• The Journal of Information Systems
• /
• v.21 no.4
• /
• pp.55-79
• /
• 2012

LBS(Location-Based Service) is one of the smartphone application services which has been receiving great attention recently. Various applications of smartphone use LBS to provide innovative services. However, use of LBS raises privacy concerns because the location information of users is constantly exposed. Privacy calculus perspective attempts to understand the characteristics of the user's privacy. It is based on the risk-benefit analysis in the economics' perspective. That is, when the benefit expected through personal information disclosure is higher than risk, we are willing to provide personal information. This research suggested a research model based on the privacy calculus perspective to clarify the effect of information disclosure intention of smartphone LBS application users. Based on the main factors of privacy calculus, perception of privacy risk and privacy benefit, the relationship of the perceived value and the information disclosure intention was empirically analyzed by utilizing structural equation modeling(SEM) methodology. According to the results of the empirical analysis, it was found that all relations have statistically significant explanatory power except the relation between privacy concern and information disclosure intention. This study showed a strong evidence of antecedent factors based on privacy calculus of personal information disclosure in smartphone LBS applications.

• Electronics and Telecommunications Trends
• /
• v.36 no.4
• /
• pp.135-144
• /
• 2021

The field of user authentication in Korea has experienced new dimensions since December 2020. Accredited certificate, which had been in use for 21 years since 1999, has been abolished. Accredited certificates have provided a trust foundation for various ICT-based industrial developments; however, new changes in the authentication sector are also required due to changes in the service and policy environment. Changes in the service environment occur rapidly because of the emergence of new technologies such as AI, IoT, Bio, Blockchain, and the daily use of non-face-to-face environments caused by COVID-19. Even with changes in the service environment, user authentication remains an essential foundation for providing services. This paper summarizes the current status of user authentication techniques, analyzes major changes in the service environment (such as Metaverse) associated with user authentication, and presents the direction of authentication techniques (Decentralized, Invisible, Privacy-preserving) through the derived implications.

• 한국HCI학회:학술대회논문집
• /
• 2006.02a
• /
• pp.970-975
• /
• 2006

There is a tradeoff between user's privacy and utility of context-aware services in ubiquitous computing environments. Many privacy models have been proposed to support the disclosure of personal information at different levels of detail, in ubiquitous computing environments. However, most of these models do not allow for explicit criteria to assess the benefit users are likely to reap by disclosing their personal information. In this paper, we propose an automated decision making mechanism that evaluates the "benefit of disclosure" for the users based on trust relationships between users and information requesters and manages the disclosure of user's personal information accordingly. Unlike other trust models, we do not regard the reputation of an information requester as sufficient to determine his/her trustworthiness. Instead, we represent trustworthiness as a function of information requester's reputation in the eyes of the user and his/her competence in a given context. To validate our mechanism, we apply it to context-aware healthcare application that monitors physiological condition of a user.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.12
• /
• pp.6169-6187
• /
• 2017

With the fast growth of mobile services, Mobile Cloud Computing(MCC) has gained a great deal of attention from researchers in the academic and industrial field. User authentication and privacy are significant issues in MCC environment. Recently, Tsai and Lo proposed a privacy-aware authentication scheme for distributed MCC services, which claimed to support mutual authentication and user anonymity. However, Irshad et.al. pointed out this scheme cannot achieve desired security goals and improved it. Unfortunately, this paper shall show that security features of Irshad et.al.'s scheme are achieved at the price of multiple time-consuming operations, such as three bilinear pairing operations, one map-to-point hash function operation, etc. Besides, it still suffers from two minor design flaws, including incapability of achieving three-factor security and no user revocation and re-registration. To address these issues, an enhanced and provably secure authentication scheme for distributed MCC services will be designed in this work. The proposed scheme can meet all desirable security requirements and is able to resist against various kinds of attacks. Moreover, compared with previously proposed schemes, the proposed scheme provides more security features while achieving lower computation and communication costs.

• ETRI Journal
• /
• v.44 no.6
• /
• pp.903-914
• /
• 2022

Mobile and telecommunication networking uses temporary and random identifiers (IDs) to protect user privacy. For greater intelligence and security o the communications between the core network and the mobile user, we design and build a dynamic randomization scheme for the temporary IDs for mobile networking, including 5G and 6G. Our work for ID randomization (ID-RZ) advances the existing state-of-the-art ID re-allocation approach in 5G in the following ways. First, ID-RZ for ID updates is based on computing, as opposed to incurring networking for the re-allocation-based updates, and is designed for lightweight and low-latency mobile systems. Second, ID-RZ changes IDs proactively (as opposed to updating based on explicit networking event triggers) and provides stronger security (by increasing the randomness and frequency of ID updates). We build on the standard cryptographic primitives for security (e.g., hash) and implement our dynamic randomization scheme in the 5G networking protocol to validate its design purposes, which include time efficiency (two to four orders of magnitude quicker than the re-allocation approach) and appropriateness for mobile applications.

• Journal of Communications and Networks
• /
• v.15 no.2
• /
• pp.153-163
• /
• 2013

In recent years, more and more researches have been focusing on trust management of vehicle ad-hoc networks (VANETs) for improving the safety of vehicles. However, in these researches, little attention has been paid to the location privacy due to the natural conflict between trust and anonymity, which is the basic protection of privacy. Although traffic safety remains the most crucial issue in VANETs, location privacy can be just as important for drivers, and neither can be ignored. In this paper, we propose a beacon-based trust management system, called BTM, that aims to thwart internal attackers from sending false messages in privacy-enhanced VANETs. To evaluate the reliability and performance of the proposed system, we conducted a set of simulations under alteration attacks, bogus message attacks, and message suppression attacks. The simulation results show that the proposed system is highly resilient to adversarial attacks, whether it is under a fixed silent period or random silent period location privacy-enhancement scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.6123-6138
• /
• 2018

Named data networking (NDN) is a new network architecture designed for next generation Internet. Router-side content caching is one of the key features in NDN, which can reduce redundant transmission, accelerate content distribution and alleviate congestion. However, several security problems are introduced as well. One important security risk is cache privacy leakage. By measuring the content retrieve time, adversary can infer its neighbor users' hobby for privacy content. Focusing on this problem, we propose a cache privacy protection mechanism (named as CPPM-DAM) to identify legitimate user and adversary using Bloom filter. An optimization for storage cost is further provided to make this mechanism more practical. The simulation results of ndnSIM show that CPPM-DAM can effectively protect cache privacy.

• Proceedings of the Korean Information Science Society Conference
• /
• 2011.06a
• /
• pp.116-119
• /
• 2011

Mobile devices are increasingly used, and changed persons' social habits of creating new relationship. While existed systems can not satisfied the principles of user-centered, convenient and ensure privacy. This paper describes an intelligent name-card exchange technique in context-aware smart phone, which has no verbose user operation, ability of intelligent match based on context-aware information, and privacy protection.

• Journal of Convergence for Information Technology
• /
• v.9 no.7
• /
• pp.1-7
• /
• 2019

With the recent commercialization of the next generation of wireless 5G in everyday life, many changes have been made to organizations, industries and businesses of various sizes in various fields. However, although the improved speed and latency of 5G has improved, improvements in encryption, authentication and privacy are still required. In this paper, multiple groups of information management techniques are proposed to efficiently protect users' privacy in the heterogeneous environment of 5G. The proposed technique aims to allow distributed management of users' privacy links by clouding the privacy information generated by different heterogeneous devices to efficiently interface with different groups. Suggestion techniques process user-specific privacy information independently in a virtual space so that users can periodically synchronize their privacy information.

• The Journal of the Korea Contents Association
• /
• v.9 no.4
• /
• pp.95-102
• /
• 2009

Recently, remote user authentication scheme protecting user anonymity using smart card has been researched with interest increasing on user privacy. Although authentication scheme providing user anonymity using smart card had been proposed by Das et al, Chien et al. pointed out Das et al. scheme fail to provide user anonymity and proposed new scheme to overcome the problem. A remote system Kim et al. proposed a scheme which is traceable about malicious user with protecting user anonymity. In this paper, we point out that Kim et a1. scheme fail to provide user anonymity and propose a scheme for some problems Kim et al. scheme has. And then we analysis our scheme on cryptophic security and efficiency with Kim scheme.