• The Journal of Society for e-Business Studies
• /
• v.11 no.2
• /
• pp.13-30
• /
• 2006

Web services are independent on a platform and are suitable in the Ubiquitous environment which an interaction for each device. Ubiquitous web services can use various applied service in any network neighborhood or terminal. Main characteristic of Ubiquitous is context-awareness. Therefore, Ubiquitous web services must include context-aware control process and protect user privacy because context-aware environment collects privacy data. But current web services standard is not specially designed in respect of context-communication. Therefore, the framework which can add flexibility in transmission of context is required. Our Framework can give extension for context and can communicate flexibly Context information for every session. Therefore, Our Framework can solve overhead problem of context in SOAP message and protect user's privacy according to user preference.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.5
• /
• pp.1717-1732
• /
• 2015

The widespread use of location-based services (LBSs), which allows untrusted service provider to collect large number of user request records, leads to serious privacy concerns. In response to these issues, a number of LBS privacy protection mechanisms (LPPMs) have been recently proposed. However, the evaluation of these LPPMs usually disregards the background knowledge that the adversary may possess about users' contextual information, which runs the risk of wrongly evaluating users' query privacy. In this paper, we address these issues by proposing a generic formal quantification framework,which comprehensively contemplate the various elements that influence the query privacy of users and explicitly states the knowledge that an adversary might have in the context of query privacy. Moreover, a way to model the adversary's attack on query privacy is proposed, which allows us to show the insufficiency of the existing query privacy metrics, e.g., k-anonymity. Thus we propose two new metrics: entropy anonymity and mutual information anonymity. Lastly, we run a set of experiments on datasets generated by network based generator of moving objects proposed by Thomas Brinkhoff. The results show the effectiveness and efficient of our framework to measure the LPPM.

• Annual Conference of KIPS
• /
• 2005.05a
• /
• pp.1083-1086
• /
• 2005

Now these days, many technical concepts and tools have been developed in the cryptographic field. Most digital signature schemes used in practice, such as RSA or DSA, have an important role in information privacy and secure authentication for perfect user. A clearly advantage of such schemes over with security proven relative to such common cryptographic assumptions, is their efficiency: as a result of their relative weak requirements regarding computation, bandwidth and storage, these scheme have so far beaten proven secure schemes in practice. Our aim is to contribute to bridge the gap that exists between the theory and practice of digital signature schemes. In this paper we present a digital signature that ensures information privacy. More precisely, under an appropriate assumption about RSA, the scheme is proven to be existentially forgeable under adaptively chosen message attacks. This mechanism can be applied to smart cards or E-Wallet for maintaining secure authentication for user’s information privacy.

• Journal of Internet Computing and Services
• /
• v.17 no.2
• /
• pp.77-85
• /
• 2016

Internet cookie technology is designed for solving unreliable problem of HTTP's inherent property and notifying user's previous activity to web site's server, so it is useful to provide suitable service for individual user. However, the cookie techniques are becoming more sophisticated such as the third cookie and super cookie. And its included information is applied for advertisement and target marketing strategy, so the problem occurs that user's personal information is collected excessively. However, our law does not recognize the internet cookie as personal information so user cannot know where own internet cookie is stored and applicable. Therefore, in this paper, we explain the internet cookie technology, the privacy invasion and right to be forgotten for solving problem due to the internet cookie. And we analysis the relationship between the information of internet cookie and personal information, and then present the improvement requirement on the law and technology to use internet cookie securely and conveniently.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.1
• /
• pp.33-40
• /
• 2007

RFID, a non-contact wireless identification technology is being noticed as a technology to alternate barcode system in distribution industry and general industry. Despite of merit of RFID, there are issues to be solved for practical use. One of them, which are most important, is resolution of user's information protection. RFID system without security function bears risk exposing personal data and user's privacy. In this paper, we propose mutual authentication protocol for RFID system in order to solve this security issue. This study aimed to protect user's privacy by providing dynamic ID for tag through authentication protocol safe from security threats. Information being transmitted between backend, reader and tag has no direct connection with ID of tag, and it conducts authentication process using one-way hash function, which prevents attacker's obtaining of tag information using information being transmitted.

• Annual Conference of KIPS
• /
• 2020.05a
• /
• pp.228-230
• /
• 2020

The emergence of collaborative learning to the public is to tackle the user's privacy issue in centralized learning by bringing the AI models to the data source or client device for training Collaborative learning employs computing and storage resources on the client's device. Thus, it is privacy preserved by design. In harmony, blockchain is also prominent since it does not require an intermediary to process a transaction. However, these approaches are not yet fully ripe to be implemented in the real world, especially for the complex system (several challenges need to be addressed). In this work, we present the performance of collaborative learning and potential use case of blockchain. Further, we discuss privacy issues in the system.

• Journal of the Korean Society for information Management
• /
• v.32 no.2
• /
• pp.25-61
• /
• 2015

This study was designed to propose library privacy guidelines to be applicable in any library without distinguishing library types. Individual libraries can refine, modify, and use them to fit their situation, using the guidelines as a base. The library privacy protection guidelines developed in this study are composed of purposes, definitions, scope of privacy, law and policy, general information, the library's job performance on the handling of personal information, and library subcontractors. The development objectives and utilization direction of the library privacy guidelines developed in this study are meant to provide a guide for change according to the amended provision of library "Privacy Act" implementation, optimization of library Privacy Directive, a reflection of the relevant laws and regulations, and the standardization-oriented library privacy guidelines.

• Journal of Digital Convergence
• /
• v.15 no.3
• /
• pp.187-193
• /
• 2017

Objects Internet-based healthcare services provide healthcare and healthcare services, including measurement of user's vital signs, diagnosis and prevention of diseases, through a variety of object internet devices. However, there is a problem that new security vulnerability can occur when inter-working with the security weakness of each element technology because the internet service based on the object Internet provides a service by integrating various element technologies. In this paper, we propose a user privacy protection model that can securely process user's healthcare information from a third party when delivering healthcare information of users using wearable equipment based on IoT in a mobile environment to a server. The proposed model provides attribute values for each healthcare sensor information so that the user can safely handle, store, and store the healthcare information, thereby managing the privacy of the user in a hierarchical manner. As a result of the performance evaluation, the throughput of IoT device is improved by 10.5% on average and the server overhead is 9.9% lower than that of the existing model.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.6
• /
• pp.173-180
• /
• 2015

The advent of personal healthcare record(PHR) technology has been changing the uses as well as the paradigm of internet services, and emphasizing the importance of services being personalization. But the problem of user's privacy infringement and leaking user's sensitive medical information is increasing with the fusion of PHR technology and healthcare. In this paper, we propose a security labeling scheme for privacy protection in PHR system. In the proposed scheme, PHR data can be labeled also manually based on patient's request or the security labelling rules. The proposed scheme can be used to control access, specify protective measures, and determine additional handling restrictions required by a communications security policy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.7
• /
• pp.1935-1950
• /
• 2023

The arrival of the Internet of Things and 5G technology enables users to rely on edge computing platforms to process massive data. Data sharing based on edge computing refines the efficiency of data collection and analysis, saves the communication cost of data transmission back and forth, but also causes the privacy leakage of a lot of user data. Based on attribute-based encryption and blockchain technology, we design a fine-grained access control scheme for data in edge computing, which has the characteristics of verifiability, support for outsourcing decryption and user attribute revocation. User attributes are authorized by multi-attribute authorization, and the calculation of outsourcing decryption in attribute encryption is completed by edge server, which reduces the computing cost of end users. Meanwhile, We implemented the user's attribute revocation process through the dual encryption process of attribute authority and blockchain. Compared with other schemes, our scheme can manage users' attributes more flexibly. Blockchain technology also ensures the verifiability in the process of outsourcing decryption, which reduces the space occupied by ciphertext compared with other schemes. Meanwhile, the user attribute revocation scheme realizes the dynamic management of user attribute and protects the privacy of user attribute.