• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.8C
• /
• pp.1076-1085
• /
• 2004

Privacy enforcement has been one of the most important problems in IT area. Privacy protection can be achieved by enforcing privacy policies within an organization's data processing systems. Traditional security models are more or less inappropriate for enforcing basic privacy requirements, such as privacy binding. This paper proposes an extended role-based access control (RBAC) model for enforcing privacy policies within an organization. For providing privacy protection and context based access control, this model combines RBAC, Domain-Type Enforcement, and privacy policies Privacy policies are to assign privacy levels to user roles according to their tasks and to assign data privacy levels to data according to consented consumer privacy preferences recorded as data usage policies. For application of this model, small hospital model is considered.

• Journal of Internet Computing and Services
• /
• v.7 no.1
• /
• pp.1-16
• /
• 2006

The vulnerability of privacy in the Identity Management System (IMS) is the most pressing concern of ordinary users. Uncertainty about privacy keeps many users away from utilization of IMS. Therefore, this paper proposes an access-control oriented privacy model for IMS. The proposed model protects privacy using access control techniques with privacy policies in a single circle of trust. We address characteristics of the components of for the proposed model and describe access control procedures. After that, we show the architecture of privacy enforcement and XML-based schema for privacy policies.

• The Journal of Information Systems
• /
• v.25 no.3
• /
• pp.197-215
• /
• 2016

Purpose This study aims to investigate the factors that influence decision making in relation to providing personal information on the internet with respect to the integration of the privacy calculus theory and protection motivation theory based on the dual-calculus model proposed by Li(2012). Design/methodology/approach The privacy calculus theory and protection motivation theory have been applied to explain privacy behavior to a certain degree but few studies have been conducted to explain privacy behavior based on the integration of these two theories. Although Li(2012) proposed the dual-calculus model, he only proposed its framework and did not carry out an empirical study. Therefore, this study proposes a research model that integrates these two theories and examines the relationship between the two theories through an empirical study. Findings According to the results of empirical analysis, it was found that all relations have statistically significant explanatory power except the relation between coping appraisal and privacy risk in the risk calculus process. Thus, the results verify that external threat played a decisive role in increasing the risk level of a consumer's privacy. It can be discussed the ways to enhance the privacy behavior of consumer on the internet through these findings.

• Asia pacific journal of information systems
• /
• v.31 no.3
• /
• pp.257-276
• /
• 2021

This study investigates the factors that facilitate or hinder people to use mobile payment, especially drawing upon the theoretical perspectives on individual's privacy protection motivation and perceived market condition. Survey data (n = 200) were collected through a web-based platform and used to test a theoretical model. The results show that one's privacy protection power is formed by various individual and technological factors (i.e., perceived data exposure, self-efficacy, and response efficacy), and in turn it determines his/her intention to use mobile payment. Moreover, the relationship between privacy protection power and mobile payment use is conditional on the perceived market control by the service provider - with a perception of the high level of provider's market control, one uses mobile payment regardless of his/her privacy protection power, while under the low level of provider's market control, the decision depends on the degree of privacy protection power. The findings would help our understanding of why some people are more susceptible to mobile payment and others are not.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.135-144
• /
• 2010

Privacy protection can only be achieved by enforcing privacy policies within an enterprise's on and offline data processing systems. There are P-RBAC model and purpose based model and obligations model among privacy policy models. But only these models each can not dynamically deal with the rapidly changing business environment. Even though users are in the same role, on occasion, secure system has to opt for a figure among them who is smart, capable and supremely confident and to give him/her a special mission during a given period and to strengthen privacy protection by permitting to present fluently access control conditions. For this, we propose Integrated Privacy Protection Model based on RBAC. Our model includes purpose model and P-RBAC and obligation model. And lastly, we define high level policy language model based XML to be independent of platforms and applications.

• The Journal of Information Systems
• /
• v.25 no.3
• /
• pp.1-30
• /
• 2016

Purpose The purpose of this study is to grasp the factors influencing domestic SNS users' privacy protection behavior and verify their relationship through self-efficacy and responsiveness. Thus, this study tries to suggest efficient and effective measures for SNS personal information protection. Design/methodology/approach To this end, with main variables of the protection motivation theory based on the assumption that when users are exposed to the threat to their health, they would have protection motivation and change their behavior of protecting their health, a research model was suggested. In addition, in order to empirically verify the research model, a survey was performed targeting general college students having the experience of using SNS. Findings As a result of the analysis, first, perceived effectiveness and self-efficacy had a positive effect on responsiveness. Second, perceived barrier had a positive effect on self-efficacy. Third, self-efficacy and responsiveness had a positive effect on privacy protection behavior. This study is expected to contribute to establishing an effective guideline for measures that could induce SNS users' privacy protection behavior.

• Journal of Information Processing Systems
• /
• v.6 no.2
• /
• pp.185-196
• /
• 2010

This paper proposes a personal information protection model that allows a user to regulate his or her own personal information and privacy protection policies to receive services provided by a service provider without having to reveal personal information in a way that the user is opposed to. When the user needs to receive a service that requires personal information, the user will only reveal personal information that they find acceptable and for uses that they agree with. Users receive desired services from the service provider only when there is agreement between the user's and the service provider's security policies. Moreover, the proposed model utilizes a mobile agent that is transmitted from the user's personal space, providing the user with complete control over their privacy protection. In addition, the mobile agent is itself a self-destructing program that eliminates the possibility of personal information being leaked. The mobile agent described in this paper allows users to truly control access to their personal information.

• Journal of Internet Computing and Services
• /
• v.15 no.2
• /
• pp.59-71
• /
• 2014

This study applied customer perspective to find out ways how to protect customers' privacy by themselves. It does so by examining the factors which affect customer privacy protection behaviors. Based on the Privacy Act, this study developed the construct of Privacy Rights awareness and finds the law's effect on privacy awareness and behavioral change. The study finds that there exists a significant difference in privacy protection behavior according to privacy rights awareness. Independent variables are as follows: Five variables (Perceived vulnerability, Perceived severity, Perceived response effectiveness, Perceived barriers, Privacy Rights awareness) were tested as critical variables influencing Behavioral Intention in PMT model. Privacy awareness had a moderating effect on the relationship between perceived severity and privacy protection behavior. This study would contribute on theoretical expansion of Protection Motivation Theory and also provide practical implications for effective ways to promote behavioral changes.

• Informatization Policy
• /
• v.20 no.3
• /
• pp.63-85
• /
• 2013

Drawing on Protection Motivation Theory(PMT), this study attempts to clarify antecedents that influence the intention to protect individuals' privacy on the Internet. Protection motivation forms through individuals' cognitive appeal involving threat and efficacy. Then protection motivation causes privacy behavioral change. Protection motivation factors are established privacy trust and privacy risk, which are related to privacy attitude and belief. This proposed model is empirically analyzed by utilizing structural equation analysis(SEM). According to the result of the empirical analysis, it is founded that almost paths have statistically significant explanatory power except path from efficacy to privacy risk and path from privacy trust to privacy behavioral intention. This study shows powerful evidence of antecedent factors based on protection motivation of individuals' privacy behavioral intention in online environment.

• Journal of Korea Multimedia Society
• /
• v.12 no.12
• /
• pp.1796-1808
• /
• 2009

Elementary school students have a little awareness of privacy protection since they do not have many opportunities for systematic education on information and communication ethics. Hence, they are likely to expose their own information to others and sometimes bring on a lot of misuses by using others' information. In this paper, we provide an idea for teaching and learning methods which the elementary school students acquire privacy protection and management methods and raise their practical capabilities. We develop a role play teaching and learning model in connection with various Information and Communication Technology (ICT) activities and establish the instruction plans. Moreover, we apply them to the actual classes at grade five and six of the elementary school students respectively, and finally analyze the results. The proposed teaching and learning method shows that the students participated in a series of learning activities have higher learning effects on awareness of privacy protection than those learned with the conventional methods.