• Convergence Security Journal
• /
• v.19 no.5
• /
• pp.25-36
• /
• 2019

With the development of information and communication technology, hospitals that electronically process and manage medical information of patients are increasing. However, if medical information is processed electronically, there is still room for infringing personal information of the patient or medical staff. Accordingly, in 2017, the International Organization for Standardization (ISO) published ISO TS 25237 Health Information - Pseudonymization[1]. In this paper, we examine the re - identification process based on ISO TS 25237, the procedure and the problems of our proposed method. In addition, we propose a new processing scheme that adds a re-identification procedure to our secure differential privacy method [2] by keeping a mapping table between de-identified data sets and original data as ciphertext. The proposed method has proved to satisfy the requirements of ISO TS 25237 trust service providers except for some policy matters.

• Information Systems Review
• /
• v.25 no.1
• /
• pp.165-187
• /
• 2023

The continuous increase in life expectancy and high interest in health has brought about significant changes in the use of health information by the public according to the development of information technology represented by the Internet and smartphones. As the medical market expands to the mobile health environment, many health-related apps have been created and distributed, but the acceptance rate is slow as it has become challenging to provide services due to various regulations. In this study, perceived value, perceived risk factors (psychological risk, risk of time-loss, legal risk), and perceived benefits (usefulness, interaction, autonomy) were derived and verified as factors that affect the acceptance resistance of personal health record apps based on the privacy calculation model. In addition, by analyzing the moderating effect of trust in the manufacturer, how the perceived risk and perceived benefit affect the perceived value was verified. A survey was conducted on Korean college students who recognized the personal health record apps but did not use them, and 127 samples were analyzed using structural equations. As a result of hypothesis verification, perceived value has a negative effect on acceptance resistance, perceived risk (risk of time-loss) has a negative effect on perceived value, and perceived benefits (usefulness, interaction, autonomy) were found to have a positive effect on perceived value. Trust in manufacturers has weakened the impact of perceived risks (legal risk) on perceived values. This study is expected to play an important role in maintaining a competitive advantage in the personal health record app market environment by identifying and proposing detailed criteria for reducing the acceptance resistance of personal health record apps.

• International journal of advanced smart convergence
• /
• v.8 no.2
• /
• pp.204-210
• /
• 2019

Mobile Crowd Computing is one of the most efficient and effective way to collect the Electronic health records and they are very intelligent in processing them. Mobile Crowd Computing can handle, analyze and process the huge volumes of Electronic Health Records (EHR) from the high-performance Cloud Environment. Electronic Health Records are very sensitive, so they need to be secured, authenticated and processed efficiently. However, security, privacy and authentication of Electronic health records(EHR) and Patient health records(PHR) in the Mobile Crowd Computing Environment have become a critical issue that restricts many healthcare services from using Crowd Computing services .Our proposed Efficient Multi-layer Encryption Framework(MLEF) applies a set of multiple security Algorithms to provide access control over integrity, confidentiality, privacy and authentication with cost efficient to the Electronic health records(HER)and Patient health records(PHR). Our system provides the efficient way to create an environment that is capable of capturing, storing, searching, sharing, analyzing and authenticating electronic healthcare records efficiently to provide right intervention to the right patient at the right time in the Mobile Crowd Computing Environment.

• Journal of Korea Society of Industrial Information Systems
• /
• v.19 no.3
• /
• pp.57-66
• /
• 2014

This paper proposes the UHISRL(Ubiquitous Healthcare Information System based on Real Time Location) which manages patient, doctor, medicine by using RFID. The proposed UHISRL monitors the patient's health state, and enables us to confirm the result with Smart Phone and Tablet PC. Also, it can block Replay and Spoofing attack by using the ERHL(Extended Randomized Hash Lock) authentication scheme designed in this paper. A patient privacy is enhanced by limiting UHISRL DB access according to attributes with CP-ABE (Cipher Text - Attributed based Encryption) technique. Specially, UHISRL can prevent an unexpected accident by monitoring a chronic patient's emergency situation in real time.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.4
• /
• pp.826-842
• /
• 2024

As 5G and AI continue to develop, there has been a significant surge in the healthcare industry. The COVID-19 pandemic has posed immense challenges to the global health system. This study proposes an FL-supported edge computing model based on federated learning (FL) for predicting clinical outcomes of COVID-19 patients during hospitalization. The model aims to address the challenges posed by the pandemic, such as the need for sophisticated predictive models, privacy concerns, and the non-IID nature of COVID-19 data. The model utilizes the FATE framework, known for its privacy-preserving technologies, to enhance predictive precision while ensuring data privacy and effectively managing data heterogeneity. The model's ability to generalize across diverse datasets and its adaptability in real-world clinical settings are highlighted by the use of SHAP values, which streamline the training process by identifying influential features, thus reducing computational overhead without compromising predictive precision. The study demonstrates that the proposed model achieves comparable precision to specific machine learning models when dataset sizes are identical and surpasses traditional models when larger training data volumes are employed. The model's performance is further improved when trained on datasets from diverse nodes, leading to superior generalization and overall performance, especially in scenarios with insufficient node features. The integration of FL with edge computing contributes significantly to the reliable prediction of COVID-19 patient outcomes with greater privacy. The research contributes to healthcare technology by providing a practical solution for early intervention and personalized treatment plans, leading to improved patient outcomes and efficient resource allocation during public health crises.

• Culinary science and hospitality research
• /
• v.21 no.5
• /
• pp.25-37
• /
• 2015

By studying the awareness level of students, for the need to protect personal information, and also by studying students' level of perception as to which information needs protection, this study aims to show that increased education is beneficial, and necessary, across all university majors. This increased education is necessary to improve information security, and increase the responsible sharing of private data which has many benefits, specifically in the Healthcare field. Utilizing student volunteers across multiple majors at a university in South Korea. These questionnaires measured the students' awareness of private information, their perception of private information and also the students' experience in receiving university level education regarding private information and the need for its protection. This study shows that, when compared to students in other fields, students in the field of public health had a higher level of awareness regarding the consequences of personal information disclosure for both public purposes and medical research. Within the parameters of this study, this outcome can be explained as the result of exposure to educational curriculum which contained information related to personal information protection. This increased education raised the student's awareness of which information is considered private, as well as, which information is valuable when responsibly shared. As a result, this study shows that an increase in education regarding information privacy, should be included in all university majors, and gives us evidence to support that this additional education is valuable to students at all levels and should be encouraged.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1619-1637
• /
• 2016

With wide distribution of smart phones and development of mobile network, social network service (SNS) is displaying remarkable growth rates. Users build new social relations by sharing their interests, which brings surging growth to the SNS based on the combination between the strength of expanding the place for communication and distribution of smart phones featured with easy portability. This study is designed to understand impact factors of SNS on users in Korea and to conduct empirical research on casual relationship between the factors above and the factors affecting personal information behavior through the privacy protection and self-efficacy. In order to accomplish the objective above, the study presented a research model applied with key variables of the Health Belief Model (HBM) predicting behaviors capable of recognizing and preventing individual diseases in the field of health communication. To perform empirical verification on the research model of this study, a survey was conducted upon college students at N university located in Chungcheongnam-do and K university in rural area, who have experiences using the SNS. Through this survey, a total of 186 samples were collected, and path analysis was performed in order to analyze the relationship between the factors. Based on the findings from the survey, first, variables Perceived probability, Perceived severity, Perceived impairment of the HBM, key factors of personal information protection behavior on the SNS, were found to exhibit negative relationship with self-efficacy, and Perceived probability, Perceived benefit, Perceived impairment were found to exhibit negative relationship with privacy protection. But the above, Perceived severity showed positive relationship with privacy protection, and Perceived benefit and self-efficacy also displayed positive relationship. Second, although self-efficacy, a parameter, showed positive relationship with privacy protection, it demonstrated negative relationship with personal information protection behavior. Lastly, privacy protection exhibited positive relationship with personal information protection behavior. By presenting theoretical model reflected with characteristics of prevention based on these findings above unlike previous studies on personal information protection using technologies threatening personal information, this study is to provide theoretical and operational foundation capable of offering explanations how to predict personal information protection behavior on the SNS in the future.

• Journal of the Korean Society for information Management
• /
• v.29 no.4
• /
• pp.83-99
• /
• 2012

The present study surveyed 225 undergraduates to examine their social media use behaviors and their perceptions of usefulness, trustworthiness, and privacy of social media for seeking and sharing health information. 151 respondents reported using social media for health information while 74 reported not using it for health matters. Results show that the most popular medium were social Q&As, followed by blogs and social networking sites. Age, gender, school year, and the presence of a health problem were associated with the social media use behaviors. This study suggests the potential of social media as a desired channel for providing health information to undergraduates.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.291-307
• /
• 2021

There has been global efforts to prevent the further spread of the COVID-19 and get society back to normal. 'Contact tracing' is a crucial way to detect the infected person. However the contact tracing makes another concern about the privacy violation of the personal data of infected people, released by governments. Therefore Google and Apple are announcing a joint effort to enable the use of Bluetooth technology to help governments and health agencies reduce the spread of the virus, with user privacy and security central to the design. However, in order to provide the improved tracing application, it is necessary to identify potential security threats and investigate vulnerabilities for systematically. In this paper, we provide security analysis of Privacy-Preserving COVID-19 Contact Tracing App with STRIDE and LINDDUN threat models. Based on the analysis, we propose to adopt a verifiable computation scheme, Zero-knowledge Succinctness Non-interactive Arguments of Knowledges (zkSNARKs) and Public Key Infrastructure (PKI) to ensure both data integrity and privacy protection in a more practical way.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.725-734
• /
• 2024

The rapidly growing metaverse environment has received widespread attention across various fields such as health and medicine, culture and gaming, as well as politics. However, the excessive collection of personal data by the diverse sensors and devices used in the metaverse environment poses a substantial threat to user privacy. In this paper, we investigate existing cases of secure Multi-Party Computation(MPC) applications, examine the services anticipated to be necessary for the expansion of the metaverse environment, and analyze the privacy issues present in the metaverse environment as well as the limitations of current real-world services. Based on these findings, we propose application scenarios that utilize MPC to preserve user privacy in the metaverse environment. These proposed MPC application scenarios present a new perspective in metaverse security research. In the future, they are expected to be utilized in the development of secure metaverse services.