• Journal of Digital Convergence
• /
• v.18 no.4
• /
• pp.81-89
• /
• 2020

Since the Korean privacy policy was legalized in 2011, the related academical researches have been lasted in various fields. Upcoming so-called 3 data laws would be implemented, it is meaningful to review privacy policy studies for exploring future research direction. For this purpose, the total of 146 journals from 2011 to 2019 were reviewed by the content analysis following as research subjects, methodologies and constructions of studies. As results, the numbers of the researches have been conducted on protection policies themselves for improvement, comparing with other countries' policies and also digital finance information protection were deeply discussed. Some of technology based protection applications were experimented and suggested. The major research characteristics was mainly focused on case analysis and criminal laws and policies were developed as protection contingencies. However, most research objects were focused on the protection regulations, not deregulation, therefore, researchers in future study need to explore more digital industry-centric tasks which are practically applied in safer ways. Further, social agreement in using private information will be an essential to prevent indiscriminate use.

• Journal of the Korea Convergence Society
• /
• v.9 no.3
• /
• pp.231-240
• /
• 2018

Recently, personal information processing are becoming more important in the behavioral advertising based on online and mobile platform. The behavioral advertising analyzes and utilizes individual's search & purchase history, hobbies, and tendency based on the personal behavior information collected using the automatic collection device. Therefore, it collects and stores other types of personal information which did't defined in Privacy Act and can analyze personal behavior. This characteristics may cause disclosure of personal information and exposure to intrusion. In this paper, we investigate and analyze the privacy policy of the advertising agencies, and discussded the measures to be taken in collecting, storing and using personal information suitable for behavior information.

• Journal of Digital Convergence
• /
• v.17 no.11
• /
• pp.149-156
• /
• 2019

With widespread use of information technologies, information privacy issues have been gaining more attention by not only the public but also researchers. The number of studies on the issues has been increasing exponentially, which makes incomprehensible the whole picture of research outcome. Thus, it is necessary to conduct a systematic examination of past research. This study developed two competing models with four essential constructs in information privacy research and empirically tested the models with data obtained from previous studies. This study employed a quantitative meta-analysis method called TSSEM. It is one of MASEM methods in which structural equation modeling and meta-analysis are integrated. The analysis results indicated that risk-centric model exhibited much better model fits than those of concern-centric model. This study implies that traditional concern-centric model should be questioned it's explanatory power of the model and researchers may consider alternative risk-centric model to explain user's intention to provide privacy information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.725-734
• /
• 2024

The rapidly growing metaverse environment has received widespread attention across various fields such as health and medicine, culture and gaming, as well as politics. However, the excessive collection of personal data by the diverse sensors and devices used in the metaverse environment poses a substantial threat to user privacy. In this paper, we investigate existing cases of secure Multi-Party Computation(MPC) applications, examine the services anticipated to be necessary for the expansion of the metaverse environment, and analyze the privacy issues present in the metaverse environment as well as the limitations of current real-world services. Based on these findings, we propose application scenarios that utilize MPC to preserve user privacy in the metaverse environment. These proposed MPC application scenarios present a new perspective in metaverse security research. In the future, they are expected to be utilized in the development of secure metaverse services.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.4
• /
• pp.1-9
• /
• 2021

In this paper, we propose a training algorithm of support vector machine (SVM) with a sensitive variable. Although machine learning models enable automatic decision making in the real world applications, regulations prohibit sensitive information from being used to protect privacy. In particular, the privacy protection of the legally protected attributes such as race, gender, and disability is compulsory. We present an efficient least square SVM (LSSVM) training algorithm using a fully homomorphic encryption (FHE) to protect a partial sensitive attribute. Our framework posits that data owner has both non-sensitive attributes and a sensitive attribute while machine learning service provider (MLSP) can get non-sensitive attributes and an encrypted sensitive attribute. As a result, data owner can obtain the encrypted model parameters without exposing their sensitive information to MLSP. In the inference phase, both non-sensitive attributes and a sensitive attribute are encrypted, and all computations should be conducted on encrypted domain. Through the experiments on real data, we identify that our proposed method enables to implement privacy-preserving sensitive LSSVM with FHE that has comparable performance with the original LSSVM algorithm. In addition, we demonstrate that the efficient sensitive LSSVM with FHE significantly improves the computational cost with a small degradation of performance.

• Journal of KIISE
• /
• v.45 no.3
• /
• pp.288-293
• /
• 2018

There have recently been several studies investigating how to apply a privacy preserving technique to publish data. Differential privacy can protect personal information regardless of an attacker's background knowledge by adding probabilistic noise to the original data. To perform differentially private k-means clustering, the existing algorithm builds a differentially private histogram and performs the k-means clustering. Since it constructs an equi-width histogram without considering the distribution of data, there are many buckets to which noise should be added. We propose a k-means clustering algorithm using a quad-tree that captures the distribution of data by using a small number of buckets. Our experiments show that the proposed algorithm shows better performance than the existing algorithm.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.12
• /
• pp.161-169
• /
• 2022

With the development of mobile devices and global positioning systems, various location-based services can be utilized, which collects user's location information and provides services based on it. In this process, there is a risk of personal sensitive information being exposed to the outside, and thus Geo-indistinguishability (Geo-Ind), which protect location privacy of LBS users by perturbing their true location, is widely used. However, owing to the data perturbation mechanism of Geo-Ind, it is hard to accurately obtain the density distribution of LBS users from the collection of perturbed location data. Thus, in this paper, we aim to develop a novel method which enables to effectively compute the user density distribution from perturbed location dataset collected under Geo-Ind. In particular, the proposed method leverages Expectation-Maximization(EM) algorithm to precisely estimate the density disribution of LBS users from perturbed location dataset. Experimental results on real world datasets show that our proposed method achieves significantly better performance than a baseline approach.

• Journal of Intelligence and Information Systems
• /
• v.28 no.1
• /
• pp.29-43
• /
• 2022

With the advent of the Internet and the development of mobile digital devices such as smartphones and tablet PCs, the communication service paradigm began to shift from existing voice services to data services. Recently, as social network services (SNS) are activated and 4th industrial revolution technologies centered on ICT (Information and Communication Technologies) such as Big Data, Blockchain, Cloud, and 5G/6G are rapidly developed, the amount of shared data type and the amount of data are increasing rapidly. As the transition to a digital society begins actively, the importance of using data information, as well as the economic and social values of personal information are becoming increasingly important. As a result, they are actively discussing policies to revitalize the data information industry around the world and ways to efficiently obtain, analyze, and utilize increasingly diverse and vast data, as well as to protect/guarantee the rights of information subjects (providers) in various fields such as society, culture, economy, and politics.. In this paper, in order to improve the self-determination right of personal information on data produced by information subjects, and further expand the use of safe data and the data economy, a differentiated data trusts system was considered and suggested. In addition, the components and data trusts procedures necessary to efficiently operate the data trusts system in Korea were considered, and the non-profit data trusts system and the for-profit data trusts system were considered as a way to flexibly operate the data trusts system. Furthermore, the legal items necessary for the implementation of the data trusts system were investigated and considered. In this paper, in order to propose a domestic data trusts system, cases related to existing data trusts systems such as the United States, Japan, and Korea were reviewed and analyzed. In addition, in order to prepare legislation necessary for the data trusts system, data-related laws in major countries and domestic legal and policy trends were reviewed to study the rights that conflict or overlap with existing laws, and differences were investigated and considered. The Data trusts system proposed in this paper is a reasonable system that is expected to recognize the asset value of data in the capitalist market economy system, to provide legitimate compensation for data produced by data subjects, and further to contribute greatly to the use of safe data and creation of a new service market.

• Proceedings of the Korea Database Society Conference
• /
• 2010.06a
• /
• pp.203-212
• /
• 2010

The mam purpose of this study is to find out how perceived risk elements influence to customers' perceived value and repurchase intention in the electronic commerce environment. To achieve the goal, we set 6 sub-dimensions - privacy risk, social risk, time loss risk, economic risk, psychological risk, and performance risk - based on comprehensive consideration of related studies, and established a research model included 2 factors such as perceived value and repurchase intention to measure performance in internet shopping malls. From 174 customers of the electronic commerce shopping malls survey data have been collected and analyzed based on the covariance structural model method. The results of this study are summarized as follows. Firstly, five perceived risk characteristics of privacy risk, time loss risk, economic risk, psychological risk, and performance risk are significantly positive effect on perceived value. Secondly, perceived value IS very significantly related to repurchase intention in electronic commerce shopping malls. Consequently, we discussed the strategies to create perceived value and repurchase intention in electronic commerce environment. Also we suggested the implications and further research directions.

• Journal of Information Processing Systems
• /
• v.18 no.3
• /
• pp.402-410
• /
• 2022

Digital data can be manipulated easily, so information related to the timestamp is important in establishing the reliability of the data. The time values for a certain file can be extracted following the analysis of the filesystem metadata or file internals, and the information can be utilized to organize a timeline for a digital investigation. Suppose the reversal of a timestamp is found on a mobile device during this process. In this case, a more detailed analysis is required due to the possibility of anti-forensic activity, but little previous research has investigated the handling and possible manipulation of timestamps on mobile devices. Therefore, in this study, we determine how time values for multimedia files are handled according to the operating system or filesystem on mobile devices. We also discuss five types of timestamps-file created (C), last modified (M), last accessed (A), digitalized (Di), and filename (FN) of multimedia files, and experimented with their operational features across multiple devices such as smartphones and cameras.