• The Journal of Society for e-Business Studies
• /
• v.21 no.1
• /
• pp.1-14
• /
• 2016

This research proposes a method that aims to evaluate the risk levels of websites based on exposure risks of privacy information. The proposed method considers two aspects as follows. First, we define the risk levels of each privacy information according to its own inherent risk. Second, we calculate the visiting probability of a webpage to measure the expected of the actual exposure of privacy information on that webpage. In this research, we implemented an system to prove that automatically collects websites and calculates their risk levels. For the experiments, we used a real world dataset consisting of a total of websites for 4 categories such as university, bank, central government agency, and education. The experiment results show that the websites in the bank category are relatively well managed, while the others are needed to cope with the exposure of privacy information. Finally, the proposed method in this research is expected to be further utilized in establishing a priority-based approach to alleviate of the privacy information exposure problems.

• Journal of the Korean Data and Information Science Society
• /
• v.24 no.5
• /
• pp.1029-1041
• /
• 2013

Recently, along with emergence of big data, there are incresing demands for releasing information and micro data for public use so that protecting privacy and measuring risk of disclosure for released database become important issues in goverment and business sector as well as academic community. This paper reviews statistical methods for protecting privacy and measuring risk of disclosure when micro data or data analysis sever is released for public use.

• Annual Conference of KIPS
• /
• 2011.11a
• /
• pp.968-971
• /
• 2011

정보통신망의 발전과 함께 인터넷 사용 인구와 다양한 개방적 구조의 서비스 이용률이 지속적으로 증가하고 있다. 하지만 서비스 이용자들의 보안의식은 크게 달라지지 않아 서비스 이용자들의 직접적인 입력으로 인터넷상에 노출되는 개인정보가 늘어나고 있는 실정이며 이로 인한 이차적인 침해로 인하여 개인에게 정신적인 피해와 금전적 손괴 심지어는 신체적인 위험을 주는 각종범죄가 행해지고 있다. 본 논문에서는 이와 같은 개인정보의 노출을 예방하기 위해 서비스 이용자가 게시물을 등록하는 과정에서 개인정보의 노출을 예방 할 수 있는 게시물의 등록 방법을 제시한다. 이 방법은 게시물 등록시 게시물에서 검출된 개인정보의 목록과 위험의 정도 그리고 개인정보 노출로 인한 이차적 침해유형을 서비스 이용자에게 명시하고 해당 개인정보에 대한 처리를 서비스 이용자에게 결정하도록 하는 방법으로서 서비스 이용자의 개인 정보보호 의식 수준을 끌어올려 개인정보 노출과 이차적인 침해사고를 일차적으로 예방할 수 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.323-333
• /
• 2024

Recently, Syntheic data has been in the spotlight as a technology that can protect personal information while maintaining the patterns and characteristics of actual data. Accordingly, technical and institutional research on synthetic data is actively being conducted, but it is difficult to actively use synthetic data due to the lack of clear standards and guidelines. This study is a preliminary study for quantifying the disclosure risk of synthetic data, and derives a privacy disclosure risk index through statistical methodology and suggests specific application measures to comply with the General Data Protection Regulation(GDPR). It is expected that the disclosure risk and the balance of data utility can be controlled through the privacy disclosure risk index of this study in an open data environment.

• Convergence Security Journal
• /
• v.12 no.1
• /
• pp.71-77
• /
• 2012

Along with the development of Internet services such as Social Network Service (SNS) and blog Service, the privacy is very important in these services. But personal data is not safety from exposure to internet service. If personal data is leak out, the privacy is disclosed to hacker or illegal person and the personal information can be used in a cyber crime as phishing attacks. Therefore, the model and method that protects to disclose privacy is requested in SNS and blog services. The model must evaluate degree of exposure to protect privacy and the method protects personal information from Internet services. This paper proposes a model to evaluate risk for privacy with property of personal data and exposure level of internet service such as bulletin board. Also, we show a method using degree of risk to evaluate with a proposed model at bulletin board.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.395-410
• /
• 2015

This research defines the degree of the threat caused by the leakage of personal information in a quantitative way. The proposed definition classifies the individual items in a personal data, then assigns a risk value to each item. The proposed method considers the increase of the risk by the composition of the multiple items. We also deals with various attack scenarios, where the attackers seek different types of personal information. The concept of entropy applies to associate the degree of the personal information exposed with the total risk value. In our experiment, we measured the risk value of the Facebook users with their public profiles. The result of the experiment demonstrates that they are most vulnerable against stalker attacks among four possible attacks with the personal information.

• Review of KIISC
• /
• v.23 no.3
• /
• pp.56-60
• /
• 2013

본 논문은 온라인에 공개된 다양한 개인정보의 위험도를 분석하는 기술을 제안한다. 인터넷, SNS에 공개된 다양한 데이터를 수집, 분석하여 개인성향을 파악하고 타겟팅하는 가운데, 분산된 정보를 조합하고 추론하면 공개자의 의도와는 달리 신상이나 민감정보가 노출될 가능성이 크다. 본 논문에서는 이러한 데이터 수집 및 분석을 직접 수행하여 개인정보의 위험도를 분석할 수 있는 기술을 제안한다. 제안 기술이 개발되면, 개인정보 위험도에 따른 클라이언트, 웹사이트, 인터넷 전체 규모의 프라이버시 필터링이 가능해질 것으로 기대된다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.6
• /
• pp.37-42
• /
• 2015

Although online search engine service provide a convenient means to search for information on the World Wide Web, it also poses a risk of disclosing privacy. Regardless of such risk, most of users are neither aware of their personal information being exposed on search results nor how to redress the issue by requesting removal of information. According to the 2015 parliamentary inspection of government offices, many government agencies were criticized for mishandling of personal information and its leakage on online search engine such as Google. Considering the fact that the personal information leakage via online search engine has drawn the attention at the government level, the online search engine and privacy issue needs to be rectified. This paper, by examining current online search engines, studies the degree of personal information exposure on online search results and its underlying issues. Lastly, based on research result, the paper provides a sound policy and direction to the removal of exposed personal information with respect to search engine service provider and user respectively.

• Annual Conference of KIPS
• /
• 2014.11a
• /
• pp.482-485
• /
• 2014

온라인 중고물품 거래의 장점은 인터넷을 사용하는 모든 사용자에게 자신이 팔고자 하는 물건을 쉽게 알릴수 있다는것이다. 하지만 온라인에서 중고물품 거래 시에 개인의 정보를 노출할 경우가 많아지게 되는데 이는 프라이버시를 침해할 수 있다. 온라인 중고물품거래시에 사용자들은 자신이 판매하는 물건과 함께 이메일 주소나 핸드폰 번호를 노출하게 되는데 이 정보를 소셜네트워크서비스에 연결하면 특정인에 정보를 획득할 수 있게 된다. 공격자는 온라인 중고물품거래가 진행되는 곳에서 특정인에 대한 정보를 획득한뒤 소셜네트워크서비스와 정보를 연결하여 특정인에 대한 스토킹이나 피싱, 금융사기같은 범죄를 할 가능성이 있다. 본 논문에서는 개인정보노출에 대한 위험성을 알아보기 위해 중고물품 사이트에서 획득한 개인정보를 소셜네트워크서비스에 연결하여 개인 식별가능성을 실험해 보았으며 이를 막기 위한 방법을 제안하였다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.22 no.2
• /
• pp.51-62
• /
• 2022

This study suggests a design of predictive modeling for a hospital fall risk based on inpatients' posture. Inpatient's profile, medical history, and body measurement data along with basic information about a bed they use, were used to predict a fall risk and suggest an algorithm to determine the level of risk. Fall risk prediction is largely divided into two parts: a real-time fall risk evaluation and a qualitative fall risk exposure assessment, which is mostly based on the inpatient's profile. The former is carried out by recognizing an inpatient's posture in bed and extracting rule-based information to measure fall risk while the latter is conducted by medical staff who examines an inpatient's health status related to hospital fall risk and assesses the level of risk exposure. The inpatient fall risk is determined using a sigmoid function with recognized inpatient posture information, body measurement data and qualitative risk assessment results combined. The procedure and prediction model suggested in this study is expected to significantly contribute to tailored services for inpatients and help ensure hospital fall prevention and inpatient safety.