• Korea Journal of Hospital Management
• /
• v.15 no.2
• /
• pp.84-106
• /
• 2010

Ensuring the confidentiality of patient records is critical requirement for quality of care and in fulfilling legal obligation of healthcare organizations. This study analyzed the behavior of hospital employees who are dealing with confidential patient information in a hospital. Theory of Planned Behavior(TPB) model and TPB expanded models that add habit concept to TPB are tested for the validity in explaining the predisposing factors that affect the behavior of hospital employee in ensuring the confidentiality of patient records. Data were collected by administrating a survey to the 350 employee of a tertiary care hospital. Of the 350 questionaries distributed, 321 were responded resulting 92% of response rate. The mean differences among the groups classified by age, years of experience, gender, and occupation were analysis using ANOVA. The relationships among the concepts suggested in the models were analysed by applying the Structural Equations Modeling method. The results of ANOVA indicated significant mean differences in the frequency of confidentiality ensuing behavior. Administrative staff and medical technicians show higher frequency of ensuing behavior compared to the physicians and the nurses. And more experienced employee show more confidentiality ensuring behavior. The results of Structural Equations analysis showed that the strong effect of habit and attitude in predicting the behavior. However, the effect of perceived behavioral control was not significant. Based on the results the theoretical and practical implications are discussed.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.5
• /
• pp.439-444
• /
• 2016

This paper proposes the technique to protect the privacy of those who uses Smart Tourism Service based on location. The proposed privacy protection technique (1) generates a shared private key, OTK(One Time Key) without information exchanging Users with a Tourism Server and provides Users and a Tourism Server with message confidentiality by encrypting data with the key, (2) concatenates users' ID, login time(timestamp), and randomly-generated nonce, generates OTK by hashing with a hash function, encrypts users' location information and query by using the operation of OTK and XOR and provides Users and a Tourism Server with message confidentiality by sending the encrypted result. (3) protects a message replay attack by adding OTK and timestamp. Therefore, this paper not only provides data confidentiality and users' privacy protection but also guarantees the safety of location information and behavior pattern data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.13-29
• /
• 2005

An important characteristic of role-based access control model(RBAC) is that by itself it is policy neutral. This means RBAC articulates security policy without embodying particular security policy. Because of this reason, there are several researches to configure RBAC to enforce traditional mandatory access control(MAC) policy and discretionary access control(DAC) policy. Specifically, to simulate MAC using RBAC several researches configure a few RBAC components(user, role, role-hierarchy, user-role assignment and session) for keeping no-read-up rule and no-write-down rule ensuring one-direction information flow from low security level to high security level. We show these researches does not ensure confidentiality. In addition, we show the fact that these researches overlook violation of integrity due to some constraints of keeping confidentiality. In this paper we propose a RBAC model satisfying both confidentiality and integrity. We reexamine a few RBAC components and constructs additional constraints.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.37-50
• /
• 2022

Modern supply chains include multiple activities from collecting raw materials to transferring final products. These activities involve many parties who share a huge amount of valuable data, which makes managing supply chain systems a challenging task. Current supply chain management (SCM) systems adopt digital technologies such as the Internet of Things (IoT) and blockchain for optimization purposes. Although these technologies can significantly enhance SCM systems, they have their own limitations that directly affect SCM systems. Security, performance, and scalability are essential components of SCM systems. Yet, confidentiality and scalability are one of blockchain's main limitations. Moreover, IoT devices are lightweight and have limited power and storage. These limitations should be considered when developing blockchain-based IoT-SCM systems. In this paper, the requirements of efficient supply chain systems are analyzed and the role of both IoT and blockchain technologies in providing each requirement are discussed. The limitations of blockchain and the challenges of IoT integration are investigated. The limitations of current literature in the same field are identified, and a secure and scalable blockchain-based IoT-SCM system is proposed. The proposed solution employs a Hyperledger fabric blockchain platform and tackles confidentiality by implementing private data collection to achieve confidentiality without decreasing performance. Moreover, the proposed framework integrates IoT data to stream live data without consuming its limited resources and implements a dualstorge model to support supply chain scalability. The proposed framework is evaluated in terms of security, throughput, and latency. The results demonstrate that the proposed framework maintains confidentiality, integrity, and availability of on-chain and off-chain supply chain data. It achieved better performance through 31.2% and 18% increases in read operation throughput and write operation throughput, respectively. Furthermore, it decreased the write operation latency by 83.3%.

• International Journal of Computer Science & Network Security
• /
• v.23 no.7
• /
• pp.49-60
• /
• 2023

The amount of data generated by electronic systems through e-commerce, social networks, and data computation has risen. However, the security of data has always been a challenge. The problem is not with the quantity of data but how to secure the data by ensuring its confidentiality and privacy. Though there are several research on cloud data security, this study proposes a security scheme with the lowest execution time. The approach employs a non-linear time complexity to achieve data confidentiality and privacy. A symmetric algorithm dubbed the Non-Deterministic Cryptographic Scheme (NCS) is proposed to address the increased execution time of existing cryptographic schemes. NCS has linear time complexity with a low and unpredicted trend of execution times. It achieves confidentiality and privacy of data on the cloud by converting the plaintext into Ciphertext with a small number of iterations thereby decreasing the execution time but with high security. The algorithm is based on Good Prime Numbers, Linear Congruential Generator (LGC), Sliding Window Algorithm (SWA), and XOR gate. For the implementation in C, thirty different execution times were performed and their average was taken. A comparative analysis of the NCS was performed against AES, DES, and RSA algorithms based on key sizes of 128kb, 256kb, and 512kb using the dataset from Kaggle. The results showed the proposed NCS execution times were lower in comparison to AES, which had better execution time than DES with RSA having the longest. Contrary, to existing knowledge that execution time is relative to data size, the results obtained from the experiment indicated otherwise for the proposed NCS algorithm. With data sizes of 128kb, 256kb, and 512kb, the execution times in milliseconds were 38, 711, and 378 respectively. This validates the NCS as a Non-Deterministic Cryptographic Algorithm. The study findings hence are in support of the argument that data size does not determine the execution.

• Journal of the Korean Society of Manufacturing Technology Engineers
• /
• v.21 no.2
• /
• pp.297-304
• /
• 2012

Recently RFID (Radio Frequency Identification) technology advances in wireless communication technologies are bringing new challenges. But RFID tag packaging technology has been lagging compared to the demand, so this technology is being required to improve reliability. In this paper, reliability comparison among 11 types of most commonly used epoxy molding in electrical/electronic components packaging has been made through analysis of confidentiality using a humidity sensor. Consequently, the variation of moisture penetration time causes has been verified by the changes in molding thickness for 3 types of epoxy, and from the result, the best experimental results were observed in terms of confidentiality. Moreover we have been confirmed the relationship between confidentiality, the molding thickness, and thermal property of epoxy through thermal analysis.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.7
• /
• pp.1597-1602
• /
• 2010

Sarkar et al. proposed a new Cellular Automata(CA) based security scheme providing both authentication and confidentiality. The application of CA for designing the scheme makes it suitable for hardware implementation. But the proposed method by Sakar dt al. has some problems. In this paper, we analyze CA and give a method for detecting secret key.

• Journal of Preventive Medicine and Public Health
• /
• v.40 no.2
• /
• pp.122-129
• /
• 2007

During the last decade, genomic cohort study has been developed in many countries by linking health data and genetic data in stored samples. Genomic cohort study is expected to find key genetic components that contribute to common diseases, thereby promising great advance in genome medicine. While many countries endeavor to build biobank systems, biobank-based genome research has raised important ethical concerns including genetic privacy, confidentiality, discrimination, and informed consent. Informed consent for biobank poses an important question: whether true informed consent is possible in population-based genomic cohort research where the nature of future studies is unforeseeable when consent is obtained. Due to the sensitive character of genetic information, protecting privacy and keeping confidentiality become important topics. To minimize ethical problems and achieve scientific goals to its maximum degree, each country strives to build population-based genomic cohort research project, by organizing public consultation, trying public and expert consensus in research, and providing safeguards to protect privacy and confidentiality.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2117-2120
• /
• 2003

Trusted channel provides a means of secure communication and it includes security services such as confidentiality, authentication, and so on. This paper describes the implementation of trusted channel between secure operating systems that integrates access control mechanisms with FreeBSD kernel code[1]. The trusted channel we developed offers confidentiality an4 message authentication for network traffic based on the destination address. It is implemented in the kernel level of IP layer and transparent to users.

• 월간산업보건
• /
• s.217
• /
• pp.52-55
• /
• 2006