• Journal of Multimedia Information System
• /
• v.4 no.4
• /
• pp.171-178
• /
• 2017

Data mashup is a web technology that combines information from multiple sources into a single web application. Mashup applications create a new horizon for new services, like environmental monitoring. Environmental monitoring is a serious tool for the state and private organizations, which are located in regions with environmental hazards and seek to gain insights to detect hazards and locate them clearly. These organizations utilize a data mashup to merge datasets from different Internet of multimedia things (IoMT) context-based services in order to leverage its data analytics performance and the accuracy of the predictions. However, mashup different datasets from multiple sources is a privacy hazard as it might reveal citizens specific behaviors in different regions. The ability to preserve privacy in mashuped datasets and at the same time provide accurate insights becomes a key success for the spread of mashup services. In this paper, we present our efforts to build a fog-based middleware for private data mashup (FMPM) to serve a centralized environmental monitoring service. The proposed middleware is equipped with concealment mechanisms to preserve the privacy of the merged datasets from multiple IoMT networks involved in the mashup application. Also, these mechanisms preserve the aggregates in the dataset to maximize the usability of information to attain accurate analytical results. We also provide a scenario for IoMT-enabled data mashup service and experimentation results.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.2
• /
• pp.617-636
• /
• 2021

This paper presents a privacy-preserving data aggregation scheme deals with the multidimensional data. It is essential that the multidimensional data is rarely mentioned in all researches on smart grid. We use the Paillier Cryptosystem and blinding factor technique to encrypt the multidimensional data as a whole and take advantage of the homomorphic property of the Paillier Cryptosystem to achieve data aggregation. Signature and efficient batch verification have also been applied into our scheme for data integrity and quick verification. And the efficient batch verification only requires 2 pairing operations. Our scheme also supports fault tolerance which means that even some smart meters don't work, our scheme can still work well. In addition, we give two extensions of our scheme. One is that our scheme can be used to compute a fixed user's time-of-use electricity bill. The other is that our scheme is able to effectively and quickly deal with the dynamic user situation. In security analysis, we prove the detailed unforgeability and security of batch verification, and briefly introduce other security features. Performance analysis shows that our scheme has lower computational complexity and communication overhead than existing schemes.

• Journal of Information Processing Systems
• /
• v.20 no.4
• /
• pp.514-523
• /
• 2024

In the Internet of Medical Things, due to the sensitivity of medical information, data typically need to be retained locally. The training model of heart disease data can predict patients' physical health status effectively, thereby providing reliable disease information. It is crucial to make full use of multiple data sources in the Internet of Medical Things applications to improve model accuracy. As network communication speeds and computational capabilities continue to evolve, parties are storing data locally, and using privacy protection technology to exchange data in the communication process to construct models is receiving increasing attention. This shift toward secure and efficient data collaboration is expected to revolutionize computer modeling in the healthcare field by ensuring accuracy and privacy in the analysis of critical medical information. In this paper, we train and test a multiparty decision tree model for the Internet of Medical Things on a heart disease dataset to address the challenges associated with developing a practical and usable model while ensuring the protection of heart disease data. Experimental results demonstrate that the accuracy of our privacy protection method is as high as 93.24%, representing a difference of only 0.3% compared with a conventional plaintext algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1419-1427
• /
• 2012

This paper deals with the online privacy policy, which is designed to solve the information asymmetry problem between websites and internet users. We empirically analyze the recognition, confirmation of the online privacy policy, and its effects on online transaction behavior using a rich survey data representing 5,422 Korean internet users. Major results are as follows. First, there exists a significant difference between recognition and confirmation, and confirmation behavior is positively related with the importance of privacy issue and the experience of privacy invasion. Second, binary variable regressions show that internet user tends to participate in online transaction if he/she confirms the online privacy policy positively. Finally, if websites would make online privacy policy easy and short, a yearly online transaction market size of Korea would increase by 0.46 million participants and 22.4 billion KRW.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.11
• /
• pp.4226-4241
• /
• 2014

Cloud storage provides an easy, cost-effective and reliable way of data management for users without the burden of local data storage and maintenance. Whereas, this new paradigm poses many challenges on integrity and privacy of users' data, since users losing grip on their data after outsourcing the data to the cloud server. In order to address these problems, recently, Worku et al. have proposed an efficient privacy-preserving public auditing scheme for cloud storage. However, in this paper, we point out the security flaw existing in the scheme. An adversary, who is on-line and active, is capable of modifying the outsourced data arbitrarily and avoiding the detection by exploiting the security flaw. To fix this security flaw, we further propose a secure and efficient privacy-preserving public auditing scheme, which makes up the security flaw of Worku et al.'s scheme while retaining all the features. Finally, we give a formal security proof and the performance analysis, they show the proposed scheme has much more advantages over the Worku et al.'s scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1593-1603
• /
• 2016

In the smart grid environment, there are various security threats. In particular, exposure of smart meter data can lead to serious privacy violation. In this paper, we propose a method for de-identification method of metering data. The proposed method is to de-identify the time data and the numeric data, respectively. Therefore, it can't analyze the pattern information from the metering data. In addition, there is an advantage that the query is available, such as the range of search in the database for statistical analysis.

• The Journal of Bigdata
• /
• v.8 no.2
• /
• pp.125-131
• /
• 2023

Globally, drug side effects rank among the top causes of death. To effectively respond to these adverse drug reactions, a shift towards an active real-time monitoring system, along with the standardization and quality improvement of data, is necessary. Integrating individual institutional data and utilizing large-scale data to enhance the accuracy of drug side effect predictions is critical. However, data sharing between institutions poses privacy concerns and involves varying data standards. To address this issue, our research adopts a federated learning approach, where data is not shared directly in compliance with privacy regulations, but rather the results of the model's learning are shared. We employ the Common Data Model (CDM) to standardize different data formats, ensuring accuracy and consistency of data. Additionally, we propose a drug monitoring system that enhances security and scalability management through a cloud-based federated learning environment. This system allows for effective monitoring and prediction of drug side effects while protecting the privacy of data shared between hospitals. The goal is to reduce mortality due to drug side effects and cut medical costs, exploring various technical approaches and methodologies to achieve this.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2023.05a
• /
• pp.202-203
• /
• 2023

The Ministry of Oceans and Fisheries is providing maritime safety services through the operation of the Korean e-Navigation service, and research is continuously needed to improve reliability and quality to secure the competitiveness of the system. In order to secure such competitiveness, we presented the basic design for the big-data maritime information gateway system for minimizes thereal-time operation impact of the Korean e-Navigation service, and a theoretical hardware structure diagram including pseudonymization procedures to implement the overall system and solve privacy security issues. However, the proposed structure diagram and design include only the overall concept, to link real-time maritime information, required detailed privacy security method to satisfy the Privacy Act of the Republic of Korea. To solve this problem, this study will identify factors to violate the Privacy Act within the real-time maritime information(privacy of shipowner, shipping company, captain, navigator, fisherman, etc.) linked by the big-data maritime information gateway system, and research the method to link the secured information to other institutions by encrypting identified the factors.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.5
• /
• pp.1313-1327
• /
• 2013

How to make people keep both the confidentiality of the sensitive data and the privacy of their real identity in communication networks has been a hot topic in recent years. Researchers proposed privacy-preserving authenticated key exchange protocols (PPAKE) to answer this question. However, lots of PPAKE protocols need users to remember long secrets which are inconvenient for them. In this paper we propose a lightweight three-party privacy-preserving authentication key exchange (3PPAKE) protocol using smart card to address the problem. The advantages of the new 3PPAKE protocol are: 1. The only secrets that the users need to remember in the authentication are their short passwords; 2. Both of the users can negotiate a common key and keep their identity privacy, i.e., providing anonymity for both users in the communication; 3. It enjoys better performance in terms of computation cost and security. The security of the scheme is given in the random oracle model. To the best of our knowledge, the new protocol is the first provably secure authentication protocol which provides anonymity for both users in the three-party setting.

• Knowledge Management Research
• /
• v.13 no.4
• /
• pp.83-100
• /
• 2012

Given the prevalence of mobile social network services (SNS) such as Facebook and Kakaotalk, it has become important to understand user's continuance behavior in a mobile SNS environment. Although trust and privacy concerns play a key role in SNS users' decision-making processes, most studies on SNS have shed little light on the effects of trust and privacy concerns on SNS continuance intention. In this regard, this paper developed an integrated model to deeply understand the key antecedents of user's continuance intention to use mobile SNS by incorporating trust and privacy concerns into extended expectation-confirmation model. The proposed research model was tested by using survey data collected from 170 users who have experience with Kakaotalk. The findings of this study found that the proposed theoretical framework provides a statistically significant explanation of the variance in continuance intention of mobile SNS. The analysis results indicate that trust serves as the salient antecedent of continuance intention to use mobile SNS. However, it was found that privacy concerns negatively influence trust, whereas it is not significantly related to continuance intention of mobile SNS. The theoretical and practical implications of the findings were described.