• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.10B
• /
• pp.648-659
• /
• 2005

One's identity on the Internet has been disclosed and abused without his consent. Personal information must be protected by appropriate security safeguard. An Individual should have the right to know whether his personal details have been collected and stored. This paper proposes various conceptual models for designing privacy enabling service architecture in the Internet identity management system. For the restriction of access to personal information, we introduce the owner's policy and the management policy The owner's policy should provide the user with enough information to manage easily and securely his data. To control precisely and effectively all personal information in the Identity provider, we propose the privacy management policy and the privacy authorization model.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.7B
• /
• pp.438-447
• /
• 2007

In the Internet, an identity service must to obtain permission from a user to allow them to share data with requesting service. For that, the privacy policy, which reflects legal regulations and preferences made by the user, is needed. Also, the management interface that aids the user to make the privacy policy and the PDP system that makes admission control and policy decisions in response to a request from an entity wanting to access the personal information are needed. In this paper, the privacy controller system model handled under the internet Identity management system environment is proposed. The system has the easy interface of policy generation and the efficient policy decision process. The system applies and modifies to the XACML of OASIS group. We propose that the privacy policy is divided into the three policies, which are the user policy, the domain policy and the basic offering policy. To resolve the collision between the policies, we also propose the collision resolution policy.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.10
• /
• pp.361-372
• /
• 2016

Identity Privacy issues such as exposures of IMSIs(International Mobile Subscriber Identities) in access network have been consistently raised throughout GSM, UMTS, LTE in 3GPP. The 3GPP specification uses temporary identities instead of IMSI to ensure anonymity of the user. Even if temporary identities are disclosed, Identity Privacy may be maintained at a safe level by security policies such as no linkability and periodic update. But in case of IMSI, it cannot be changed even though it is exposed. There still exist some situations that IMSI is used in clear text for the authentication. Therefore, a protective mechanism for the identity confidentiality is needed. In this paper we propose a protocol based on IBE(Identity-based Encryption) to protect permanent identities in access network. By simplifying the scheme, this protocol has minimized the system impact on current 3GPP environment. And this scheme can be applied to all kind of permanent identities and 3GPP AKA(Authentication and Key Agreement) protocols in access network.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.1
• /
• pp.282-304
• /
• 2014

Each cloud service has numerous owners and tenants, so it is necessary to construct a privacy preserving identity management and access control mechanism for cloud computing. On one hand, cloud service providers (CSP) depend on tenant's identity information to enforce appropriate access control so that cloud resources are only accessed by the authorized tenants who are willing to pay. On the other hand, tenants wish to protect their personalized service access patterns, identity privacy information and accessing newfangled cloud services by on-demand ways within the scope of their permissions. There are many identity authentication and access control schemes to address these challenges to some degree, however, there are still some limitations. In this paper, we propose a new comprehensive approach, called Privacy pReserving Identity and Access Management scheme, referred to as PRIAM, which is able to satisfy all the desirable security requirements in cloud computing. The main contributions of the proposed PRIAM scheme are threefold. First, it leverages blind signature and hash chain to protect tenant's identity privacy and implement secure mutual authentication. Second, it employs the service-level agreements to provide flexible and on-demand access control for both tenants and cloud services. Third, it makes use of the BAN logic to formally verify the correctness of the proposed protocols. As a result, our proposed PRIAM scheme is suitable to cloud computing thanks to its simplicity, correctness, low overhead, and efficiency.

• International Journal of Contents
• /
• v.8 no.2
• /
• pp.43-51
• /
• 2012

This study identifies the determinants of increasing privacy concerns in the mobile apps. The privacy affecting factors will be divided into the 3 categories on the basis of both users' and developers' perspective. First, this study explores whether the users' seeking value affects concern of the mobile apps privacy. Second, gender gap on the mobile privacy sensitivity will be tested. Third, this study identifies the meaning of apps developers' providing toolkit in the users' sensitivity on the privacy. The result showed that innovation among the customer's characteristics was identified the most significant factor to affect the mobile app privacy sensitivity. Ethical norm related variables (ethical identity, subjective norm and utilitarian value) were also identified as the meaningful variables in the mobile app privacy. Toolkits provided by app developers are also appeared a significant variable to affect the customer's app privacy sensitivity negatively. Finally gender also appears the meaningful factor in the mobile app privacy sensitivity.

• Journal of the Korean Home Economics Association
• /
• v.27 no.1
• /
• pp.59-69
• /
• 1989

The sutdy is to investigate the variables that influenced on territoriality$.$privacy and to find the relation between territoriality$.$privacy and self-identity. Data were collected from 342 homemakers in Pusan. Data were analysed by SPSS programs. To test hypotheses frequency, correlation and Multiple Regression (Path Analysis) were applied. The results were as follows: 1. The significant variales that influenced on territoriality were space occupancy level, SES and neighborhood relationship. 2. The significant variables that influenced on privacy were space occupancy level, SES and neighborhood relationship. 3. The significant variables that influenced on self-identity were territoriality, privacy, neighborhood relationship, housing ownership, space occupancy level and SES.

• Asia pacific journal of information systems
• /
• v.20 no.1
• /
• pp.57-79
• /
• 2010

In a virtual community, one can possess multiple identities and pretend to be different by creating self-identity in contrast with his or her actual self. Does false identity undermine the qualitative growth of a virtual community by reducing members' accountability? Or does it stimulate their contributive behaviors by ensuring freedom of speech? It is imperative to understand the effects of multi-identity considering the distinct properties of a virtual community in which people easily change their identities at little or no cost. To answer these questions, we adopted the concept of self-discrepancy from the social psychology theory rooted in the concept of the self and developed a theoretical model to predict quality of contribution of the individual member in virtual communities. Based on the self-discrepancy theory, we first identified two different domains of the self: (1) an "actual self" that consists of attributes that the person believes he or she currently possesses in real life and (2) a "cyber self" that consists of attributes the person believes he or she possesses in a virtual community. Next, we derived an index for two different types of self-discrepancy by using the differences between the actual and the cyber identities: Personal Self-discrepancy and Social Self-discrepancy. Personal Self-discrepancy reflects the degree of discrepancy between actual and cyber identity regarding a person's intelligence, education, and expertise. Social Self-discrepancy reflects the degree of discrepancy between actual and cyber identity regarding a person's morality, sociability, and accordance with social norms. Finally, we linked them with sense of virtual community, perceived privacy rights, and quality of contribution to examine how having a multi-identity influences an individual's psychological state and contributive behaviors in a virtual community. The results of the analysis based on 266 respondents showed that Social Self-discrepancy negatively influenced both the Sense of Virtual Community and Perceived Privacy Rights, while Personal Self-discrepancy negatively influenced only Perceived Privacy Rights, thereby resulting in reduced quality of contribution in virtual communities. Based on the results of this analysis, we can explain the dysfunctions of multi-identity in virtual communities. First, people who pretend to be different by engaging in socially undesirable behaviors under their alternative identities are more likely to suffer lower levels of psychological wellbeing and thus experience lower levels of sense of virtual community than others. Second, people do not perceive a high level of privacy rights reflecting catharsis, recovery, or autonomy, even though they create different selves and engage in socially undesirable behaviors in a virtual community. Third, people who pretend to be different persons in terms of their intelligence, education, or expertise also indirectly debase the quality of contribution by decreasing perceived privacy rights. The results suggest that virtual community managers should pay more attention to the negative influences exercised by multi-identity on the quality of contribution, thereby controlling the need to create alternative identities in virtual communities. We hope that more research will be conducted on this underexplored area of multi-identity and that our theoretical framework will serve as a useful conceptual tool for all endeavors.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.11
• /
• pp.5653-5672
• /
• 2019

In cloud computing era, an increasing number of resource-constrained users outsource their data to cloud servers. Due to the untrustworthiness of cloud servers, it is important to ensure the integrity of outsourced data. However, most of existing solutions still have challenging issues needing to be addressed, such as the identity privacy protection of users, the traceability of users, the supporting of dynamic user operations, and the publicity of auditing. In order to tackle these issues simultaneously, in this paper, we propose a traceable dynamic public auditing scheme with identity privacy preserving for cloud storage. In the proposed scheme, a single user, including a group manager, is unable to know the signer's identity. Furthermore, our scheme realizes traceability based on a secret sharing mechanism and supports dynamic user operations. Based on the security and efficiency analysis, it is shown that our scheme is secure and efficient.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.10
• /
• pp.2692-2707
• /
• 2012

A separable identity-based ring signature scheme has been constructed as a fundamental cryptographic primitive for protecting user privacy. Using the separability property, ring members can be selected from arbitrary domains, thereby, giving a signer a wide range of ways to control privacy. In this paper we propose a generic method to construct efficient identity-based ring signature schemes with various levels of separability. We first describe a method to efficiently construct an identity-based ring signature scheme for a single domain, in which a signer can select ring identities by choosing from identities defined only for the domain. Next, we present a generic method for linking ring signatures constructed for a single domain. Using this method, an identity-based ring signature scheme with a compact structure, supporting multiple arbitrary domains can be designed. We show that our method outperforms the best known schemes in terms of signature size and computational costs, and that the security model based on the separability of identity-based ring signatures, presented in this paper, is highly refined and effective by demonstrating the security of all of the proposed schemes, using a model with random oracles.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.1043-1063
• /
• 2019

With delegating proxy to process data before outsourcing, data owners in restricted access could enjoy flexible and powerful cloud storage service for productivity, but still confront with data integrity breach. Identity-based data auditing as a critical technology, could address this security concern efficiently and eliminate complicated owners' public key certificates management issue. Recently, Yu et al. proposed an Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy Processing (https://doi.org/10.3837/tiis.2017.10.019). It aims to offer identity-based, privacy-preserving and batch auditing for multiple owners' data on different clouds, while allowing proxy processing. In this article, we first demonstrate this scheme is insecure in the sense that malicious cloud could pass integrity auditing without original data. Additionally, clouds and owners are able to recover proxy's private key and thus impersonate it to forge tags for any data. Secondly, we propose an improved scheme with provable security in the random oracle model, to achieve desirable secure identity based privacy-preserving batch public auditing with proxy processing. Thirdly, based on theoretical analysis and performance simulation, our scheme shows better efficiency over existing identity-based auditing scheme with proxy processing on single owner and single cloud effort, which will benefit secure big data storage if extrapolating in real application.