• 한국인터넷방송통신학회논문지
• /
• 제8권5호
• /
• pp.235-241
• /
• 2008

정보통신기술과 의료기술의 발전으로 국민들의 삶의 질이 향상되면서 인터넷 환경에서의 의료서비스에 대한 관심이 커지고 있다. 이러한 인터넷 환경에서의 의료정보화는 환자의 개인정보를 침해할 수 있다. 우리나라의 상당수 의료기관은 인터넷 환경에서의 환자개인정보보호에 소극적이다. 의료정보의 유출을 방지하기 위한 법령과 표준안 및 체계적인 지침이 개발되어 있지 않다. 본 연구에서는 인터넷 환경에서의 환자 개인정보 침해유형을 사례를 통해 살펴보고, 법제도적 측면 기술적 측면 관리적 측면에서 인터넷 환경에서의 환자 개인정보를 보호할 수 있는 방안을 모색해 보고자 한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권10호
• /
• pp.5244-5259
• /
• 2019

With the continuous development of LBS (Location Based Service) applications, privacy protection has become an urgent problem to be solved. Differential privacy technology is based on strict mathematical theory that provides strong privacy guarantees where it supposes that the attacker has the worst-case background knowledge and that knowledge has been applied to different research directions such as data query, release, and mining. The difficulty of this research is how to ensure data availability while protecting privacy. Spatial multidimensional data are usually released by partitioning the domain into disjointed subsets, then generating a hierarchical index. The traditional data-dependent partition methods need to allocate a part of the privacy budgets for the partitioning process and split the budget among all the steps, which is inefficient. To address such issues, a novel two-step partition algorithm is proposed. First, we partition the original dataset into fixed grids, inject noise and synthesize a dataset according to the noisy count. Second, we perform IH-Tree (Improved H-Tree) partition on the synthetic dataset and use the resulting partition keys to split the original dataset. The algorithm can save the privacy budget allocated to the partitioning process and obtain a more accurate release. The algorithm has been tested on three real-world datasets and compares the accuracy with the state-of-the-art algorithms. The experimental results show that the relative errors of the range query are considerably reduced, especially on the large scale dataset.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권12호
• /
• pp.6121-6144
• /
• 2019

Numerous privacy-preserving authentication schemes have been proposed but vehicular ad hoc networks (VANETs) still suffer from security and privacy issues as well as computation and communication overheads. In this paper, we proposed a robust conditional privacy-preserving authentication scheme based on pseudonym root with cuckoo filter to meet security and privacy requirements and reduce computation and communication overheads. In our proposed scheme, we used a new idea to generate pseudonyms for vehicles where each on-board unit (OBU) saves one pseudonym, named as "pseudonym root," and generates all pseudonyms from the same pseudonym. Therefore, OBU does not need to enlarge its storage. In addition, the scheme does not use bilinear pairing operation that causes computation overhead and has no certification revocation list that leads to computation and communication overheads. The proposed scheme has lightweight mutual authentication among all parties and just for once. Moreover, it provides strong anonymity to preserve privacy and resists ordinary attacks. We analyzed our proposed scheme and showed that it meets security and privacy requirements of VANETs and is more efficient than traditional schemes. The communication and computation overheads were also discussed to show the cost-effectiveness of the proposed scheme.

• Journal of Information Processing Systems
• /
• 제15권5호
• /
• pp.1036-1054
• /
• 2019

Recently, concomitant with a surge in numbers of Internet of Things (IoT) devices with various sensors, mobile crowdsensing (MCS) has provided a new business model for IoT. For example, a person can share road traffic pictures taken with their smartphone via a cloud computing system and the MCS data can provide benefits to other consumers. In this service model, to encourage people to actively engage in sensing activities and to voluntarily share their sensing data, providing appropriate incentives is very important. However, the sensing data from personal devices can be sensitive to privacy, and thus the privacy issue can suppress data sharing. Therefore, the development of an appropriate privacy protection system is essential for successful MCS. In this study, we address this problem due to the conflicting objectives of privacy preservation and incentive payment. We propose a privacy-preserving mechanism that protects identity and location privacy of sensing users through an on-demand incentive payment and group signatures methods. Subsequently, we apply the proposed mechanism to one example of MCS-an intelligent parking system-and demonstrate the feasibility and efficiency of our mechanism through emulation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제16권8호
• /
• pp.2490-2506
• /
• 2022

In Mobile Edge Computing (MEC), attackers can speculate and mine sensitive user information by eavesdropping wireless channel status and offloading usage pattern, leading to user privacy leakage. To solve this problem, this paper proposes a Privacy-preserving and Energy-efficient Offloading Algorithm (PEOA) based on Lyapunov optimization. In this method, a continuous Markov process offloading model with a buffer queue strategy is built first. Then the amount of privacy of offloading usage pattern in wireless channel is defined. Finally, by introducing the Lyapunov optimization, the problem of minimum average energy consumption in continuous state transition process with privacy constraints in the infinite time domain is transformed into the minimum value problem of each timeslot, which reduces the complexity of algorithms and helps obtain the optimal solution while maintaining low energy consumption. The experimental results show that, compared with other methods, PEOA can maintain the amount of privacy accumulation in the system near zero, while sustaining low average energy consumption costs. This makes it difficult for attackers to infer sensitive user information through offloading usage patterns, thus effectively protecting user privacy and safety.

• Asia pacific journal of information systems
• /
• 제16권4호
• /
• pp.49-70
• /
• 2006

In recent, Open markets are booming up rapidly. Open markets are one of the online marketplaces which mainly concentrated on spot transactions of commodities, and are differentiated from integrated internet shopping stores with market participants, trading rules and so on. This study investigated on factors affecting satisfaction with and preference on open markets by comparing open markets with integrated internet shopping stores, and aimed to figure out the reasons why open markets are growing up so rapidly and to forecast the future of open markets. To investigate the factors affecting buyers' satisfaction with and preference on internet shopping channel. I extracted several factors through literature reviews. The factors include the pros (cost saving and time saving), the cons (security concerns and privacy concerns), and decision making support suggested by Simon's research as well. Then, I constructed research model and related research hypotheses. To verify research hypotheses, I conducted field survey targeting on online buyers and analyzed research data using structural equation model. According to data analysis result, open markets have competitive advantages over integrated internet shopping stores with respect to cost saving, time saving, and decision making support. However, online buyers are still concerning privacy issues within open markets. In summary, buyers are considering that open markets are cheaper, faster, and more efficient internet shopping channel, compared with integrated internet shopping stores. However, open markets are required to dedicate to lessen buyers' privacy concerns to rebirth as more satisfying and preferable internet shopping channel and to prosper in the future.

• 인터넷정보학회논문지
• /
• 제15권2호
• /
• pp.59-71
• /
• 2014

본 연구의 목적은 보호동기 이론을 기반으로 인터넷 사용자의 개인정보 보호행동의 변화를 설명하고, 사용자의 개인정보 권익을 보호하기 위한 방안에 대해 모색하는 것이다. 보호동기 이론은 위협메시지에 의한 보호행동의 변화과정을 설명하기 위한 대표적인 이론으로, 본 연구에서는 개인정보에 대한 위협과 개인정보 보호행동에 대한 개인의 인지적 평가가 보호동기를 형성하고 보호동기가 개인정보 보호행동에 어떠한 영향을 미치는지 확인하였다. 또한 개인정보 권리보장 및 권리구제와 관련된 법제도를 반영하여서 개인정보 권리인지 변인을 개발하였다. 즉 개인정보 관련 법률이 개인정보 보호에 대한 인식이나 행동변화에 어떠한 영향을 미치는지 알아보았다. 본 연구는 선행연구들과 달리 법제도를 반영한 개인정보 권리인지 변인을 개발하여 개인정보 보호행동의 변화에 대해 분석하였다. 연구의 결과 개인정보 권리인지 변인이 개인정보 보호행동에 유의미한 영향을 미치는 요인으로 밝혀졌으며, 법제도를 통한 정보주체의 권리보장이 개인정보 보호행동을 촉진시키는 것으로 나타났다. 본 연구의 결과가 추후 개인정보 관련 신규정책 확립에 있어서 도움을 줄 수 있을 것이라 생각한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권11호
• /
• pp.5654-5673
• /
• 2016

Participatory sensing applications rely on recruiting appropriate participants to share their surrounding conditions with others, and have been widely used in many areas like environmental monitoring, health care, and traffic congestion monitoring, etc. In such applications, how to ensure the privacy of a participant is important, since incentive mechanisms are used to maintain their enthusiasm for sustainable participation by offering certain amount of reward. In this paper, we propose a pseudonym-based privacy protection scheme, that takes both privacy protection and user incentives into consideration. The proposed scheme uses the pseudonym mechanism and one-way hash function to achieve user incentives, while protecting their identity. We also show extensive analysis of the proposed scheme to demonstrate that it can meet the security and performance the requirement of a participatory sensing application.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권11호
• /
• pp.4145-4162
• /
• 2021

During the period of epidemic prevention and control, contact tracing systems are developed in many countries, to stop or slow down the progression of COVID-19 contamination. However, the privacy issues involved in the use of contact tracing apps have also attracted people's attention. First, we divide contact tracing techniques into two types: Bluetooth Low Energy (BLE) based and Global Positioning System (GPS) based techniques. In order to clear understand the system structure and its elements, we create data flow diagram (DFD) of each types. Second, we analyze the possible privacy threats contained in various types of contact tracing apps by applying LINDDUN, which is a threat modeling technique for personal information protection. Third, we make a comparison and analysis of various contact tracing techniques from privacy point of view. These studies can facilitate improve tracing and security performance to contact tracing apps through comparisons between different types.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권9호
• /
• pp.4771-4787
• /
• 2019

Aimed at the disclosure risk of mobile terminal user's location privacy in location-based services, a location-privacy protection scheme based on similar trajectory substitution is proposed. On the basis of the anonymized identities of users and candidates who request LBS, this scheme adopts trajectory similarity function to select the candidate whose trajectory is the most similar to user's at certain time intervals, then the selected candidate substitutes user to send LBS request, so as to protect user's privacy like identity, query and trajectory. Security analyses prove that this scheme is able to guarantee such security features as anonymity, non-forgeability, resistance to continuous query tracing attack and wiretapping attack. And the results of simulation experiment demonstrate that this scheme remarkably improve the optimal candidate' trajectory similarity and selection efficiency.