• The Journal of the Korea Contents Association
• /
• v.15 no.2
• /
• pp.101-108
• /
• 2015

Location-sharing based service (LSBS) refers to a service that users share their location information with other users with whom friendship. At this time, the location information is shared through service provider, and then their position information is exposed to the service provider. The exposure of this personal position information to the service provider has raised a privacy problem, and thus privacy preserving mechanisms have been proposed to protect them. In this paper, we examine the types and features of the proposed location-sharing based services so far, and survey the research trend of privacy preserving mechanisms for them. Through the analysis on existing privacy preserving mechanisms, we present design factors for a privacy preserving mechanism for the current LSBS services, and suggest future work.

• Proceedings of the Korea Contents Association Conference
• /
• 2006.11a
• /
• pp.443-446
• /
• 2006

RFID is the core of realizing ubiquitous environment. This is expected to improve economical effect through related industry revitalization, make-work, and so on, in the future, and to be linked to social see-through enhancement via national life change. However unchecked RFID use lets retailers collect unprecedented huge information and they link it to customer information database, so the voice of worry to bring about a result of trampling down consumer privacy doesn't make a negligible situation. Although RFID system is spreaded out socially, the servicing of law and system is not accomplished to protect individuals from personal information violation threat. At the same time, in ubiquitous computing environment, to protect individual information efficiently, from the step of planning and deciding this technology system, constitutional law, norm, the basic legal rights of the people, and so forth is to be considered. The objective of the research is to persent the privacy protection from the viewpoints of law on RFID.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.299-308
• /
• 2019

As the utilization value of personal information becomes higher, discussions about providing personal information are being conducted actively. One of the most common methods of providing personal information is that a group obtains a personal information with a consent of individual. However, the above method has 2 problems. First, more information is exposed than the information required by organization for utilization of personal information. Second, trusted party should provide organization with an authentication of personal information whenever they require personal information. To solve these problems, we propose a personal information management system with blockchain using zk-SNARK(zero-knowledge Succinct Non-interactive ARgument of Knowledge) for privacy. Our proposal enables individuals to guarantee reliability of their information and protect their privacy concurrently using zk-SNARK when they provid organization with their personal information. In addition, it is possible to manage the personal information data while ensuring the integrity of the data using blockchain and it is possible to share the personal information more conveniently than existing systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.3
• /
• pp.691-701
• /
• 2015

Recently, with the growing number of services using personal information, government offices' tasks have become more dependent to personal information. Various policies and systems have been made and managed for the safe use of personal information in the circumstances that inevitably require the use of personal information, but the personal information privacy incidents and their scale are on a constant increase. Thus, Korea has been implementing personal information protection management system since 2008 to examine whether public organizations observe the personal information protection act and to how well they manage the personal information, and to improve what is insufficient in the process. However, despite high scores of the outcomes of the system, questions about the effectiveness of the outcomes and about the actual manage level are being raised. Thus, this study seeks to analyze public organizations' activities to protect personal information and the effectiveness of their foundation efforts for them by using the DEA model, and to propose a new model to enhance the effectiveness of the outcomes of personal information protection management system by reflecting them into the outcomes of system, using the derived effectiveness.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.3
• /
• pp.349-355
• /
• 2019

In the trend of continuously increasing collection and use of personal information, there are legal grounds for protecting personal information and various policies and systems are implemented, but there is insufficient analysis about education and its effect of personal information protection. In this study, we surveyed and analyzed the degree of awareness and actual perception level in the protection of personal information of college students, and investigated the satisfaction of personal information protection education. The results of the analysis showed that students' interest in privacy protection and concern about personal information exposure was very high, but the efforts to protect personal information and the perception level of rights and systems for protecting personal information was very low. In addition, the experience and satisfaction of education for personal information protection were found to be very low. Students felt that the necessity of education for personal information protection was strongly agreed and preferred regular and continuous education rather than one-time education.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.787-790
• /
• 2012

Recently due to the development of the information society and the spread of computer, interest for personal information is increased and as policy and technology associated with the development, we have been various attempts to protect your personal information. In this paper, for agencies and departments to computer use and to deal with Important data of individuals, personal information or the company's confidential information, we proposed modules to protect them. As a result, we prevent a public agency or private institutions within that using mean bad or stealing another person's information. When we communicate various information with the systems in the institutions, the module can be prevented critical data and personal information exposure.

• Journal of Digital Contents Society
• /
• v.18 no.8
• /
• pp.1671-1676
• /
• 2017

In theses days, data has been explosively generated in diverse industrial areas. Accordingly, many industries want to collect and analyze these data to improve their products or services. However, collecting user data can lead to significant personal information leakage. Local differential privacy (LDP) proposed by Google is the state-of-the-art approach that is used to protect individual privacy in the process of data collection. LDP guarantees that the privacy of the user is protected by perturbing the original data at the user's side, but a data collector is still able to obtain population statistics from collected user data. However, the prevention of leakage of personal information through such data perturbation mechanism may cause the significant reduction in the data utilization. Therefore, the degree of data perturbation in LDP should be set properly depending on the data collection and analysis purposes. Thus, in this paper, we develop the simulation tool which aims to help the data collector to properly chose the degree of data perturbation in LDP by providing her/him visualized simulated results with various parameter configurations.

• Journal of Digital Contents Society
• /
• v.9 no.4
• /
• pp.697-705
• /
• 2008

The recent web technology has been developed by three mainsprings which include integration, virtualization, and socialization. The web technology provides the increment of the social networking ability. However it deepens the exposure of privacy about personal information as more complicating and difficult problems. Representatively, it is impossible to define and manage the specific relation, so the personal information and interest can be inferred from collecting and summarizing the contents. Also, there are some problems that it is hard to construct the information owner's own social network. Thus this paper proposes the RCBAC(Relationship-Content based Access Control) Model which applies both the concepts of Relationship and Content Semantic to the existing access control methods to protect the user's own digital contents in web 2.0 environment. This method prevents privacy such as personal inclination from being exposed and enables to define and manage the specific relation. By doing this the information owners can construct their social network. This social network can be applied and extended to web contents.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.167-174
• /
• 2008

As both a digital camera and a digital camcorder are popularized in recent years, UCC created by general users is also popularized. Unfortunately, according to that, the lack of privacy is also increasing more and more. The UCC is saved on the recordable media(Media) like DVD and deposited personally as well as distributed through Internet portal service. If you use Internet portal service to put up your contents, you can partially prevent the violation of privacy using security technologies such as authentication and illegal copy protection offered by internet portal service providers. Media also has technologies to control illegal copy. However, it is difficult to protect your privacy if your Media having personal contents is stolen or lost. Therefore, it is necessary to develope an additional security mechanism to guarantee privacy protection when you use Media. In this paper, we describe AACS framework for Media Security and propose improved AACS framework to control the access to personal contents saved on Media.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.681-694
• /
• 2018

This paper studied the effects of risk cognition of personal information and self-expression information on conation of privacy protection. In the first study, 88 college students who volunteered for this research were surveyed about risk cognition of personal information and conation to protect it. In the second study, after an information-seeking expert collected and organized the self-expression information that 88 volunteers had expressed on SNS, and then showed the organized self-expression information to 88 volunteers, and then 88 volunteers were surveyed about risk cognition of self-expression information and conation to protect it. As results of the first data analysis, the risk cognition of personal information had the greatest influence on non-disclosure of personal information, followed by reduction of the disclosure scope and law institutionalization requirement. As results of the second data analysis, SNS users openly expressed their opinion or life-style, but when they realized that self-expression information can be accumulated and become sensitive information, they had conation to protect their self-expression information such as non-disclosure, reduction of disclosure scope, and law institutionalization requirement. The implication of this study is that we have overcome the limitations of existing researches that can not explain information protection behavior on SNS.