• Title/Summary/Keyword: privacy and security

Search Result 1,492, Processing Time 0.025 seconds

A Study on the Privacy Security Management under the Cloud Computing Service Provider (클라우드 컴퓨팅 서비스 제공자의 개인정보보호 조치방안에 대한 연구)

  • Yu, Woo-Young;Lim, Jong-In
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.2
    • /
    • pp.337-346
    • /
    • 2012
  • According to cloud computing service is increasing of using the Internet technology, it's increasing privacy security risks and out of control of security threats. However, the current cloud computing service providers does not provide to solutions of the privacy security management. This paper discusses the privacy security management issue of cloud computing service, and propose solutions to privacy information threats in cloud computing environment.

A Method to Elicit Privacy Requirements and Build Privacy Assurance Cases for Privacy Friendly System (프라이버시 친화 시스템 개발을 위한 프라이버시 요구사항 도출 및 보증 사례 작성)

  • Cho, Ju Hye;Lee, Seok-Won
    • Journal of KIISE
    • /
    • v.44 no.9
    • /
    • pp.918-931
    • /
    • 2017
  • Recently, the spread of smartphones and various wearable devices has led to increases in the accumulation and usage of personal information. As a result, privacy protection has become an issue. Even though there have been studies and efforts to improve legal and technological security measures for protecting privacy, personal information leakage accidents still occur. Rather than privacy requirements, analysts mostly focus on the implementation of security technology within software development. Previous studies of security requirements strongly focused on supplementing the basic principles and laws for privacy protection and securing privacy requirements without understanding the relationship between privacy and security. As a result, personal information infringement occurs continuously despite the development of security technologies and the revision of the Personal Information Protection Act. Therefore, we need a method for eliciting privacy requirements based on related privacy protection laws that are applicable to software development. We also should clearly specify the relationship between privacy and security. This study aims to elicit privacy requirements and create privacy assurances cases for Privacy Friendly System development.

Analyses of Security, Privacy Issues and Challenges for RFID System

  • Kim, Jung-Tae
    • Journal of information and communication convergence engineering
    • /
    • v.9 no.6
    • /
    • pp.701-705
    • /
    • 2011
  • RFID is a widely adopted in the field of identification technology these days. Radio Frequency IDentification (RFID) has wide applications in many areas including manufacturing, healthcare, and transportation. Because limited resource RFID tags are used, various risks could threaten their abilities to provide essential services to users. A number of RFID protocols have done by researcher in order to protect against some malicious attacks and threat. Existing RFID protocols are able to resolve a number of security and privacy issues, but still unable to overcome other security & privacy related issues. In this paper, we analyses security schemes and vulnerability in RFID application. Considering this RFID security issues, we survey the security threats and open problems related to issues by means of information security and privacy. Neither a symmetric nor an asymmetric cryptographic deployment is necessarily used with light weighted algorithm in the future.

A Review of Security and Privacy of Cloud Based E-Healthcare Systems

  • Faiza Nawaz;Jawwad Ibrahim;Maida Junaid
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.6
    • /
    • pp.153-160
    • /
    • 2024
  • Information technology plays an important role in healthcare. The cloud has several applications in the fields of education, social media and medicine. But the advantage of the cloud for medical reasons is very appropriate, especially given the large volume of data generated by healthcare organizations. As in increasingly health organizations adopting towards electronic health records in the cloud which can be accessed around the world for various health issues regarding references, healthcare educational research and etc. Cloud computing has many advantages, such as "flexibility, cost and energy savings, resource sharing and rapid deployment". However, despite the significant benefits of using the cloud computing for health IT, data security, privacy, reliability, integration and portability are some of the main challenges and obstacles for its implementation. Health data are highly confidential records that should not be made available to unauthorized persons to protect the security of patient information. In this paper, we discuss the privacy and security requirement of EHS as well as privacy and security issues of EHS and also focus on a comprehensive review of the current and existing literature on Electronic health that uses a variety of approaches and procedures to handle security and privacy issues. The strengths and weaknesses of some of these methods were mentioned. The significance of security issues in the cloud computing environment is a challenge.

Big Data Security and Privacy: A Taxonomy with Some HPC and Blockchain Perspectives

  • Alsulbi, Khalil;Khemakhem, Maher;Basuhail, Abdullah;Eassa, Fathy;Jambi, Kamal Mansur;Almarhabi, Khalid
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.7
    • /
    • pp.43-55
    • /
    • 2021
  • The amount of Big Data generated from multiple sources is continuously increasing. Traditional storage methods lack the capacity for such massive amounts of data. Consequently, most organizations have shifted to the use of cloud storage as an alternative option to store Big Data. Despite the significant developments in cloud storage, it still faces many challenges, such as privacy and security concerns. This paper discusses Big Data, its challenges, and different classifications of security and privacy challenges. Furthermore, it proposes a new classification of Big Data security and privacy challenges and offers some perspectives to provide solutions to these challenges.

A Survey on Security Schemes based on Conditional Privacy-Preserving in Vehicular Ad Hoc Networks

  • Al-Mekhlafi, Zeyad Ghaleb;Mohammed, Badiea Abdulkarem
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.11
    • /
    • pp.105-110
    • /
    • 2021
  • Contact between Vehicle-to-vehicle and vehicle-to-infrastructural is becoming increasingly popular in recent years due to their crucial role in the field of intelligent transportation. Vehicular Ad-hoc networks (VANETs) security and privacy are of the highest value since a transparent wireless communication tool allows an intruder to intercept, tamper, reply and erase messages in plain text. The security of a VANET based intelligent transport system may therefore be compromised. There is a strong likelihood. Securing and maintaining message exchange in VANETs is currently the focal point of several security testing teams, as it is reflected in the number of authentication schemes. However, these systems have not fulfilled all aspects of security and privacy criteria. This study is an attempt to provide a detailed history of VANETs and their components; different kinds of attacks and all protection and privacy criteria for VANETs. This paper contributed to the existing literature by systematically analyzes and compares existing authentication and confidentiality systems based on all security needs, the cost of information and communication as well as the level of resistance to different types of attacks. This paper may be used as a guide and reference for any new VANET protection and privacy technologies in the design and development.

Unified Modeling for RFID Privacy to Enhance Security Issues (보안성 문제를 개선하기 위한 RFID 보안성에 대한 모델링 기법)

  • Kim, Jung-Tae
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2012.05a
    • /
    • pp.899-900
    • /
    • 2012
  • RFID technology can help automatically and remotely identify objects, which raises many security concerns. We review and categorize several RFID security and privacy solutions, and conclude that the most promising and low-cost approach currently attracts little academic attention. We therefore concluded that, from a privacy perspective, the user scheme is an important strategy for meeting the consumer's needs. Furthermore, we call for the privacy research community to put more effort into this line of thinking about RFID privacy.

  • PDF

Privacy Enhanced Security Mechanism for Grid Applications

  • Park, Sang-Bae
    • International Journal of Contents
    • /
    • v.6 no.3
    • /
    • pp.15-18
    • /
    • 2010
  • Grid system is based on the Grid Security Infrastructure (GSI). GSI uses user's proxy to guarantee availability among multi-trust domains. Since grid system has been developed focusing on availability, GSI provides authentication and authorization performed by systems, but there are lacks of privacy consideration. For this reason, some researchers decide to use their own cluster system and do not want to use public grid systems. In this paper, we introduce a new privacy enhanced security mechanism for grid systems. With this mechanism, user can participate in resource allocation and authorization to user's contents more actively. This mechanism does not need to change previous middleware and minimize the computational overheads.

Personal Information Management System (PIMS) improvement research using cloud computing security (개인정보관리체계계(PIMS)를 이용한 클라우드컴퓨팅 개인정보 보안 개선 방안 연구)

  • Jeong, Hyein;Kim, Seongjun
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.12 no.3
    • /
    • pp.133-155
    • /
    • 2016
  • Recently, in the adoption of cloud computing are emerging as locations are key requirements of security and privacy, at home and abroad, several organizations recognize the importance of privacy in cloud computing environments and research-based transcription and systematic approach in progress have. The purpose of this study was to recognize the importance of privacy in the cloud computing environment based on personal information security methodology to the security of cloud computing, cloud computing, users must be verified, empirical research on the improvement plan. Therefore, for existing users of enhanced security in cloud computing security consisted framework of existing cloud computing environments. Personal information protection management system: This is important to strengthen security for existing users of cloud computing security through a variety of personal information security methodology and lead to positive word-of-mouth to create and foster the cloud industry ubiquitous expression, working environments.

Privacy Control Using GRBAC In An Extended Role-Based Access Control Model (확장된 역할기반 접근제어 모델에서 GRBAC을 이용한 프라이버시 제어)

  • Park Chong hwa;Kim Ji hong;Kim Dong kyoo
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.30 no.3C
    • /
    • pp.167-175
    • /
    • 2005
  • Privacy enforcement has been one of the most important problems in IT area. Privacy protection can be achieved by enforcing privacy policies within an organization's online and offline data processing systems. Traditional security models are more or less inappropriate for enforcing basic privacy requirements, such as purpose binding. This paper proposes a new approach in which a privacy control model is derived from integration of an existing security model. To this, we use an extended role-based access control model for existing security mechanism, in which this model provides context-based access control by combining RBAC and domain-type enforcement. For implementation of privacy control model we use GRBAC(Generalized Role-Based Access Control), which is expressive enough to deal with privacy preference. And small hospital model is considered for application of this model.