• Journal of Korea Society of Industrial Information Systems
• /
• v.19 no.3
• /
• pp.57-66
• /
• 2014

This paper proposes the UHISRL(Ubiquitous Healthcare Information System based on Real Time Location) which manages patient, doctor, medicine by using RFID. The proposed UHISRL monitors the patient's health state, and enables us to confirm the result with Smart Phone and Tablet PC. Also, it can block Replay and Spoofing attack by using the ERHL(Extended Randomized Hash Lock) authentication scheme designed in this paper. A patient privacy is enhanced by limiting UHISRL DB access according to attributes with CP-ABE (Cipher Text - Attributed based Encryption) technique. Specially, UHISRL can prevent an unexpected accident by monitoring a chronic patient's emergency situation in real time.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.2B
• /
• pp.164-173
• /
• 2006

It is essential to ensure public use of and privacy of location information for promoting the location based services. The grade designation for location information is required to accomplish them. The grade designation for location information can increase the reliability of location information and reinforce the right of choice for user. Therefore the institution of grade designation for location information should be introduced rapidly to keep up with the growth of the location based services industry.

• Journal of Internet Computing and Services
• /
• v.15 no.4
• /
• pp.141-152
• /
• 2014

According to proliferation of smartphones and extension of various services utilizing location information, markets of Location Based Service(LBS) have been activating all over the world. However, as the privacy violations of personal location information have been continuously increased, interests in the deregulation have been grown as well. While the regulations of location information can protect personal information and privacy, it causes some negative affect in terms of development of diverse services and industry activation. In particular, Korea is the only country that has applied strict restrictions of LBS by making location information related independent 'Location Information Protection Act'. As a result of this, the issues that LBS industry has no longer developed in Korea and it is necessary for us to relax the regulations have been consistently raised. Thus, this study confirmed that there was the negative(-) relationship between the regulations and the market activation of LBS by comparing and analyzing the correlation between the market growth rate of LBS and relevant regulations at home and abroad; the regulations are strengthened, restrictions in market entry and the business performance can occur. In other words, LBS business will be able to be activated if the regulations which have not directly related to the privacy have been relaxed.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2004.05a
• /
• pp.131-134
• /
• 2004

위치기반서비스(Location Based Service)는 이동중인 사용자의 위치 정보를 타 정보와 결합해 사용자가 요청, 혹은 필요로 하는 부가적인 응용 서비스를 제공하기 위한 기술을 말한다. 현재의 개인 위주의 서비스에서 국가 전반적인 인프라 차원으로 급속히 확대 발전함에 따라 사용자의 프라이버시(Privacy) 문제나 접근제어와 같은 인증문제가 중요한 이슈로 대두되고 있다. 본 논문에서는 LBS 기업체 동향 및 전반적인 사항을 분석하여 문제점을 도출하고 LBS 프라이버시(Privacy) 보호를 위한 접근제어 문제, 인증 문제 및 키 신규성 확인 기능을 제공하는 타원곡선 기반의 인증 및 키 교환 프로토콜 기술을 제시한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.07a
• /
• pp.412-414
• /
• 2005

Because a sensor node must operate on a tiny battery, the goal to eliminate energy inefficiencies leads the current researchers excavating for new techniques to advocate. As sensor networks edge closer towards wide spread deployment, security issues become a central concern. So far much research has focused on making sensor networks feasible and useful, and has not concentrated much on security issues especially computationally inexpensive techniques. In this paper we introduce a simple scheme relying on one-way hash-functions that greatly enhances location privacy by changing traceable identifiers on every read getting by with only a single, unreliable message exchange. Thereby the scheme is safe from many threats like eavesdropping, message interception, spoofing, and replay attacks.

• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.285-291
• /
• 2022

WSN is the major component for information transfer in IoT environments. Source Location Privacy (SLP) has attracted attention in WSN environments. Effective SLP can avoid adversaries to backtrack and capture source nodes. This work presents a Two-Level Randomized Sector-based Routing (TLRSR) model to ensure SLP in wireless environments. Sector creation is the initial process, where the nodes in the network are grouped into defined sectors. The first level routing process identifies sector-based route to the destination node, which is performed by Ant Colony Optimization (ACO). The second level performs route extraction, which identifies the actual nodes for transmission. The route extraction is randomized and is performed using Simulated Annealing. This process is distributed between the nodes, hence ensures even charge depletion across the network. Randomized node selection process ensures SLP and also avoids depletion of certain specific nodes, resulting in increased network lifetime. Experiments and comparisons indicate faster route detection and optimal paths by the TLRSR model.

• Spatial Information Research
• /
• v.20 no.4
• /
• pp.83-92
• /
• 2012

Location-based services (LBS) are increasingly popular due to the improvement of geo-positioning capabilities and wireless communication technology. However, in order to enjoy LBS services, a user requesting a query must send his/her exact location to the LBS provider. Therefore, it is a key challenge to preserve user's privacy while providing LBS. To solve this problem, the existing method employs a 2PASS cloaking framework that not only hides the actual user location but also reduces bandwidth consumption. However, 2PASS does not fully guarantee the actual user privacy because it does not take the real user distribution into account. Hence, in this paper, we propose a nearest neighbor query processing algorithm that supports K-anonymity property based on the weighted adjacency graph(WAG). Our algorithm not only preserves the location of a user by guaranteeing k-anonymity in a query region, but also improves a bandwidth usage by reducing unnecessary search for a query result. We demonstrate from experimental results that our algorithm outperforms the existing one in terms of query processing time and bandwidth usage.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.7
• /
• pp.93-101
• /
• 2020

Regional CRL(certificate revocation list) in vehicular communications is to partition Full CRL into several small CRLs according to geographic location to keep the size of individual CRLs with smaller. However, since a Regional CRL includes vehicle's revoked certificates within its administrative region, it has to know vehicle' location. For this, how to know vehicle' location effectively corresponding to every region represents a major challenge. This paper proposes a Regional CRL scheme which is envisioned to achieve vehicle's location and to make regional CRLs according to vehicles current location efficiently. The scheme is based on the short-lived pseudonyms defined by WAVE standard. It also acquires issued pseudonyms, vehicle's id and region information whenever a vehicle initiates pseudonyms refill after that, utilizes them to create and distribute the Regional CRL. To keep location privacy-preserving for vehicles, the scheme uses the blockchain technology in the network. The analysis results show that it reduces CRL size and database query time for finding revoked certificates sharply in the vehicle's on-board unit.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.1
• /
• pp.189-193
• /
• 2014

SNS (Social Network Service) has evolved to life-friendly service with the combination of local services. Unlike exsiting mobile services, life-friendly service is expected to be personalized with gathering of local information, location information and social network service information. In the process of gathering various kinds of information, Big-data technology and Cloud technology is needed. The effective algorithem has researched for this already, however the privacy protection model hasn't researched enough in life-friendly service or big-data using circumstance. In this paper, the privacy issue is dealt with in terms of 'Structure hole', and the privacy issue comes from big-data technology of life-friendly service.

• Asia pacific journal of information systems
• /
• v.18 no.1
• /
• pp.145-162
• /
• 2008

One of the big concerns in e-society is privacy issue. In special, in developing robust ubiquitous smart space and corresponding services, user profile and preference are collected by the service providers. Privacy issue would be more critical in context-aware services simply because most of the context data themselves are private information: user's current location, current schedule, friends nearby and even her/his health data. To realize the potential of ubiquitous smart space, the systems embedded in the space should corporate personal privacy preferences. When the users invoke a set of services, they are asked to allow the service providers or smart space to make use of personal information which is related to privacy concerns. For this reason, the users unhappily provide the personal information or even deny to get served. On the other side, service provider needs personal information as rich as possible with minimal personal information to discern royal and trustworthy customers and those who are not. It would be desirable to enlarge the allowable personal information complying with the service provider's request, whereas minimizing service provider's requiring personal information which is not allowed to be submitted and user's submitting information which is of no value to the service provider. In special, if any personal information required by the service provider is not allowed, service will not be provided to the user. P3P (Platform for Privacy Preferences) has been regarded as one of the promising alternatives to preserve the personal information in the course of electronic transactions. However, P3P mainly focuses on preserving the buyers' personal information. From time to time, the service provider's business data should be protected from the unintended usage from the buyers. Moreover, even though the user's privacy preference could depend on the context happened to the user, legacy P3P does not handle the contextual change of privacy preferences. Hence, the purpose of this paper is to propose a mutual P3P-based negotiation mechanism. To do so, service provider's privacy concern is considered as well as the users'. User's privacy policy on the service provider's information also should be informed to the service providers before the service begins. Second, privacy policy is contextually designed according to the user's current context because the nomadic user's privacy concern structure may be altered contextually. Hence, the methodology includes mutual privacy policy and personalization. Overall framework of the mechanism and new code of ethics is described in section 2. Pervasive platform for mutual P3P considers user type and context field, which involves current activity, location, social context, objects nearby and physical environments. Our mutual P3P includes the privacy preference not only for the buyers but also the sellers, that is, service providers. Negotiation methodology for mutual P3P is proposed in section 3. Based on the fact that privacy concern occurs when there are needs for information access and at the same time those for information hiding. Our mechanism was implemented based on an actual shopping mall to increase the feasibility of the idea proposed in this paper. A shopping service is assumed as a context-aware service, and data groups for the service are enumerated. The privacy policy for each data group is represented as APPEL format. To examine the performance of the example service, in section 4, simulation approach is adopted in this paper. For the simulation, five data elements are considered: $\cdot$ UserID $\cdot$ User preference $\cdot$ Phone number $\cdot$ Home address $\cdot$ Product information $\cdot$ Service profile. For the negotiation, reputation is selected as a strategic value. Then the following cases are compared: $\cdot$ Legacy P3P is considered $\cdot$ Mutual P3P is considered without strategic value $\cdot$ Mutual P3P is considered with strategic value. The simulation results show that mutual P3P outperforms legacy P3P. Moreover, we could conclude that when mutual P3P is considered with strategic value, performance was better than that of mutual P3P is considered without strategic value in terms of service safety.