• Journal of Industrial Convergence
• /
• v.18 no.6
• /
• pp.129-138
• /
• 2020

The purpose of this study was to identify the relationship between professional self-concept, sense of ethics and performance of protecting patient privacy of nurses in the hospital. The subjects are 196 nurses who have been working in general hospitals in K province in Korea and the data collection period was from June 1 to July 5 in 2018. As a result, The score of each variables were like this: professional self-concept 2.62, sense of ethics 2.93 and performance of protecting patient privacy 3.69. It was confirmed that the factors which affect to the performance of protecting patient privacy are ethical awareness and professional self-concept of the nurses. and these explained 30% of that performance. Therefore, it need to develop and adapt the education programs to improve the sense of ethics and professional self-concept of nurses which can help them to increase their performance of protecting patient privacy and to add, we suggest that there need a mandatory system for nurses to receive conservative education about the practice of protecting patient privacy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.135-144
• /
• 2010

Privacy protection can only be achieved by enforcing privacy policies within an enterprise's on and offline data processing systems. There are P-RBAC model and purpose based model and obligations model among privacy policy models. But only these models each can not dynamically deal with the rapidly changing business environment. Even though users are in the same role, on occasion, secure system has to opt for a figure among them who is smart, capable and supremely confident and to give him/her a special mission during a given period and to strengthen privacy protection by permitting to present fluently access control conditions. For this, we propose Integrated Privacy Protection Model based on RBAC. Our model includes purpose model and P-RBAC and obligation model. And lastly, we define high level policy language model based XML to be independent of platforms and applications.

• Information Systems Review
• /
• v.24 no.4
• /
• pp.55-76
• /
• 2022

People have adopted Social Networking Sites (SNSs) as a part of their daily lives. When a person uses SNSs, (s)he intentionally or unintentionally discloses her/his personal information. Although using SNSs can provide benefits to a person such as maintaining relationships with people who does not see often, it also opens a dark side. Someone can use one's disclosed information without the acknowledgement of the information owner. It is called a privacy intrusion on SNSs, which has become a social problem and needs attention. This study examined factors affecting privacy intrusion intention on SNSs. This study classifies privacy intrusions into passive intrusion (collector) and active intrusion (distributor). The results reveal that low ethical consciousness positively affects enjoyment in both of collecting and distributing someone's personal information on SNSs. A person who has the low ethical consciousness also tends to raise her/his curiosity of collecting someone's private information on SNSs. Apart from low ethical consciousness, this study discloses how enjoyment, curiosity, experience of being a victim of privacy intrusion, experience of intruding others' privacies, and self-efficacy of collecting or distributing others' private information are related to passive or/and active privacy intrusion on SNSs with survey data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.405-416
• /
• 2022

Current AI technology is improving the quality of life by using machine learning based on data. When using machine learning, transmitting distributed data and collecting it in one place goes through a de-identification process because there is a risk of privacy infringement. De-identification data causes information damage and omission, which degrades the performance of the machine learning process and complicates the preprocessing process. Accordingly, Google announced joint learning in 2016, a method of de-identifying data and learning without the process of collecting data into one server. This paper analyzed the effectiveness by comparing the difference between the learning performance of data that went through the de-identification process of K anonymity and differential privacy reproduction data using actual financial data. As a result of the experiment, the accuracy of original data learning was 79% for k=2, 76% for k=5, 52% for k=7, 50% for 𝜖=1, and 82% for 𝜖=0.1, and 86% for Federated learning.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1187-1199
• /
• 2015

Recently, as high-quality sensors are being developed, it is available to conveniently measure any kind of data. Healthcare services are being combined with Internet of things (IoTs). And applications that use user's data which are remotely measured, such as heart rate, blood oxygen level, temperature are emerging. The typical example is applications that find ideal spouse by using a user's genetic information, or indicate the presence or absence of a disease. Such information is closely related to the user's privacy, so biometric information must be protected. That is, service provider must provide the service while preserving user's privacy. In this paper, we propose a scheme which enables privacy-preserving outlier detection in Healthcare Service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1435-1447
• /
• 2015

Finance Companies are operating a security solution such as E-DRM(Enterprise-Digital Right Management), Personal information search, DLP(Data Loss Prevention), Security of printed paper, Internet network separation system, Privacy monitoring system for privacy leakage prevention by insiders. However, privacy leakages are occurring continuously and it is difficult to the association analysis about relating to the company's internal and external distribution of private document. Because log system operated in the separate and independent security solutions. This paper propose a systematic chains that can correlatively analyze business systems and log among heterogeneous security solutions organically and consistently based on security documents. Also, we suggest methods of efficient detection for Life-Cycle management plan about security documents that are created in the personal computer or by individual through the business system and distribution channel tracking about security documents contained privacy.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.5B
• /
• pp.386-394
• /
• 2008

Adoption of wireless communication facilities in mobile devices leads to increased vulnerability in individual privacy. One of such cases was discovered when a smart mobile phone of Paris Hilton at Oscar Award Ceremony was hacked a Swedish group of hackers. In this study, I wondered what sort of personal information could be exposed to hackers in such cases. In the course of survey, it was recognized that technical analysis of flash memory in mobile devices to check what kinds of data are stored there is technically almost impossible, since they are usually built in a proprietary manner. No generic tools could apply to discover their contents. Having recognized technical difficulties, it was inevitable to resort to a questionnaire survey to see awareness level with regard to personal privacy. We collected response from three hundred respondents by posting the questionnaire at World Survey on-line research site. What we have discovered was quite astonishing that even personal residence registration numbers have been found from nine of every ten respondents. Other data revealed include phone numbers, names, and personal bank accounts.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.291-307
• /
• 2021

There has been global efforts to prevent the further spread of the COVID-19 and get society back to normal. 'Contact tracing' is a crucial way to detect the infected person. However the contact tracing makes another concern about the privacy violation of the personal data of infected people, released by governments. Therefore Google and Apple are announcing a joint effort to enable the use of Bluetooth technology to help governments and health agencies reduce the spread of the virus, with user privacy and security central to the design. However, in order to provide the improved tracing application, it is necessary to identify potential security threats and investigate vulnerabilities for systematically. In this paper, we provide security analysis of Privacy-Preserving COVID-19 Contact Tracing App with STRIDE and LINDDUN threat models. Based on the analysis, we propose to adopt a verifiable computation scheme, Zero-knowledge Succinctness Non-interactive Arguments of Knowledges (zkSNARKs) and Public Key Infrastructure (PKI) to ensure both data integrity and privacy protection in a more practical way.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.329-339
• /
• 2022

Recently, as personal information has been used as data, various new industries have been discovered, but cases of personal information leakage and misuse have occurred one after another due to insufficient systematic management system establishment. In addition, services that use personal information anonymously and anonymously have emerged since the enforcement of the Data 3 Act in August 2020, but personal information issues have arisen due to insufficient alias processing, safety measures for alias information processing, and insufficient hate expression. Therefore, this study proposed a new PbD principle that can be applied to the pseudonym information life cycle based on the Privacy by Design (PbD) principle proposed by Ann Cavoukian [1] of Canada to safely utilize personal information. In addition, the significance of the proposed method was confirmed through a survey of 30 experts related to personal information protection.

• The Transactions of the Korea Information Processing Society
• /
• v.13 no.2
• /
• pp.76-90
• /
• 2024

Although artificial intelligence (AI) can be utilized in various domains such as smart city, healthcare, it is limited due to concerns about the exposure of personal and sensitive information. In response, the concept of distributed machine learning has emerged, wherein learning occurs locally before training a global model, mitigating the concentration of data on a central server. However, overall learning phase in a collaborative way among multiple participants poses threats to data privacy. In this paper, we systematically analyzes recent trends in privacy protection within the realm of distributed machine learning, considering factors such as the presence of a central server, distribution environment of the training datasets, and performance variations among participants. In particular, we focus on key distributed machine learning techniques, including horizontal federated learning, vertical federated learning, and swarm learning. We examine privacy protection mechanisms within these techniques and explores potential directions for future research.