• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.129-139
• /
• 2011

Recently by the privacy & data security law, when a user registers the online membership, we need to take action to check a progress of identification without resident registration number. On the most of websites, I-PIN is used by identification instead of the resident registration number. However, I-PIN causes dangerous situations if someone steals the ID and a password, the personal data can be easy to exposure. In this paper, we propose the OTP, which can solve all these problems by guaranteeing the identification of unlinkability. This type of method would help the process of membership registration without fixed data like ID and a password in online so it would be very useful to security of private data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.665-679
• /
• 2018

With the development of information and communication technology, especially wireless Internet technology and the spread of smart phones, digital data has increased. As a result, privacy issues which concerns about exposure of personal sensitive information are increasing. In this paper, we analyze the privacy vulnerability of online big data in domestic internet environment, especially focusing on portal service, and propose a measure to evaluate the possibility of privacy violation. For this purpose, we collected about 50 million user posts from the potal service contents and extracted the personal information. we find that potal service user can be identified by the extracted personal information even though the user id is partially anonymized. In addition, we proposed a risk measurement evaluation method that reflects the possibility of personal information linkage between service using partial anonymized ID and personal information exposure level.

• Journal of KIISE:Databases
• /
• v.37 no.4
• /
• pp.209-219
• /
• 2010

Online social network services that are rapidly growing recently store tremendous data and analyze them for many research areas. To enhance the effectiveness of information, companies or public institutions publish their data and utilize the published data for many purposes. However, a social network containing information of individuals may cause a privacy disclosure problem. Eliminating identifiers such as names is not effective for the privacy protection, since private information can be inferred through the structural information of a social network. In this paper, we consider a new complex attack type that uses both the content and structure information, and propose a model, $\ell$-degree diversity, for the privacy preserving publication of the social network data against such attacks. $\ell$-degree diversity is the first model for applying $\ell$-diversity to social network data publication and through the experiments it shows high data preservation rate.

• Journal of Computing Science and Engineering
• /
• v.5 no.3
• /
• pp.197-209
• /
• 2011

The increasing popularity of graph data, such as social and online communities, has initiated a prolific research area in knowledge discovery and data mining. As more real-world graphs are released publicly, there is growing concern about privacy breaching for the entities involved. An adversary may reveal identities of individuals in a published graph, with the topological structure and/or basic graph properties as background knowledge. Many previous studies addressing such attacks as identity disclosure, however, concentrate on preserving privacy in simple graph data only. In this paper, we consider the identity disclosure problem in weighted graphs. The motivation is that, a weighted graph can introduce much more unique information than its simple version, which makes the disclosure easier. We first formalize a general anonymization model to deal with weight-based attacks. Then two concrete attacks are discussed based on weight properties of a graph, including the sum and the set of adjacent weights for each vertex. We also propose a complete solution for the weight anonymization problem to prevent a graph from both attacks. In addition, we also investigate the impact of the proposed methods on community detection, a very popular application in the graph mining field. Our approaches are efficient and practical, and have been validated by extensive experiments on both synthetic and real-world datasets.

• The Journal of Korean Association of Computer Education
• /
• v.18 no.1
• /
• pp.69-79
• /
• 2015

This research aims to empirically explore the antecedents that could impact on internet users' information protection behavior. 282 of sample data collected from internet users was used to test the hypotheses. The results of this research reveal that the internet users' information privacy concerns has a significant impact on self-efficacy, perceived usefulness, and information protection behavior. In addition, we found that perceived usefulness and information protection behavior are significantly influenced by self-efficacy. However, contrary to expectations, perceived usefulness has no statistically significant effect on information protection behavior. These findings provide significant implications for online companies and internet uses as well as educational stakeholders that give educations about information protection.

• The Research Journal of the Costume Culture
• /
• v.29 no.1
• /
• pp.1-15
• /
• 2021

The Internet of Things (IoT) has gained enormous popularity in various fields of industry. An IoT shopping environment is considered an effective tool for convenient use by consumers. Perceived values (including convenience and privacy risks) of IoT shopping can be the main factors that influence consumers' shopping intentions. The current study proposed a research model based on a value-based adoption model, which integrated perceived benefit and sacrifice, shopping attitude, and shopping intention in an IoT shopping environment. As potential customers, participants in their 20s and 30s were recruited through a marketing research firm. Responses collected via an online questionnaire validated the proposed research model and hypothesis. The results confirmed significant, positive relationships between perceived benefit, including both remote control and access convenience, and consumers' positive attitudes toward IoT shopping. The association between perceived privacy risk and consumers' shopping attitudes was not significant. The indirect effects of two benefits of IoT shopping on shopping intention were also significant and positive. From a practical perspective, this study can help marketers and service providers manage their IoT shopping platforms or applications more effectively to attract consumers. The implications and limitations of this study are discussed. Directions for future research and development of IoT shopping environment are suggested.

• International Journal of Computer Science & Network Security
• /
• v.24 no.6
• /
• pp.99-108
• /
• 2024

The Internet of Things (IoT) is a novel concept that allows a large number of objects to be connected to the Internet while also allowing them to be controlled remotely. The Internet of Things is extensive and has become an almost inseparable part of our daily lives. Users' personal data is frequently obtained by these linked gadgets and stored online. In recent years, the security of acquired data has become a major concern. As devices grow more linked, privacy and security concerns grow more pressing, and they must be addressed as soon as possible. IoT implementations and devices are particularly vulnerable to attacks that might adversely affect customer security and privacy, which might have an impact on their practical utility. The goal of this study is to bring attention to the security and privacy concerns that exist in IoT systems. To that purpose, the paper examines security challenges at each level of the IoT protocol stack, identifies underlying impediments and critical security requirements, and provides a rapid overview of available security solutions for securing IoT in a layered environment.

• 한국경영정보학회:학술대회논문집
• /
• 2007.06a
• /
• pp.388-394
• /
• 2007

정보기술(IT) 산업의 발달은 인터넷 활용을 급속도로 증가시켰으며, 인터넷 사용자의 수가 기하급수적으로 늘어감에 따라 인터넷을 상업적으로 활용하려는 욕구 또한 커져 가고 있다. 아울러 인터넷 관련 정보 기술의 발전속도가 매우 빠르게 발전되고 있다. 그러나 그 이면에는 개인정보의 무단유출, 사생활 노출 등의 역기능도 급격히 증가하고 있다. 이로 인해 오늘날 정보 유출로 인한 개인적 피해는 사회 문제로 대두되고 있으며, 개인의 프라이버시 침해에 대한 우려는 인터넷과 전자상거래 발달에 가장 큰 장애중의 하나로 대두되게 되었다. 온라인에서 비즈니스를 행하는 기업들은 이러한 사용자들의 프라이버시 침해에 대한 우려를 줄이고자 하는 다양한 노력들을 행하고 있다. 우선 프라이버시 보호에 관한 정책이나 규약을 홈페이지에 명시함으로써 사용자들을 안심시키려 하고 있으며, 동시에 금전적 인센티브나 편의를 제공함으로써 사용자들의 참여를 증가시키고 자신들의 비즈니스를 활성화시키고자 한다. 이에 본 연구에서는 기업의 어떠한 전략들이 사용자의 프라이버시 침해 우려를 낮추고 사용자들의 참여를 활성화시키는지를 동기부여의 기대이론에 근거하여 분석하고자 한다. 아울러 기업뿐만 아니라 사회적으로도 도움이 될 수 있는 프라이버시에 관한 전략들을 제안하고자 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.1075-1078
• /
• 2005

The Global IT revolution is growing rapidly. Government and business have to be ready to meet the increased demand for effective and secure online services. With the E-Government practicing, day-by-day the public demand is also increasing simultaneously. Now this present moment, one of important research part is secure E-Voting for E-Government service, but for this important factor or Government Issue, it needs information privacy for secure information transaction of citizen’s opinions and secure authentication. This paper has analyzed several approaches E-voting protocols, those are implemented with many digital signature mechanism and maintained many types of cryptographic rules, which are main factor for information privacy. In this paper we have discussed them with a view to voter anonymity and protection from manipulations. The paper then developed an algorithm designed to guarantee anonymity of the voter and to avoid the risk of manipulation of votes. In this paper the proposed algorithm is based upon the strict separation of voter’s registration and submission of votes, which means that certain information has to be stored on a secure storage media.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.763-766
• /
• 2015

Smart Healthcare System as an Open Platform (Shesop) is an integrated healthcare system and have several features, one of them is Steppy Application. Steppy does count your step and display on Shesop website. In this system security issues are not properly addressed, while Personal Health Record (PHR) patient stored in the cloud platform could be at risk. In fact, the huge electronic information available online, people needs reliable and effective technique for privacy preserving. In order to improve the security of data which are displayed on the Shesop website, so that anyone who access could not tamper without permission. Recently Xu et al. showed a pseudonym scheme using smart card as a solution in e-health systems which uses discrete logarithm problem with cyclic group. In this paper, we adopt their scheme and use it application into smartphone using Near Field Communication (NFC) to construct security in Steppy apps.