• Journal of Digital Convergence
• /
• v.16 no.1
• /
• pp.217-229
• /
• 2018

Electronic Health Record (EHR) systems are widely adopted worldwide in hospitals for generating and exchanging records of patient information. Recent developments are moving towards implementing interoperable EHR systems that enable information to be shared seamlessly across healthcare organizations. In this context, this paper explores the factors that cause medical information privacy concerns, identifies how people react to privacy invasion and what their perceptions are towards the acceptance of the EHR system. Interviews were conducted to draw a grounded theory on medical information privacy concerns in the use of EHRs. Medical information privacy concerns are caused by perceived sensitivity of medical information and the weaknesses in security technologies. Trust in medical professionals, medical institutions and technologies plays an important role in determining people's reaction to privacy invasion and their perceptions on the use of EHRs.

• Journal of KIISE:Information Networking
• /
• v.36 no.4
• /
• pp.297-308
• /
• 2009

In 2008, ETRI developed a new mobile digital ID wallet, in which anyone can store personal information and PKI credential. When the wallet is used, privacy protection is one of the most important problems and personal information should be protected under various usage scenarios such as exchanging sensitive information in on/off-line environments, joining as a new member in the web site, etc. In this paper, we propose a triangular trust management scheme that can effectively manage trustness and also protect sensitive personal information. This scheme relies on three techniques: PKI, reputation and condition (situation context). We implemented prototype of our scheme, and tested it under various scenarios, which showed that the proposed scheme can effectively be used for diverse cases.

• The Journal of the Korea Contents Association
• /
• v.21 no.3
• /
• pp.490-504
• /
• 2021

The online market is gradually increasing due to the increase in single-person households, the development of information and communication technologies, the emergence of various new products, and price comparison competition. Companies need differentiation strategies to adapt to changes in the online environment and secure a competitive edge. In this environment, the objective is to consider the importance of consumer perception of websites in order to generate continuous growth and revenue in the online market as well as to differentiate them from competitors using an online service environment that can affect consumers' internal responses. In this study, we present aesthetic, functional, privacy, and interaction factors as components of e-servicescape to study the impact of e-servicescape on website trust, brand attitude, and repurchase intention. In the data analysis, 485 ordinary people with online shopping experience were surveyed. The questionnaire was based on a 7-point Likert scale for each question and statistical analysis was conducted using SPSS 24.0 and AMOS 25.0. The analysis shows that in e-servicescapes aesthetic and privacy factors influence website trust and brand attitudes and consequently affect repurchase intention.

• Journal of Korean Library and Information Science Society
• /
• v.24
• /
• pp.485-517
• /
• 1996

The purpose of this study is to investigate typical ethical problems found in the technical and public services areas. The followings are the summary of the study. There are three distinct elements that govern ethical problems. One element is legal laws. The copyright law and the privacy act are exact examples. The copyright law has strong influence on the inter library loan service where the majority requests from the users are reproduction of copies. The privacy act also creates difficulties for librarians. Most requests for circulation records infringe on the privacy of library user. And advance online access systems also violates the privacy of library users. The second element is the code or rules that private organization has created. American Library Association created many statements that regulate the conduct of librarians. The bill of right, the professional code of ethics and policy on the confidentiality of library records have strong implications in the obligation of librarian. In the case of censorship at the selection of library materials, the code is a defensive tool against intellectual freedom. Yet self-censoring are prevailing practice among librarians. The thirds element is the competence of librarians. The analyzed table 3 showed that beside two elements, the rest of matters are competence required by librarians. The one aspect of it is humaneness and the other one is technical aspects. Technical aspect of competence are:(l) managerial and operational ability (2) communication skill (3) leadership (4) structure of knowledge and (5) self developing professionalism. Humanity aspect of competence are:(l) trust(fiduciary relationship) gained by diligence, objective judgement, ability, belief, rationality, integrity, kindness) (2) objectiveness (free from bias) (3) user-oriented consideration (need, interest, equal treatment, information gap) (4) caution in providing information (5) pride and (6) ability to distinguish advice and guidance specially in medical and law library.

• Journal of KIISE:Information Networking
• /
• v.35 no.1
• /
• pp.76-90
• /
• 2008

Wireless sensor networks are expected to play a vital role in the upcoming age of ubiquitous computing such as home environmental, industrial, and military applications. Compared with the vivid utilization of the sensor networks, however, security and privacy issues of the sensor networks are still in their infancy because unique challenges of the sensor networks make it difficult to adopt conventional security policies. Especially, node compromise is a critical threat because a compromised node can drain out the finite amount of energy resources in battery-powered sensor networks by launching various insider attacks such as a false data injection. Even cryptographic authentication mechanisms and key management schemes cannot suggest solutions for the real root of the insider attack from a compromised node. In this paper, we propose a novel trust-based secure aggregation scheme which identifies trustworthiness of sensor nodes and filters out false data of compromised nodes to make resilient sensor networks. The proposed scheme suggests a defensible approach against the insider attack beyond conventional cryptographic solutions. The analysis and simulation results show that our aggregation scheme using trust evaluation is more resilient alternative to median.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1025-1035
• /
• 2013

There has been an explosive increase in the population of OSN(online social network) for 10 years. OSN provides users with many opportunities to have communication among friends, families and goes so far as to make relationships among unknown people having similar belief or interest. However, OSN also produced adverse effects such as privacy breaches, leaking uncontrolled information or disseminating false information. Access control models such as MAC, DAC, RBAC are applied to the OSN to control those problems but those models in OSN are not fit in dynamic OSN environment because user's acts in OSN are unpredictable and static access control imposes burden on users to change access control rules one by one. This paper proposes the dynamic trust-based access control to solve the problems of traditional static access control in OSN.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.10
• /
• pp.2199-2206
• /
• 2012

Identity authentication sharing technology which allows many service providers to share the result of identity authentication of an identity provider provides several important advantages including high usability achieved by avoiding repeated registration of identity information to service providers and single sign-on, cost effectiveness of service providers achieved by outsourcing identity authentication services from identity providers, and privacy protection achieved by exposing identity information only to a limited number of controlled identity providers. However, in order for the identity authentication sharing technologies to be widely deployed in global Internet scale, the trustworthiness issue among the participating identity providers, service providers, and users should be resolved in advance. This paper firstly analyzes existing trust frameworks for identity authentication sharing. And then, based on the result of analysis, this paper proposes a dynamic and open trust framework for identity authentication sharing.

• Journal of KIISE:Information Networking
• /
• v.37 no.6
• /
• pp.420-430
• /
• 2010

Due to increasing demand for improving road safety and optimizing road traffic, Vehicular Ad-Hoc Networks (VANET) have been subject to extensive attentions from all aspects of commercial industry and academic community. Security and user privacy are fundamental issues for all possible promising applications in VANET. Most of the existing security proposals for secure VANET concentrate authentication with privacy preservation in vehicle-to-vehicle (V2V) and vehicle-to-roadside infrastructure (V2I) communications and require huge storage and network capacity for management of revocation list. Motivated by the fact, we propose a new scheme with security and privacy preservation which combines V2V and V2I communication. With our proposed scheme, the communication and computational delay for authentication and overhead for management of revocation list can be significantly reduced due to mutual authentication between a vehicle and a Roadside Unit (RSU) requires only two messages, and the RSU issues the anonymous certificate for the vehicle on behalf of the Trust Authority (TA). We demonstrate that the proposed protocol cannot only guarantee the requirements of security and privacy but can also provide efficiency of authentication and management of revocation list.

• 한국경영정보학회:학술대회논문집
• /
• 2007.06a
• /
• pp.699-704
• /
• 2007

In this study, we examine why there exist different legal systems in electronic commerce or online financial trading. When a fraud online transaction occurs and the online customer disputes the transaction, the online customer takes responsibility for the proof of her/his argument in many European countries while in the U.S., the burden of proof lays on the firm. This paper analyzes how these two different legal systems exist and how these can be applied to electronic commerce law. In particular, this paper intends to find the optimal level of e-commerce firms' investment on security and analyzes how security investments can be related to firm's profits and consumer's welfare depending on IT infrastructure and social trust environment. More on, this paper can be contributed to provide guidelines for regulatory framework on ecommerce online transactions and discuss social welfare implications.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.8
• /
• pp.1577-1587
• /
• 2015

Privacy of financial customers is becoming important due to frequent leakage of personal information. Financial customers, who experience the leakage of personal information, feel threatened by their privacy and this changes customer's awareness about financial institutions or behavioral intentions. By examining the influence relation of personal information security vulnerability of the bank information system with usefulness, trust and attractiveness perceived by bank customers, this study aims to analyze the effect of each variable on bank customers' willingness to stay.