• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.5
• /
• pp.1717-1732
• /
• 2015

The widespread use of location-based services (LBSs), which allows untrusted service provider to collect large number of user request records, leads to serious privacy concerns. In response to these issues, a number of LBS privacy protection mechanisms (LPPMs) have been recently proposed. However, the evaluation of these LPPMs usually disregards the background knowledge that the adversary may possess about users' contextual information, which runs the risk of wrongly evaluating users' query privacy. In this paper, we address these issues by proposing a generic formal quantification framework,which comprehensively contemplate the various elements that influence the query privacy of users and explicitly states the knowledge that an adversary might have in the context of query privacy. Moreover, a way to model the adversary's attack on query privacy is proposed, which allows us to show the insufficiency of the existing query privacy metrics, e.g., k-anonymity. Thus we propose two new metrics: entropy anonymity and mutual information anonymity. Lastly, we run a set of experiments on datasets generated by network based generator of moving objects proposed by Thomas Brinkhoff. The results show the effectiveness and efficient of our framework to measure the LPPM.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.11
• /
• pp.8057-8063
• /
• 2015

It is expected that internet of things can be used for various fields such as smart home, smart building and smart city as the representative case of ICT that sensor, communication and interface technologies operate organically and the researches of the technologies regarding internet of things are being carried out in each countries worldwide. However, many problems rise against internet of things continuously in respect of security. Among them, the problem of privacy is the one that should be solved definitely regarding internet of things. If user data does not remain during the process of user authentication, such the privacy problem can be solved. In this paper, we propose the framework of user authentication based on OAuth that is suitable for the environment of internet of things that can solve privacy problem and analyze its security.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.5
• /
• pp.1341-1368
• /
• 2024

The concept of privacy-preserving collaborative filtering (PPCF) has been gaining significant attention. Due to the fact that model-based recommendation methods with privacy are more efficient online, privacy-preserving memory-based scheme should be avoided in favor of model-based recommendation methods with privacy. Several studies in the current literature have examined ant colony clustering algorithms that are based on non-privacy collaborative filtering schemes. Nevertheless, the literature does not contain any studies that consider privacy in the context of ant colony clustering-based CF schema. This study employed the ant colony clustering model-based PPCF scheme. Attacks like shilling or profile injection could potentially be successful against privacy-preserving model-based collaborative filtering techniques. Afterwards, the scheme's robustness was assessed by conducting a shilling attack using six different attack models. We utilize masked data-based profile injection attacks against a privacy-preserving ant colony clustering-based prediction algorithm. Subsequently, we conduct extensive experiments utilizing authentic data to assess its robustness against profile injection attacks. In addition, we evaluate the resilience of the ant colony clustering model-based PPCF against shilling attacks by comparing it to established PPCF memory and model-based prediction techniques. The empirical findings indicate that push attack models exerted a substantial influence on the predictions, whereas nuke attack models demonstrated limited efficacy.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.7B
• /
• pp.438-447
• /
• 2007

In the Internet, an identity service must to obtain permission from a user to allow them to share data with requesting service. For that, the privacy policy, which reflects legal regulations and preferences made by the user, is needed. Also, the management interface that aids the user to make the privacy policy and the PDP system that makes admission control and policy decisions in response to a request from an entity wanting to access the personal information are needed. In this paper, the privacy controller system model handled under the internet Identity management system environment is proposed. The system has the easy interface of policy generation and the efficient policy decision process. The system applies and modifies to the XACML of OASIS group. We propose that the privacy policy is divided into the three policies, which are the user policy, the domain policy and the basic offering policy. To resolve the collision between the policies, we also propose the collision resolution policy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.8
• /
• pp.2948-2966
• /
• 2014

To promote recommendation services through prediction quality, some privacy-preserving collaborative filtering solutions are proposed to make e-commerce parties collaborate on partitioned data. It is almost probable that two parties hold ratings for the same users and items simultaneously; however, existing two-party privacy-preserving collaborative filtering solutions do not cover such overlaps. Since rating values and rated items are confidential, overlapping ratings make privacy-preservation more challenging. This study examines how to estimate predictions privately based on partitioned data with overlapped entries between two e-commerce companies. We consider both user-based and item-based collaborative filtering approaches and propose novel privacy-preserving collaborative filtering schemes in this sense. We also evaluate our schemes using real movie dataset, and the empirical outcomes show that the parties can promote collaborative services using our schemes.

• Asia pacific journal of information systems
• /
• v.28 no.4
• /
• pp.274-289
• /
• 2018

We examined the effects of socio-demographics and personality traits on online privacy concern. We investigated this relationship in general and across different Internet functions. Using a large, diverse, population-representative sample (N = 5,242), we found that females, educated, and wealthier individuals tend to be concerned with online privacy to a greater extent. Among personality traits, agreeableness and conscientiousness were generally associated with an increased probability of being concerned with online privacy. These results imply that socio-demographics and personality traits provide explanatory insights into online privacy concern.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.1
• /
• pp.253-258
• /
• 2021

In this study, we explored consumers' the privacy attitudes and Internet activities on the expectations of the fourth industrial revolution. Furthermore, we examined the moderating effect of Internet activities between the privacy attitudes and the expectations of the fourth industrial revolution. Research data are 2018 Korea media panel survey provided by Korea Information Society Development Institute. As a result, concerns about privacy were negative on the expectations of the fourth industrial revolution. Consumer's internet activities had a positive effect on the expectations of the fourth industrial revolution. Concerns about privacy have a negative effect on the expectations of the fourth industrial revolution, but active internet activities have mitigated it or turned it into a positive. This study will contribute as basic data for more active responses in the economic structure facing the 4th industrial revolution.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.8
• /
• pp.3328-3349
• /
• 2020

With rapid development of ubiquitous computing and location-based services (LBSs), human trajectory data and associated activities are increasingly easily recorded. Inappropriately publishing trajectory data may leak users' privacy. Therefore, we study publishing trajectory data while preserving privacy, denoted privacy-preserving activity trajectories publishing (PPATP). We propose S-PPATP to solve this problem. S-PPATP comprises three steps: modeling, algorithm design and algorithm adjustment. During modeling, two user models describe users' behaviors: one based on a Markov chain and the other based on the hidden Markov model. We assume a potential adversary who intends to infer users' privacy, defined as a set of sensitive information. An adversary model is then proposed to define the adversary's background knowledge and inference method. Additionally, privacy requirements and a data quality metric are defined for assessment. During algorithm design, we propose two publishing algorithms corresponding to the user models and prove that both algorithms satisfy the privacy requirement. Then, we perform a comparative analysis on utility, efficiency and speedup techniques. Finally, we evaluate our algorithms through experiments on several datasets. The experiment results verify that our proposed algorithms preserve users' privay. We also test utility and discuss the privacy-utility tradeoff that real-world data publishers may face.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.1
• /
• pp.147-169
• /
• 2024

In pace with the development of network technology at lightning speed, social networks have been extensively applied in our lives. However, as social networks retain a large number of users' sensitive information, the openness of this information makes social networks vulnerable to attacks by malicious attackers. To preserve the link privacy of individuals in social networks, an uncertain graph method based on node random response is devised, which satisfies differential privacy while maintaining expected data utility. In this method, to achieve privacy preserving, the random response is applied on nodes to achieve edge modification on an original graph and node differential privacy is introduced to inject uncertainty on the edges. Simultaneously, to keep data utility, a divide and conquer strategy is adopted to decompose the original graph into many sub-graphs and each sub-graph is dealt with separately. In particular, only some larger sub-graphs selected by the exponent mechanism are modified, which further reduces the perturbation to the original graph. The presented method is proven to satisfy differential privacy. The performances of experiments demonstrate that this uncertain graph method can effectively provide a strict privacy guarantee and maintain data utility.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1419-1427
• /
• 2012

This paper deals with the online privacy policy, which is designed to solve the information asymmetry problem between websites and internet users. We empirically analyze the recognition, confirmation of the online privacy policy, and its effects on online transaction behavior using a rich survey data representing 5,422 Korean internet users. Major results are as follows. First, there exists a significant difference between recognition and confirmation, and confirmation behavior is positively related with the importance of privacy issue and the experience of privacy invasion. Second, binary variable regressions show that internet user tends to participate in online transaction if he/she confirms the online privacy policy positively. Finally, if websites would make online privacy policy easy and short, a yearly online transaction market size of Korea would increase by 0.46 million participants and 22.4 billion KRW.