• Journal of the Korea Society of Computer and Information
• /
• v.21 no.10
• /
• pp.43-48
• /
• 2016

This study is to examine how big data collects user's information and is used; the status quo of exposures of user's information, and various measures of self-control by the user. This study is also to look their ethical issues and discuss problems of privacy concerning big data. As a way for users to self-control their information, they need to check the log-in state of web portal sites and set up their account so that customized advertisement and location information cannot be tracked. When posting a blog, the value of posting should be controlled. When becoming a member of a web site, users must check the access terms before agreement and beware of chained agreements and/or membership joins in order to control the exposure of their personal information. To prevent information abuse through big data through which user's information is collected and analyzed, all users must have the right to control, block or allow personal information. For an individual to have the right to control over his information, users must understand the concept of user's information and practice ethics accompanied by newly given roles in the Internet space, which will lead to the establishment of the sound and mature information society on the Internet.

• Journal of Internet Computing and Services
• /
• v.15 no.6
• /
• pp.9-14
• /
• 2014

In this paper, we propose AMV scheme which supports k-anonymization by using vectors for mobile clients. AMV can produces the minimal cloaking area using motion vector information of users (clients). The main reason for minimizing cloaking area is a server has to send the object information to all users who request the spatial queries. The experimental results show that the proposed AMV has superior performance over existing methods.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.8
• /
• pp.2133-2144
• /
• 1999

IMT-2000 system is expected to start its service at the beginning of 2000 on the purpose of providing with the highest qualitative service through one mobile terminal. In this paper, we investigate some of the important issues which need to be addresses in designing an authentication protocol for IMT-2000. Also proposed is an authentication protocol which addresses the above issues, and we design a correct and efficient authentication protocol to establish secure communication channel. Our protocol provides an authentication of the communication entities, location privacy, and secure messaging as well as global roaming service.

• Journal of Internet Computing and Services
• /
• v.8 no.4
• /
• pp.81-91
• /
• 2007

Binding update for the routing optimization in MIPv6 can make the involved nodes vulnerable to various attacks. Therefore, secure binding update becomes an important research issue in MIPv6, and several protocols have been proposed for this purpose. In this paper, we compare several existing binding update protocols such as RR, SUCV and OMIPv6 and analyze the vulnerability of nodes to the possible attacks and drawbacks of address management and scalability and overhead of encryption operations. Then, we suggest the design requirements for the secure binding update and propose an advanced protocol based on the design principle. Through the analysis, we show that our protocol can achieve a higher level of security against the various attacks and enable better management of address, provide the location privacy and reduce the computational overhead of mobile nodes with constraint computational power.

• Journal of Digital Contents Society
• /
• v.8 no.3
• /
• pp.371-376
• /
• 2007

Many modules such as controller, sensor, telematics terminal, navigation, audio and video are connected each other via vehicle network (CAN, MOST, etc). Futhermore, users can have ITS or internet services in moving by connecting to wireless mobile network. These network capabilities can cause a lots of security issues such as data hacking, privacy violation, location tracking and so on. Some possibilities which raise a breakdown or accident by hacking vehicle operation data (sensor, control data) are on the increase. In this paper, we propose a security module which has encryption functionalities and can be used for vehicle network system such as CAN, MOST, etc. This security module can provide conventional encryption algorithms and digital signature processing functionality such as DES, 3-DES, SEED, ECC, and RSA.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.5B
• /
• pp.377-384
• /
• 2012

RFID system is a technique to obtain information of tag using radio frequency. Specificity of RFID systems using radio frequency has many problems that is eavesdropping, location tracking, spoofing attack, replay attack, denial of service attack. So, RFID protocol should be used cryptographic methods and mutual authentication for security and privacy. In this paper, we explain the problem of past protocol and propose the nonfixed symmetric key-based RFID mutual authentication protocol using shift computation and random number. Proposed protocol is secure from various attacks. Because it use shift operation and non-fixed symmetric key.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.07a
• /
• pp.100-102
• /
• 2005

유비쿼터스는 현재의 제한된 컴퓨팅 환경을 떠나서 시간과 장소에 구애받지 않는 자유로운 컴퓨팅 환경을 제공함으로서 각광받고 있다. 그 중 언제어디서나 정보를 주고받을 수 있으며 가격과 성능 면에서 단연 뛰어난 RFID(Radio Frequency Identification)의 중요성은 점점 증가되고 있는 추세이다. 그러나, 이와 같은 우수성에도 불구하고, 정보 유출의 위험성을 내포하고 있으며, 개인의 위치 추적이나, 비 접근 권한자의 위장행세 등의 사용자 프라이버시 보호에 대한 많은 문제점들을 수반한다. 현재까지 이와 관련된 연구들이 활발히 진행되고 있다. 특히 그 중, Ohkubo의 해시함수를 이용한 프로토콜은 프라이버시 보호 측면에서 위치추적 공격(location tracking), 전방위보안성(forward security)과 같은 문제들에 대한 해결책을 제시하고 있으나, 해시함수를 태그에 직접 구현하는 것은 현재까지는 불가능한 상태이다. 또한, Martin Feldhofer는 대칭키 암호 알고리즘인 AES(Advanced Encryption Standard)를 태그에 구현을 함으로서 암호학적인 강도를 높였으나, 위치추적 공격에 대한 문제정과 물리적 공격에 대한 가정을 하지 않은 단점을 가지고 있다. 본 논문에서는 기존연구에서의 문제점들을 보완하고자 현실적으로 구현 가능한 AES를 사용하고, 위치추적 공격, 비권한자 접근(unauthorized access) 공격과 물리적 공격으로부터 안전하며 전방위보안성을 제공하는 기법을 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.431-434
• /
• 2014

This paper shows the users' birthplace information can be inferred with only the public information in FaceBook SNS. Through experiments with various machine learning algorithms and various parameters, we have found that SVM algorithm with the location of the highschool, the current address, and the graduate year of highschool performs best for the inference, as this can infer 78% of users' birthplaces correctly. Since the birthplace information is used for various security purpose such as questions for getting the forgotten password and a part of korean residence registration number, this is a non-trival security breach and users need be cautious about it.

• Journal of Korea Multimedia Society
• /
• v.17 no.10
• /
• pp.1182-1188
• /
• 2014

Recently, the research on database outsourcing has been actively done with the popularity of cloud computing. However, because users' data may contain sensitive personal information, such as health, financial and location information, the data encryption methods have attracted much interest. Existing data encryption schemes process a query without decrypting the encrypted databases in order to support user privacy protection. On the other hand, to efficiently handle the large amount of data in cloud computing, it is necessary to study the distributed index structure. However, existing index structure and query processing algorithms have a limitation that they only consider single-column query processing. In this paper, we propose a grid-based multi column indexing scheme and an encrypted query processing algorithm. In order to support multi-column query processing, the multi-dimensional index keys are generated by using a space decomposition method, i.e. grid index. To support encrypted query processing over encrypted data, we adopt the Hilbert curve when generating a index key. Finally, we prove that the proposed scheme is more efficient than existing scheme for processing the exact and range query.

• The KIPS Transactions:PartC
• /
• v.18C no.4
• /
• pp.217-226
• /
• 2011

As a diverse range of smartphones has been recently developed and diffused, the users of SNS (Social Network Service) also have been sharply increased. The SNS saves a variety of information such as exchanged pictures and videos, voice mails or location sharing, chat history, etc. as well as simple user data, so that the acquisition of data that are useful in the aspect of digital forensic is achievable. This thesis reviews the types of SNS that are available for the iPhone, a recent example of highly used smartphones, and types of data by each client. Also, efficient data analysis method for digital forensic investigations is suggested by analyzing the relationships within the collected data by each client.