• The KIPS Transactions:PartC
• /
• v.13C no.4 s.107
• /
• pp.415-426
• /
• 2006

The essential characteristic of ubiquitous is context-awareness, and that means ubiquitous computing can automatically process the data that change according to space and time, without users' intervention. However, in circumstance of context awareness, since location information is able to be collected without users' clear approval, users cannot control their location information completely. These problems can cause privacy issue when users access their location information. Therefore, it is important to construct the location information system, which decides to release the information considering privacy under the condition such as location, users' situation, and people who demand information. Therefore, in order to intercept an outflow information and provide securely location-based information, this paper suggests a new system based CS-RBAC with the existing LBS, which responds sensitively as customer's situation. Moreover, it accommodates a merit of PCP reflecting user's preference constructively. Also, through privacy weight, it makes information not only decide to providing information, but endow 'grade'. By this method, users' data can be protected safely with foundation of 'Role' in context-aware circumstance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.8
• /
• pp.2827-2848
• /
• 2021

Mobile Crowdsourcing (MCS) has become an emerging paradigm evolved from crowdsourcing by employing advanced features of mobile devices such as smartphones to perform more complicated, especially spatial tasks. One of the key procedures in MCS is to collect answers from mobile users (workers), which may face several security issues. First, authentication is required to ensure that answers are from authorized workers. In addition, MCS tasks are usually location-dependent, so the collected answers could disclose workers' location privacy, which may discourage workers to participate in the tasks. Finally, the overhead occurred by authentication and privacy protection should be minimized since mobile devices are resource-constrained. Considering all the above concerns, in this paper, we propose a lightweight and privacy-preserving answer collection scheme for MCS. In the proposed scheme, we achieve anonymous authentication based on traceable ring signature, which provides authentication, anonymity, as well as traceability by enabling malicious workers tracing. In order to balance user location privacy and data availability, we propose a new concept named current location privacy, which means the location of the worker cannot be disclosed to anyone until a specified time. Since the leakage of current location will seriously threaten workers' personal safety, causing such as absence or presence disclosure attacks, it is necessary to pay attention to the current location privacy of workers in MCS. We encrypt the collected answers based on timed-release encryption, ensuring the secure transmission and high availability of data, as well as preserving the current location privacy of workers. Finally, we analyze the security and performance of the proposed scheme. The experimental results show that the computation costs of a worker depend on the number of ring signature members, which indicates the flexibility for a worker to choose an appropriate size of the group under considerations of privacy and efficiency.

• The Journal of Information Systems
• /
• v.23 no.4
• /
• pp.119-145
• /
• 2014

Under the premise that information privacy concerns can atrophy e-commerce by causing particular behaviors of Internet users, this study focused on exploring the causes of information privacy concerns, the related information privacy protective responses of Internet users, and measures for alleviating the information privacy concerns. This study is based on the 'principal-agent theory,' and established the following as factors that cause information privacy concerns of Internet users: perceived information non-transparency; perceived action uncertainty. Also, the information privacy concerns caused by the factors were established as the cause of information privacy protective responses of Internet users. Also, the concept of 'signaling' and 'incentive,' which were presented to solve the adverse selection and moral hazard issue in the host-agent theory, was introduced to establish the following as factors that alleviate information privacy concerns: trust; informativeness. Those factors were included in the research model to conduct an empirical analysis. The analysis has revealed that both the perceived information non-transparency (p<0.01) and perceived action uncertainty (p<0.01) as to websites had a significant impact on information privacy concerns. Also, information privacy concerns of Internet users (p<0.01) had a significant impact on their information privacy protective responses who strive to protect their personal information. In addition, when trust and informativeness, which were established as factors that can alleviate information privacy concerns, were empirically analyzed, trust and informativeness had the effect of alleviating information privacy concerns. Based on the findings, the following was confirmed: Boosting the trust of Internet users in websites and offering useful information related to personal data can play a key role in alleviating the information privacy concerns of Internet users.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.2
• /
• pp.51-58
• /
• 2022

Blockchain technology is a system in which data from users participating in blockchain networks is distributed and stored. Bitcoin and Ethereum are attracting global attention, and the utilization of blockchain is expected to be endless. However, the need for blockchain data privacy protection is emerging in various financial, medical, and real estate sectors that process personal information due to the transparency of disclosing all data in the blockchain to network participants. Although studies using smart contracts, homomorphic encryption, and cryptographic key methods have been mainly conducted to protect existing blockchain data privacy, this paper proposes data privacy using matrix character relocation techniques differentiated from existing papers. The approach proposed in this paper consists largely of two methods: how to relocate the original data to matrix characters, how to return the deployed data to the original. Through qualitative experiments, we evaluate the safety of the approach proposed in this paper, and demonstrate that matrix character relocation will be sufficiently applicable in private blockchain environments by measuring the time it takes to revert applied data to original data.

• Knowledge Management Research
• /
• v.18 no.3
• /
• pp.63-80
• /
• 2017

Big Data environment is established by accumulating vast amounts of data as users continuously share and provide personal information in online environment. Accordingly, the more data is accumulated in online environment, the more data is accessible easily by third parties without users' permissions compared to the past. By utilizing strategies based on data-driven, firms recently make it possible to predict customers' preferences and consuming propensity relatively exactly. This Big Data environment, on the other hand, establishes 'Dataveillance' which means anybody can watch or control users' behaviors by using data itself which is stored online. Main objective of this study is to identify the relationship between Dataveillance and users' online privacy protection behaviors. To achieve it, we first investigate perceived online service efficiency; loss of control on privacy; offline surveillance; necessity of regulation influences on users' perceived threats which is generated by Dataveillance.

• Knowledge Management Research
• /
• v.25 no.2
• /
• pp.219-243
• /
• 2024

This study investigates the impact of privacy concerns, perceived utility, and awareness of the right to personal data self-determination on the effective use and expansion of MyData services, which are critical to the data economy. Integrating the value-based adoption model with privacy calculus theory, the research examines how perceived utility, privacy concerns, trust, and personal innovativeness influence perceived value, perceived privacy, and the intention to provide personal information. Data collected from an online survey of 442 MyData service users and prospective users were analyzed using PLS-SEM and Bootstrapping methods via SmartPLS 4. The results indicate that perceived utility positively affects the intention to provide personal information, while privacy concerns have a negative impact. Trust and personal innovativeness positively influence the intention to adopt MyData services, and the awareness of personal data self-determination rights moderates these intentions. The findings underscore the importance of developing beneficial services that mitigate users' privacy concerns and build trust for the successful implementation of MyData services. Additionally, the study highlights the need for education and awareness campaigns to enhance understanding of the right to personal data self-determination.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.4 no.3
• /
• pp.411-427
• /
• 2010

Data sharing is an essential process for collaborative works particularly in the banking, finance and healthcare industries. These industries require many collaborative works with their internal and external parties such as branches, clients, and service providers. When data are shared among collaborators, security and privacy concerns becoming crucial issues and cannot be avoided. Privacy is an important issue that is frequently discussed during the development of collaborative systems. It is closely related with the security issues because each of them can affect the other. The tradeoff between privacy and security is an interesting topic that we are going to address in this paper. In view of the practical problems in the existing approaches, we propose a collaborative framework which can be used to facilitate concurrent operations, single point failure problem, and overcome constraints for two-party computation. Two secure computation protocols will be discussed to demonstrate our collaborative framework.

• ETRI Journal
• /
• v.34 no.1
• /
• pp.66-75
• /
• 2012

This paper proposes a privacy-preserving database encryption scheme that provides access pattern hiding against a service provider. The proposed scheme uses a session key to permute indices of database records each time they are accessed. The proposed scheme can achieve access pattern hiding in situations in which an adversary cannot access the inside of the database directly, by separating the entity with an index table and data table and permuting both the index and position where the data are stored. Moreover, it is very efficient since only O(1) server computation and communication cost are required in terms of the number of the data stored. It can be applied to cloud computing, where the intermediate entities such as cloud computing service provider can violate the privacy of users or patients.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.35-44
• /
• 2009

To protect sensitive personal information, data will be stored in encrypted form. However in order to retrieve these encrypted data without decryption, there need efficient search methods to enable the retrieval of the encrypted data. Until now, a number of searchable encryption schemes have been proposed but these schemes are not suitable when dynamic users who have the permission to access the data share the encrypted data. Since, in previous searchable encryption schemes, only specific user who is the data owner in symmetric key settings or has the secret key corresponding to the public key for the encrypted data in asymmetric key settings can access to the encrypted data. To solve this problem, Stephen S. Yau et al. firstly proposed the controlled privacy preserving keyword search scheme which can control the search capabilities of users according to access policies of the data provider. However, this scheme has the problem that the privacy of the data retrievers can be breached. In this paper, we firstly analyze the weakness of Stephen S. Yau et al.'s scheme and propose privacy preserving keyword search with access control. Our proposed scheme preserves the privacy of data retrievers.

• Journal of Information Technology Applications and Management
• /
• v.15 no.4
• /
• pp.37-59
• /
• 2008

This study focuses on the antecedents to the privacy concerns and their influence on trust and online transaction intention. Based on previous exploratory works and the literature review of privacy concerns, four antecedents are identified-Internet literacy, social awareness, perceived vulnerability, and perceived ability to information control. Incorporating these antecedents, privacy concerns, trust and online transaction intention, a conceptual model is developed and seven research hypotheses are proposed for empirical testing. The proposed model is examined through structural equation analysis. The results show that Internet literacy, social awareness, and perceived vulnerability have statistically significant effect on the privacy concerns of users and the privacy concerns has a positive influence on the trust. Finally, the trust has a positive effect on the online transaction intention. Implications of these findings are discussed for both researchers and practitioners and future research issues are raised as well.