• Journal of the Korea Society of Computer and Information
• /
• v.10 no.4 s.36
• /
• pp.305-313
• /
• 2005

Spyware is any software which employs a user's Internet connection in the background without their knowledge or explicit permission. The installation of spywares is generally done in a sneaky, misleading or unannounced manner. It does not only compromise the security and privacy of affected users but also be an obstruction to the digital convergence and ubiquitous computing environments. This paper provides a summary of the definition, status, risk analysis, and security controls of the spywares. Furthermore, this paper suggests additional controls which should be considered at an individual, organizational and national perspective.

• The KIPS Transactions:PartC
• /
• v.17C no.2
• /
• pp.159-164
• /
• 2010

The data wiping is a technique which perfectly deletes data in a storage to prevent data recovery. Currently, management of stored data is important because of increasing an accident of personal information leakage. Especially, if you need to discard data contained personal information, using a wiping tool which permanently deletes data to prevent unnecessary personal information leakage. The data wiping is also used for data security and privacy protection. However the data wiping can be used intentionally destruction of evidence. This intentionally destruction of evidence is important clues of forensic investigation. This paper demonstrates the methods for detecting the usage of wiping tools in digital forensic investigation.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.257-260
• /
• 2014

Digital Forensics in the event of an accident, the system restore files and the only way to find evidence KT Website hacking happening now, credit card companies, and leakage of personal information by three recent spills occurred, such as Skin Food Home Up Customer Information hackers to find these crimes only means as well. This study attempted to bypass the KT website hacking attacks utilizing automated programs hacking programs, and if you try to experiment on whether any information has been disclosed and if so what home attacked forensics evidence for hackers to locate the can make a report is described.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.93-103
• /
• 2009

Since message forgery or alteration in VANET may cause severe consequences, authentication of critical messages must be provided. However, using normal digital signature may infringe privacy of drivers. Therefore, VANET requires authentication systems that provide conditional anonymity. In this paper, we propose a new authentication system for VANET. In our proposed system, each vehicle can update its pseudonym using re-encryption technique and digitally sign messages using representation problem on the pseudonym. By limiting the usage period, revocation of individual pseudonym is not required. Moreover, we also provide a way to revoke the vehicle itself. Secureness of our system partially rely on the usage of tamper-resistance hardware.

• International Journal of Computer Science & Network Security
• /
• v.21 no.2
• /
• pp.21-39
• /
• 2021

The acceptance of smartphone applications in the learning field is one of the most significant challenges for higher education institutions in Saudi Arabia. These institutions serve large and varied sectors of society and have a tremendous impact on the knowledge gained by student segments at various ages. M-learning is of great importance because it provides access to learning through a wide range of mobile networks and allows students to learn at any time and in any place. There is a lack of quality requirements for M-learning applications in Saudi societies partly because of mandates for high levels of privacy and gender segregation in education (Garg, 2013; Sarrab et al., 2014). According to the Saudi Arabian education ministry policy, gender segregation in education reflects the country's religious and traditional values (Ministry of Education, 2013, No. 155). The opportunity of many applications would help the Saudi target audience more easily accept M-learning applications and expand their knowledge while maintaining government policy related to religious values and gender segregation in the educational environment. In addition, students can share information through the online framework without breaking religious restrictions. This study uses a quantitative perspective to focus on defining the technical aspects and learning requirements for distributing knowledge among students within the digital environment. Additionally, the framework of the unified theory of acceptance and use of technology (UTAUT) is used to modify new constructs, called application quality requirements, that consist of quality requirements for systems, information, and interfaces.

• Archives of Plastic Surgery
• /
• v.48 no.3
• /
• pp.295-304
• /
• 2021

Clinical photography is an essential component of patient care in plastic surgery. The use of unsecured smartphone cameras, digital cameras, social media, instant messaging, and commercially available cloud-based storage devices threatens patients' data safety. This paper Identifies potential risks of clinical photography and heightens awareness of safe clinical photography. Specifically, we evaluated existing risk-mitigation strategies globally, comparing them to industry standards in similar settings, and formulated a framework for developing a risk-mitigation plan for avoiding data breaches by identifying the safest methods of picture taking, transfer to storage, retrieval, and use, both within and outside the organization. Since threats evolve constantly, the framework must evolve too. Based on a literature search of both PubMed and the web (via Google) with key phrases and child terms (for PubMed), the risks and consequences of data breaches in individual processes in clinical photography are identified. Current clinical-photography practices are described. Lastly, we evaluate current risk mitigation strategies for clinical photography by examining guidelines from professional organizations, governmental agencies, and non-healthcare industries. Combining lessons learned from the steps above into a comprehensive framework that could contribute to national/international guidelines on safe clinical photography, we provide recommendations for best practice guidelines. It is imperative that best practice guidelines for the simple, safe, and secure capture, transfer, storage, and retrieval of clinical photographs be co-developed through cooperative efforts between providers, hospital administrators, clinical informaticians, IT governance structures, and national professional organizations. This would significantly safeguard patient data security and provide the privacy that patients deserve and expect.

• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.131-146
• /
• 2022

The Internet is becoming a basic need for many individuals globally in this digital age. The youths became more active online than before, with the majority relying on different platforms to communicate and interact with peers. Saudi Arabia is one of the nations where internet usage is high, with an increasing number of active internet users. The youth in Saudi Arabia are engaged in various online platforms. However, they lack adequate knowledge about cybersecurity and the dangers of internet usage, which exposes them to the risk of falling victims to cybercriminals. The most common dangers of internet usage include viruses, malware, phishing, and hacking, compromising users' sensitive information. Increased awareness of these potential threats helps protect Internet users and secure their data. The understanding of the dangers of Internet usage among youths varies across countries. In this regard, our study explores the risks of internet usage among youth in Saudi Arabia compared to the United States, South Africa, and New Zealand.

• Journal of the Korean Society of Systems Engineering
• /
• v.18 no.2
• /
• pp.11-23
• /
• 2022

Although artificial intelligence(AI) is a key technology in the digital transformation among the emerging technologies, there are concerns about the use of AI, so many countries have been trying to set up a proper regulation system. This study analyzes the cases of the regulation policies on AI in USA, EU and Korea with the aim to set up and improve proper AI policies and strategies in Korea. In USA, the establishment of the code of ethics for the use of AI is led by private sector. On the other side, Europe is strengthening competitiveness in the AI industry by consolidating regulations that are dispersed by EU members. Korea has also prepared and promoted policies for AI ethics, copyright and privacy protection at the national level and trying to change to a negative regulation system and improve regulations to close the gap between the leading countries and Korea in AI. Moreover, this study analyzed the course of policy changes of AI regulation policy centered on ACF(Advocacy Coalition Framework) model of Sabatier. Through this study, it proposes hyper-scale AI regulation policy recommendations for improving competitiveness and commercialization in Korea. This study is significant in that it can contribute to increasing the predictability of policy makers who have difficulties due to uncertainty and ambiguity in establishing regulatory policies caused by the emergence of hyper-scale artificial intelligence.

• International Journal of Computer Science & Network Security
• /
• v.23 no.10
• /
• pp.214-224
• /
• 2023

Fraudulence, cheating, and deception can occur in the commercial real estate (CRE) industry, besides the difficulty in searching for and transferring properties while ensuring the operation is processed through an authoritative source in a trusted manner. Nowadays, real estate transactions use neutral third parties to sell land. Indeed, properties can be sold by the owners or third parties multiple times or without a proper deed. Moreover, third parties request a large amount of money to mediate between the seller and buyer. Methods: We propose a new framework that uses a private blockchain network and predefined BPMN instances to enable the fast and easy recording of deeds and their proprietary transfer management controlled by the government. The blockchain allows for multiple verifications of transactions by permitted parties called peers. It promotes transparency, privacy, trust, and commercial competition. Results: We demonstrated the easy adoption of blockchain for land registration and transfer. The paper presents a prototype of the implemented product that follows the proposed framework. Conclusion: The use of Blockchain-based solutions to resolve the current land registration and transfer issues is promising and will contribute to smart cities and digital governance.

• Information Systems Review
• /
• v.18 no.3
• /
• pp.209-233
• /
• 2016

Internet companies that utilize social network have increased in number. The introduction of diverse social media services facilitated innovative changes in e-business. Social network service (SNS), which is a domain of social media, is a web-based service designed to strengthen human relations in the Internet and build new social relations. The remarkable growth of social network services and the profit generation and perception of this service are the new growth engines of this digital age. Given this development, many global IT companies views SNS as the most powerful form of social media. Thus, they invest efforts to develop business models using SNS.2) This study verifies the impact of privacy exposure in SNS as a result of privacy invasion. This study examines the purpose of using the SNS and user's awareness of the significance of personal information, which are key factors that affect self-disclosure of personal information. This study utilizes theory of reasoned action (TRA) to provide a theoretical platform that describes the specific behavior and emotional response of individuals. This study presents a research model that considers negative attitude (negatude). In this model, self-disclosure in SNS is considered a TRA. TRA is a subjective norm, a behavioral intention, and a key variable of exposure behavior. A survey was conducted on college students at Y university in Seoul to empirically verify the research model. The students have experiences in using SNS. A total of 198 samples were collected. Path analysis was applied to analyze the relations of factors. The results of path analysis show the statistically insignificant impact of privacy invasion on negatude, subjective norm, behavioral intention, and exposure behavior. The impact of unrecognized privacy invasion was also considered insignificant. The impacts of intention to use SNS on negatude, subjective norm, behavioral intention, and exposure behavior was significant. A significant impact was also found for the significance of personal information on subjective norm, behavioral intention, and exposure behavior, whereas the impact on negatude was insignificant. The impact of subjective norm on behavioral intention was significant. Lastly, the impact of behavioral intention on exposure behavior was insignificant. These findings are significant because the study examined the process of self-disclosure by integrating psychological and social factors based on theoretical discussion.