• Journal of KIISE:Databases
• /
• v.31 no.6
• /
• pp.684-698
• /
• 2004

The Hippocratic database model recently proposed by Agrawal et al. incorporates privacy protection capabilities into relational databases. Since the Hippocratic database is based on the relational database, it needs extensions to be adapted for XML databases. In this paper, we propose the Hippocratic XML database model, an extension of the Hippocratic database model for XML databases and present an efficient access control mechanism under this model. In contrast to relational data, XML data have tree-like hierarchies. Thus, in order to manage these hierarchies of XML data, we extend and formally define such concepts presented in the Hippocratic database model as privacy preferences, privacy policies, privacy authorizations, and usage purposes of data records. Next, we present a new mechanism, which we call the authorization index, that is used in the access control mechanism. This authorization index, which is Implemented using a multi-dimensional index, allows us to efficiently search authorizations implied by the authorization granted on the nearest ancestor using the nearest neighbor search technique. Using synthetic and real data, we have performed extensive experiments comparing query processing time with those of existing access control mechanisms. The results show that the proposed access control mechanism improves the wall clock time by up to 13.6 times over the top-down access control strategy and by up to 20.3 times over the bottom-up access control strategy The major contributions of our paper are 1) extending the Hippocratic database model into the Hippocratic XML database model and 2) proposing an efficient across control mechanism that uses the authorization index and nearest neighbor search technique under this model.

• Journal of Digital Convergence
• /
• v.10 no.2
• /
• pp.153-159
• /
• 2012

Now a days, U-healthcare comes into the spotlight as a new business model which combines RFID technology with medical service in the well-being era and IT popularization. U-healthcare service needs a method that can deals with hand-writing, overlap data, forgery and falsification of data, difference between information version that happen in medical process because of graft between RFID technology and u-healthcare. This paper proposes RFID based user certification protocol to protect user's privacy who gets medical service through U-healthcare. In the protocol, secret information of patient does the XOR with the secret key that is created in the hospital to reconsider the stability of security system of U-healthcare and user's data forgery and falsification and privacy and then saves it in the secret key field of patient in DB table. Also, it informs the case of illegal access to certification server and make it approved the access of u-healthcare service by differentiating whether u-healthcare is illegal or not.

• Journal of Digital Convergence
• /
• v.12 no.6
• /
• pp.1-11
• /
• 2014

With the drastic development of technology for almost eternally saving digital information, cases for giving sufferings to a person who deserves to enjoy privacy have increased. So I study the right to be forgotten focusing on the collision between that right and freedom of expression. I also study the concept of the right to be forgotten and its legal basis for the protection of that right. That right can be protected mainly by the self-decision making right under the Article 10, and secondly the privacy right under the Article 17 of the Constitutional Law. The Press Arbitration Law can be applied to protect the right to be forgotten, but that Law needs the revision of time-limit clause for complain, protection clause for the right to ask to delete factual past article, and the clause of staleness doctrine for the consent of giving personal information.

• Journal of the Korean housing association
• /
• v.20 no.3
• /
• pp.37-45
• /
• 2009

For the young period, privacy is a crucial factor in establishing one's own identities, values and relationships. The capacity of residential environment to protect individual's privacy takes considerable part in influencing psychological and physiological development of adolescents. This study analyzed adolescents residential values and the elements of spatial plans for the passage and outdoor in Apartment Design Competition of Suwon A district in 2008. One hundred and ten middle and high school students living in Metropolitan area were selected and questionnaire was conducted during February 7 to February 15 in 2009. The data was analyzed by SPSS 11.0 program using one-way ANOVA and crosstab. The study results were summarized as follows; First, the adolescents valued 'safety' the most, regardless of their age and gender and the safety of adolescents commuting should be considered. Second, protecting their own private territories was next important element among other elements. Privacy can be protected by using movable walls, changing the doorway, dividing parents' and adolescents independent territory. Third, in terms of convenience, choosing location of children's room and walking way should be considered. Forth, from the survey, demand for indoors leisure activity was highly valued and required for aesthetic point of view. Considering the sculptures and facilities must satisfy the aesthetics and practicality. Fifth, in terms of social needs, 61.6% of people answered positively to the community facilities for social relationship. Residential environment affects enormous part of adolescents emotional and academic development. Therefore, designing residential areas for adolescents friendly should reflect the demands for safety, territory, convenience, aesthetic and social life.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.5
• /
• pp.209-216
• /
• 2020

As depository system for negotiation or reimbursement to the victim in criminal case is reflected to consideration for diminishing punishment and hence, it is very important in the process. According to the current law, one needs to fill out victim's personal information such as name, address, and ID number for processing depository. However, if the victim is sexual violence victim, all the personal information is covered up becoming anonymous. Therefore, it becomes difficult for the accused person to get necessary information. Such covering up action is to prevent further second damage that may be caused such as threatening for the negotiation whereas victim has no willingness to forgive the accused. However, even if the accused person regrets his/her crime and make reimbursement to the victim, as they have no personal information on the victim it becomes impossible for them to make the depository. If we apply ESCROW system here it will allow victims to avoid any direct contact with the accused person as well as preventing any privacy disclosure. Also, for the accuse person, they can show how much they regret by making depository within their capability.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.6
• /
• pp.37-42
• /
• 2015

Although online search engine service provide a convenient means to search for information on the World Wide Web, it also poses a risk of disclosing privacy. Regardless of such risk, most of users are neither aware of their personal information being exposed on search results nor how to redress the issue by requesting removal of information. According to the 2015 parliamentary inspection of government offices, many government agencies were criticized for mishandling of personal information and its leakage on online search engine such as Google. Considering the fact that the personal information leakage via online search engine has drawn the attention at the government level, the online search engine and privacy issue needs to be rectified. This paper, by examining current online search engines, studies the degree of personal information exposure on online search results and its underlying issues. Lastly, based on research result, the paper provides a sound policy and direction to the removal of exposed personal information with respect to search engine service provider and user respectively.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.1
• /
• pp.266-286
• /
• 2022

Public key encryption with keyword search (PEKS) allows a user to make search on ciphertexts without disclosing the information of encrypted messages and keywords. In practice, cryptographic operations often occur on insecure devices or mobile devices. But, these devices face the risk of being lost or stolen. Therefore, the secret keys stored on these devices are likely to be exposed. To handle the key exposure problem in PEKS, the notion of key-updatable PEKS (KU-PEKS) was proposed recently. In KU-PEKS, the users' keys can be updated as the system runs. Nevertheless, the existing KU-PEKS framework has some weaknesses. Firstly, it can't update the keyword ciphertexts on the storage server without leaking keyword information. Secondly, it needs to send the search tokens to the storage server by secure channels. Thirdly, it does not consider the search token security. In this work, a new PEKS framework named key-updatable and ciphertext-sharable PEKS (KU-CS-PEKS) is devised. This novel framework effectively overcomes the weaknesses in KU-PEKS and has the ciphertext sharing function which is not supported by KU-PEKS. The security notions for KU-CS-PEKS are formally defined and then a concrete KU-CS-PEKS scheme is proposed. The security proofs demonstrate that the KU-CS-PEKS scheme guarantees both the keyword ciphertext privacy and the search token privacy. The experimental results and comparisons bear out that the proposed scheme is practicable.

• Informatization Policy
• /
• v.19 no.4
• /
• pp.63-82
• /
• 2012

The world's best level of ICT(Information, Communication and Technology) infrastructure has experienced the world's worst level of ICT accident in Korea. The number of major accidents of privacy invasion has been three times larger than the total number of Internet user of Korea. The cause of the severe accident was due to big data environment. As a result, big data environment has become an important policy agenda. This paper has conducted analyzing the accident case of data spill to study policy issues for ICT security from a social science perspective focusing on risk. The results from case analysis are as follows. First, ICT risk can be categorized 'severe, strong, intensive and individual'from the level of both probability and impact. Second, strategy of risk management can be designated 'avoid, transfer, mitigate, accept' by understanding their own culture type of relative group such as 'hierarchy, egalitarianism, fatalism and individualism'. Third, personal data has contained characteristics of big data such like 'volume, velocity, variety' for each risk situation. Therefore, government needs to establish a standing organization responsible for ICT risk policy and management in a new big data era. And the policy for ICT risk management needs to balance in considering 'technology, norms, laws, and market'in big data era.

• Journal of The Korea Institute of Healthcare Architecture
• /
• v.19 no.3
• /
• pp.21-28
• /
• 2013

Purpose: General hospital in korea is getting large-scaled, specialized and upgraded. So, nursing unit of race track type has been advanced along with a spatial organization, building equipment and environmental approach. This study is to search the guidelines for renovation of nursing unit with race track type in the case of K university hospital in Daejeon. Methods: 9 cases of recently opened general hospital has been analyzed for spatial and environmental design solution. Questionnaires and interviews about user needs of nursing staff, patient and visitors, have been conducted for a nursing care system and facility of nursing units in K university hospital. Results: The user needs are represented as followings. Center core public zone in each floor plan and center core nursing station and supporting areas in nursing unit are good for an adjacency and separation of spatial organization. Toilet of group patient room is necessary to equip for easy, safe and infective aspects, and so toilet install will decrease the patient number and increase the nursing care service. Hall type of station front is good for visibility and observation. It is appropriate to renovate into south facing group patient room for privacy, enough space for nursing care facility and supporting area, enough width of door to move portable medical equipment, room for medical doctor and practical student, noise absorbing of day room. Implications: Upgrading the nursing care service and facility equipment is necessary to reflect the user needs and cooperate with hospital management.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.7 no.2
• /
• pp.447-455
• /
• 2012

The present study was carried out with a view to examine the protective actions of physical and occupational therapists for patients's privacy. For this purpose, a survey was conducted with the questionnaires that were distributed to 297 physical and occupational therapists engaged in general hospitals as well as in rehabilitation clinics across the country from January 2 to 13, 2012. From the survey, it was made known that the overall extent of protective actions practiced by them was $3.54{\pm}.733$ in average. Divided by area, the average protective action in communication was $3.62{\pm}.776$, followed by $3.57{\pm}1.013$ in direct contact and $3.53{\pm}.780$ in maintenance and management, respectively. The analysis of general characteristics by each area showed that the older their age gets and the longer their career is, the more the protective action is practiced by them. Although they are well aware of the fact that the medical information of patients should be kept 100% secret and they practice it to almost excellent grade (5), the physical and occupational therapists, as key experts in charge of improving functions of patients, were found to have little concern for and little knowledge about contents of protecting medical information. It is thus required to perform public relation and instruction continuously to intensify their awareness of needs to protect patients' privacy and to implant ethical sense in this regard deep in their mind.