• International Journal of Internet, Broadcasting and Communication
• /
• v.15 no.3
• /
• pp.191-202
• /
• 2023

This study aims to propose a framework for evaluating the impact of artificial intelligence (AI) services, based on the concept of AI service impact. It also suggests a model for evaluating this impact and identifies relevant factors and measurement approaches for each item of the model. The study classifies the impact of AI services into five categories: ethics, safety and reliability, compliance, user rights, and environmental friendliness. It discusses these five categories from a broad perspective and provides 21 detailed factors for evaluating each category. In terms of ethics, the study introduces three additional factors-accessibility, openness, and fairness-to the ten items initially developed by KISDI. In the safety and reliability category, the study excludes factors such as dependability, policy, compliance, and awareness improvement as they can be better addressed from a technical perspective. The compliance category includes factors such as human rights protection, privacy protection, non-infringement, publicness, accountability, safety, transparency, policy compliance, and explainability.For the user rights category, the study excludes factors such as publicness, data management, policy compliance, awareness improvement, recoverability, openness, and accuracy. The environmental friendliness category encompasses diversity, publicness, dependability, transparency, awareness improvement, recoverability, and openness.This study lays the foundation for further related research and contributes to the establishment of relevant policies by establishing a model for evaluating the impact of AI services. Future research is required to assess the validity of the developed indicators and provide specific evaluation items for practical use, based on expert evaluations.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.18 no.1
• /
• pp.37-45
• /
• 2022

With the development of the 4th industry, big data using AI is being used in many areas of our lives, and the importance of data is increasing accordingly. In particular, as various services using personal information appear and hacking attacks that exploit them appear in various ways, the importance of personal information management is increasing. Personal information must be managed safely even when collecting, retaining, using, providing, and destroying personal information, and the rights of information subjects must be protected. In this paper, an analysis was performed on the notification of usage history during the protection of the rights of information subjects using the MyData model. According to the Personal Information Protection Act, users must be periodically notified of the use of personal information, so we notify each individual of the use of personal information through e-mail or SNS once a year. It is difficult to understand and manage which company use my personal information. Therefore, in this paper, a personal information usage history notification system model was proposed, and as a result of performance analysis, it is possible to provide the controllability, availability, integrity, source authentication, and personal information self-determination rights.

• Convergence Security Journal
• /
• v.24 no.3
• /
• pp.81-93
• /
• 2024

The purpose of this paper is to derive considerations when improving the Personal Information Protection Act based on the personal information protection life cycle of the generative artificial intelligence model as generative artificial intelligence models are introduced and used in Korea a lot. Through the study, the necessity of using open information in the collection stage, using personal information preservation technology in the learning stage, and preparing the basis for the development of protection technology in the holding stage was derived. It also revealed the necessity of managing the generated information in the generation and inference stage, re-learning in the limitation and destruction stage, and preparing a filtering basis. It is expected that the results of this study can be used to revise the Personal Information Protection Act and make policies in the future.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.657-660
• /
• 2021

A video information processing system (CCTV) requires comprehensive administrative, physical, and technical security management to collect, transmit and store sensitive information. However, there are no regulations related to video information processing, certification methods for the technology used, and application standards suitable for security technology. In this paper, we propose a cryptography, certification, protection, system (CCPS) model that can protect the system by including encryption technology for application to the video information processing system and authentication measures for the technology used in the system configuration.

• Annual Conference of KIPS
• /
• 2022.11a
• /
• pp.377-379
• /
• 2022

POI refers to the point of Interest in Location-Based Social Networks (LBSNs). With the rapid development of mobile devices, GPS, and the Web (web2.0 and 3.0), LBSNs have attracted many users to share their information, physical location (real-time location), and interesting places. The tremendous demand of the user in LBSNs leads the recommendation systems (RSs) to become more widespread attention. Recommendation systems assist users in discovering interesting local attractions or facilities and help social network service (SNS) providers based on user locations. Therefore, it plays a vital role in LBSNs, namely POI recommendation system. In the machine learning model, most of the training data are stored in the centralized data storage, so information that belongs to the user will store in the centralized storage, and users may face privacy issues. Moreover, sharing the information may have safety concerns because of uploading or sharing their real-time location with others through social network media. According to the privacy concern issue, the paper proposes a recommendation model to prevent user privacy and eliminate traditional RS problems such as cold-start and data sparsity.

• Advanced Industrial SCIence
• /
• v.3 no.3
• /
• pp.8-13
• /
• 2024

Zero Knowledge Proof (ZKP) is an innovative decentralized technology designed to enhance the privacy and security of virtual currency transactions. By ensuring that only the necessary information is disclosed by the transaction provider, ZKP protects the confidentiality of all parties involved. This ensures that both the identity of the transacting parties and the transaction value remain confidential.ZKP not only provides a robust privacy function by concealing the identities and values involved in blockchain transactions but also facilitates the exchange of money between parties without the need to verify each other's identity. This anonymity feature is crucial in promoting trust and security in financial transactions, making ZKP a pivotal technology in the realm of virtual currencies. In the context of the Fourth Industrial Revolution, the application of ZKP contributes significantly to the comprehensive and stable development of financial services. It fosters a trustworthy user environment by ensuring that transaction privacy is maintained, thereby encouraging broader adoption of virtual currencies. By integrating ZKP, financial services can achieve a higher level of security and trust, essential for the continued growth and innovation within the sector.

• Information Systems Review
• /
• v.20 no.1
• /
• pp.17-39
• /
• 2018

SNS enables people to easily connect and communicate with each other. People share information, including personal information, through SNS. Users are concerned about their privacies, but they unconsciously or consciously disclose their personal information on SNS to interact with others. The privacy of a self-disclosed person can be intruded by others. A person can write, fabricate, or distribute a story using the disclosed information of another even without obtaining consent from the information owner. Many studies focused on privacy intrusion, especially from the perspective of a victim. However, only a few studies examined privacy intrusion from the perspective of an intruder on SNS. This study focuses on the intention of privacy intrusion from the perspective of an intruder on SNS and the factors that affect intention. Privacy intrusion intentions are categorized into two types. The first type is intrusion of privacy by writing one's personal information without obtaining consent from the information owner;, whereas the other type pertains to intrusion of privacy by distributing one's personal information without obtaining consent from the information owner. A research model is developed based on motivation theory to identify how these factors affect these two types of privacy intrusion intentions on SNS. From the perspective of motivation theory, we draw one extrinsic motivational factor (response cost) and four intrinsic motivational factors, namely, perceived enjoyment, experience of being intruded on privacy, experience of invading someone's privacy, and punishment behavior. After analyzing 202survey data, we conclude that different factors affect these two types of privacy intrusion intention. However, no relationship was found between the two types of privacy intrusion intentions. One of the most interesting findings is that the experience of privacy intrusion is the most significant factor related to the two types of privacy intrusion intentions. The findings contribute to the literature on privacy by suggesting two types of privacy intrusion intentions on SNS and identifying their antecedents from the perspective of an intruder. Practitioners can also use the findings to develop SNS applications that can improve protection of user privacies and legitimize proper regulations relevant to online privacy.

• Journal of Digital Convergence
• /
• v.11 no.1
• /
• pp.99-106
• /
• 2013

Personal information protection has become one of the most impending business issues because leakage of personal information can cause tremendous financial losses and image degradation. Consequently, personal information protection initiatives have been recognized widely in business. To invigorate personal information protection investments, performance measurement method such as cost benefits analysis or qualitative analyses are needed, which have not been studied enough in the previous studies. This study proposes a performance measurement model which can include quantitative and qualitative analyses in the context of personal information protection investments. A comparative analysis has been performed on security investment and IT investment performance measurements, which leads to choose the WiBe method (developed by the German Interior Ministry), considering the privacy characteristics and the method's applicability. In particular, the quantitative effect measured how proactive threat assessment based on the way according to the nature of the businesses and organizations of privacy and possible investment decisions. This study proposes the 16 performance indicators, which turn out to be meaningful in terms of their materiality and feasibility by conducting focus group interviews of 25 experts on personal information protection.

• Informatization Policy
• /
• v.22 no.1
• /
• pp.47-72
• /
• 2015

According to the progress of national informatization throughout the world, infringement and threaten of privacy are happening in a variety of fields, so government is providing information security policy. In particular, South Korea has enhanced personal impact assessment based on the law of personal information protection law(2011). But it is not enough to effect the necessary cost calculation standards and changeable factors to effect PIA. That is, the budgets for PIA was calculated lower than the basic budget suggested by Ministry of Government Administration Home affairs(2011). Therefore, this study reviewed the cost calculation basis based on the literature review, cost basis of similar systems, and reports of PIA and obtained to the standard with Delphi analysis. As a result, the standards of PIA is consisted to the primary labors and is utilized to how the weights by division of target system, construction and operating costs of target system, type of target systems, etc. Thus, the results of this study tried to contribute to ensure the reliability of PIA as well as the transparency of the budget for privacy in public sector.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.5
• /
• pp.294-301
• /
• 2017

Recently, online social networks have become one of the most representative Internet services and are being used increasingly, which allows people to share information and interact with other people. On the other hand, as the use of OSN is increased, there has been an increased incidence where illegally accessed personal information is used wrongfully. Accordingly, privacy has become a key concern by the users. Regarding the construct of information privacy concerns (IPC), this study explored the antecedents of IPC at the individual personal level - risk appraisal and perceived behavioral control - based on Protection Motivation Theory. Hence, the current paper investigated the moderating effect of gender in the relationship between individual characteristics and IPC. The hypothesized research model was examined with 233 questionnaires of OSN users. The results showed that the positive effects of risk appraisal and the negative effects of perceived behavioral control on IPC are supported. In addition, the moderate effects of gender between risk appraisal and IPC is only supported.