• Journal of Digital Contents Society
• /
• v.9 no.4
• /
• pp.697-705
• /
• 2008

The recent web technology has been developed by three mainsprings which include integration, virtualization, and socialization. The web technology provides the increment of the social networking ability. However it deepens the exposure of privacy about personal information as more complicating and difficult problems. Representatively, it is impossible to define and manage the specific relation, so the personal information and interest can be inferred from collecting and summarizing the contents. Also, there are some problems that it is hard to construct the information owner's own social network. Thus this paper proposes the RCBAC(Relationship-Content based Access Control) Model which applies both the concepts of Relationship and Content Semantic to the existing access control methods to protect the user's own digital contents in web 2.0 environment. This method prevents privacy such as personal inclination from being exposed and enables to define and manage the specific relation. By doing this the information owners can construct their social network. This social network can be applied and extended to web contents.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.589-598
• /
• 2019

The amount of digital data a is explosively growing, and these data have large potential values. Countries and companies are creating various added values from vast amounts of data, and are making a lot of investments in data analysis techniques. The privacy problem that occurs in data analysis is a major factor that hinders data utilization. Recently, as privacy violation attacks on neural network models have been proposed. researches on artificial neural network technology that preserves privacy is required. Therefore, various privacy preserving artificial neural network technologies have been studied in the field of differential privacy that ensures strict privacy. However, there are problems that the balance between the accuracy of the neural network model and the privacy budget is not appropriate. In this paper, we study differential privacy techniques that preserve the performance of a model within a given privacy budget and is resistant to model inversion attacks. Also, we analyze the resistance of model inversion attack according to privacy preservation strength.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.311-318
• /
• 2013

It is very important to design security policy and technical framework on sensitive private data in order to protect user privacy in smart grid environment. This paper introduces secret data sharing schemes proposed for privacy protection in smart grid, and presents technical problems of them. The proposed scheme in this paper, reduces the number of rounds in sharing process and also in restoration process, and can select how many databases would be used, so eventually it shows enhancements in terms of efficiency and security.

• Journal of Digital Convergence
• /
• v.11 no.5
• /
• pp.291-298
• /
• 2013

Metering scheme is composed of servers, clients, and an audit agency who collects the information for the clients which have been processed by servers. Although many efficient and secure metering schemes have been proposed in the literature, they do not consider the client privacy issue. To mitigate this limitation of the related work, we propose a metering scheme to protect the privacy of clients in internet. More specifically, we apply RSA based blind signature to the interaction between client and audit agency. If a client spends metering information to the server more than twice, the identity of the client is revealed by the server or audit agency.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.11
• /
• pp.2717-2722
• /
• 2013

Sophisticated business intelligent software and personalized web services help collecting and mining huge amounts of personal information. This increase in digitalized personal information and advances in Internet technologies poses new challenges to consumers' information privacy. Based on the identified concept of information privacy concerns (IPC), this study additionally explores the interrelationships among consumers' individual characteristics(self-efficacy, digital literacy, customer alienation), customer satisfaction and intention to buy in e-commerce process. Academically, this study extends IPC to an empirical research model by identifying the conceptualization and organization of IPC. Moreover, practically, e-commerce providers can develop how to relieve IPC of online consumers.

• Journal of Information Processing Systems
• /
• v.18 no.2
• /
• pp.245-257
• /
• 2022

In the Internet of Things (IoT) era, the types of devices used by one user are becoming more diverse and the number of devices is also increasing. However, a forensic investigator is restricted to exploit or collect all the user's devices; there are legal issues (e.g., privacy, jurisdiction) and technical issues (e.g., computing resources, the increase in storage capacity). Therefore, in the digital forensics field, it has been a challenge to acquire information that remains on the devices that could not be collected, by analyzing the seized devices. In this study, we focus on the fact that multiple devices share data through account synchronization of the online platform. We propose a novel way of identifying the user's interest through analyzing the remnants of targeted advertising which is provided based on the visited websites or search terms of logged-in users. We introduce a detailed methodology to pick out the targeted advertising from cache data and infer the user's interest using deep learning. In this process, an improved learning model considering the unique characteristics of advertisement is implemented. The experimental result demonstrates that the proposed method can effectively identify the user interest even though only one device is examined.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.4
• /
• pp.111-116
• /
• 2019

The digital forensic analysis ensures the integrity of confiscated data by calculating hash values for seizure and search of digital evidence and receiving confirmation and signature from participants. However, evidence that is irrelevant to the alleged offense needs to be deleted even after seizure from the point of view of privacy. But the hash value is altered by deleting the irrelevant data from the image file, one will not be able to prove that the file is in the initial state when it was seized. Therefore, in this paper, a study was conducted to support the integrity of the digital evidence, even if some of the seized digital evidence was deleted or damaged during the seizure search. The hash value of each data is calculated and hash value of the combination of hash values are also calculated. Even if the unrelated evidence is deleted from the seized evidence regardless of file system such as FAT or NTFS, the suggested method presented a way to provide the integrity that proves there is no change in the evidence file.

• Journal of Digital Contents Society
• /
• v.18 no.8
• /
• pp.1671-1676
• /
• 2017

In theses days, data has been explosively generated in diverse industrial areas. Accordingly, many industries want to collect and analyze these data to improve their products or services. However, collecting user data can lead to significant personal information leakage. Local differential privacy (LDP) proposed by Google is the state-of-the-art approach that is used to protect individual privacy in the process of data collection. LDP guarantees that the privacy of the user is protected by perturbing the original data at the user's side, but a data collector is still able to obtain population statistics from collected user data. However, the prevention of leakage of personal information through such data perturbation mechanism may cause the significant reduction in the data utilization. Therefore, the degree of data perturbation in LDP should be set properly depending on the data collection and analysis purposes. Thus, in this paper, we develop the simulation tool which aims to help the data collector to properly chose the degree of data perturbation in LDP by providing her/him visualized simulated results with various parameter configurations.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.10B
• /
• pp.648-659
• /
• 2005

One's identity on the Internet has been disclosed and abused without his consent. Personal information must be protected by appropriate security safeguard. An Individual should have the right to know whether his personal details have been collected and stored. This paper proposes various conceptual models for designing privacy enabling service architecture in the Internet identity management system. For the restriction of access to personal information, we introduce the owner's policy and the management policy The owner's policy should provide the user with enough information to manage easily and securely his data. To control precisely and effectively all personal information in the Identity provider, we propose the privacy management policy and the privacy authorization model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.869-878
• /
• 2018

Digital Evidence Data in cyberspace is easy to modify or delete, and changes are reflected in real time, so it is necessary to acquire evidence data quickly. Collecting evidence on the client side is advantageous in that data can be acquired without time delay due to additional administrative procedures, but collection of large data is likewise vulnerable to collection time delay problem. Therefore, this paper proposes an automated evidence collection method on the client side, focusing on the major web-based services in cyberspace, and enables efficient evidence collection for large volumes of data. Furthermore, we propose a digital evidence collection system in cyberspace that guarantees the integrity of the collected digital evidence until the court submission.