• Proceedings of the KSRS Conference
• /
• 2005.10a
• /
• pp.659-662
• /
• 2005

Recently, the need for LBS (Location Based Services) is increasing with the rapid growth of the location measurement units, mobile devices, and communication technologies. Especially, wireless carriers are concentrating on LBS since it is regarded as so-called 'killer application' among wireless data services. Although LBS give us convenience and useful information, its use also raises privacy issues. There are quite possibilities that the people's locations are tracked by location measurement units while people do not recognize the existence of the units. To protect a person's location information, lawful and technical aspects should be considered. In this paper, we explain issues, regulations, standards, and platforms related to the protection of the location information. Finally, we suggest the architecture of a platform complying with the regulations and standards. It considers various issues not covered in other studies.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.10
• /
• pp.5244-5259
• /
• 2019

With the continuous development of LBS (Location Based Service) applications, privacy protection has become an urgent problem to be solved. Differential privacy technology is based on strict mathematical theory that provides strong privacy guarantees where it supposes that the attacker has the worst-case background knowledge and that knowledge has been applied to different research directions such as data query, release, and mining. The difficulty of this research is how to ensure data availability while protecting privacy. Spatial multidimensional data are usually released by partitioning the domain into disjointed subsets, then generating a hierarchical index. The traditional data-dependent partition methods need to allocate a part of the privacy budgets for the partitioning process and split the budget among all the steps, which is inefficient. To address such issues, a novel two-step partition algorithm is proposed. First, we partition the original dataset into fixed grids, inject noise and synthesize a dataset according to the noisy count. Second, we perform IH-Tree (Improved H-Tree) partition on the synthetic dataset and use the resulting partition keys to split the original dataset. The algorithm can save the privacy budget allocated to the partitioning process and obtain a more accurate release. The algorithm has been tested on three real-world datasets and compares the accuracy with the state-of-the-art algorithms. The experimental results show that the relative errors of the range query are considerably reduced, especially on the large scale dataset.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.12
• /
• pp.6121-6144
• /
• 2019

Numerous privacy-preserving authentication schemes have been proposed but vehicular ad hoc networks (VANETs) still suffer from security and privacy issues as well as computation and communication overheads. In this paper, we proposed a robust conditional privacy-preserving authentication scheme based on pseudonym root with cuckoo filter to meet security and privacy requirements and reduce computation and communication overheads. In our proposed scheme, we used a new idea to generate pseudonyms for vehicles where each on-board unit (OBU) saves one pseudonym, named as "pseudonym root," and generates all pseudonyms from the same pseudonym. Therefore, OBU does not need to enlarge its storage. In addition, the scheme does not use bilinear pairing operation that causes computation overhead and has no certification revocation list that leads to computation and communication overheads. The proposed scheme has lightweight mutual authentication among all parties and just for once. Moreover, it provides strong anonymity to preserve privacy and resists ordinary attacks. We analyzed our proposed scheme and showed that it meets security and privacy requirements of VANETs and is more efficient than traditional schemes. The communication and computation overheads were also discussed to show the cost-effectiveness of the proposed scheme.

• Journal of Korea Society of Industrial Information Systems
• /
• v.15 no.5
• /
• pp.259-271
• /
• 2010

It is inevitable that personal privacy will be one of the most significant pressure points for most of the 2000s. Information privacy has been called one of the most important ethical issues in information age. It has become apparent that organizational practices, individuals' perceptions of these practices, and societal responses are very closely related in many ways. However, unfortunately, researches attempting to develop and validate an instrument that identifies and measures the primary dimensions of individuals' concerns about organizational information privacy practices were scarce. Based on a number of preliminary studies, this study tried to develop and validate an Korean organization oriented measurement instrument. This instrument is expected to be used as useful guide lines for the managers who are responsible for IT/IS ethical issues.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.11
• /
• pp.4145-4162
• /
• 2021

During the period of epidemic prevention and control, contact tracing systems are developed in many countries, to stop or slow down the progression of COVID-19 contamination. However, the privacy issues involved in the use of contact tracing apps have also attracted people's attention. First, we divide contact tracing techniques into two types: Bluetooth Low Energy (BLE) based and Global Positioning System (GPS) based techniques. In order to clear understand the system structure and its elements, we create data flow diagram (DFD) of each types. Second, we analyze the possible privacy threats contained in various types of contact tracing apps by applying LINDDUN, which is a threat modeling technique for personal information protection. Third, we make a comparison and analysis of various contact tracing techniques from privacy point of view. These studies can facilitate improve tracing and security performance to contact tracing apps through comparisons between different types.

• Journal of Research and Publication Ethics
• /
• v.3 no.2
• /
• pp.1-5
• /
• 2022

Purpose: Various ethical issues arise in different stages of management and business marketing research. The current study aims to take look at practices that ensure informed consent, privacy and confidentiality, deception, and legal aspect in data management in procedures involved in marketing research. Research design, data and methodology: Literature content analysis was conducted for this research and the current author has investigated journal articles mostly to guarantee a high degree of content validity and to keep the advantages of qualitative content approach. The current study explores manifest topics regarding the ethical issues of business marketing research. Results: The current study found that ethical consideration needs to be similarly significant and learning from the previous researchers' approach to handling this issue is helpful for future research and is essential to have additional guidelines. Also, four findings (Lack of Informed Consent, Deception, Invasion of Privacy and Confidentiality, and Legal Data Management) indicate that marketing researchers need to consider before undertaking any project. Conclusions: Overall, the study presents practical suggestions though unexhausted. By raising these ethical marketing issues, consumer behavior disciplines will continue to expand and contribute positively towards attaining thoughts, feelings, and decisions that positively contribute to marketing research as the foundation for effective marking practices.

• Journal of the Korean Society for Library and Information Science
• /
• v.47 no.3
• /
• pp.73-96
• /
• 2013

This study investigates how librarians view library user privacy. To this end, a four-part survey was conducted: respondents' opinions about the privacy of library users, the degree to which library records violate the users' privacy, the role libraries and librarians fulfill to ensure user privacy protection, and librarians' need for privacy education. Results showed that librarians were very aware of privacy issues, but they perceived that library users' privacy awareness was not high. In particular, they had little knowledge of what library records or which library tasks might have the potential to violate users' privacy. In addition, awareness efforts of librarians to ensure user privacy was very low. On the other hand, the need for library user privacy educational programs was shown to be very high, and the willingness to participate was also relatively high.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.121-134
• /
• 2009

Consumer-centric marketing business is surely one of the most successful emerging business but it poses a threat to personal privacy. Between the service provider and the user there are many contrary issues to each other. The enterprise asserts that to abuse the privacy data which is anonymous there is not a problem. The individual only will not be able to willingly submit the problem which is latent. Web traffic analysis technology itself doesn't create issues, but this technology when used on data of personal nature might cause concerns. The most criticized ethical issue involving web traffic analysis is the invasion of privacy. So we need to inspect how many and what kind of personal informations being used and if there is any illegal treatment of personal information. In this paper, we inspect the operation of consumer-centric marketing tools such as web log analysis solutions and data gathering services with web browser toolbar. Also we inspect Microsoft explorer-based toolbar application which records and analyzes personal web browsing pattern through reverse engineering technology. Finally, this identified and explored security and privacy requirement issues to develop more reliable solutions. This study is very important for the balanced development with personal privacy protection and web traffic analysis industry.

• Journal of the Korean Society for Library and Information Science
• /
• v.46 no.4
• /
• pp.207-242
• /
• 2012

A library privacy policy describes the library's willingness to protect the library users' personal information, and also serves as a code of conduct for library staff. In recent years, cases of privacy invasion have been growing exponentially in society as a whole, including at the library, and therefore the establishment and application of a privacy policy is becoming more important. In this study, we try to develop and propose the optimal library privacy policy. For this purpose, we derived implications by analyzing the domestic and international privacy laws and guidelines, investigating invasion of privacy cases at home and abroad, and studying different library privacy policies from libraries around the world. The library privacy policy that we propose in this study was created to be a guideline for librarians when dealing with privacy issues and is library specific, diverging in many ways from privacy guidelines used in other fields.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.6
• /
• pp.3199-3218
• /
• 2019

Location-based services (LBSs) have become popular in recent years due to the ever-increasing usage of smart mobile devices and mobile applications through networks. Although LBS application provides great benefits to mobile users, it also raises a sever privacy concern of users due to the untrusted service providers. In the lack of privacy enhancing mechanisms, most applications of the LBS may discourage the user's acceptance of location services in general, and endanger the user's privacy in particular. Therefore, it is a great interest to discuss on the recent privacy-preserving mechanisms in LBSs. Many existing location-privacy protection-mechanisms (LPPMs) make great efforts to increase the attacker's uncertainty on the user's actual whereabouts by generating a multiple of fake-locations together with user's actual positions. In this survey, we present a study and analysis of existing LPPMs and the state-of-art privacy measures in service quality aware LBS applications. We first study the general architecture of privacy qualification system for LBSs by surveying the existing framework and outlining its main feature components. We then give an overview of the basic privacy requirements to be considered in the design and evaluation of LPPMs. Furthermore, we discuss the classification and countermeasure solutions of existing LPPMs for mitigating the current LBS privacy protection challenges. These classifications include anonymization, obfuscation, and an encryption-based technique, as well as the combination of them is called a hybrid mechanism. Finally, we discuss several open issues and research challenges based on the latest progresses for on-going LBS and location privacy research.