출할 수 있는 의료 데이터 수집 및 분석 기법을 제안한다. 제안 기법은 기존의 단순한 데이터 수집을 넘어서, 프라이버시를 보장하면서 수집된 데이터에서 통계적 정보를 효과적으로 추출하는 방법을 포함한다. 실제 데이터를 이용한 성능 평가에서는 제안된 기법이 기존 방법보다 더 효과적으로 프라이버시를 보존하며 통계적 정보를 도출할 수 있음을 입증한다.

• Asia pacific journal of information systems
• /
• 제24권1호
• /
• pp.93-112
• /
• 2014

As personal data breach reared up as a problem domestically and globally, organizations appointing chief privacy officers (CPOs) are increasing. Related Korean laws, 'Personal Data Protection Act' and 'the Act on Promotion of Information and Communication Network Utilization and Information Protection, etc.' require personal data processing organizations to appoint CPOs. Research on the characteristics and role of CPO is called for because of the importance of CPO being emphasized. There are many researches on top management's role and their impact on organizational performance using the Upper Echelon theory. This study investigates what influence the characteristics of CPO gives on the organizational privacy performance. CPO's definition varies depending on industry, organization size, required responsibility and power. This study defines CPO as 'a person who takes responsibility for all the duties on handling the organization's privacy,' This research assumes that CPO characteristics such as role, personality and background knowledge have an influence on the organizational privacy performance. This study applies the part relevant to the upper echelon's characteristics and performance of the executives (CEOs, CIOs etc.) for CPO. First, following Mintzberg and other managerial role classification, information, strategic, and diplomacy roles are defined as the role of CPO. Second, the "Big Five" taxonomy on individual's personality was suggested in 1990. Among these five personalities, extraversion and conscientiousness are drawn as the personality characteristics of CPO. Third, advance study suggests complex knowledge of technology, law and business is necessary for CPO. Technical, legal, and business background knowledge are drawn as the background knowledge of CPO. To test this model empirically, 120 samples of data collected from CPOs of domestic organizations are used. Factor analysis is carried out and convergent validity and discriminant validity were verified using SPSS and Smart PLS, and the causal relationships between the CPO's role, personality, background knowledge and the organizational privacy performance are analyzed as well. The result of the analysis shows that CPO's diplomacy role and strategic role have significant impacts on organizational privacy performance. This reveals that CPO's active communication with other organizations is needed. Differentiated privacy policy or strategy of organizations is also important. Legal background knowledge and technical background knowledge were also found to be significant determinants to organizational privacy performance. In addition, CPOs conscientiousness has a positive impact on organizational privacy performance. The practical implication of this study is as follows: First, the research can be a yardstick for judgment when companies select CPOs and vest authority in them. Second, not only companies but also CPOs can judge what ability they should concentrate on for development of their career relevant to their job through results of this research. Cultural social value, citizen's consensus on the right to privacy, expected CPO's role will change in process of time. In future study, long-term time-series analysis based research can reveal these changes and can also offer practical implications for government and private organization's policy making on information privacy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권10호
• /
• pp.2708-2730
• /
• 2012

The growing concern for the protection of personal information has made it critical to implement effective technologies for privacy and data management. By observing the limitations of existing approaches, we found that there is an urgent need for a flexible, privacy-aware system that is able to meet the privacy preservation needs at both the role levels and the personal levels. We proposed a conceptual system that considered these two requirements: a graph-based, access control model to safeguard patient privacy. We present a case study of the healthcare field in this paper. While our model was tested in the field of healthcare, it is generic and can be adapted to use in other fields. The proof-of-concept demos were also provided with the aim of valuating the efficacy of our system. In the end, based on the hospital scenarios, we present the experimental results to demonstrate the performance of our system, and we also compared those results to existing privacy-aware systems. As a result, we ensured a high quality of medical care service by preserving patient privacy.

• 기본간호학회지
• /
• 제14권2호
• /
• pp.204-212
• /
• 2007

Purpose: The purpose of this study was to investigate the patient's perception of the nurse's behavior in protecting patient privacy and to make suggestions for medical facilities to increase protection of patient privacy. Method: The research was a survey study The data on protection of privacy in primary nursing, for physical privacy, of patient information and in private conversations were collected in October 2005 from 187 patients in a university hospital. Frequencies, means, t-test, ANOVA, and $x^2$-test were used to analyze the data. The SPSS 13.0 for Windows program was used. Results: The mean score for patients' perception of nurse protection of their privacy was 3.33. There were significant differences in perception of protecting patients' privacy according to gender for private conversation, according to level of education for all but physical nursing and for number of admissions for total score and for primary nursing. Conclusion: The results of this study suggest the following: a) Institutional polices and nursing guideline should be clearly stated as to the nurses' duty to protect patient privacy. b) Medical facilities should be arranged in a way that allows for the protection of patients' medical information, and should focus on patient privacy. c) It is necessary of nurses to receive periodic in-service education on protecting patient privacy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제18권5호
• /
• pp.1341-1368
• /
• 2024

The concept of privacy-preserving collaborative filtering (PPCF) has been gaining significant attention. Due to the fact that model-based recommendation methods with privacy are more efficient online, privacy-preserving memory-based scheme should be avoided in favor of model-based recommendation methods with privacy. Several studies in the current literature have examined ant colony clustering algorithms that are based on non-privacy collaborative filtering schemes. Nevertheless, the literature does not contain any studies that consider privacy in the context of ant colony clustering-based CF schema. This study employed the ant colony clustering model-based PPCF scheme. Attacks like shilling or profile injection could potentially be successful against privacy-preserving model-based collaborative filtering techniques. Afterwards, the scheme's robustness was assessed by conducting a shilling attack using six different attack models. We utilize masked data-based profile injection attacks against a privacy-preserving ant colony clustering-based prediction algorithm. Subsequently, we conduct extensive experiments utilizing authentic data to assess its robustness against profile injection attacks. In addition, we evaluate the resilience of the ant colony clustering model-based PPCF against shilling attacks by comparing it to established PPCF memory and model-based prediction techniques. The empirical findings indicate that push attack models exerted a substantial influence on the predictions, whereas nuke attack models demonstrated limited efficacy.

• International Journal of Computer Science & Network Security
• /
• 제21권6호
• /
• pp.137-142
• /
• 2021

Machine-learning systems have proven their worth in various industries, including healthcare and banking, by assisting in the extraction of valuable inferences. Information in these crucial sectors is traditionally stored in databases distributed across multiple environments, making accessing and extracting data from them a tough job. To this issue, we must add that these data sources contain sensitive information, implying that the data cannot be shared outside of the head. Using cryptographic techniques, Privacy-Preserving Machine Learning (PPML) helps solve this challenge, enabling information discovery while maintaining data privacy. In this paper, we talk about how to keep your data mining private. Because Data mining has a wide variety of uses, including business intelligence, medical diagnostic systems, image processing, web search, and scientific discoveries, and we discuss privacy-preserving in deep learning because deep learning (DL) exhibits exceptional exactitude in picture detection, Speech recognition, and natural language processing recognition as when compared to other fields of machine learning so that it detects the existence of any error that may occur to the data or access to systems and add data by unauthorized persons.

• Journal of Multimedia Information System
• /
• 제9권3호
• /
• pp.201-208
• /
• 2022

Customized service is a vital and mandatory element for apps in improving their technical performance and app customer analysis. While apps require users' consent for their data extraction and usage, many of the terms and agreement forms are written intricately, making it harder for users to fully understand the whole concept of users' data collection for customized services. Ever since the Facebook-Cambridge Analytica scandal, personal data privacy has been re-examined, forcing many app companies to reinforce a reliable solution to data privacy issues. However, there has not been a secured solution, which worries many people about the future advanced issues when metaverse platforms are actively used in daily apps. The research aims to collect the reactions and behaviors of everyday app users who utilize apps with customized services to understand the nature of privacy data issues and the users' opinions about the future implementation of metaverse platforms. The method of the research was an online questionnaire that targeted university students. The study revealed many fearful and anxious reactions about personal data and further metaverse issues where most app users were uneducated about how current apps collect and utilize users' private data.