• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1025-1035
• /
• 2013

There has been an explosive increase in the population of OSN(online social network) for 10 years. OSN provides users with many opportunities to have communication among friends, families and goes so far as to make relationships among unknown people having similar belief or interest. However, OSN also produced adverse effects such as privacy breaches, leaking uncontrolled information or disseminating false information. Access control models such as MAC, DAC, RBAC are applied to the OSN to control those problems but those models in OSN are not fit in dynamic OSN environment because user's acts in OSN are unpredictable and static access control imposes burden on users to change access control rules one by one. This paper proposes the dynamic trust-based access control to solve the problems of traditional static access control in OSN.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.10
• /
• pp.2199-2206
• /
• 2012

Identity authentication sharing technology which allows many service providers to share the result of identity authentication of an identity provider provides several important advantages including high usability achieved by avoiding repeated registration of identity information to service providers and single sign-on, cost effectiveness of service providers achieved by outsourcing identity authentication services from identity providers, and privacy protection achieved by exposing identity information only to a limited number of controlled identity providers. However, in order for the identity authentication sharing technologies to be widely deployed in global Internet scale, the trustworthiness issue among the participating identity providers, service providers, and users should be resolved in advance. This paper firstly analyzes existing trust frameworks for identity authentication sharing. And then, based on the result of analysis, this paper proposes a dynamic and open trust framework for identity authentication sharing.

• Journal of KIISE:Information Networking
• /
• v.37 no.6
• /
• pp.420-430
• /
• 2010

Due to increasing demand for improving road safety and optimizing road traffic, Vehicular Ad-Hoc Networks (VANET) have been subject to extensive attentions from all aspects of commercial industry and academic community. Security and user privacy are fundamental issues for all possible promising applications in VANET. Most of the existing security proposals for secure VANET concentrate authentication with privacy preservation in vehicle-to-vehicle (V2V) and vehicle-to-roadside infrastructure (V2I) communications and require huge storage and network capacity for management of revocation list. Motivated by the fact, we propose a new scheme with security and privacy preservation which combines V2V and V2I communication. With our proposed scheme, the communication and computational delay for authentication and overhead for management of revocation list can be significantly reduced due to mutual authentication between a vehicle and a Roadside Unit (RSU) requires only two messages, and the RSU issues the anonymous certificate for the vehicle on behalf of the Trust Authority (TA). We demonstrate that the proposed protocol cannot only guarantee the requirements of security and privacy but can also provide efficiency of authentication and management of revocation list.

• 한국경영정보학회:학술대회논문집
• /
• 2007.06a
• /
• pp.699-704
• /
• 2007

In this study, we examine why there exist different legal systems in electronic commerce or online financial trading. When a fraud online transaction occurs and the online customer disputes the transaction, the online customer takes responsibility for the proof of her/his argument in many European countries while in the U.S., the burden of proof lays on the firm. This paper analyzes how these two different legal systems exist and how these can be applied to electronic commerce law. In particular, this paper intends to find the optimal level of e-commerce firms' investment on security and analyzes how security investments can be related to firm's profits and consumer's welfare depending on IT infrastructure and social trust environment. More on, this paper can be contributed to provide guidelines for regulatory framework on ecommerce online transactions and discuss social welfare implications.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.8
• /
• pp.1577-1587
• /
• 2015

Privacy of financial customers is becoming important due to frequent leakage of personal information. Financial customers, who experience the leakage of personal information, feel threatened by their privacy and this changes customer's awareness about financial institutions or behavioral intentions. By examining the influence relation of personal information security vulnerability of the bank information system with usefulness, trust and attractiveness perceived by bank customers, this study aims to analyze the effect of each variable on bank customers' willingness to stay.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.8
• /
• pp.1472-1491
• /
• 2011

As used product transactions are currently on the rise, the demand for transactions of secondhand digital content will grow in the future; thus, learning to make secure transactions while avoiding cyber attacks becomes an important issue. In this paper, we combine the new buyer's secret key, the new buyer's watermark to embed in resold digital content, and the reseller's encrypted watermark, which can prove legal ownership of the reseller. Using the privacy homomorphism property of RSA and exponential calculus, the original seller of digital content can verify the legality of the reseller and the new buyer. We also reduced the load of encryption/decryption digital content using a partial encryption/decryption algorithm to make our protocol more efficient and practical. In the proposed protocol, the seller is not able to conduct piracy and easily frame any other innocent secondhand buyer when a case of piracy is found. In fact, piracy can be clearly traced using the privacy homomorphism property of RSA and the embedded watermark mechanism. Further, in the proposed protocol, the seller himself can trace the piracy using exponential calculus. Since it is unnecessary to trust third party participation, the conspiracy problem is resolved and the new buyer is not required to participate in the dispute. Moreover, the seller, reseller and new buyer can simultaneously benefit from the secondhand transaction.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.37-50
• /
• 2009

With the increase of number of internet services due to development of internet, it becomes a critical issue to appropriately manage the personal information about user's identity, that is ID information that service providers collect in terms of user's convenience improvement and privacy protection. But the existing ID information management models are service provider-centric or they insufficiently provide ID information management functions, so that they have not been satisfying user's requirement. In this paper, by establishing user-centric concept in we information management, we propose the new user-centric ID information management model in which user can make use of the internet service more conveniently and eventually enhance user's privacy.

• Journal of Research and Publication Ethics
• /
• v.4 no.1
• /
• pp.1-7
• /
• 2023

Purpose: Poor anonymity and confidential strategies by a researcher not only develop unprecedented and precedented harm to participants but also impacts the overall critical appraisal of the research outcomes. Therefore, understanding and applying anonymity and confidentiality in research is key for credible research. As such, this research expansively presents the importance of anonymity and confidentiality for research surveys through critical literature reviews of past works. Research design, data and methodology: This research has selected the literature content approach to obtain proper literature dataset which was proven by high degree of validity and reliability using only books and peer-reviewed research articles. The current authors have conducted screening procedure thoroughly to collect better fitted resources. Results: Research findings consistently mentioned the confidentiality and anonymity principles are preserved and implemented as a means of protecting the privacy of all individuals, establishing trust and rapport between researchers and study participants, as a way of critically upholding research ethical standards, and preserving the integrity of research processes. Conclusions: Confidentiality and anonymity are research ethical principles that help in providing informed consent to participants assuring subjects of the privacy of their personal data. As provided by research bodies and organizations, every research process has to incorporate the principles to meet credibility.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.4
• /
• pp.1059-1074
• /
• 2024

The paper is an attempt to study the individual's intention to use mobile banking. In light of the results obtained from the study, the proposed model offers a better fit with the data and explains the intention of individuals to use mobile banking services. Government support, trust, and compatibility significantly contribute to the Perceived behavioral control of a bank customer to use mobile banking while Perceived ease of use, Perceived usefulness, Security and privacy, and risk have a significant positive impact on the attitude of the individuals to utilize mobile banking service. The study uses primary data and the final instrument was administered to 950 respondents, across the country of which 904 data were used for the analysis after editing to accommodate the missing values. The study has adopted structural equation modeling approach to analyze the relationships between the variables in the study. The proposed framework in this study can be utilized to identify the factors that promote the adoption of mobile banking practices and the study also has the potential to provide updated and comprehensive literature on mobile banking, which can accelerate future research in this field.

• Information Systems Review
• /
• v.25 no.1
• /
• pp.165-187
• /
• 2023

The continuous increase in life expectancy and high interest in health has brought about significant changes in the use of health information by the public according to the development of information technology represented by the Internet and smartphones. As the medical market expands to the mobile health environment, many health-related apps have been created and distributed, but the acceptance rate is slow as it has become challenging to provide services due to various regulations. In this study, perceived value, perceived risk factors (psychological risk, risk of time-loss, legal risk), and perceived benefits (usefulness, interaction, autonomy) were derived and verified as factors that affect the acceptance resistance of personal health record apps based on the privacy calculation model. In addition, by analyzing the moderating effect of trust in the manufacturer, how the perceived risk and perceived benefit affect the perceived value was verified. A survey was conducted on Korean college students who recognized the personal health record apps but did not use them, and 127 samples were analyzed using structural equations. As a result of hypothesis verification, perceived value has a negative effect on acceptance resistance, perceived risk (risk of time-loss) has a negative effect on perceived value, and perceived benefits (usefulness, interaction, autonomy) were found to have a positive effect on perceived value. Trust in manufacturers has weakened the impact of perceived risks (legal risk) on perceived values. This study is expected to play an important role in maintaining a competitive advantage in the personal health record app market environment by identifying and proposing detailed criteria for reducing the acceptance resistance of personal health record apps.