• Journal of Digital Convergence
• /
• v.19 no.8
• /
• pp.205-217
• /
• 2021

Decentralized SSI(Self Sovereign Identity) has become an alternative to a new digital identity solution, but an efficient de-identification technique has not been proposed due to the unique algorithmic characteristics of data transactions. In this study, to ensure the decentralized operation of SSI, we propose a de-identification technique that does not remove identifiers by restructuring the verification results of ZKP (Zero Knowledge Proof) into a form that can be provided to the outside by the verifier. In addition, it is possible to provide restructured de-identification data without the consent of data subject by proposing the concept of differential sovereignty management for each entity participating in verification. As a result, the proposed model satisfies the domestic personal information protection law in a decnetralized SSI, in addition provides secure and efficient de-identification processing and sovereignty management.

• Convergence Security Journal
• /
• v.19 no.5
• /
• pp.25-36
• /
• 2019

With the development of information and communication technology, hospitals that electronically process and manage medical information of patients are increasing. However, if medical information is processed electronically, there is still room for infringing personal information of the patient or medical staff. Accordingly, in 2017, the International Organization for Standardization (ISO) published ISO TS 25237 Health Information - Pseudonymization[1]. In this paper, we examine the re - identification process based on ISO TS 25237, the procedure and the problems of our proposed method. In addition, we propose a new processing scheme that adds a re-identification procedure to our secure differential privacy method [2] by keeping a mapping table between de-identified data sets and original data as ciphertext. The proposed method has proved to satisfy the requirements of ISO TS 25237 trust service providers except for some policy matters.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.89-96
• /
• 2007

Radio Frequency Identification system based on EPC(Electronic Product Code) Network Environment can read or write information of tagged objects, using Rf signals without direct contact. This advantage which is to provide storage ability and contactless property is better than Bar-code system. Mobile RFID system which integrates Mobile system with RFID system will provide new additional service to users. However, an advantage for obtaining information of objects using RF signal causes personal privacy problem. In this paper, we propose techniques that can protect personal privacy based on mobile. Our scheme provides privacy protection of users and is more efficiently than another application service.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.11
• /
• pp.189-200
• /
• 2011

With rapid development and contribution of IT technology IT fushion healthcare service which is a form of future care has been changed a lot. Specially, as IT technology unites with healthcare, because delicate personal medical information is exposed and user's privacy is invaded, we need preperation. In this paper, u-healthcare service model which can manage patient's ID information as user's condition and access level is proposed to protect user's privacy. The proposed model is distinguished by identification, certification of hospital, access control of medical record, and diagnosis of patient to utilize it efficiently in real life. Also, it prevents leak of medical record and invasion of privacy by others by adapting user's ID as divided by user's security level and authority to protect privacy on user's information shared by hospitals.

• Journal of Industrial Convergence
• /
• v.17 no.1
• /
• pp.1-6
• /
• 2019

Various cryptographic technologies have been proposed from ancient times and are developing in various ways to ensure the confidentiality of information. Due to exponentially increasing computer power, the encryption key is gradually increasing for security. Technology are being developed; however, security is guaranteed only in a short period of time. With the advent of the 4th Industrial Revolution, encryption technology is required in various fields. Recently, encryption technology using homomorphic encryption has attracted attention. Security threats arise due to the exposure of keys and plain texts used in the decryption processing for the operation of encrypted information. The homomorphic encryption can compute the data of the cipher text and secure process the information without exposing the plain text. When using the homomorphic encryption in processing big data like stored personal information in various services, security threats can be avoided because there is no exposure to key usage and decrypted information.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.6 no.6
• /
• pp.103-110
• /
• 2016

The recent frequent cases of damage due to leakage of medical data and the privacy of medical patients is increasing day by day. The government says the Privacy Rule regulations established for these victims, such as prevention. Medical data guidelines can be seen 'national medical privacy guidelines' is only released. When replacing the image data between the institutions it has been included in the image file (JPG, JPEG, TIFF) there is exchange of data in common formats such as being made when the file is leaked to an external file there is a risk that the exposure key identification information of the patient. This medial image file has no protection such as encryption, This this paper, introduces a masking technique using a mosaic technique encrypting the image file contains the application to optical character recognition techniques. We propose pseudonymization technique of personal information in the image data.

• ETRI Journal
• /
• v.33 no.6
• /
• pp.935-944
• /
• 2011

As a growing number of individuals are exposed to surveillance cameras, the need to prevent captured videos from being used inappropriately has increased. Privacy-related information can be protected through video encryption during transmission or storage, and several algorithms have been proposed for such purposes. However, the simple way of evaluating the security by counting the number of brute-force trials is not proper for measuring the security of video encryption algorithms, considering that attackers can devise specially crafted attacks for specific purposes by exploiting the characteristics of the target video codec. In this paper, we introduce a new attack for recovering contour information from encrypted H.264 video. The attack can thus be used to extract face outlines for the purpose of personal identification. We analyze the security of previous video encryption schemes against the proposed attack and show that the security of these schemes is lower than expected in terms of privacy protection. To enhance security, an advanced block shuffling method is proposed, an analysis of which shows that it is more secure than the previous method and can be an improvement against the proposed attack.

• Proceedings of the Korea Contents Association Conference
• /
• 2006.11a
• /
• pp.443-446
• /
• 2006

RFID is the core of realizing ubiquitous environment. This is expected to improve economical effect through related industry revitalization, make-work, and so on, in the future, and to be linked to social see-through enhancement via national life change. However unchecked RFID use lets retailers collect unprecedented huge information and they link it to customer information database, so the voice of worry to bring about a result of trampling down consumer privacy doesn't make a negligible situation. Although RFID system is spreaded out socially, the servicing of law and system is not accomplished to protect individuals from personal information violation threat. At the same time, in ubiquitous computing environment, to protect individual information efficiently, from the step of planning and deciding this technology system, constitutional law, norm, the basic legal rights of the people, and so forth is to be considered. The objective of the research is to persent the privacy protection from the viewpoints of law on RFID.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.323-333
• /
• 2024

Recently, Syntheic data has been in the spotlight as a technology that can protect personal information while maintaining the patterns and characteristics of actual data. Accordingly, technical and institutional research on synthetic data is actively being conducted, but it is difficult to actively use synthetic data due to the lack of clear standards and guidelines. This study is a preliminary study for quantifying the disclosure risk of synthetic data, and derives a privacy disclosure risk index through statistical methodology and suggests specific application measures to comply with the General Data Protection Regulation(GDPR). It is expected that the disclosure risk and the balance of data utility can be controlled through the privacy disclosure risk index of this study in an open data environment.

• Journal of Science and Technology Studies
• /
• v.3 no.1 s.5
• /
• pp.41-73
• /
• 2003

Personal genetic information is information about a person's genetic characteristics, which may reveal important information about private matters such as susceptibility to disease. Progress in genetics makes it much easier to obtain personal genetic information, and this leads to concerns about confidentiality and security of genetic information, and about possible genetic discrimination. This paper examines social issues related to human genetic information in terms of individual identification, diagnosis of diseases, and non-medical genetic test, and then tries to provide desirable citizens participation methods that can be used when making public policies related to genetic information protection.