• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.2
• /
• pp.540-557
• /
• 2021

Privacy vulnerability of social networks is one of the major concerns for social science research and business analysis. Most existing studies which mainly focus on un-weighted network graph, have designed various privacy models similar to k-anonymity to prevent data disclosure of vertex attributes or relationships, but they may be suffered from serious problems of huge information loss and significant modification of key properties of the network structure. Furthermore, there still lacks further considerations of privacy protection for important sensitive edges in weighted social networks. To address this problem, this paper proposes a privacy preserving method to protect sensitive weighted edges. Firstly, the sensitive edges are differentiated from weighted edges according to the edge betweenness centrality, which evaluates the importance of entities in social network. Then, the perturbation operations are used to preserve the privacy of weighted social network by adding some pseudo-edges or modifying specific edge weights, so that the bottleneck problem of information flow can be well resolved in key area of the social network. Experimental results show that the proposed method can not only effectively preserve the sensitive edges with lower computation cost, but also maintain the stability of the network structures. Further, the capability of defending against malicious attacks to important sensitive edges has been greatly improved.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.47-61
• /
• 2006

In the Internet era, enterprises want to use personal information of their own or other enterprises' subscribers, and even provide it to other enterprises for their profit. In this paper, a privacy authorization system for personal information based on privacy policies of users and enterprises is designed and implemented. Privacy policies of users and enterprises are described in XACML. Also, components of policy in XACML 2.0 such as Purpose, Obligation are suitable for expressing privacy policy. A prototype of privacy authorization system is implemented by modifying and extending the SUNXACML 1.2, a Sun's implementation of XACML 1.0 and some features of XACML 2.0, and GUI tools for composing and verifying are also developed.

• Journal of the Korean Society for information Management
• /
• v.32 no.1
• /
• pp.63-84
• /
• 2015

Library users must provide their personal information to libraries. This study surveyed these library users' perception of privacy and the effect of the education after providing library user privacy education. As a result, first, it was found that after education, users were more interested in their privacy, rated the problem of library user privacy as more severe, and rated library user data collection as more likely to be considered privacy invasion. Second, we investigated users' perception of how much user service records being collected in libraries violate users' privacy, which showed a great perception change in 25 questions after the education. Third, in the survey about library and librarians' efforts for protecting library user privacy, it was found that all 15 questions were rated as significantly more important after education. Fourth, library users have recognized that is necessary to process and handle the library record and are more sympathetic to the need for this procedure. Fifth, library users felt the possibility of a library record leak was a very serious threat.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.945-956
• /
• 2020

The publication of data is essential in order to receive high quality services from many applications. However, if the original data is published as it is, there is a risk that sensitive information (political tendency, disease, ets.) may reveal. Therefore, many research have been proposed, not the original data but the synthetic data generating and publishing to privacy preserve. but, there is a risk of privacy leakage still even if simply generate and publish the synthetic data by various attacks (linkage attack, inference attack, etc.). In this paper, we propose a synthetic data generation algorithm in which privacy preserved by applying differential privacy the latest privacy protection technique to GAN, which is drawing attention as a synthetic data generative model in order to prevent the leakage of such sensitive information. The generative model used CGAN for efficient learning of labeled data, and applied Rényi differential privacy, which is relaxation of differential privacy, considering the utility aspects of the data. And validation of the utility of the generated data is conducted and compared through various classifiers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.183-193
• /
• 2014

Korean personal data(information) protection law requires privacy policies post on every website. According to recent survey results, users' interests on these policies are low due to these policies' low readability and accessibility. This study proposes a layout that effectively conveys online privacy policy contents, and assesses its impact on information understandability, vividness, and recognition of users. Studies on privacy policies and layouts, media richness theory, social presence theory, and usability are used to develop the new layered approach. Using experiments, three major layouts are evaluated by randomly selected online users. Research results shows that information understandability, vividness, and recognition of privacy policies in the revised-layered approach are higher than those of in the text-only or table-based layouts. This study implies that employing visual guides like icons on privacy policy layouts may increase users' interest in those policies.

• Informatization Policy
• /
• v.22 no.3
• /
• pp.16-35
• /
• 2015

Recently, several studies in the field of privacy research suggested counterintuitive phenomenon about previous studies on existing perspectives. They claim that consistency of attitude and behavior does not exist, which is called privacy paradox. This study aims to clarify the relationship between intention to information disclosure and actual behavior based on the privacy paradox perspective. It attempts to explain the causes of privacy paradox phenomenon through the dual process theory being discussed in the field of behavioral economics. The results of empirical analysis are as follows. First, paired t-test analysis between intention to information disclosure and actual behavior was statistically significant. This means the existence of privacy paradox. Second, privacy risk had significant explanatory power to behavioral intention, and privacy trust had significant explanatory power to actual behavior. In conclusion, this study shows that negative belief influences decision making situation controlled by rational thinking whereas positive belief influences actual situations controlled by intuitive thinking.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.5
• /
• pp.1341-1368
• /
• 2024

The concept of privacy-preserving collaborative filtering (PPCF) has been gaining significant attention. Due to the fact that model-based recommendation methods with privacy are more efficient online, privacy-preserving memory-based scheme should be avoided in favor of model-based recommendation methods with privacy. Several studies in the current literature have examined ant colony clustering algorithms that are based on non-privacy collaborative filtering schemes. Nevertheless, the literature does not contain any studies that consider privacy in the context of ant colony clustering-based CF schema. This study employed the ant colony clustering model-based PPCF scheme. Attacks like shilling or profile injection could potentially be successful against privacy-preserving model-based collaborative filtering techniques. Afterwards, the scheme's robustness was assessed by conducting a shilling attack using six different attack models. We utilize masked data-based profile injection attacks against a privacy-preserving ant colony clustering-based prediction algorithm. Subsequently, we conduct extensive experiments utilizing authentic data to assess its robustness against profile injection attacks. In addition, we evaluate the resilience of the ant colony clustering model-based PPCF against shilling attacks by comparing it to established PPCF memory and model-based prediction techniques. The empirical findings indicate that push attack models exerted a substantial influence on the predictions, whereas nuke attack models demonstrated limited efficacy.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.6
• /
• pp.197-208
• /
• 2014

In an information society, privacy protection is one of the most important ethical issues. In medical institutes in which personal medical information is collected and stored, in addition, a privacy breach can cause a serious damage on personal lives. This study attempted to develop privacy concern measurement tool in personal medical information to measure patients' concern on their medical information from medical service consumers' perspective and verify its validity. For this, privacy concern measurement tool in personal medical information was developed based on the results of previous studies. After performing Exploratory Factor Analysis(EFA) and Confirmatory Factor Analysis(CFA) on the measurement tool, its reliability and validity were verified. It appears that the measurement tool would be useful in developing decent privacy protection policy after investigating citizens' concern on the protection of personal medical information and domains they are interested in. For medical institutes as well, they would be helpful in coming up with a reasonable plan after figuring out problems in the protection of personal medical information and current status.

• Journal of Information Technology Applications and Management
• /
• v.15 no.4
• /
• pp.37-59
• /
• 2008

This study focuses on the antecedents to the privacy concerns and their influence on trust and online transaction intention. Based on previous exploratory works and the literature review of privacy concerns, four antecedents are identified-Internet literacy, social awareness, perceived vulnerability, and perceived ability to information control. Incorporating these antecedents, privacy concerns, trust and online transaction intention, a conceptual model is developed and seven research hypotheses are proposed for empirical testing. The proposed model is examined through structural equation analysis. The results show that Internet literacy, social awareness, and perceived vulnerability have statistically significant effect on the privacy concerns of users and the privacy concerns has a positive influence on the trust. Finally, the trust has a positive effect on the online transaction intention. Implications of these findings are discussed for both researchers and practitioners and future research issues are raised as well.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.6123-6138
• /
• 2018

Named data networking (NDN) is a new network architecture designed for next generation Internet. Router-side content caching is one of the key features in NDN, which can reduce redundant transmission, accelerate content distribution and alleviate congestion. However, several security problems are introduced as well. One important security risk is cache privacy leakage. By measuring the content retrieve time, adversary can infer its neighbor users' hobby for privacy content. Focusing on this problem, we propose a cache privacy protection mechanism (named as CPPM-DAM) to identify legitimate user and adversary using Bloom filter. An optimization for storage cost is further provided to make this mechanism more practical. The simulation results of ndnSIM show that CPPM-DAM can effectively protect cache privacy.