• Knowledge Management Research
• /
• v.16 no.3
• /
• pp.23-40
• /
• 2015

Despite much interest and investment in the Internet of Things (IoT) which expand the Internet to a ubiquitous network including objects in the physical world, there is growing concerns of privacy protections. Because the risk of privacy invasion is higher in IoT environments than ever before, privacy need to be a key issue in the diffusion of IoT. Considering that the privacy concern is a critical barrier for user to adopt information technologies, it is important to investigate users' privacy concerns related to IoT applications. From the triad perspective (i.e., risk on technology, risk on service provider, and trust on legislation), this study aims to examine users' privacy concerns in the context of activity trackers.

• Convergence Security Journal
• /
• v.17 no.3
• /
• pp.31-40
• /
• 2017

UAV (Unmanned Aerial Vehicle) is increasingly used in diverse fields such as disaster, distributi on, and logistics, but it is pointed out that the inadequacy of related laws and invasion of privacy is an obstacle to industrial growth. The regulatory framework for UAV convergence services is pr oposed based on the regulatory framework. From the technical point of view, regulation on archite ctural design, from the market point of view, concurrent operation of services in a limited area, a l egal evaluation based on post-evaluation rather than a pre-regulation under the legislation of visua l information protection law and a social consensus will contribute to the early settlement of UAV -based convergence services.

• Journal of Internet Computing and Services
• /
• v.10 no.2
• /
• pp.29-40
• /
• 2009

The development of information technology such as the internet has brought about rapidly changes the old medical technology, e-Healthcare has been to raise social issue. The e-Healthcare which new turning point of paradigm in the medical information develops the medical policy in Korea and the technology, the prospective of reverse engineering in internet environment is incurring problems such as distribution of critical information and invasion and infringement of privacy, etc. In this research, we suggest the Role Based Access Control System, HPIP-e-Healthcare Privacy Information Protection, for solving above problem. The HPIP is composed 4 mechanisms such as Consolidate User Identity, Hospital Authorization, Medical Record Access Control, Patient Diagnosis and we are also prototyping the HPIP for feasible approach in the real computing environment.

• Journal of Internet Computing and Services
• /
• v.17 no.2
• /
• pp.77-85
• /
• 2016

Internet cookie technology is designed for solving unreliable problem of HTTP's inherent property and notifying user's previous activity to web site's server, so it is useful to provide suitable service for individual user. However, the cookie techniques are becoming more sophisticated such as the third cookie and super cookie. And its included information is applied for advertisement and target marketing strategy, so the problem occurs that user's personal information is collected excessively. However, our law does not recognize the internet cookie as personal information so user cannot know where own internet cookie is stored and applicable. Therefore, in this paper, we explain the internet cookie technology, the privacy invasion and right to be forgotten for solving problem due to the internet cookie. And we analysis the relationship between the information of internet cookie and personal information, and then present the improvement requirement on the law and technology to use internet cookie securely and conveniently.

• Information Systems Review
• /
• v.11 no.2
• /
• pp.91-111
• /
• 2009

Collection and use of personal information have enabled firms to improve their value propositions by offering personalization. On the other hand, they have caused widespread concerns by consumers that their privacy is invaded. Because previously distributed personal information can be integrated and utilized to offer more personalized services, those concerns may be intensified with the progress of the digital convergence environment. In this study, factors for privacy invasion and their impact on the privacy concerns are suggested. Then, an empirical study is conducted to examine some of the suggestions. From the analysis, several results are derived. First, as more personal data are collected, secrecy and autonomy concerns increase exponentially rather than steadily. Second, as targeting accuracy is improved, greater secrecy and autonomy concerns are expressed by consumers, but less seclusion concerns. Finally, monetary reward such as coupons can reduce seclusion concerns when targeting accuracy is high. Based on the results, implications for managing consumer privacy concerns are provided under digital convergence environment.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.1
• /
• pp.171-178
• /
• 2023

As the risk of privacy invasion due to self-disclosure increases in SNS environment, many studies have tried to discover the influencing factors of self-disclosure. This study is an extension of this research stream and pays attention to the role of interaction privacy controls(friend list and privacy settings) as a new influencing factor. Specifically, the study theorizes and test the logic that the ability to effectively control interactions between individuals using IPC(called IPC usefulness) satisfies the three psychological needs(autonomy, relationship, and competency needs) suggested by the Self-Determination Theory, and in turn increase the amount of self-disclosure. As a result of data analysis, it was found that IPC usefulness has a very strong influence on the satisfaction of psychological needs and is a major factor in increasing the degree of self-disclosure by users. Based on these findings, the study discusses the theoretical and practical implications as well as future research directions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.149-160
• /
• 2008

As individual users have to provide more information than the minimum for using information communication service, the invasion of privacy of Individual users is increasing. That is why client/server based personal information security platform technologies are being developed such as P3P, EPAL and XACML. By the way enterprises and organizations using primarily role based access control can not use these technologies. because those technologies apply access control policies to individual subjects. In this paper, we suggest an expression language for privacy enhancing role-based access control policy. Suggested privacy enhancing role-based access control policy language model is a variation of XACML which uses matching method and condition, and separately contains elements of role, purpose, and obligation. We suggest policy language model for permission assignment in this paper, shows not only privacy policy scenario with policy document instance, but also request context and response context for helping understanding.

• Information Systems Review
• /
• v.17 no.3
• /
• pp.77-94
• /
• 2015

As Internet has become a popular media for sharing information, users create and share tremendous volume of information including large amount of personal information in cyberspace. Sharing private information online can enhance strength of social relationship but it could also bring negative consequences like information privacy invasion. Although many companies and governments address the importance of information privacy online, there are countless cases of crimes and hackings relating personal information online world wide. Since there are some researches investigating the role of governments and organizations on online privacy domain but there is little research regarding users' privacy protection behaviors. This study investigates relationship between Internet users' information privacy protection behavior and environmental factors. Especially, this study focuses on users' behaviors regarding information privacy protection technology adoption. According to our research results, users' online privacy protective behaviors positively affected by governmental regulations expressed as an information privacy protection law. In addition, if user is allowed to use anonymity when he or she uses online services, they have more tendencies to adopt privacy protection technologies. The detailed research findings and contribution are discussed as well.

• Informatization Policy
• /
• v.19 no.4
• /
• pp.63-82
• /
• 2012

The world's best level of ICT(Information, Communication and Technology) infrastructure has experienced the world's worst level of ICT accident in Korea. The number of major accidents of privacy invasion has been three times larger than the total number of Internet user of Korea. The cause of the severe accident was due to big data environment. As a result, big data environment has become an important policy agenda. This paper has conducted analyzing the accident case of data spill to study policy issues for ICT security from a social science perspective focusing on risk. The results from case analysis are as follows. First, ICT risk can be categorized 'severe, strong, intensive and individual'from the level of both probability and impact. Second, strategy of risk management can be designated 'avoid, transfer, mitigate, accept' by understanding their own culture type of relative group such as 'hierarchy, egalitarianism, fatalism and individualism'. Third, personal data has contained characteristics of big data such like 'volume, velocity, variety' for each risk situation. Therefore, government needs to establish a standing organization responsible for ICT risk policy and management in a new big data era. And the policy for ICT risk management needs to balance in considering 'technology, norms, laws, and market'in big data era.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.18 no.3
• /
• pp.25-32
• /
• 2022

DID(Decentralized Identity Identification) is a system in which users voluntarily manage their identity, etc., and control the scope and subject of submission of identity information based on a block chain. In the era of the 4th industrial revolution, where the importance of protecting personal information is increasing day by day, DID will surely be positioned as the industrial center of the Internet and e-business. However, when managing personal information, DID is highly likely to cause a large amount of personal information leakage due to electronic infringement, such as hacking and invasion of privacy caused by the concentration of user's identity information on global service users. Therefore, there are a number of challenges to be solved before DID settles into a stable standardization. Therefore, in this paper, we try to examine what problems exist in order to positively apply the development of DID technology, and analyze the improvement plan to become a stable service in the future.