• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.5
• /
• pp.865-873
• /
• 2024

In this study, we propose a privacy-preserving cryptographic API misuse detection framework utilizing homomorphic encryption. The proposed framework is designed to effectively detect cryptographic API misuse while maintaining data confidentiality. We employ a Convolutional Neural Network (CNN)-based detection model and optimize its structure to ensure high accuracy even in an encrypted environment. Specifically, to enable efficient homomorphic operations, we leverage depth-wise convolutional layers and a cubic activation function to secure non-linearity, enabling effective misuse detection on encrypted data. Experimental results show that the proposed model achieved a high F1-score of 0.978, and the total execution time for the homomorphically encrypted model was 11.20 seconds, demonstrating near real-time processing efficiency. These findings confirm that the model offers excellent security and accuracy even when operating in a homomorphic encryption environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.83-94
• /
• 2015

Deduplication, which is a technique of eliminating redundant data by storing only a single copy of each data, provides clients and a cloud server with efficiency for managing stored data. Since the data is saved in untrusted public cloud server, however, both invasion of data privacy and data loss can be occurred. Over recent years, although many studies have been proposed secure deduplication schemes, there still remains both the security problems causing serious damages and inefficiency. In this paper, we propose secure and efficient client-side deduplication with Key-server based on Bellare et. al's scheme and challenge-response method. Furthermore, we point out potential risks of client-side deduplication and show that our scheme is secure against various attacks and provides high efficiency for uploading big size of data.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.248-256
• /
• 2021

Now that we're in the big data era, data has taken on a new significance as the storage capacity has exploded from trillion bytes to petabytes at breakneck pace. As the use of cloud computing expands and becomes more commonly accepted, several businesses and institutions are opting to store their requests and data there. Cloud storage's concept of a nearly infinite storage resource pool makes data storage and access scalable and readily available. The majority of them, on the other hand, favour a single cloud because of the simplicity and inexpensive storage costs it offers in the near run. Cloud-based data storage, on the other hand, has concerns such as vendor lock-in, privacy leakage and unavailability. With geographically dispersed cloud storage providers, multicloud storage can alleviate these dangers. One of the key challenges in this storage system is to arrange user data in a cost-effective and high-availability manner. A multicloud storage architecture is given in this study. Next, a multi-objective optimization problem is defined to minimise total costs and maximise data availability at the same time, which can be solved using a technique based on the non-dominated sorting genetic algorithm II (NSGA-II) and obtain a set of non-dominated solutions known as the Pareto-optimal set.. When consumers can't pick from the Pareto-optimal set directly, a method based on Principal Component Analysis (PCA) is presented to find the best answer. To sum it all up, thorough tests based on a variety of real-world cloud storage scenarios have proven that the proposed method performs as expected.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.87-92
• /
• 2012

In the early 2012, European Union proposed new legal framework, including the right to be forgotten, for the protection of personal data. The new Proposal articulates kind of sweeping new privacy right and there has been debates on its potential threat to free speech in the digital age. While the situation is similar in Korea, I want to introduce the right to be forgotten in the Proposal. Then, I will analyze current legal system in Korea regarding the new privacy right and suggest some guidelines in searching direction for the coming legislation with respect to the right to be forgotten. The right to be forgotten should not have been promulgated without considering fully its effect on the free speech, especially in the society where the voice toward direct democracy or movement toward participation of the citizen, mainly through cyber space or Social Network Services, has risen much higher in Korea. Especially, the new right seems not to cover the control of data subject on a third party where the third party expressing his opinion by posting himself other's personal data on his blog or others.

• 한국HCI학회:학술대회논문집
• /
• 2006.02a
• /
• pp.960-965
• /
• 2006

Privacy and security are latent problems in pervasive healthcare system. For the sake of protecting health monitoring information, it is necessary to classify and categorize the various contexts in terms of obfuscation. In this paper, we propose the physiological context categorization and specification methodology by exploiting data fusion network for automatic context alignment. In addition, we introduce the methodologies for making various level of physiological context on the context aware application model, which is wear-UCAM. This physiological context has several layers of context according to the level of abstraction such as user-friendly level or parametric level. This mechanism facilitates a user to restrict access to his/her monitoring results based on the level of details in context.

• Electronics and Telecommunications Trends
• /
• v.35 no.6
• /
• pp.88-96
• /
• 2020

As the usability and value of personal information increase, the importance of privacy protection has increased. In Korea, the scope of the use of pseudonymized personal information has increased because of revisions to the law. In the past, security technologies were used to safely store and manage personal information, but now, security technologies focused on usability are needed to safely use personal information. In this paper, we look at issues related to the de-identification and re-identification of personal information. Moreover, we examine the standards and techniques related to the de-identification of personal information.

• Proceedings of the KSRS Conference
• /
• 2005.10a
• /
• pp.659-662
• /
• 2005

Recently, the need for LBS (Location Based Services) is increasing with the rapid growth of the location measurement units, mobile devices, and communication technologies. Especially, wireless carriers are concentrating on LBS since it is regarded as so-called 'killer application' among wireless data services. Although LBS give us convenience and useful information, its use also raises privacy issues. There are quite possibilities that the people's locations are tracked by location measurement units while people do not recognize the existence of the units. To protect a person's location information, lawful and technical aspects should be considered. In this paper, we explain issues, regulations, standards, and platforms related to the protection of the location information. Finally, we suggest the architecture of a platform complying with the regulations and standards. It considers various issues not covered in other studies.

• Journal of Digital Convergence
• /
• v.2 no.2
• /
• pp.29-44
• /
• 2004

The main objective of this study is to investigate the determinants of consumer trust in e-business. It examines consumer perceptions trust in a Web site and address following research questions: What factors influence consumer trust in a Web site and what specific Web site cues are associated with trust and satisfaction? We test our hypothesis in a empirical data from 568 consumers across 4 Web sites. By factor analysis, the results show that Web site characteristics are such as product information and purchase process , system stability, navigation, privacy(security), design, information of seller, pay methods, and customer service. We also find that brand and Web site characteristics such as Web site design, navigation, privacy(security), and customer service can explain over 59% of the variance in Web site trust and 60% in satisfaction. The results offer important implication for Web site strategies that include the manipulation of factors influencing Web site trust. And the future directions of the present research are discussed.

• International Commerce and Information Review
• /
• v.3 no.2
• /
• pp.131-142
• /
• 2001

IT 산업은 인터넷을 발달시킴으로써 새로운 경제 시대 (New Economic Era)를 열게 하였을 뿐만 아니라 민주주의제도의 발전가능성을 한층 더 앞당기는 계기를 마련하고 있다. 그러나 개인들은 그들의 개인정보가 국가기관이나 민간기관에 자신도 모르는 사이 누출되어 국가기관의 감시체제를 구축하거나 불공정한 상업적 목적으로 쓰일 수 있다는 우려 때문에 온라인상의 구매활동이나 정치활동을 주저하고 있다. 특히 유럽민족은 과거의 역사적인 사건들로 인해 개인정보 유출문제에 매우 민감하게 반응한다. 이러한 이유로 EU는 EU국가들 내에서의 인터넷관련 개인정보처리문제와 EU와 제3국간의 개인정보 이전 문제를 규정하는 지침을 1995년 재정하고 1998년부터 시행하고 있다. 동 지침은 또한 미국과의 정보이전협상인 safe harbor를 탄생시켰다. 본 고에서는 왜 개인정보 보호법이 필요한지 그 이유와 개인정보보호에 대한 국제적인 논의 그리고 EU의 개인정보지침 내용을 연구한다.

• International Journal of Contents
• /
• v.15 no.4
• /
• pp.44-49
• /
• 2019

This study is designed to examine antecedents and consequences of mobile advertising avoidance. However, to date, research on mobile advertising avoidance has been scarce. Thus, this study makes significant contributions by addressing understudied areas in mobile advertising. Study results show that the perceived mobile advertising risk is positively related to mobile advertising avoidance. This study found that the perceived trust in mobile advertising is negatively linked to mobile advertising avoidance. The study results show that the perceived Internet users' data privacy concerns is positively linked to mobile advertising avoidance. Finally, study results suggest that mobile advertising avoidance is positively linked to intention to delete the ad.