• Knowledge Management Research
• /
• v.22 no.2
• /
• pp.33-53
• /
• 2021

Use of mobile apps being extended, privacy concern on the side of the users is increased while they are willing to provide the private information to use the apps. In this study, we tried to identify the motivating elements that influence the users' intention to use the apps, based on the tendency towards regulatory focus and the privacy calculus theory. To verify the study model, we collected data from 151 adults who use health apps throughout the country, and analyzed the data using the PLS-SEM method. According to the result of the study, it was turned out that tendency towards promotion focus had negative impact on privacy concern and privacy danger, and tendency towards prevention focus had positive impact on privacy concern. Privacy concern had negative impact on the intention to use the mobile apps, and privacy benefit and privacy knowledge had positive impact on the intention to use the mobile apps. Finally, the intention to use the mobile apps had positive impact on the intention to continue to use the mobile apps. In this study, we identified different impacts of two types of tendency towards regulatory focus on privacy concern, and identified different influences on the intention to use the mobile apps accordingly.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.3
• /
• pp.1100-1118
• /
• 2021

In a wide range of ML applications, the training data contains privacy-sensitive information that should be kept secure. Training the ML systems by privacy-sensitive data makes the ML model inherent to the data. As the structure of the model has been fine-tuned by training data, the model can be abused for accessing the data by the estimation in a reverse process called model inversion attack (MIA). Although, MIA has been applied to shallow neural network models of recognizers in literature and its threat in privacy violation has been approved, in the case of a deep learning (DL) model, its efficiency was under question. It was due to the complexity of a DL model structure, big number of DL model parameters, the huge size of training data, big number of registered users to a DL model and thereof big number of class labels. This research work first analyses the possibility of MIA on a deep learning model of a recognition system, namely a face recognizer. Second, despite the conventional MIA under the white box scenario of having partial access to the users' non-sensitive information in addition to the model structure, the MIA is implemented on a deep face recognition system by just having the model structure and parameters but not any user information. In this aspect, it is under a semi-white box scenario or in other words a gray-box scenario. The experimental results in targeting five registered users of a CNN-based face recognition system approve the possibility of regeneration of users' face images even for a deep model by MIA under a gray box scenario. Although, for some images the evaluation recognition score is low and the generated images are not easily recognizable, but for some other images the score is high and facial features of the targeted identities are observable. The objective and subjective evaluations demonstrate that privacy cyber-attack by MIA on a deep recognition system not only is feasible but also is a serious threat with increasing alert state in the future as there is considerable potential for integration more advanced ML techniques to MIA.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.10
• /
• pp.4995-5014
• /
• 2018

As the area covered by the CPS grows wider, agencies such as public institutions and critical infrastructure are collectively measuring and evaluating information security capabilities. Currently, these methods of measuring information security are a concrete method of recommendation in related standards. However, the security controls used in these methods are lacking in connectivity, causing silo effect. In order to solve this problem, there has been an attempt to study the information security management system in terms of maturity. However, to the best of our knowledge, no research has considered the specific definitions of each level that measures organizational security maturity or specific methods and criteria for constructing such levels. This study developed an information security maturity model that can measure and manage the information security capability of critical infrastructure based on information provided by an expert critical infrastructure information protection group. The proposed model is simulated using the thermal power sector in critical infrastructure of the Republic of Korea to confirm the possibility of its application to the field and derive core security processes and goals that constitute infrastructure security maturity. The findings will be useful for future research or practical application of infrastructure ISMSs.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.1
• /
• pp.189-193
• /
• 2014

SNS (Social Network Service) has evolved to life-friendly service with the combination of local services. Unlike exsiting mobile services, life-friendly service is expected to be personalized with gathering of local information, location information and social network service information. In the process of gathering various kinds of information, Big-data technology and Cloud technology is needed. The effective algorithem has researched for this already, however the privacy protection model hasn't researched enough in life-friendly service or big-data using circumstance. In this paper, the privacy issue is dealt with in terms of 'Structure hole', and the privacy issue comes from big-data technology of life-friendly service.

• Korea Trade Review
• /
• v.45 no.6
• /
• pp.77-97
• /
• 2020

This study investigates the effects of O2O-based mobile shopping application (O2O MSA)'s information and service quality on the user's perceived privacy protection, satisfaction and loyalty. In this study, 969 questionnaire reponses were collected, out of which 555 were used to estimate the structural paths using PLS-SEM (partial least square structural equation model) for the hypothesis test. Our empirical findings are drawn from Chinese respondents that live in a 1-line city in China and use O2O MSAs serviced by China's leading companies. This study examines and confirms that qualified information and service of O2O MSA positively affect both perceived privacy protection and customer satisfaction, which finally leads to customer behavioral loyalty through the perceived privacy protection. Further, this study presents effective practical implications for application development strategy suitable for users in the O2O-based mobile shopping industry.

• Knowledge Management Research
• /
• v.24 no.1
• /
• pp.51-72
• /
• 2023

Digital literacy is vital knowledge and ability of an individual in the information society. As the level of digital literacy increases, the interest in privacy protection increases. This change may hinder the use of digital technologies and services. This research examines (1) the mediating effect of online social participation and information veracity on smart device literacy and privacy concerns, and (2) the moderating effect of privacy literacy. Using Korean media panel survey data reported in 2020 and in 2021, this study analyzes the responses of 7,737 people who use smart devices and participate in online activities. SPSS and PROCESS Macro are used to test the research model and hypotheses. In the analysis of 2020 and 2021 survey, this research shows that smart device literacy has major effects on privacy concerns; confirms that the mediating effect of online social participation; moderated meditating effect of privacy literacy. Although information veracity is not significant in 2020, mediating and moderated mediating effects are found in 2021.

• Journal of Computing Science and Engineering
• /
• v.5 no.3
• /
• pp.183-196
• /
• 2011

There has recently been a surge of interest in relational database mining that aims to discover useful patterns across multiple interlinked database relations. It is crucial for a learning algorithm to explore the multiple inter-connected relations so that important attributes are not excluded when mining such relational repositories. However, from a data privacy perspective, it becomes difficult to identify all possible relationships between attributes from the different relations, considering a complex database schema. That is, seemingly harmless attributes may be linked to confidential information, leading to data leaks when building a model. Thus, we are at risk of disclosing unwanted knowledge when publishing the results of a data mining exercise. For instance, consider a financial database classification task to determine whether a loan is considered high risk. Suppose that we are aware that the database contains another confidential attribute, such as income level, that should not be divulged. One may thus choose to eliminate, or distort, the income level from the database to prevent potential privacy leakage. However, even after distortion, a learning model against the modified database may accurately determine the income level values. It follows that the database is still unsafe and may be compromised. This paper demonstrates this potential for privacy leakage in multi-relational classification and illustrates how such potential leaks may be detected. We propose a method to generate a ranked list of subschemas that maintains the predictive performance on the class attribute, while limiting the disclosure risk, and predictive accuracy, of confidential attributes. We illustrate and demonstrate the effectiveness of our method against a financial database and an insurance database.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.501-522
• /
• 2016

In the digital era, information is a source of value creation. However, the growing importance of knowledge and information also increases risks and threats. When information is leaked, full recovery is difficult, and additional spreading of risk is high because it is easy to accomplish. Especially personal information is the main target due to its availability. Although individuals normally have to consent to the use of their personal information, they often do not know the use of their information. In such a difficult situation, one must exercise self-determination and privacy. Therefore, the goal of this study is to development a privacy literacy level measurement model for the proper exercise of the right to informational self-determination. It will be presented with the concept of privacy literacy index in order to determine the level of knowledge and understanding and practical application skills for individual. Through the index, we going to enhance the selection ability of information subject, and to promote the judgement and the determination capability for the protection and utilization of personal information.

• The Journal of the Korea Contents Association
• /
• v.10 no.8
• /
• pp.360-369
• /
• 2010

The objective of this research examines the relationships among privacy concerns, self discrepancy, and sense of virtual communities. According to the relevant literature review, we considered information privacy concerns factor as information collection, control, and awareness of privacy practice, and sense of community factor as membership and immersion on virtual communities. This research surveyed for the online community user and employed hierarchical regression model for the moderating effect test. The results of empirical analysis turns out that awareness of privacy concerns practice has negative impact on the self discrepancy, on the other hand, information collection and control factors do not affect. The next finding is internet use duration has moderating effect on the self discrepancy with information control and awareness of privacy concerns practice. The last findings are self discrepancy affect on the community membership and does not affect on the community immersion. It could be a good guide line for the operational direction on virtual community.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.2
• /
• pp.57-72
• /
• 2010

Hash based RFID protocols proposed by Ha and M.Burmester is a scheme that tag's ID is updated using hash function to provide forward secrecy after session end. But this protocols have a problem both privacy and efficiency. This paper analyze a problem for privacy to apply a privacy game model proposed by Vaudenay. we analyze the cause that these scheme is difficult with tag's cheap implementation and efficient resynchronization. To solve these problems, we proposed a new hash based mutual authentication protocol which apply only two protocol's advantages. this protocols is based of resynchronization algorithm for Ha et al.'s protocol and added a new simple counter to record the numner of continuous desynchronization between tag and reader secret informations. this counter is more simple than cyclic counter proposed by M. Burmester's protocol. Also, we prove that proposal protocol improve a privacy against a privacy attack which is executed for Ha and M. Burmester's protocols.