• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1435-1447
• /
• 2015

Finance Companies are operating a security solution such as E-DRM(Enterprise-Digital Right Management), Personal information search, DLP(Data Loss Prevention), Security of printed paper, Internet network separation system, Privacy monitoring system for privacy leakage prevention by insiders. However, privacy leakages are occurring continuously and it is difficult to the association analysis about relating to the company's internal and external distribution of private document. Because log system operated in the separate and independent security solutions. This paper propose a systematic chains that can correlatively analyze business systems and log among heterogeneous security solutions organically and consistently based on security documents. Also, we suggest methods of efficient detection for Life-Cycle management plan about security documents that are created in the personal computer or by individual through the business system and distribution channel tracking about security documents contained privacy.

• Journal of Digital Convergence
• /
• v.11 no.4
• /
• pp.57-69
• /
• 2013

Progresses in ICT make the processing and exchange of personal data across international borders often necessary and relatively easy. The challenge lies in protecting fundamental rights and freedoms of individuals, notably the right to privacy and the right to personal information, while encouraging the free and secure flow of information across borders for the continued expansion of online transactions. The key to establishing a functioning international solution for personal data protection is to strike a right balance between the two camps which currently dominate the debate - the advocates of individual privacy rights on one side exemplified by the EU, and the proponents of self-regulation and economic efficiency on the other, represented by the U.S. In the face of a growing tension between the two sides each equipped with their own ideals, a practical solution may lie in utilizing established institutions of standardization such as ISO and IEC as a ground upon which an agreement can take its root.

• Journal of Digital Convergence
• /
• v.13 no.4
• /
• pp.219-225
• /
• 2015

There has been an exponential growth in the distribution and possession of sensitive information because of the emergence of various information channels such as smart devices, social media, etc. This enables the internet based web or mobile service operation institutions collecting the more personal information with ease, and in turn causes the issues of the privacy concerns. Followings are the results of this study: First, the information privacy concern has the negative effects upon the trust. Second, the information privacy concern has the negative effects upon the provision intention of personal information and the trust has positive effects upon the offering intention of personal information. At last, the offering intention of the personal information has the positive effects upon the behavior to provide the personal information.

• Journal of Digital Convergence
• /
• v.12 no.2
• /
• pp.243-248
• /
• 2014

The demand for messenger service goes on growing rapidly with widespread use of smartphones. Generally, the smartphone messenger provides group communication functions in which users can make the group and communicate with each other. In the mobile meeting, the attendees can participate in the meeting with use of smartphone messengers wherever they are. To make the mobile meeting put to practical use, the mobility and privacy should be ensured to attendees. To satisfy the mobility requirement, the user which is not belong to the group members should not be able to participate in the meeting. To ensure the privacy requirement, the attendees should have not to repudiate the meeting results. In this study, the mobile meeting authentication scheme is proposed which provides mobility and privacy. The proposed scheme consists of meeting group creation, group key generation, group signature and verification protocols. All attendees should have to participate in the signature verification because it is based on the challenge-response type protocol. Thus, it's not possible to collude with malicious attendees to change the meeting results.

• Journal of Digital Convergence
• /
• v.13 no.1
• /
• pp.275-281
• /
• 2015

The recent health care is growing rapidly want to receive offers users a variety of medical services, can be exploited easily exposed to a third party information on the role of the patient's hospital staff (doctors, nurses, pharmacists, etc.) depending on the patient clearly may have to be classified. In this paper, in order to ensure safe use by third parties in the health care environment, classify the attributes of patient information and patient privacy protection technique using hierarchical multi-property rights proposed to classify information according to the role of patient hospital officials The. Hospital patients and to prevent the proposed method is represented by a mathematical model, the information (the data consumer, time, sensor, an object, duty, and the delegation circumstances, and so on) the privacy attribute of a patient from being exploited illegally patient information from a third party the prevention of the leakage of the privacy information of the patient in synchronization with the attribute information between the parties.

• Journal of Digital Convergence
• /
• v.17 no.11
• /
• pp.149-156
• /
• 2019

With widespread use of information technologies, information privacy issues have been gaining more attention by not only the public but also researchers. The number of studies on the issues has been increasing exponentially, which makes incomprehensible the whole picture of research outcome. Thus, it is necessary to conduct a systematic examination of past research. This study developed two competing models with four essential constructs in information privacy research and empirically tested the models with data obtained from previous studies. This study employed a quantitative meta-analysis method called TSSEM. It is one of MASEM methods in which structural equation modeling and meta-analysis are integrated. The analysis results indicated that risk-centric model exhibited much better model fits than those of concern-centric model. This study implies that traditional concern-centric model should be questioned it's explanatory power of the model and researchers may consider alternative risk-centric model to explain user's intention to provide privacy information.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.1020-1042
• /
• 2019

Reversible data hiding in encrypted images (RDHEI) provides some real-time cloud applications; i.e. the cloud, acting as a data-hider, automatically embeds timestamp in the encrypted image uploaded by a content owner. Many existing methods of RDHEI only satisfy user privacy in which the data-hider does not know the original image, but leaks owner privacy in which the receiver can obtains the original image by decryption and extraction. In the literature, the method of Zhang et al. is the one providing weak content-owner privacy in which the content-owner and data-hider have to share a data-hiding key. In this paper, we take care of the stronger notion, called strong content-owner privacy, and achieve it by presenting a new reversible data hiding in encrypted images. In the proposed method, image decryption and message extraction are separately controlled by different types of keys, and thus such functionalities are decoupled to solve the privacy problem. At the technique level, the original image is segmented along a Hilbert filling curve. To keep image privacy, segments are transformed into an encrypted image by using random permutation. The encrypted image does not reveal significant information about the original one. Data embedment can be realized by using pixel histogram-style hiding, since this property, can be preserved before or after encryption. The proposed method is a modular method to compile some specific reversible data hiding to those in encrypted image with content owner privacy. Finally, our experimental results show that the image quality is 50.85dB when the averaged payload is 0.12bpp.

• Korean Journal of Human Ecology
• /
• v.16 no.6
• /
• pp.1197-1209
• /
• 2007

The advance of digital contents industry shifts the focus of consumptions; from analogue to digital ones. It gives significant impact on individual life as well as overall society and culture, and it leads to the increased consumption of digital contents. Nevertheless, current digital contents industry fails to secure the sufficient consumer protection systems including relevant rules and laws which regulate the distribution, use, and other transaction activities of digital contents and the efforts, on the part of contents providers, to provide information to consumers and to protect them. Digital contents, by its nature, is different from the existing products so that its nature is likely to cause unique consumer problems totally different from the offline transactions and the electrical transactions of existing products. This study, therefore, aims to identify the possible problems which may be incurred by consumers in their use of digital contents, specify the types of consumer damages, and provide the underlying materials to improve the systems related to digital contents and take legally complementary measures for consumer protection. To identify the types of consumer damages, this study analyzed the results from consumer counselling cases, experts opinion survey, and FGI. For consumer damage cases, this study analyzed the consumer complaints received by open consumer counselling sites of the Korea Consumer Agency and Seoul Electronic Commerce Center. For experts opinion survey, it conducted questionnaire survey of the group of experts from digital contents manufacturers or providers, and those who treated consumer damages directly. For FGI analysis, it organized a panel of students and employees who had used digital contents to understand the types of consumer damages. The results of this study can be summed up as follows. Based on the results from consumer counselling cases, experts opinion survey, and FGI analysis, the consumer damages related to digital contents can be classified, in their nature, into economic or financial damages (25 cases), emotional or psychological ones (15 cases), time-related ones (7 cases), physical ones (4 cases), and privacy-related ones (i.e. leakage of personal data)(3 cases). More specifying the types of damages, damages can be subdivided into contract-, charge-, maintenance-, use-, individual-related ones and other ones. Among them, both contract- and charge-related damages appeared only in the economic or financial damages, whereas user-specific individual damages appeared only in physical and emotional or psychological ones. On the other hand, maintenance- and use-related damages and other ones were observed in both categories of economical or financial damages and time-related ones. Use- and privacy-related damages, in particular, caused emotional or psychological damages.

• Journal of Digital Convergence
• /
• v.10 no.9
• /
• pp.27-37
• /
• 2012

Internet privacy has become a significant issue in recent years in light of the sharp increase in internet-based social and economic activities. The technology which collects, processes and disseminates personal information is improving significantly and the demand for personal information is rising given its inherent value in regard to targeted marketing and customized services. The high value placed on personal information has turned it into a commodity with economic worth which can be transacted in the marketplace. Therefore, it is strongly required to approach the issue of privacy from economic perspective in addition to the prevailing approaches. This article analyzes the behaviors of consumers and firms in gathering personal information, and shielding it from unauthorized access, using a game theory framework in which players strive to do their best under the given conditions. The analysis shows that there exist no market forces which require all firms to respect consumer privacy, and that government intervention in the form of a nudging incentive for information sharing and/or strict regulation is necessary.

• Journal of Digital Convergence
• /
• v.16 no.1
• /
• pp.217-229
• /
• 2018

Electronic Health Record (EHR) systems are widely adopted worldwide in hospitals for generating and exchanging records of patient information. Recent developments are moving towards implementing interoperable EHR systems that enable information to be shared seamlessly across healthcare organizations. In this context, this paper explores the factors that cause medical information privacy concerns, identifies how people react to privacy invasion and what their perceptions are towards the acceptance of the EHR system. Interviews were conducted to draw a grounded theory on medical information privacy concerns in the use of EHRs. Medical information privacy concerns are caused by perceived sensitivity of medical information and the weaknesses in security technologies. Trust in medical professionals, medical institutions and technologies plays an important role in determining people's reaction to privacy invasion and their perceptions on the use of EHRs.