• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.3C
• /
• pp.167-175
• /
• 2005

Privacy enforcement has been one of the most important problems in IT area. Privacy protection can be achieved by enforcing privacy policies within an organization's online and offline data processing systems. Traditional security models are more or less inappropriate for enforcing basic privacy requirements, such as purpose binding. This paper proposes a new approach in which a privacy control model is derived from integration of an existing security model. To this, we use an extended role-based access control model for existing security mechanism, in which this model provides context-based access control by combining RBAC and domain-type enforcement. For implementation of privacy control model we use GRBAC(Generalized Role-Based Access Control), which is expressive enough to deal with privacy preference. And small hospital model is considered for application of this model.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.5
• /
• pp.294-301
• /
• 2017

Recently, online social networks have become one of the most representative Internet services and are being used increasingly, which allows people to share information and interact with other people. On the other hand, as the use of OSN is increased, there has been an increased incidence where illegally accessed personal information is used wrongfully. Accordingly, privacy has become a key concern by the users. Regarding the construct of information privacy concerns (IPC), this study explored the antecedents of IPC at the individual personal level - risk appraisal and perceived behavioral control - based on Protection Motivation Theory. Hence, the current paper investigated the moderating effect of gender in the relationship between individual characteristics and IPC. The hypothesized research model was examined with 233 questionnaires of OSN users. The results showed that the positive effects of risk appraisal and the negative effects of perceived behavioral control on IPC are supported. In addition, the moderate effects of gender between risk appraisal and IPC is only supported.

• Journal of the Korea Convergence Society
• /
• v.9 no.3
• /
• pp.231-240
• /
• 2018

Recently, personal information processing are becoming more important in the behavioral advertising based on online and mobile platform. The behavioral advertising analyzes and utilizes individual's search & purchase history, hobbies, and tendency based on the personal behavior information collected using the automatic collection device. Therefore, it collects and stores other types of personal information which did't defined in Privacy Act and can analyze personal behavior. This characteristics may cause disclosure of personal information and exposure to intrusion. In this paper, we investigate and analyze the privacy policy of the advertising agencies, and discussded the measures to be taken in collecting, storing and using personal information suitable for behavior information.

• The Journal of Society for e-Business Studies
• /
• v.19 no.3
• /
• pp.65-89
• /
• 2014

Although many studies have focused on the influences and outcomes of personal information leakage, few studies have investigated how the personal information leakage prevention behavior differs depending on internet user. This study attempts to supplement the existing studies' limitations with the use of risk perception attitude (RPA) framework. More specifically, this study tries to show internet user can be classified into four groups based on perceived risk of personal information leakage and efficacy beliefs of personal information protection, and to identify how the groups differ in terms of motivation, information seeking, and behaviors for privacy leakage prevention. Analysis on survey data from 276 internet users reveals that the users can be classified into responsive, avoidance, proactive, indifference groups. Furthermore, there are differences between groups in terms of motivation, information seeking, and behaviors for personal information leakage prevention. This study contributes to expand existing literature by providing tailored guidelines for implementation of personal information protection strategies and policy.

• Journal of the Korea Convergence Society
• /
• v.11 no.6
• /
• pp.37-42
• /
• 2020

In the field of public informatization maintenance business, the attacks of external illegal users such as unauthorized leakage, destruction, and alteration due to intentional or inadequate management of personal information are increasing. In order to prevent such security incidents in advance, it is necessary to develop and quantitatively manage SLA indicators. This study presents the privacy SLA indicators and suggests specific methods such as information collection method and timing of the privacy SLA indicators. In order to confirm the validity and reliability of the proposed SLA indicators, an online survey was conducted with a group of experts. As a result, it was evaluated that compliance rate of personal information destruction and compliance rate of personal information protection system would be effective when applied to new and revised SLA indicators in terms of importance and validity. In the future, using SLA indicators for personal information protection as a standard for public information maintenance will contribute to improving SW quality and securing safety.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.1075-1078
• /
• 2005

The Global IT revolution is growing rapidly. Government and business have to be ready to meet the increased demand for effective and secure online services. With the E-Government practicing, day-by-day the public demand is also increasing simultaneously. Now this present moment, one of important research part is secure E-Voting for E-Government service, but for this important factor or Government Issue, it needs information privacy for secure information transaction of citizen’s opinions and secure authentication. This paper has analyzed several approaches E-voting protocols, those are implemented with many digital signature mechanism and maintained many types of cryptographic rules, which are main factor for information privacy. In this paper we have discussed them with a view to voter anonymity and protection from manipulations. The paper then developed an algorithm designed to guarantee anonymity of the voter and to avoid the risk of manipulation of votes. In this paper the proposed algorithm is based upon the strict separation of voter’s registration and submission of votes, which means that certain information has to be stored on a secure storage media.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.763-766
• /
• 2015

Smart Healthcare System as an Open Platform (Shesop) is an integrated healthcare system and have several features, one of them is Steppy Application. Steppy does count your step and display on Shesop website. In this system security issues are not properly addressed, while Personal Health Record (PHR) patient stored in the cloud platform could be at risk. In fact, the huge electronic information available online, people needs reliable and effective technique for privacy preserving. In order to improve the security of data which are displayed on the Shesop website, so that anyone who access could not tamper without permission. Recently Xu et al. showed a pseudonym scheme using smart card as a solution in e-health systems which uses discrete logarithm problem with cyclic group. In this paper, we adopt their scheme and use it application into smartphone using Near Field Communication (NFC) to construct security in Steppy apps.

• Journal of Digital Convergence
• /
• v.10 no.4
• /
• pp.279-286
• /
• 2012

The purpose of this study was identified the influence of introducing Electronic Medical Records (EMR) on reception attitude, based on literature investigation, the study converted utility and serviceability from Davis TAM Model into awareness of effects in computerized database except attitude variable. The electronic survey for doctors, nurses, medical technicians of a general hospital located in Gangwon-do was performed for 4 weeks from Nov, 11th, 2009 to Dec, 2nd and the collected data was computerized through SPSS 12.0. The factors influencing reception attitude were divided into 4 categories; basic characteristics of the individual, awareness of privacy protection, awareness of effects in computerized database, technological preparation and measured detailed specific variables. As the result of this, the factors influencing reception intention were different depending on recognizing the effectiveness caused by computerization of medical information. Especially, in terms of the difference between basic characteristics of the individual and awareness of privacy protection, there were significant distinctions among 3 sectors; general, transactional, online information management. The significant effects were identified from information management related to business or online information management depending on experiencing security education.

• Journal of KIISE:Databases
• /
• v.37 no.4
• /
• pp.209-219
• /
• 2010

Online social network services that are rapidly growing recently store tremendous data and analyze them for many research areas. To enhance the effectiveness of information, companies or public institutions publish their data and utilize the published data for many purposes. However, a social network containing information of individuals may cause a privacy disclosure problem. Eliminating identifiers such as names is not effective for the privacy protection, since private information can be inferred through the structural information of a social network. In this paper, we consider a new complex attack type that uses both the content and structure information, and propose a model, $\ell$-degree diversity, for the privacy preserving publication of the social network data against such attacks. $\ell$-degree diversity is the first model for applying $\ell$-diversity to social network data publication and through the experiments it shows high data preservation rate.

• Journal of Digital Convergence
• /
• v.17 no.10
• /
• pp.49-58
• /
• 2019

In the era of the 4th industrial revolution, the development of information technology brought various benefits, but it also increased social interest in privacy issues. As the possibility of personal privacy violation by big data increases, academic discussion about privacy management has begun to be active. While the traditional view of privacy has been defined at various levels as the basic human rights, most of the recent research trends are mainly concerned only with the information privacy of online privacy protection. This limited discussion can distort the theoretical concept and the actual perception, making the academic and social consensus of the concept of privacy more difficult. In this study, we analyze the privacy concept that is exposed on the internet based on 12,000 news data of the portal site for the past one year and compare the difference between the theoretical concept and the socially accepted concept. This empirical approach is expected to provide an understanding of the changing concept of privacy and a research direction for the conceptualization of privacy for current situations.