• The Journal of Society for e-Business Studies
• /
• v.21 no.1
• /
• pp.131-145
• /
• 2016

This study built the theoretical frameworks for empirical analysis based on the analysis of the relationship among the concepts of risk of information privacy, the policy of information privacy via the provision studies. Also, in order to analyze the relationship among the factors such as the concern of information privacy, trust, intention to offer the personal information, this study investigated the concepts of information privacy and studies related with the privacy, and established a research model about the information privacy. Followings are the results of this study: First, the information privacy risk has the positive effects upon the information privacy concern and it has the negative effects upon the trust. Second, the information privacy policy has the positive effects upon the information privacy concern and it has the negative effects upon the trust. Third, the information privacy concern has the negative effects upon the trust. At last, the information privacy concern has the negative effects upon the provision intention of personal information and the trust has positive effects upon the offering intention of personal information.

• Journal of Information Processing Systems
• /
• v.19 no.1
• /
• pp.1-16
• /
• 2023

Synthetic data generation is generally used in performance evaluation and function tests in data-intensive applications, as well as in various areas of data analytics, such as privacy-preserving data publishing (PPDP) and statistical disclosure limit/control. A significant amount of research has been conducted on tools and languages for data generation. However, existing tools and languages have been developed for specific purposes and are unsuitable for other domains. In this article, we propose a regular expression-based data generation language (DGL) for flexible big data generation. To achieve a general-purpose and powerful DGL, we enhanced the standard regular expressions to support the data domain, type/format inference, sequence and random generation, probability distributions, and resource reference. To efficiently implement the proposed language, we propose caching techniques for both the intermediate and database queries. We evaluated the proposed improvement experimentally.

• Journal of Internet Computing and Services
• /
• v.19 no.2
• /
• pp.1-7
• /
• 2018

Due to advances in DNA sequencing technologies, its medical value continues to grow. However, once genome data leaked, it cannot be revoked, and disclosure of personal genome information impacts a large group of individuals. Therefore, secure techniques for managing genomic big data should be developed. We first propose a privacy-preserving inner product protocol for large data sets using the homomorphic encryption of Gentry et al., and then we introduce an efficient privacy-preserving DNA matching protocol based on the proposed protocol. Our efficient protocol satisfies the requirements of correctness, confidentiality, and privacy.

• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.25-31
• /
• 2023

Fog computing diversifies cloud computing by using edge devices to provide computing, data storage, communication, management, and control services. As it has a decentralised infrastructure that is capable of amalgamating with cloud computing as well as providing real-time data analysis, it is an emerging method of using multidisciplinary domains for a variety of applications; such as the IoT, Big Data, and smart cities. This present study provides an overview of the security and privacy concerns of fog computing. It also examines its fundamentals and architecture as well as the current trends, challenges, and potential methods of overcoming issues in fog computing.

• Journal of Smart Tourism
• /
• v.2 no.1
• /
• pp.21-31
• /
• 2022

This review paper aims at providing a systematic analysis of articles published in various journals and related to the uses and business applications of big data. The goal is to provide a holistic picture of the place of big data in the tourism industry. The reviewed articles have been selected for the period 2013-2020 and have been classified into 8 broad categories namely business strategy and firm performance; banking and finance; healthcare; hospitality; networks and telecommunications; urbanism and infrastructures; law and legal regulations; and government. While the categories are reflective of components of tourism industries and infrastructures, the meta-analysis is organized around 3 broad themes: preferred research contexts, conceptual developments, and methods used to research big data business applications. Main findings revealed that firm performance and healthcare remain popular contexts of research in the big data realm, but also demonstrated a prominence of qualitative methods over mixed and quantitative methods for the period 2013-2020. Scholars have also investigated topics involving the notions of competitive advantage, supply chain management, smart cities, but also ethics and privacy issues as related to the use of big data.

• Informatization Policy
• /
• v.23 no.1
• /
• pp.3-19
• /
• 2016

The purpose of the study is to analyze the existing literature and to suggest future research directions in the big data security area. This study identifies 62 research articles and analyses their publication year, publication media, general research approach, specific research method, and research topic. According to the results of the analyses, big data security research is at its intial stage in which non-empirical studies and research dealing with technical issues are dominant. From the research topic perspective, the area demonstrates the signs of initial research stage in which proportion of the macro studies dealing with overall issues is far higher than the micro ones covering specific implementation methods and sectoral issues. A few promising topics for future research include overarching framework on big data security, big data security methods for different industries, and government policies on big data security. Currently, the big data security area does not have sufficient research results. In the future, studies covering various topics in big data security from multiple perspectives are anticipated.

• Korean journal of communication and information
• /
• v.80
• /
• pp.143-166
• /
• 2016

Recently, industrial values of big data as an important force of future society have been vastly paid attention. At the same time, more concerns about their private informations' disclosure online still echo around us, especially for them who have experiences of their personal information open online. This study aims to examine the questions; how people think about their personal information revealed online?; how much they have 'psychological reactance'?; what attitudes they have toward a certain governmental regulations on this? The findings of this study indicate that we should have more attentions to protect 'privacy' in the age of big-data and still need to make a lot of efforts to prepare a feasible regulation guide on this issue.

• Asia pacific journal of information systems
• /
• v.24 no.1
• /
• pp.93-112
• /
• 2014

As personal data breach reared up as a problem domestically and globally, organizations appointing chief privacy officers (CPOs) are increasing. Related Korean laws, 'Personal Data Protection Act' and 'the Act on Promotion of Information and Communication Network Utilization and Information Protection, etc.' require personal data processing organizations to appoint CPOs. Research on the characteristics and role of CPO is called for because of the importance of CPO being emphasized. There are many researches on top management's role and their impact on organizational performance using the Upper Echelon theory. This study investigates what influence the characteristics of CPO gives on the organizational privacy performance. CPO's definition varies depending on industry, organization size, required responsibility and power. This study defines CPO as 'a person who takes responsibility for all the duties on handling the organization's privacy,' This research assumes that CPO characteristics such as role, personality and background knowledge have an influence on the organizational privacy performance. This study applies the part relevant to the upper echelon's characteristics and performance of the executives (CEOs, CIOs etc.) for CPO. First, following Mintzberg and other managerial role classification, information, strategic, and diplomacy roles are defined as the role of CPO. Second, the "Big Five" taxonomy on individual's personality was suggested in 1990. Among these five personalities, extraversion and conscientiousness are drawn as the personality characteristics of CPO. Third, advance study suggests complex knowledge of technology, law and business is necessary for CPO. Technical, legal, and business background knowledge are drawn as the background knowledge of CPO. To test this model empirically, 120 samples of data collected from CPOs of domestic organizations are used. Factor analysis is carried out and convergent validity and discriminant validity were verified using SPSS and Smart PLS, and the causal relationships between the CPO's role, personality, background knowledge and the organizational privacy performance are analyzed as well. The result of the analysis shows that CPO's diplomacy role and strategic role have significant impacts on organizational privacy performance. This reveals that CPO's active communication with other organizations is needed. Differentiated privacy policy or strategy of organizations is also important. Legal background knowledge and technical background knowledge were also found to be significant determinants to organizational privacy performance. In addition, CPOs conscientiousness has a positive impact on organizational privacy performance. The practical implication of this study is as follows: First, the research can be a yardstick for judgment when companies select CPOs and vest authority in them. Second, not only companies but also CPOs can judge what ability they should concentrate on for development of their career relevant to their job through results of this research. Cultural social value, citizen's consensus on the right to privacy, expected CPO's role will change in process of time. In future study, long-term time-series analysis based research can reveal these changes and can also offer practical implications for government and private organization's policy making on information privacy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.1043-1063
• /
• 2019

With delegating proxy to process data before outsourcing, data owners in restricted access could enjoy flexible and powerful cloud storage service for productivity, but still confront with data integrity breach. Identity-based data auditing as a critical technology, could address this security concern efficiently and eliminate complicated owners' public key certificates management issue. Recently, Yu et al. proposed an Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy Processing (https://doi.org/10.3837/tiis.2017.10.019). It aims to offer identity-based, privacy-preserving and batch auditing for multiple owners' data on different clouds, while allowing proxy processing. In this article, we first demonstrate this scheme is insecure in the sense that malicious cloud could pass integrity auditing without original data. Additionally, clouds and owners are able to recover proxy's private key and thus impersonate it to forge tags for any data. Secondly, we propose an improved scheme with provable security in the random oracle model, to achieve desirable secure identity based privacy-preserving batch public auditing with proxy processing. Thirdly, based on theoretical analysis and performance simulation, our scheme shows better efficiency over existing identity-based auditing scheme with proxy processing on single owner and single cloud effort, which will benefit secure big data storage if extrapolating in real application.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.3
• /
• pp.1100-1118
• /
• 2021

In a wide range of ML applications, the training data contains privacy-sensitive information that should be kept secure. Training the ML systems by privacy-sensitive data makes the ML model inherent to the data. As the structure of the model has been fine-tuned by training data, the model can be abused for accessing the data by the estimation in a reverse process called model inversion attack (MIA). Although, MIA has been applied to shallow neural network models of recognizers in literature and its threat in privacy violation has been approved, in the case of a deep learning (DL) model, its efficiency was under question. It was due to the complexity of a DL model structure, big number of DL model parameters, the huge size of training data, big number of registered users to a DL model and thereof big number of class labels. This research work first analyses the possibility of MIA on a deep learning model of a recognition system, namely a face recognizer. Second, despite the conventional MIA under the white box scenario of having partial access to the users' non-sensitive information in addition to the model structure, the MIA is implemented on a deep face recognition system by just having the model structure and parameters but not any user information. In this aspect, it is under a semi-white box scenario or in other words a gray-box scenario. The experimental results in targeting five registered users of a CNN-based face recognition system approve the possibility of regeneration of users' face images even for a deep model by MIA under a gray box scenario. Although, for some images the evaluation recognition score is low and the generated images are not easily recognizable, but for some other images the score is high and facial features of the targeted identities are observable. The objective and subjective evaluations demonstrate that privacy cyber-attack by MIA on a deep recognition system not only is feasible but also is a serious threat with increasing alert state in the future as there is considerable potential for integration more advanced ML techniques to MIA.