• International Journal of Computer Science & Network Security
• /
• v.24 no.9
• /
• pp.50-62
• /
• 2024

The decision to integrate mobile cloud computing (MCC) in higher education without first defining suitable usage scenarios is a global issue as the usage of such services becomes extensive. Consequently, this study investigates the security determinants of the educational use of mobile cloud computing among universities' students. This study proposes and develops a theoretical model by adopting and modifying the Protection Motivation Theory (PMT). The study's findings show that a significant amount of variance in MCC adoption was explained by the proposed model. MCC adoption intention was shown to be highly influenced by threat appraisal and coping appraisal factors. Perceived severity alone explains 37.8% of students "Intention" to adopt MCC applications, which indicates the student's perception of the degree of harm that would happen can hinder them from using MCC. It encompasses concerns about data security, privacy breaches, and academic integrity issues. Response cost, perceived vulnerability and response efficacy also have significant influence on students "intention" by 18.8%, 17.7%, and 6.7%, respectively.

• International Journal of Computer Science & Network Security
• /
• v.24 no.8
• /
• pp.105-118
• /
• 2024

The decision to integrate mobile cloud computing (MCC) in higher education without first defining suitable usage scenarios is a global issue as the usage of such services becomes extensive. Consequently, this study investigates the security determinants of the educational use of mobile cloud computing among universities students. This study proposes and develops a theoretical model by adopting and modifying the Protection Motivation Theory (PMT). The studys findings show that a significant amount of variance in MCC adoption was explained by the proposed model. MCC adoption intention was shown to be highly influenced by threat appraisal and coping appraisal factors. Perceived severity alone explains 37.8% of students "Intention" to adopt MCC applications, which indicates the student's perception of the degree of harm that would happen can hinder them from using MCC. It encompasses concerns about data security, privacy breaches, and academic integrity issues. Response cost, perceived vulnerability and response efficacy also have significant influence on students "intention" by 18.8%, 17.7%, and 6.7%, respectively.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.4
• /
• pp.109-115
• /
• 2016

Life log started with the simple purpose of recording or sharing mainly data regarding one's personal life, but with the introduction of advanced specialized analytic methods by many corporations, a new type of business based on the life log recently emerged, with an aim of improving the quality of people's personal lives. In spite of the indispensable advantages, however, personal health lifelog service brings critical challenges that cannot be avoided from user side if the security of the data is concerned. The problem of user's privacy infringement and leaking user's sensitive medical information is increasing with the revitalization of personal health lifelog services. In this paper, we propose an information security reference model for the personal health lifelog services. Our proposal can contribute to increase the related industry to cultivate new market by suggesting the clear announcement of the guidelines using privacy protection reference model for user-specific healthcare services which uses personal lifelog.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.79-88
• /
• 2020

Business consignment using personal information is increasing for the operating profit and work efficiency of Internet companies. If the personal information leakage accident occurs at the consignee, the consigner who provided personal information will be damaged greatly. The purpose of this study is to analyze the business attributes of consignee using consigned personal information and present a model that can be used to select companies with high risk of personal information leakage by considering the importance of the involved personal information. For this, personal information consignment relations, consignment services, and personal information items used were analyzed. Social network analysis and cluster analysis were applied to select companies with high network centrality that are advisable to obtain information security certification. The results of this study could be used to establish information protection strategies for private or public enterprises that manage companies using personal information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.1037-1055
• /
• 2016

After the enactment of the Personal Information Protection Act, policies and activities for the personal information protection have been actively promoted. However the people are showing negative attitudes about personal information, as the ongoing personal data leakages. Therefore, authors tried to empirical analysis of the effectiveness of national policy on the protection of personal information, using SERVQUAL model, focused on the people's perception, in order to identify that how the people recognized current policy. Authors find that the public has perceived the effectiveness of the policy positively, but the level of their awareness is low. And we identify that the people are highly aware of the policy's effectiveness for Immediacy, Convenience and Responsibility, while they have the lowest effectiveness for Efficiency. The policy's improvement focused on the public's low expectations/perceptions and effectiveness awareness, is required in order to develop people-oriented national privacy policy that are satisfied by the people.

• Journal of Digital Convergence
• /
• v.14 no.2
• /
• pp.191-196
• /
• 2016

The organizations and companies establish personal information protection policy under the law and guidelines. They carry out access control without consideration for distinctiveness of the information although the damage degree varies when the information is leaked. Considering the distinctiveness, a policy needs to be made for individuals to protect his personal information. However, he is not able to write the policy because of lack of understanding the system. To write his own policy efficiently, the system that authorizes ones according to service list provided by organizations is necessary. This paper suggests the model and method that write personal policy for his information protection based on the service list provided by organizations. Through this model, fine-grained authorization and policy change are easily made and ultimately the access control customized according to one's own information is possible.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.20 no.5
• /
• pp.659-664
• /
• 2010

This paper provides an integrated framework for biometric data and private information protection in TeleHealth. Biometric technology is indispensable in providing identification and convenience in the TeleHealth environment. Once biometric information is exposed to mallicious attacker, he will suffer great loss from the illegferuse of his biometric data by someone else because of difficulty of change not like ID and password. We have to buil by someone esystem data bon the integrated framework for biometric data and private information protection in TeleHealth. First, we consider the structure of the biometric system and the security requirements of y someone esystem data bon the biometrics. And then, we define the TeleHealth system model and provide the vulnerabilities and countermeasures of the biometric-data by someone eintegrated model.byhe TeleHealth sse bec requires two-phata authentication for countermeasure. Finally, we made some functionferrequirements for main componenets of biometric-data bintegrated TeleHealth system framework to protect biometric data.

• Journal of Internet Computing and Services
• /
• v.10 no.4
• /
• pp.139-149
• /
• 2009

In order to verify that a lot of legal requirements and regulations are correctly translated into software, this paper provides a solution for formal and computable representations of rules and requirements in data protection legislations with a DSML (Domain Specific Modeling Language). All policies are formally specified through Prolog and then integrated with DSML, According to the time of policy verification, this solution has two kinds of policies: static policies, dynamic policies.

• Journal of KIBIM
• /
• v.14 no.1
• /
• pp.30-38
• /
• 2024

This study aims to propose a smart city governance logic model that can accommodate more diverse information service systems by mixing hub-and-spoke and blockchain technologies as a data management model. Specifically, the research focuses on deriving the logic of an operating system that can work across smart city planning based on the two data governance technologies. The first step of the logic is the generation and collection of information, which is first divided into information that requires information protection and information that can be shared with the public, and the information that requires privacy is blockchainized, and the shared information is integrated and aggregated in a data hub. The next step is the processing and use of the information, which can actively use the blockchain technology, but for the information that can be shared other than the protected information, the governance logic is built in parallel with the hub-and-spoke type. Next is the logic of the distribution stage, where the key is to establish a service contact point between service providers and beneficiaries. Also, This study proposes the establishment of a one-to-one data exchange relationship between information providers, information consumers, and information processors. Finally, in order to expand and promote citizen participation opportunities through a reasonable compensation system in the operation of smart cities, we developed virtual currency as a local currency and designed an open operation logic of local virtual currency that can operate in the compensation dimension of information.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.4
• /
• pp.1-9
• /
• 2021

In this paper, we propose a training algorithm of support vector machine (SVM) with a sensitive variable. Although machine learning models enable automatic decision making in the real world applications, regulations prohibit sensitive information from being used to protect privacy. In particular, the privacy protection of the legally protected attributes such as race, gender, and disability is compulsory. We present an efficient least square SVM (LSSVM) training algorithm using a fully homomorphic encryption (FHE) to protect a partial sensitive attribute. Our framework posits that data owner has both non-sensitive attributes and a sensitive attribute while machine learning service provider (MLSP) can get non-sensitive attributes and an encrypted sensitive attribute. As a result, data owner can obtain the encrypted model parameters without exposing their sensitive information to MLSP. In the inference phase, both non-sensitive attributes and a sensitive attribute are encrypted, and all computations should be conducted on encrypted domain. Through the experiments on real data, we identify that our proposed method enables to implement privacy-preserving sensitive LSSVM with FHE that has comparable performance with the original LSSVM algorithm. In addition, we demonstrate that the efficient sensitive LSSVM with FHE significantly improves the computational cost with a small degradation of performance.