• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.1
• /
• pp.55-60
• /
• 2020

In this paper, we propose an access control system using cryptography as a method to protect personal data in public blockchain. The proposed system is designed to encrypt data according to the access policy, store it in the blockchain, and decrypt only the person who satisfy the access policy. In order to improve performance and scalability, an encryption mechanism is implemented outside the blockchain. Therefore, data access performance could be preserved while cryptographic operations executed Furthermore it can also improve the scalability by adding new access control modules while preserving the current configuration of blockchain network. The encryption scheme is based on the attribute-based encryption (ABE). However, unlike the traditional ABE, the "retention period", is incorporated into the access structure to ensure the right to be forgotten. In addition, symmetric key cryptograpic algorithms are used for the performance of ABE. We implemented the proposed system in a public blockchain and conducted the performance evaluation.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.4
• /
• pp.227-232
• /
• 2014

Recent development and generalization of Internet technology contributes to the large scale of commerce and capital followed by appearance and growth of large portal sites. As a result, the personal data on the Internet not deleted for a long period of time is a new risk factor, for example, the invasion of people's privacy. In particular, exposing personal data like witch-hunts is a critical issue so that the person concerned cannot carry on with normal life. This study suggests the necessity of the right to request personal data deletion related to a person concerned on Internet sites, a method of introducing the right in Korea, and a method of improving the application.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.3
• /
• pp.513-525
• /
• 2022

The immutability of blockchain is core elements of security of blockchain and guarantee data integrity. However, the characteristic that the data recoreded once in the blockchain cannot be modified has place for abuse by a specific user. In fact improper contents that is inappropriate to be recorded on the blockchain, such as harmful data and user personal data, is exposed on Bitcoin. As a way to manage improper content existing in the blockchain, there is a redactable blockchain using chameleon hash proposed for the first time by Ateniese. The redactable blockchain meet the right to be forgotten of GDPR by allowing data modification and deletion. Recently, Research on personal data management is being conducted in a redactable blockchain. Research by Jia et al. proposed a model that enables users to manage their personal data in the redactable blockchain. However, semi trusted regulators, which are blockchain participation nodes, have powerful authority in the blockchain, such as modification rights and deprivation of transaction rights for all blocks, which may cause side effects. In this paper, to weaken the authority of regulators in Y. Jia et al., we propose a method of authority subject altering and authority sharing, and propose a redactable blockchain-based authority change and access control system model based on applicable scenarios.

• The Journal of the Korea Contents Association
• /
• v.22 no.6
• /
• pp.125-134
• /
• 2022

This study aims to critically discuss the problems that need to be solved from a humanities perspective in order to utilize big data. It identifies and discusses three research problems that may arise from collecting, processing, and using big data. First, it looks at the fake information circulating with regard to problems with the data itself, specifically looking at article-type advertisements and fake news related to politics. Second, discrimination by the algorithm was cited as a problem with big data processing and its results. This discrimination was seen while searching for engineers on the portal site. Finally, problems related to the invasion of personal related information were seen in three categories: the right to privacy, the right to self-determination of information, and the right to be forgotten. This study is meaningful in that it points out the problems facing in the aspect of big data utilization from the humanities perspective in the era of big data and discusses possible problems in the collection, processing, and use of big data, respectively.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.05a
• /
• pp.527-529
• /
• 2013

인터넷의 발달은 개인정보의 디지털화를 가속화 시켰으며, 이로 인한 프라이버시 문제점을 야기 시켰다. 그 중 대표적으로 사생활 침해 문제가 대두되었으며 이러한 문제를 해결하기 위해 전 세계적으로 개인의 데이터를 자신이 삭제 할 수 있는 권리인 '잊혀질 권리'에 대한 관심이 높아지고 있다. 본 논문에서는 '잊혀질 권리'를 지원하기 위한 기술적 요구사항과 이를 지원 할 수 있는 대응 기술 현황에 대해 알아본다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.231-234
• /
• 2018

4차 산업혁명을 주도하는 신기술인 블록체인은 블록체인 네트워크에 속한 모두가 신뢰성을 가질 수 있는 새로운 형태의 탈중앙화 P2P 플랫폼이다. 2018년 기존 개인정보 보호 지침을 대체하는 GDPR이 발효되어 다양한 부분의 개인정보 보호에 법적인 영향을 미치게 되었다. 블록체인 또한 GDPR의 법적 규제를 피할 수 없게 되었고, 블록체인에서 잊혀질 권리를 충족시키기 위해 정보주체의 요청 시 민감한 개인정보를 삭제할 수 있어야 하는 필요성이 요구되었다. 본 연구에서는 기존 블록체인 시스템에서 잊혀질 권리를 준수할 개선방안을 제안한다.

• Smart Media Journal
• /
• v.10 no.2
• /
• pp.84-91
• /
• 2021

In the EU GDPR, when collecting personal information, the right of the information subject(user) to consent or refuse is given the highest priority. Therefore, the information subject must be able to withdraw consent and be forgotten and claim the right at any time. Especially, restricted IoT devices(Constrained Node) implement the function of consent of the data subject regarding the collection and processing of privacy data, and it is very difficult to post the utilization content of the collected information. In this paper, we designed and implemented a management system that allows data subjects to monitor data collected and processed from IoT devices, recognize information leakage problems, connect, and control devices. Taking into account the common information of the standard OCF(Open Connectivity Foundation) of IoT devices and AllJoyn, a device connection framework, 10 meta-data for information protection were defined, and this was named DPD (Data Protection Descriptor). we developed DPM (Data Protection Manager), a software that allows information subjects to manage information based on DPD.

• Journal of Korean Classical Literature and Education
• /
• no.16
• /
• pp.207-235
• /
• 2008

This study investigated the formation of communication education which is based on the contemporary language education. Concretely I watched chronologically the proportion of culture element and behavior element, its change, and the contents of writing education. To achieve this, I took the ancient Greek language education as the main materials. The sophists are right if we think only the empirical world, because of the changeability of external world and the relativity of sense. On the other hand, Platon emphasized the ability of abstract thought which is inherent in the human inside. But today's education only emphasizes the 'expression' which came from the Platonic thought. So students fills their devastated inside with arbitrary idea in this history-forgotten social circumstance. It is very beneficial to make subject have some cultural studies and to enhance the sensation on the world through the writing of representation because these can be good to the growth of subject. It is our-not as educator but as a predecessor of human being-duty to set the catalogue of cultural studies of this age and to make students feel the fundamental harmony and the beauty of the world.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.894-896
• /
• 2013

오늘날 전세계의 사람이 이용하는 SNS 상에 존재하는 보안 위협은 정보주체의 개인정보를 유출하고 스팸, 피싱 등의 2 차 피해를 야기하는 등 치명적인 결과를 초래한다. 본 논문에서는 잊혀질 권리와 SNS의 개념을 파악하고 SNS 상에 존재하는 보안 위협에 대해 논의하며 보안 위협을 해소하고 SNS 환경에서의 잊혀질 권리를 실현할 수 있는 UPP, Dual Watermarking Scheme, FaceCloak 등 기술적 방안을 제시한다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.5
• /
• pp.33-38
• /
• 2019

In this paper, we propose a new blockchain technology that could comply with GDPR. The proposed model can prevent illegal access by controlling access to the personal information according to a access policy. For example, it can control access to the information on a role-basis and information validation period. The core mechanism of the proposed model is to encrypt the personal information with public key which is associated with users attributes policy, and then decrypt it with a private key and users attributes based on a Attribute-based Encryption scheme. It can reduce a trusted third-part risk by replacing it with a number of nodes selected from the blockchain. And also the private key is generated in the form of one-time token to improve key management efficiency. We proved the feasibility by simulating the proposed model using the chaincode of the Hyperledger Fabric and evaluate the security.