• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6A
• /
• pp.151-162
• /
• 2008

As the innovative internet technologies and multimedia are being rapidly developed, digital content is a remarkable new growth industry and supplied by various channel. For example, domestic sales volume in digital contents marked an annual increase of 14.7% since 2003. Against the merits of digital content distribution, Information reengineering aspects are getting more serious issues in these days such as infringement of copyright, flood of inappropriate content, invasion and infringement of privacy, etc. In this paper, we are making a suggestion of the TDCDA-Trusted Digital Content Distribution Architecture in order to solve above problems. TDCDA is provided to how well-define and design the trusted path in digital contents distribution in internet environments using a secure distribution mechanism, digital content integrity and copyright protection. Finally, we also proposed the TDCDA algorithm and applicable guidelines for feasible approach in real computing environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.5
• /
• pp.59-66
• /
• 2006

A Certification Authority issues X.509 public key certificates to bind a public key to a subject. The subject is specified through one or more subject names in the 'subject' or 'subjectAltName' fields of a certificate. In reality, however, there are individuals that have the same or similar names. This ambiguity can be resolved by including a 'permanent identifier' in all certificates issued to the same subject, which is unique across multiple CAs. But, a person's unique identifier is regarded as a sensitive personal data. Such an identifier cannot simply be included as part of the subject field, since its disclosure may lead to misuse. We present a new method for secure and accurate user authentication through the PEPSI included in the standard certificate extension of a X.509 certificate. The PEPSI can be served not only for user authentication but also for the user anonymity without divulging personal information.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.255-263
• /
• 2021

Smart grid is a fully-automated, bi-directional, power transmission network based on the physical grid system, which combines sensor measurement, computer, information communication, and automatic control technology. Blockchain technology, with its security features, can be integrated with Smart Grids to provide secure and efficient power management and transmission. This paper dicusses the deployment of Blockchain technology in Smart Grid. It presents application areas and protocols in which blockchain can be applied to in securing smart grid. One application of each area is explored in detail, such as efficient peer-to-peer transaction, lower platform costs, faster processes, greater flexibility in power generation to transmission, distribution and power consumption in different energy storage systems, current barriers obstructing the implementation of blockchain applications with some level of maturity in financial services but concepts only in energy and other sectors. Wide range of energy applications suggesting a suitable blockchain architecture in smart grid operations, a sample block structure and the potential blockchain technicalities employed in it. Also, added with efficient data aggregation schemes based on the blockchain technology to overcome the challenges related to privacy and security in the smart grid. Later on, consensus algorithms and protocols are discussed. Monitoring of the usage and statistics of energy distribution systems that can also be used to remotely control energy flow to a particular area. Further, the discussion on the blockchain-based frameworks that helps in the diagnosis and maintenance of smart grid equipment. We have also discussed several commercial implementations of blockchain in the smart grid. Finally, various challenges have been discussed for integrating these technologies. Overall, it can be said at the present point in time that blockchain technology certainly shows a lot of potentials from a customer perspective too and should be further developed by market participants. The approaches seen thus far may have a disruptive effect in the future and might require additional regulatory intervention in an already tightly regulated energy market. If blockchains are to deliver benefits for consumers (whether as consumers or prosumers of energy), a strong focus on consumer issues will be needed.

• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.303-311
• /
• 2022

The tremendous growth of the Internet of things is unbelievable. Many IoT devices have emerged on the market over the last decade. This has made our everyday life easier inside our homes. The technology used at home has changed significantly over the past several decades, leading to what is known today as the smart home. However, this growth has also brought new challenges to our home security and privacy. With the smart home becoming more mainstream, cybersecurity issues have become a fundamental concern. The smart home is an environment where heterogeneous devices and appliances are interconnected through the Internet of Things (IoT) to provide smart services to residents. These services include home climate control, energy management, video on demand, music on-demand, remote healthcare, remote control, and other similar services in a ubiquitous manner. Smart home devices can be controlled via the Internet using smartphones. However, connecting smart home appliances to wireless networks and the Internet makes individuals vulnerable to malicious attacks. Remote access within the same environment or over the Internet requires an effective access control mechanism. This paper intends to shed light on how smart home devices are working as well as the type of security and privacy threats of the smart home. It also illustrated the types of authentication methods that can be used with smart home devices. In addition, a comparison of Smart home IoT-based security protocols was presented along with a security countermeasure that can be used in a smart home environment. Finally, a few open problems were mentioned as future research directions for researchers.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.13 no.4
• /
• pp.7-18
• /
• 2017

Electrical energy is one of the most important energy sources in modern society. Therefore, it is very important to control the supply and demand of electric power. However, the power consumption data needed to predict power demand may include the information about the private behavior of an individual, the analysis of which may raise privacy issues. In this paper, we propose a secure power demand forecasting method where regression analyses on power consumption data are conducted in a trusted execution environment provided by Intel SGX, keeping the power usage pattern of users private. We performed experiments using various regression equations and selected an equation which has the least error rate. We show that the average error rate of the proposed method is lower than those of the previous forecasting methods with privacy protection functionality.

• Korea Trade Review
• /
• v.48 no.3
• /
• pp.243-262
• /
• 2023

This study provides a systematic review of smart trade contracts, examining the research trends and theoretical background of utilizing smart contracts and blockchain technology for the digitalization and automation of trade contracts. Smart trade contracts are a concept that applies the automated contract system based on blockchain to trade-related transactions. The study analyzes the technical and legal challenges and proposes solutions. The technical aspect covers the development of smart contract platforms, scalability and performance improvements of blockchain networks, and security and privacy concerns. The legal aspect addresses the legal enforceability of smart contracts, automatic execution of contract conditions, and the responsibilities and obligations of contract parties. Smart trade contracts have been found to have applications in various industries such as international trade, supply chain management, finance, insurance, and energy, contributing to the ease of trade finance, efficiency of supply chains, and business model innovation. However, challenges remain in terms of legal regulations, interaction with existing legal frameworks, and technological aspects. Further research is needed, including empirical studies, business model innovation, resolution of legal issues, security and privacy considerations, standardization and collaboration, and user experience studies to address these challenges and explore additional aspects of smart trade contracts.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.5
• /
• pp.1009-1019
• /
• 2017

Mobile Edge Computing(MEC) is a emerging technology to cope with mobile traffic explosion and to provide a variety of services having specific requirements by means of running some functions at mobile edge nodes directly. For instance, caching function can be executed in order to offload mobile traffics, and safety services using real time video analytics can be delivered to users. So far, a myriad of methods and architectures for personalized service recommendation have been proposed, but there is no study on the subject which takes unique characteristics of mobile edge computing into account. To provide personalized services, acquiring users' context is of great significance. If the conventional personalized service model, which is server-side oriented, is applied to the mobile edge computing scheme, it may cause context isolation and privacy issues more severely. There are some advantages at mobile edge node with respect to context acquisition. Another notable characteristic at MEC scheme is that interaction between users and applications is very dynamic due to temporal relation. This paper proposes the local service recommendation platform architecture which encompasses these characteristics, and also discusses the personalized service recommendation mechanism to be able to mitigate context isolation problem and privacy issues.

• Korean Security Journal
• /
• no.29
• /
• pp.301-336
• /
• 2011

This exploratory study aims to review the risks and threats of social network services(SNSs), particularly focusing upon the policing perspective. This paper seeks to acknowledge the present risk/danger of SNSs and the very significance of establishing a strategic framework to effectively prevent and/or control criminal misuse of SNSs. This research thus advocates that proactive study on security issues and criminal aspects of SNSs and preventive countermeasures can play a significant role in policing the networked society in the time of digital/internet age. Social network sites have been increasingly attracting the attention of entrepreneurs, and academic researchers as well. In this exploratory article, the researcher tried to define concepts and features of SNSs and describe a variety of issues and threats posed by SNSs. After summarizing existing security risks, the researcher also investigated both the potential threats to privacy associated with SNSs, such as ID theft and fraud, and the very danger of SNSs in case of being utilized by terrorists and/or criminals, including cyber-criminals. In this study, the researcher primarily used literature reviews and empirical methods. The researcher thus conducted extensive case studies and literature reviews on SNSs. The literature reviews herein cover theoretical discussions on characteristics, usefulness, and/or potential danger/harm of SNSs. Through the literature review, the researcher also concentrated upon being able to identify a strategic framework for law enforcement to effectively prevent criminal misuse of SNSs The limitation of this study can be lack of statistical data and attempts to examine previously un-researched area in the field of SNS and its security risks and potential criminal misuse. Thus, to supplement this exploratory study, more objective theoretical models and/or statistical approaches would be needed to provide law enforcement with sustainable policing framework and contribute to suggesting policy implications.

• The Journal of KAIRB
• /
• v.4 no.1
• /
• pp.16-22
• /
• 2022

Purpose: The traditional ethical study only suggests a blurred insight on the research using medical big data, especially in this rapid-changing and demanding environment which is called "4th Industry Revolution." Current institutional/ethical issues in big data research need to approach with the thoughtful insight of past ethical study reflecting the understanding of present conditions of this study. This study aims to examine the ethical issues that are emerging in recent health care big data research. So, this study aims to survey the public perceptions on of health care big data as part of the process of public discourse and the acceptance of the utility and provision of big data research as a subject of health care information. In addition, the emerging ethical challenges and how to comply with ethical principles in accordance with principles of the Belmont report will be discussed. Methods: Survey was conducted from June 3th August to 6th September 2020. The online survey was conducted through voluntary participation through Internet users. A total of 319 people who completed the survey (±5.49%P [95% confidence level] were analyzed. Results: In the area of the public's perspective, the survey showed that the medical information is useful for new medical development, but it is also necessary to obtain consents from subjects in order to use that medical information for various research purposes. In addition, many people were more concerned about the possibility of re-identifying personal information in medical big data. Therefore, they mentioned the necessity of transparency and privacy protection in the use of medical information. Conclusion: Big data on medical care is a core resource for the development of medicine directly related to human life, and it is necessary to open up medical data in order to realize the public good. But the ethical principles should not be overlooked. The right to self-determination must be guaranteed by means of clear, diverse consent or withdrawal of subjects, and processed in a lawful, fair and transparent manner in the processing of personal information. In addition, scientific and ethical validity of medical big data research is indispensable. Such ethical healthcare data is the only key that will lead to innovation in the future.

• Management & Information Systems Review
• /
• v.28 no.1
• /
• pp.125-156
• /
• 2009

The primary purpose of this study is to identify the determinants of the users' satisfaction and commitment in personal media. For these purposes, we developed a research model based on the literature reviews of personal media, perceived risk and interactivity, satisfaction, and commitment. This study has identified four dimensions in the concept of perceived risk, such as privacy risk, social risk, time loss risk, and economic risk, and three dimensions in the concept of perceived interactivity, such as active control, two-way communication, and responsiveness. In survey, data were collected from 428 male and female who have an experience in personal media. Data was analyzed factor analysis, reliability analysis, measurement model analysis, and structural model analysis by utilizing SPSS 15.0 and AMOS 5.0 program. Analysis results of research model indicate the following. Firstly, privacy risk, active control, two-way communication, and responsiveness are significantly related satisfaction. Secondly, privacy risk, time loss risk, economic risk, active control, and two-way communication are significantly related commitment. Thirdly, users' satisfaction has positive relationship with commitment in personal media. Based on these results, theoretical implications for relevant researchers and managerial implications for personal media vitalization and marketing strategy are discussed. Finally, limitations for this study and further research issues are suggested.