• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.1
• /
• pp.63-70
• /
• 2009

As individuals spend more time doing social and economic life on the web, the importance of protecting privacy against Phishing and Pharming attacks also increases. Until now, there have been researches on the methods of protection against Phishing and Pharming. However, these researches don't provide efficient methods for protecting privacy and don't consider Pharming attacks. In this paper, we propose an authentication protocol that protects user information from Phishing and Pharming attacks. In this protocol, the messages passed between clients and servers are secure because they authenticate each other using a hash function of password and location information which are certificated to clients and servers only. These messages are used only once, so that the protocol is secure from replay attacks and man-in-the-middle attacks. Furthermore, it is also secure from Pharming attacks.

• Journal of Platform Technology
• /
• v.6 no.4
• /
• pp.11-17
• /
• 2018

In the smart intelligence information society, there is a possibility that the social dysfunction such as the personal information protection issue and the risk to the electronic surveillance society may be highlighted. In this paper, we refer to various categories and classify electronic surveillance into audio surveillance, visual surveillance, location surveillance, biometric information surveillance, and data surveillance. In order to respond to new electronic surveillance in the intelligent information society, it requires a change of perception that is different from that of the past. This starts with the importance of digital privacy and results in the right to self-determination of personal information. Therefore, in order to preemptively respond to the dysfunctions that may arise in the intelligent information society, it is necessary to further raise the awareness of the civil society to protect information human rights.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.33-43
• /
• 2006

RFID System has an advantage that it need not touch an objects for identification of many objects. Because it is working through wireless communication. Also, So many objects can be identified with RFID System at once. However, although RFID System has convenience like above, it has serious privacy concern at the same time. If RFID System is working with an target object through wireless communication, other objects will respond to RFID System signal as well as a target object. Hence, RFID System can be easily exposed user privacy by attacker. In this paper, We propose RFID system authentication model in order to protecting user privacy and traking. Proposed RFID system is operating that not only server authenticate RFID reader but also RFID reader and tag authenticate mutually by using symetric cryptography that operating with tiny and simple processing.

• Korea Journal of Hospital Management
• /
• v.21 no.2
• /
• pp.13-23
• /
• 2016

Purpose: The purpose of this study is to compare the user satisfaction between 4-bedrooms and 5/6-bedrooms in a single general hospital. Methodology: To measure and compare multiple-bed ward user satisfaction between 4-bedrooms and 5/6-bedrooms, questionnaires were collected from 916 inpatients and 129 nurses in a single general hospital. The patient satisfaction questionnaire categories included environmental conditions, protection of privacy, and medical services. The nurse satisfaction questionnaire categories included space, infection control, patient safety, work load and psychologic view point. Findings: Satisfaction of patient who admitted in 4-bedroom to the environmental conditions and protection of privacy was higher than that of 5/6-bedroom group (3.91 vs. 3.25, p<0.001). Satisfaction of nurse who worked in 4-bedroom was higher than that of 5/6-bedroom (3.05 vs. 1.92, p<0.001). By the multiple linear regression analysis, patient satisfaction to the environmental conditions and protection of privacy was related with multi-bedroom type and location of beds; 4-bedrooms were higher than 5/6-bedrooms(p<0.001), window side bed were higher than hallway side bed(p=0.001). There was no satisfaction difference in comparing medical services between the two groups. By the multiple linear mixed regression analysis, nurse satisfaction who were assigned for 4-bedrooms were higher than that of 5/6-bedrooms in all categories(p<0.001). Practical Implications: Even though no difference has shown in medical services satisfaction between the two patient groups, multi-bedroom type may affect patient satisfaction in environmental condition, protection of privacy and may also affect overall nurse satisfaction. This result suggests that to improve multi-bedroom user satisfaction, 4-bedroom is recommended over 5/6-bedroom.

• Journal of KIISE
• /
• v.42 no.5
• /
• pp.652-663
• /
• 2015

Due to the popularity of location-based services, the amount of generated spatial data in daily life has been dramatically increasing. Therefore, spatial database outsourcing has become popular for data owners to reduce the spatial database management cost. The most important consideration in database outsourcing is meeting the privacy requirements and guarantying the integrity of the query result. However, most of existing database transformation techniques do not support both of the data privacy and integrity of the query result. To solve this problem, we propose a spatial data transformation scheme that utilizes the shearing transformation with rotation shifting. In addition, we described the attack models to measure the data privacy of database transformation schemes. Finally, we demonstrated through the experimental evaluations that our scheme provides high level of data protection against different kinds of attack models, compared to the existing schemes, while guaranteeing the integrity of the query result sets.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.669-685
• /
• 2003

Nowadays mobile phones and PDAs are part and parcel of our lives. By carrying a portable mobile device with us all the time we are already living in partial Pervasive Computing Environment (PCE) that is waiting to be exploited very soon. One of the advantages of pervasive computing is that it strongly supports the deployment of Location-Based Service(s) (LBSs). In PCE, there would be many competitive service providers (SPs) trying to sell different or similar LBSs to users. In order to reserve a particular service, it becomes very difficult for a low-computing and resource-poor mobile device to handle many such SPs at a time, and to identify and securely communicate with only genuine ones. Our paper establishes a convincing trust model through which secure job delegation is accomplished. Secure Job delegation and cost effective cryptographic techniques largely help in reducing the burden on the mobile device to securely communicate with trusted SPs. Our protocol also provides users privacy protection, replay protection, entity authentication, and message authentication, integrity, and confidentiality. This paper explains our protocol by suggesting one of the LBSs namely“Secure Automated Taxi Calling Service”.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1319-1326
• /
• 2019

Recently, biometrics and location information are being used for authentication in many devices. However, these information are stored as plaintext in safe device or, stored as ciphertext in authentication server it is used for authentication in plaintext by decrypting. Therefore, the leakage of authentication information as well as hacking can cause fatal privacy problems. In this paper, we propose a technique that can be authenticated without exposing authentication information to ciphertext using function encryption.

• Asia pacific journal of information systems
• /
• v.24 no.3
• /
• pp.299-323
• /
• 2014

The reason location based service is drawing attention recently is because smart phones are being supplied increasingly. Smart phone, basically equipped with GPS that can identify location information, has the advantage that it can provide contents and services suitable for the user by identifying user location accurately. Offering such diverse advantages, location based services are increasingly used. In addition, for use of location based services, release of user's personal information and location data is essentially required. Regarding personal information and location data, in addition to IT companies, general companies also are conducting various profitable businesses and sales activities based on personal information, and in particular, personal location data, comprehending high value of use among personal information, are drawing high attentions. Increase in demand of personal information is raising the risk of personal information infringement, and infringements of personal location data also are increasing in frequency and degree. Therefore, infringements of personal information should be minimized through user's action and efforts to reinforce security along with Act on the Protection of Personal Information and Act on the Protection of Location Information. This study aimed to improve the importance of personal information privacy by empirically analyzing the effect of perceived values on the intention to strengthen location information security and continuously use location information for users who received location-based services (LBS) in mobile environments with the privacy calculation model of benefits and risks as a theoretical background. This study regarded situation-based provision, the benefit which users perceived while using location-based services, and the risk related to personal location information, a risk which occurs while using services, as independent variables and investigated the perceived values of the two variables. It also examined whether there were efforts to reduce risks related to personal location information according to the values of location- based services, which consumers perceived through the intention to strengthen security. Furthermore, it presented a study model which intended to investigate the effect of perceived values and intention of strengthening security on the continuous use of location-based services. A survey was conducted for three hundred ten users who had received location-based services via their smartphones to verify study hypotheses. Three hundred four questionnaires except problematic ones were collected. The hypotheses were verified, using a statistical method and a logical basis was presented. An empirical analysis was made on the data collected through the survey with SPSS 12.0 and SmartPLS 2.0 to verify respondents' demographic characteristics, an exploratory factor analysis and the appropriateness of the study model. As a result, it was shown that the users who had received location-based services were significantly influenced by the perceived value of their benefits, but risk related to location information did not have an effect on consumers' perceived values. Even though users perceived the risk related to personal location information while using services, it was viewed that users' perceived value had nothing to do with the use of location-based services. However, it was shown that users significantly responded to the intention of strengthening security in relation to location information risks and tended to use services continuously, strengthening positive efforts for security when their perceived values were high.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.57-68
• /
• 2004

Recently, Radio Frequency Identification (RFID) systems stands in the spotlight of industry as a common and useful tool in manufacturing, supply chain management (SCM) and stock management. In the near future, low-cost RFID Electronic Product Code; (EPC) or smart-labels may be a practical replacement for optical barcodes on consumer items. However, manufacturing cheap and small RFID tags, and developing secure RFID authentication Protocols are problems which need to be solved. In spite of advances in semiconductor technology, computation and storage ability of the tag are so limited that it is difficult and too expensive to apply existing crypto-systems to RFID tags. Thus it is necessary to create a new protocol which would require less storage space and lower computation costs and that is secure in the RFID system's environments. In this paper, we propose a RFID authentication protocol that is secure against location tracking and spoofing attacks. Our protocol can be used as a practical solution for privacy protection because it requires less computations in database than the previous RFID authentication protocol.

• Journal of Digital Convergence
• /
• v.17 no.2
• /
• pp.453-462
• /
• 2019

This study investigates the relationship between controllability, severity, unrealistic optimism and risk perception of risk factors related to location - based SNS services for smartphone users. For this purpose, I surveyed university students who had experience using location - based SNS service. The main results are as follows. First, controllability has a statistically significant effect on unrealistic optimism. Second, Severity had a statistically significant negative impact on unrealistic optimism. Third, Controllability did not have a statistically significant effect on risk perception, Fourth, Severity did not have a statistically significant effect on perceived risk. Fifth, Unrealistic optimism had a statistically significant negative impact on perception of risk. The results of this study will contribute to the prevention of privacy incidents and the protection of smartphone users by using location - based SNS service. On the one hand, future research will need to look at the relationship between unrealistic optimism and risk prevention or coping behavior.