• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.189-192
• /
• 2021

5G와 사물인터넷(IoT) 시대에 데이터의 크로스컴퓨팅은 연구, 의료, 금융, 민생 분야 등에 더 많은 지원을 할 수 있고 프라이버시 안전성이 중요해지고 있다. SMPC (Secure Multi-party Computation)은 서로 믿지 않는 참여자 간의 프라이버시 보호 시너지 컴퓨팅 문제를 해결하고, 데이터 수요자에게 원본 데이터를 누설하지 않는 범위 하에서의 다자간 컴퓨팅 능력을 제공한다. IoT 장치는 전력 소모와 지연에 제한을 받기 때문에 대부분의 장치가 여전히 경량화 보안 메커니즘에 속하고 IoT에서 트래픽의 데이터 통합관리가 어렵기 때문에 통신 중 신원인식과 데이터를 주고받는 단계에서 프라이버시 유출의 문제가 발생할 수 있고 심지어 DDOS공격, RelayAttack공격 등 사이버의 목적이 될 수도 있다. 본 논문에서 IoT 네트워크 데이터 통신 특징을 분석하고 동형 암호에 기반의 SMPC 연산 아키텍처를 제안한다. 제안하는 이키텍처에서 동형 암호를 사용함으로써 장치 데이터의 안전을 보장하는 동시에 전체 네트워크 안전성도 확보한다. SMPC 및 동형암호 기술의 지속적 발전에 따라 제안하는 아키텍처가 계속 개선할 잠재력이 있다.

• The KIPS Transactions:PartC
• /
• v.16C no.5
• /
• pp.563-574
• /
• 2009

The merits of random substitutions are various applicability and security guarantee on the view point of privacy breach. However there is no research to improve the accuracy of random substitutions. In this paper we propose an algorithm for improving the accuracy of random substitutions by an advanced theoretical analysis about the standard errors. We examine that random substitutions have an unpractical accuracy level and our improved algorithm meets the theoretical results by some experiments for data sets having uniform and normal distributions. By our proposed algorithm, it is possible to upgrade the accuracy level under the same security level as the original method. The additional cost of computation for our algorithm is still acceptable and practical.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.15 no.4
• /
• pp.7-17
• /
• 2019

Machine learning is one of the most accurate techniques to predict and analyze various phenomena. K-means clustering is a kind of machine learning technique that classifies given data into clusters of similar data. Because it is desirable to perform an analysis based on a lot of data for better performance, K-means clustering can be performed in a model with a server that calculates the centroids of the clusters, and a number of clients that provide data to server. However, this model has the problem that if the clients' data are associated with private information, the server can infringe clients' privacy. In this paper, to solve this problem in a model with a number of clients, we propose a privacy-preserving K-means clustering method that can perform machine learning, concealing private information using homomorphic encryption.

• Review of KIISC
• /
• v.18 no.2
• /
• pp.12-22
• /
• 2008

RFID는 우리의 삶을 바꿔놓고 있다. 이미 RFID 기술은 도서관에서 한 번에 여러 권의 책을 식별하여 대출 시간을 단축시키고 있고, 상점에서는 계산원 없이 소비자가 스스로 계산할 수 있도록 하고 있다. 이렇듯 RFID는 U-City를 실현하기 위한 기술로서 손색이 없지만, RFID가 가진 자동식별의 특징은 우리에게 혜택뿐만 아니라 보안 및 프라이버시 침해라는 부작용을 가져오기도 한다. 그리하여 세계적으로 다양한 기술적 제도적 보호대책들이 연구되고 있다. 따라서 본 고에서는 RFID 기술의 현재 상황을 파악할 수 있도록 RFID의 활용 현황과 보호대책에 대해 소개하고자 한다.

• 정보화사회
• /
• s.16
• /
• pp.52-57
• /
• 1989

오늘날 개인정보를 둘러싼 문제는 세계적 관심으로 부상하고 있다. 정보처리 정보통신기술의 비약적인 발전으로 대량의 데이터 수집과 가공이 가능하고 소비생활의 개성화. 다양화에 대응하기 위한 기업들의 개인정보 수집 열기는 날로 뜨거워지고 있다. 우리나라도 국가 기간전산망 구축이전에 프라이버시보호법이 제정, 시행될 전망이다. 따라서 고속으로 변화하는 정보관리환경에 적절히 대응하고 건전한 정보화사회의 구현을 위한 개인정보보호법 제정을 위해 지난해 12월 9일 제정된 일본의 행정기관보유 전자계산처리에 관한 개인정보보호법을 소개한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1285-1303
• /
• 2019

In the current credit scoring system, the credit bureau gathers credit information from financial institutions and calculates a credit score based on it. However, because all sensitive credit information is stored in one central authority, there are possibilities of privacy violations and successful external attacks can breach large amounts of personal information. To handle this problem, we propose privacy-preserving credit scoring in which a user gathers credit information from financial institutions, calculates a credit score and proves that the score is calculated correctly using a zero-knowledge proof and a blockchain. In addition, we propose a zero-knowledge proof scheme that can efficiently prove committed inputs to check whether the inputs of a zero-knowledge proof are actually provided by financial institutions with a blockchain. This scheme provides perfect zero-knowledge unlike Agrawal et al.'s scheme, short CRSs and proofs, and fast proof and verification. We confirmed that the proposed credit scoring can be used in the real world by implementing it and experimenting with a credit score algorithm which is similar to that of the real world.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.2 no.1
• /
• pp.81-87
• /
• 2009

Recently RFID system has been adopted in various fields rapidly. However, we ought to solve the problem of privacy invasion that can be occurred by obtaining information of RFID Tag without any permission for popularization of RFID system To solve the problems, it is Ohkubo et al.'s Hash-Chain Scheme which is the safest method. However, this method has a problem that requesting lots of computing process because of increasing numbers of Tag. Therefore, in this paper we apply the previous method into the grid environment by analyzing Hash-Chain scheme in order to reduce processing time when Tags are identified. We'll implement the process by offering Tag Identification Process Model to divide SPs evenly by node.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.53-68
• /
• 2008

We study on the practical privacy-preserving techniques by matrix-based randomization approach. We clearly examine the relationship between the two parameters associated with the measure of privacy breach and the condition number of matrix in order to achieve the optimal transition matrix. We propose a simple formula for efficiently calculating the inverse of transition matrix which are needed in the re-construction process of random substitution algorithm, and deduce some useful connections among standard error and another parameters by obtaining condition numbers according to norms of matrix and the expectation and variance of the transformed data. Moreover we give some experimental results about our theoretical expressions by implementing random substitution algorithm.

• Journal of KIISE
• /
• v.42 no.7
• /
• pp.919-928
• /
• 2015

In recent years, many research efforts have been made on privacy-preserving data mining (PPDM) in data of large volume. In this paper, we propose a PPDM solution based on principal component analysis (PCA), which can be widely used in computing correlation among sensitive data sets. The general method of computing PCA is to collect all the data spread in multiple nodes into a single node before starting the PCA computation; however, this approach discloses sensitive data of individual nodes, involves a large amount of computation, and incurs large communication overheads. To solve the problem, in this paper, we present an efficient method that securely computes PCA without the need to collect all the data. The proposed method shares only limited information among individual nodes, but obtains the same result as that of the original PCA. In addition, we present a dimensionality reduction technique for the proposed method and use it to improve the performance of secure similar document detection. Finally, through various experiments, we show that the proposed method effectively and efficiently works in a large amount of multi-dimensional data.

• Knowledge Management Research
• /
• v.25 no.2
• /
• pp.219-243
• /
• 2024

This study investigates the impact of privacy concerns, perceived utility, and awareness of the right to personal data self-determination on the effective use and expansion of MyData services, which are critical to the data economy. Integrating the value-based adoption model with privacy calculus theory, the research examines how perceived utility, privacy concerns, trust, and personal innovativeness influence perceived value, perceived privacy, and the intention to provide personal information. Data collected from an online survey of 442 MyData service users and prospective users were analyzed using PLS-SEM and Bootstrapping methods via SmartPLS 4. The results indicate that perceived utility positively affects the intention to provide personal information, while privacy concerns have a negative impact. Trust and personal innovativeness positively influence the intention to adopt MyData services, and the awareness of personal data self-determination rights moderates these intentions. The findings underscore the importance of developing beneficial services that mitigate users' privacy concerns and build trust for the successful implementation of MyData services. Additionally, the study highlights the need for education and awareness campaigns to enhance understanding of the right to personal data self-determination.