• Title/Summary/Keyword: Privacy Protection

Search Result 865, Processing Time 0.035 seconds

A Differential Privacy Approach to Preserve GWAS Data Sharing based on A Game Theoretic Perspective

  • Yan, Jun;Han, Ziwei;Zhou, Yihui;Lu, Laifeng
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.16 no.3
    • /
    • pp.1028-1046
    • /
    • 2022
  • Genome-wide association studies (GWAS) aim to find the significant genetic variants for common complex disease. However, genotype data has privacy information such as disease status and identity, which make data sharing and research difficult. Differential privacy is widely used in the privacy protection of data sharing. The current differential privacy approach in GWAS pays no attention to raw data but to statistical data, and doesn't achieve equilibrium between utility and privacy, so that data sharing is hindered and it hampers the development of genomics. To share data more securely, we propose a differential privacy preserving approach of data sharing for GWAS, and achieve the equilibrium between privacy and data utility. Firstly, a reasonable disturbance interval for the genotype is calculated based on the expected utility. Secondly, based on the interval, we get the Nash equilibrium point between utility and privacy. Finally, based on the equilibrium point, the original genotype matrix is perturbed with differential privacy, and the corresponding random genotype matrix is obtained. We theoretically and experimentally show that the method satisfies expected privacy protection and utility. This method provides engineering guidance for protecting GWAS data privacy.

A Study on the Investigation of the Awareness for the Privacy of the Users at the School Libraries (학교도서관 이용자의 프라이버시에 대한 인식조사연구)

  • Sim, Jae-yun;Noh, Younghee
    • Journal of the Korean BIBLIA Society for library and Information Science
    • /
    • v.26 no.4
    • /
    • pp.31-63
    • /
    • 2015
  • This research was based on the investigation of the awarenesses of librarians of issues regarding the privacy of the users of school libraries. It sought to determine if, by raising the issue of the importance of the need for the protection of the personal information of the users of the school libraries, and the implications of not paying attention to the rules in effect, the awareness regarding the privacy of the users of school libraries would be improved. For this, previous research related to the privacy of the students, the legal basis for the protection of the privacy of the domestic and foreign students, and the types of the infringements upon the protection of their personal information were investigated. A survey was conducted to measure the awareness of issues related to the privacy of the users of the library. The research showed the results as follows: First, the awarenesses regarding the privacy of the users of the school libraries appeared low, and low recognition was also found regarding the awareness of the cases of the infringements upon the privacy of the users of the school libraries; regarding the awareness in relation to the protection of privacy; regarding the seriousness of the privacy problems of the users; and regarding the factors that can encroach upon the privacy of the users. Second, regarding the seriousness felt when the library records of the users of the school libraries are leaked to the outside, 41.6% of the respondents responded by saying "It is serious", and 18.4% responded by saying "It is not serious". Third, as a result of investigating the awareness regarding whether the consent of the person concerned is needed in case a third party requests access to reading the records in the library, 68.5% of the respondent responded "It is needed", and only 10.4% responded "It is not needed". Last, in the investigation into whether the respondents had the experience of being educated as to the rules related to the privacy of the users at a school or an external organization, over 80% of the respondents answered that they did not receive it.

Privacy Protection Method for Sensitive Weighted Edges in Social Networks

  • Gong, Weihua;Jin, Rong;Li, Yanjun;Yang, Lianghuai;Mei, Jianping
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.2
    • /
    • pp.540-557
    • /
    • 2021
  • Privacy vulnerability of social networks is one of the major concerns for social science research and business analysis. Most existing studies which mainly focus on un-weighted network graph, have designed various privacy models similar to k-anonymity to prevent data disclosure of vertex attributes or relationships, but they may be suffered from serious problems of huge information loss and significant modification of key properties of the network structure. Furthermore, there still lacks further considerations of privacy protection for important sensitive edges in weighted social networks. To address this problem, this paper proposes a privacy preserving method to protect sensitive weighted edges. Firstly, the sensitive edges are differentiated from weighted edges according to the edge betweenness centrality, which evaluates the importance of entities in social network. Then, the perturbation operations are used to preserve the privacy of weighted social network by adding some pseudo-edges or modifying specific edge weights, so that the bottleneck problem of information flow can be well resolved in key area of the social network. Experimental results show that the proposed method can not only effectively preserve the sensitive edges with lower computation cost, but also maintain the stability of the network structures. Further, the capability of defending against malicious attacks to important sensitive edges has been greatly improved.

Standard Implementation for Privacy Framework and Privacy Reference Architecture for Protecting Personally Identifiable Information

  • Shin, Yong-Nyuo
    • International Journal of Fuzzy Logic and Intelligent Systems
    • /
    • v.11 no.3
    • /
    • pp.197-203
    • /
    • 2011
  • Personal Identifiable Information (PII) is considered information that identifies or can be used to identify, contact, or locate a person to whom such information pertains or that is or might be linked to a natural person directly or indirectly. In order to recognize such data processed within information and communication technologies such as PII, it should be determined at which stage the information identifies, or can be associated with, an individual. For this, there has been ongoing research for privacy protection mechanism to protect PII, which now becomes one of hot issues in the International Standard as privacy framework and privacy reference architecture. Data processing flow models should be developed as an integral component of privacy risk assessments. Such diagrams are also the basis for categorizing PII. The data processing flow may not only show areas where the PII has a certain level of sensitivity or importance and, as a consequence, requires the implementation of stronger safeguarding measures. This paper propose a standard format for satisfying the ISO/IEC 29100 "Privacy Framework" and shows an implementation example for privacy reference architecture implementing privacy controls for the processing of PII in information and communication technology.

A Content Analysis of Web sites from a Perspective of Children's Online Privacy Protection (아동 대상 인터넷 사이트의 개인정보보호 실태와 개선 방향)

  • Kim, So-Ra;Rhee, Kee-Choon
    • Journal of the Korean Home Economics Association
    • /
    • v.45 no.8
    • /
    • pp.127-142
    • /
    • 2007
  • The objective of this study was to discuss child privacy issues at Web sites targeting children, Specifically, the study examined l)types of information required for join the membership, 2)whether privacy policies at Web sites for children abide by privacy guideline, and 3)specific examples of recommendable privacy policy and problematic privacy policy from Web sites, Total of 305 Web sites targeting children were used for content analysis, Selected Web sites included recommended sites by Korea Council of Children's Organizations and food business Web sites, The results showed that more than 70% of Web sites required private information when children join the membership. Most of these Web sites provided mailing service for children. Generally, Web sites showed problems in parents' approval procedures. Also, privacy policies at Web sites frequently omitted purpose specification principle and the security safeguard principle. Regulating online service provides and marketers targeting children would be necessary for protecting child privacy. Further, education program targeting parents and children could help them make right choices to protect children's online privacy.

Integrated Privacy Protection Model based on RBAC (RBAC에 기초한 통합형 프라이버시 보호 모델)

  • Cho, Hyug-Hyun;Park, Hee-Man;Lee, Young-Lok;Noh, Bong-Nam;Lee, Hyung-Hyo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.4
    • /
    • pp.135-144
    • /
    • 2010
  • Privacy protection can only be achieved by enforcing privacy policies within an enterprise's on and offline data processing systems. There are P-RBAC model and purpose based model and obligations model among privacy policy models. But only these models each can not dynamically deal with the rapidly changing business environment. Even though users are in the same role, on occasion, secure system has to opt for a figure among them who is smart, capable and supremely confident and to give him/her a special mission during a given period and to strengthen privacy protection by permitting to present fluently access control conditions. For this, we propose Integrated Privacy Protection Model based on RBAC. Our model includes purpose model and P-RBAC and obligation model. And lastly, we define high level policy language model based XML to be independent of platforms and applications.

Analysis of Personal Information Protection Circumstances based on Collecting and Storing Data in Privacy Policies (개인정보처리방침의 데이터를 활용한 개인정보보호 현황 분석)

  • Lee, Jae-Geun;Kang, Sang-Ug;Youm, Heung-Youl
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.4
    • /
    • pp.767-779
    • /
    • 2013
  • A field of privacy protection lacks statistical information about the current status, compared to other fields. On top of that, since it has not been classified as a concrete separate field, the related survey is only conducted as a part of such concrete areas. Furthermore, this trend of being regarded as a part of fields such as informatization, information protection and law will continue in the near future. In this paper, a novel and practical way for collecting and storing a big amout of data from 110,000 privacy policies by data controller is proposed and the real analysis results is also shown. The proposed method can save time and cost compared with the traditional survey-based method while maintaining or even advancing the accuracy of results and speediness of process. The collected big personal data can be used to set up various kinds of statistical models and they will play an important role as a breakthrough of observing the present status of privacy information protection policy. The big data concept is incorporated into the privacy protection and we can observe the method and some results throughout the paper.

Development of Personal Information Protection Model using a Mobile Agent

  • Bae, Seong-Hee;Kim, Jae-Joon
    • Journal of Information Processing Systems
    • /
    • v.6 no.2
    • /
    • pp.185-196
    • /
    • 2010
  • This paper proposes a personal information protection model that allows a user to regulate his or her own personal information and privacy protection policies to receive services provided by a service provider without having to reveal personal information in a way that the user is opposed to. When the user needs to receive a service that requires personal information, the user will only reveal personal information that they find acceptable and for uses that they agree with. Users receive desired services from the service provider only when there is agreement between the user's and the service provider's security policies. Moreover, the proposed model utilizes a mobile agent that is transmitted from the user's personal space, providing the user with complete control over their privacy protection. In addition, the mobile agent is itself a self-destructing program that eliminates the possibility of personal information being leaked. The mobile agent described in this paper allows users to truly control access to their personal information.

A Framework for measuring query privacy in Location-based Service

  • Zhang, Xuejun;Gui, Xiaolin;Tian, Feng
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.5
    • /
    • pp.1717-1732
    • /
    • 2015
  • The widespread use of location-based services (LBSs), which allows untrusted service provider to collect large number of user request records, leads to serious privacy concerns. In response to these issues, a number of LBS privacy protection mechanisms (LPPMs) have been recently proposed. However, the evaluation of these LPPMs usually disregards the background knowledge that the adversary may possess about users' contextual information, which runs the risk of wrongly evaluating users' query privacy. In this paper, we address these issues by proposing a generic formal quantification framework,which comprehensively contemplate the various elements that influence the query privacy of users and explicitly states the knowledge that an adversary might have in the context of query privacy. Moreover, a way to model the adversary's attack on query privacy is proposed, which allows us to show the insufficiency of the existing query privacy metrics, e.g., k-anonymity. Thus we propose two new metrics: entropy anonymity and mutual information anonymity. Lastly, we run a set of experiments on datasets generated by network based generator of moving objects proposed by Thomas Brinkhoff. The results show the effectiveness and efficient of our framework to measure the LPPM.

The Protecton of Privacy on Secondary Use of Personal Health Imformation (의료기관 개인건강정보의 이차적 이용)

  • Kim, Jang-Han
    • The Korean Society of Law and Medicine
    • /
    • v.11 no.1
    • /
    • pp.117-143
    • /
    • 2010
  • Along with the development of digital technologies, the information obtained during the medical procedures was working as a source of valuable assets. Especially, the secondary use of personal health information gives the ordeal to privacy protection problems. In korea, the usage of personal medical information is basically regulated by the several laws in view of general and administrative Act like Medicine Act, Public institutions' personal information protection Act, Information-Network Act etc. There is no specific health information protection Act. Health information exchange program for the blood donor referral related with teratogenic drugs and contagious disease and medical treatment reporting system for income tax convenience are the two examples of recently occurred secondary use of health information in Korea. Basically the secondary use of protected health information is depend on the risk-benefit analysis. But to accomplish the minimal invasion to privacy, we need to consider collection limitation principle first. If the expected results were attained with alternative method which is less privacy invasive, we could consider the present method is unconstitutional due to the violation of proportionality rule.

  • PDF