• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권3호
• /
• pp.1229-1248
• /
• 2016

With the feature of convenience and low cost, remote healthcare monitoring (RHM) has been extensively used in modern disease management to improve the quality of life. Due to the privacy of health data, it is of great importance to implement RHM based on a secure and dependable network. However, the network connectivity of existing RHM systems is unreliable in disaster area because of the unforeseeable damage to the communication infrastructure. To design a secure RHM system in disaster area, this paper presents a Secure VANET-Assisted Remote Healthcare Monitoring System (SVC) by utilizing the unique "store-carry-forward" transmission mode of vehicular ad hoc network (VANET). To improve the network performance, the VANET in SVC is designed to be a two-level network consisting of two kinds of vehicles. Specially, an innovative two-level key management model by mixing certificate-based cryptography and ID-based cryptography is customized to manage the trust of vehicles. In addition, the strong privacy of the health information including context privacy is taken into account in our scheme by combining searchable public-key encryption and broadcast techniques. Finally, comprehensive security and performance analysis demonstrate the scheme is secure and efficient.

• 인터넷정보학회논문지
• /
• 제10권2호
• /
• pp.29-40
• /
• 2009

인터넷 등의 정보기술의 발전은 기존의 의료기술에 빠른 변화를 가져오면서 e-Healthcare가 사회적 이슈로 등장하고 있다. 의료정보화 패러다임의 새로운 전환점이라 할 수 있는 e-Healthcare는 국내에서 의료정책방안이나 기술개발을 하고 있지만, 아직 의료정보화의 기반이 되는 인프라는 부족한 수준이며 개방된 인터넷 환경 내 역공학적 측면으로 민감한 의료정보 유출 및 프라이버시 침해에 대한 문제가 대두되는 실정이다. 본 논문에서는 앞서 제시한 문제점의 해결방안으로 e-Healthcare환경 내 개인의 의료정보 보호를 위한 역할기반의 접근제어 시스템(HPIP - Health Privacy Information Protection)을 네 가지 주요 메커니즘(사용자 신분확인, 병원 권한확인, 진료기록 접근제어, 환자진단)으로 제안하였으며, 실 환경에서 효과적으로 활용될 수 있도록 프로토타이핑을 통해 그 가능성을 타진해 보았다.

• Journal of Information Processing Systems
• /
• 제13권6호
• /
• pp.1613-1627
• /
• 2017

The concept of the Internet of Things (IoT) enables physical objects or things to be virtually accessible for both consuming and providing services. Undue access from irresponsible activities becomes an interesting issue to address. Maintenance of data integrity and privacy of objects is important from the perspective of security. Privacy can be achieved through various techniques: password authentication, cryptography, and the use of mathematical models to assess the level of security of other objects. Individual methods like these are less effective in increasing the security aspect. Comprehensive security schemes such as the use of frameworks are considered better, regardless of the framework model used, whether centralized, semi-centralized, or distributed ones. In this paper, we propose a new semi-centralized security framework that aims to improve privacy in IoT using the parameters of trust and reputation. A new algorithm to elect a reputation coordinator, i.e., ConTrust Manager is proposed in this framework. This framework allows each object to determine other objects that are considered trusted before the communication process is implemented. Evaluation of the proposed framework was done through simulation, which shows that the framework can be used as an alternative solution for improving security in the IoT.

• 정보보호학회논문지
• /
• 제16권2호
• /
• pp.13-24
• /
• 2006

여러 개체가 각자의 정보를 제공하여 이를 바탕으로 정보 제공자의 프라이버시를 보존하면서 공통의 유익한 정보를 얻고자 하는 다자간 협력 계산 프로토콜에 대해서 논한다. 금융, 제조업, 통신 분야 등에서 널리 응용되는 선형계(linear system)의 일반해(general solution)와 최소제곱해(least-square solution)를 구하는 문제에서 프라이버시를 보존하는 실용적인 다자간(multi-party) 협력 계산 프로토콜을 제안한다. 본 논문에 제안된 프로토콜은 기존의 양자간(two-party) 협력 계산 방식을 확장한 새로운 것으로 효율성 측면에서 우수한 실용적인 다자간 계산 프로토콜이다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권1호
• /
• pp.323-342
• /
• 2021

Personal health records (PHRs) is an electronic medical system that enables patients to acquire, manage and share their health data. Nevertheless, data confidentiality and user privacy in PHRs have not been handled completely. As a fine-grained access control over health data, ciphertext-policy attribute-based encryption (CP-ABE) has an ability to guarantee data confidentiality. However, existing CP-ABE solutions for PHRs are facing some new challenges in access control, such as policy privacy disclosure and dynamic policy update. In terms of addressing these problems, we propose a privacy protection and dynamic share system (PPADS) based on CP-ABE for PHRs, which supports full policy hiding and flexible access control. In the system, attribute information of access policy is fully hidden by attribute bloom filter. Moreover, data user produces a transforming key for the PHRs Cloud to change access policy dynamically. Furthermore, relied on security analysis, PPADS is selectively secure under standard model. Finally, the performance comparisons and simulation results demonstrate that PPADS is suitable for PHRs.

• Journal of Information Processing Systems
• /
• 제18권2호
• /
• pp.245-257
• /
• 2022

In the Internet of Things (IoT) era, the types of devices used by one user are becoming more diverse and the number of devices is also increasing. However, a forensic investigator is restricted to exploit or collect all the user's devices; there are legal issues (e.g., privacy, jurisdiction) and technical issues (e.g., computing resources, the increase in storage capacity). Therefore, in the digital forensics field, it has been a challenge to acquire information that remains on the devices that could not be collected, by analyzing the seized devices. In this study, we focus on the fact that multiple devices share data through account synchronization of the online platform. We propose a novel way of identifying the user's interest through analyzing the remnants of targeted advertising which is provided based on the visited websites or search terms of logged-in users. We introduce a detailed methodology to pick out the targeted advertising from cache data and infer the user's interest using deep learning. In this process, an improved learning model considering the unique characteristics of advertisement is implemented. The experimental result demonstrates that the proposed method can effectively identify the user interest even though only one device is examined.

• International Journal of Advanced Culture Technology
• /
• 제10권2호
• /
• pp.240-245
• /
• 2022

Because of the importance of the information, encryption algorithms are heavily used. Raw data is encrypted and secure, but problems arise when the key for decryption is exposed. In particular, large-scale Internet sites such as Facebook and Amazon suffer serious damage when user data is exposed. Recently, research into a new fourth-generation encryption technology that can protect user-related data without the use of a key required for encryption is attracting attention. Also, data clustering technology using encryption is attracting attention. In this paper, we try to reduce key exposure by using homomorphic encryption. In addition, we want to maintain privacy through similarity measurement. Additionally, holistic similarity measurements are time-consuming and expensive as the data size and scope increases. Therefore, Min-Hash has been studied to efficiently estimate the similarity between two signatures Methods of measuring similarity that have been studied in the past are time-consuming and expensive as the size and area of data increases. However, Min-Hash allowed us to efficiently infer the similarity between the two sets. Min-Hash is widely used for anti-plagiarism, graph and image analysis, and genetic analysis. Therefore, this paper reports privacy using homomorphic encryption and presents a model for efficient similarity measurement using Min-Hash.

• 한국정보시스템학회지:정보시스템연구
• /
• 제32권2호
• /
• pp.1-24
• /
• 2023

Purpose The aim of this study is to investigate how system quality, privacy concerns, and usefulness impact user satisfaction and word-of-mouth intention towards smart order services among Chinese consumers. The study also seeks to provide both theoretical and practical implications based on the findings. Design/methodology/approach This study conducted an empirical study on Chinese consumers through an online survey on 274 users of smart order service in China. To analyze the data, frequency analysis, reliability analysis, and confirmatory factor analysis were performed using SPSS 26.0 and AMOS 26.0 statistical programs, and structural equation model was used for hypothesis testing. Findings The study results are as follows. First, system quality was found to have a positive effect on usefulness and user satisfaction. Second, privacy concerns were found to have a positive effect on user satisfaction, but not on usefulness. Third, user satisfaction was found to have a positive effect on consumers' word-of-mouth intention of the smart order service. Finally, mediating effects were found between system quality and user satisfaction through usefulness, as well as between system quality, perceived privacy concern, and usefulness through user satisfaction.

• 한국정보과학회논문지:컴퓨팅의 실제 및 레터
• /
• 제14권2호
• /
• pp.171-179
• /
• 2008

사용자가 많은 대규모 기업 조직 시스템이나 전자정부시스템에서 사용자의 정보 객체에 대한전근을 제한하는 효과적인 방법으로 역할기반 접근 제어(RBAC: Role based Access Control)를 들 수 있다. 이는 사용자에게 정보 객체의 접근권한을 직접 부여하는 것이 아니라 조직에서 정의된 역할을 부여함으로써 정보 객체에 접근한다는 개념이다. RBAC는 개인정보에 대한 접근 제어는 가능하나 법제도적으로 규정하고 있는 자기정보결정권 및 조직의 개인정보에 대한 관리감독 규제의 개념은 반영되어 있지 않다. 본 논문에서는 교무업무시스템에 저장되어 있는 학생자료에 대한 접근 제어 및 개인정보보호 수단으로 RBAC 확장모델을 제시하고자 한다. RBAC 시스템에 개인정보 접근권 및 참여권을 반영하기 위하여 자료권한과 자료권한 배정 구성요소를 추가하고, 이를 통해 개인정보의 흐름 및 관리 감독체제의 구축이 가능하도록 설계한다. 또한 RBAC 구성요소별 개인정보보호 개념을 추가하고, 확장된 모델을 바탕으로 시스템 구현 사례와 기존 RBAC와의 비교 평가를 통해 시스템의 중요성과 차별성을 제시한다.

• 디지털콘텐츠학회 논문지
• /
• 제17권6호
• /
• pp.537-543
• /
• 2016

본 연구의 목적은 유헬스 시스템의 사용(usage)이라는 행위 의도(behavioral intention)에 미치는 영향 요인들 간의 관계에서 건강개인정보(health privacy information)의 조절적 효과(moderating effect)를 분석하는데 있다. 합리적 행동이론에 근거한 모형 내 연구가설로서 자기효능(self-effiacy) 및 인지된 유용성(perceived usefulness)은 유헬스 시스템의 행위 의도(behavioral intention)에 긍정적인 (positive) 영향을 미칠 것이며, 그 경로(path)에서 사용자의 건강개인정보 요인이 각 경로에서 어떤 영향을 미칠 것으로 제시하였다. 본 연구는 그 제시된 연구모형을 검증하기 위해서 PLS-SEM 방법론을 활용하였다. 분석 결과, 제시된 모형 내에서 건강개인정보의 조절적 효과가 R2 설명력의 증가치에 의해 어느 정도의 영향을 미친다고 볼 수 있지만, 조절변수로의 역할보다는 인지적 유용성(perceived usefulness)에 영향을 미치는 독립변수의 역할에 부합됨을 알 수 있었다.