• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.501-522
• /
• 2016

In the digital era, information is a source of value creation. However, the growing importance of knowledge and information also increases risks and threats. When information is leaked, full recovery is difficult, and additional spreading of risk is high because it is easy to accomplish. Especially personal information is the main target due to its availability. Although individuals normally have to consent to the use of their personal information, they often do not know the use of their information. In such a difficult situation, one must exercise self-determination and privacy. Therefore, the goal of this study is to development a privacy literacy level measurement model for the proper exercise of the right to informational self-determination. It will be presented with the concept of privacy literacy index in order to determine the level of knowledge and understanding and practical application skills for individual. Through the index, we going to enhance the selection ability of information subject, and to promote the judgement and the determination capability for the protection and utilization of personal information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1245-1255
• /
• 2015

As cloud computing services become popular, the concern on the data security of cloud services increases and the efforts for the data security become essential. In this paper, we describe the pros and cons of cloud computing including the definition of cloud. Then, we discuss the regulations about the protection of user data defined in cloud promotion act. Previous studies related to the privacy protection and the entrustment of personal information in cloud computing are reviewed. We examine how to store the personal information depending on the cloud service model. As a result, we argue that the entrustment of personal information should vary according to the cloud service model and we propose how to protect the personal information on IaaS and SaaS cloud service models.

• Journal of Convergence for Information Technology
• /
• v.8 no.5
• /
• pp.107-113
• /
• 2018

With the rapid development of big data and Internet technologies among IT technologies, it is being changed into an environment where data stored in the cloud environment can be used wherever the Internet is connected, without storing important data in an external storage device such as USB. However, protection of users' privacy information is becoming increasingly important as the data being processed in the cloud environment is changed into an environment that can be easily handled. In this paper, we propose a user-reserving management model that can improve the user 's service quality without exposing the information used in the cloud environment to a third party. In the proposed model, user group is grouped into virtual environment so that third party can not handle user's privacy information among data processed in various cloud environments, and then identity property and access control policy are processed by block chain.

• Journal of KIISE:Databases
• /
• v.31 no.6
• /
• pp.684-698
• /
• 2004

The Hippocratic database model recently proposed by Agrawal et al. incorporates privacy protection capabilities into relational databases. Since the Hippocratic database is based on the relational database, it needs extensions to be adapted for XML databases. In this paper, we propose the Hippocratic XML database model, an extension of the Hippocratic database model for XML databases and present an efficient access control mechanism under this model. In contrast to relational data, XML data have tree-like hierarchies. Thus, in order to manage these hierarchies of XML data, we extend and formally define such concepts presented in the Hippocratic database model as privacy preferences, privacy policies, privacy authorizations, and usage purposes of data records. Next, we present a new mechanism, which we call the authorization index, that is used in the access control mechanism. This authorization index, which is Implemented using a multi-dimensional index, allows us to efficiently search authorizations implied by the authorization granted on the nearest ancestor using the nearest neighbor search technique. Using synthetic and real data, we have performed extensive experiments comparing query processing time with those of existing access control mechanisms. The results show that the proposed access control mechanism improves the wall clock time by up to 13.6 times over the top-down access control strategy and by up to 20.3 times over the bottom-up access control strategy The major contributions of our paper are 1) extending the Hippocratic database model into the Hippocratic XML database model and 2) proposing an efficient across control mechanism that uses the authorization index and nearest neighbor search technique under this model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.39-52
• /
• 2006

Recently purpose is used by an crucial part to security management when collecting data about privacy. The W3C(World Wide Web Consortium) describes a standard spec to control personal data that is provided by data providers who visit the web site. But they don't say anymore about security management about personal data in transit after data collection. Recently several researches, such as Hippocratic Databases, Purpose Based Access Control and Hippocratic in Databases, are dealing with security management using purpose concept and access control mechanism after data collection a W3C's standard spec about data collection mechanism but they couldn't suggest an efficient mechanism for privacy protection about personal data because they couldn't represent purpose expression and management of purposes sufficiently. In this paper we suggest a mechanism to improve the purpose expression. And then we suggest an accesscontrol mechanism that is under least privilege principle using the purpose classification for privacy protection. We classify purpose into Along purpose structure, Inheritance purpose structure and Stream purpose structure. We suggest different mechanisms to deal with then We use the role hierarchy structure of RBAC(Role-Based Access Control) for flexibility about access control and suggest mechanisms that provide the least privilege for processing the task in case that is satisfying using several features of purpose to get least privilege of a task that is a nit of business process.

• Journal of Korean Clinical Nursing Research
• /
• v.29 no.3
• /
• pp.261-270
• /
• 2023

Purpose: This study aimed to identify the influence of knowledge of personal information protection law and nursing patient advocacy on practice of personal information protection among nurses. Methods: The subjects were 130 nurses who have worked for six months or more in the ward of the tertiary or general hospitals. Data were collected from February 20 to March 3, 2023. Results: Factors influencing practice of personal information protection were acting as an advocate (β=.32, p=.004), environmental and educational influences (β=.21, p=.040), knowledge of personal information protection law (β=.19, p=.013) and clinical experience for five years or more but less than ten years (β=.17, p=.036). The regression model showed an explanatory power of 34.0%. Conclusion: Acting as an advocate has the most effect on practice of personal information protection. To promote practice of personal information protection for nurses, it is necessary to provide education related to privacy protection and encourage nursing patient advocacy.

• The Journal of the Convergence on Culture Technology
• /
• v.10 no.1
• /
• pp.435-441
• /
• 2024

In order for the large amount of collected data sets to be used as deep learning training data, sensitive personal information such as resident registration number and disease information must be changed or encrypted to prevent it from being exposed to hackers, and the data must be reconstructed to match the structure of the built deep learning model. Currently, these tasks are performed manually by experts, which takes a lot of time and money. To solve these problems, this paper proposes a technique that can automatically perform data processing tasks to protect personal information during the deep learning process. In the proposed technique, privacy protection tasks are performed based on data generalization and data reconstruction tasks are performed using circular queues. To verify the validity of the proposed technique, it was directly implemented using C language. As a result of the verification, it was confirmed that data generalization was performed normally and data reconstruction suitable for the deep learning model was performed properly.

• The KIPS Transactions:PartB
• /
• v.18B no.6
• /
• pp.385-388
• /
• 2011

Patients' privacy protection is a heated issue in medical business, as medical information in digital format transmit everywhere through networks without any limitation. A current protection method for brain images is to deface from the brain image for patient's privacy. However, the defacing process often removes important brain voxels so that the defaced brain image is damaged for medical analysis. An ad-hoc method is proposed to conceal patient's identification by adding cylindrical mask, while the brain keep all important brain voxels. The proposed lossless deformation of brain image is verified not to loose any important voxels. Futhermore, the masked brain image is proved not to be recognized by others.

• Management & Information Systems Review
• /
• v.35 no.1
• /
• pp.207-233
• /
• 2016

Currently mobile messenger industry, based on mobile application, is growing. And it has aroused innovative change, offering services in various forms beyond the form simply sharing messengers. Also because messenger securities are becoming personalized and intelligent, the importance of more diverse mobile applications' securities is increasing. This study carries out the empirical study of the causal relationship that the factors of using application services influence on security recognition and security Intention of mobile securities, and consequentially impact upon protection of personal information of users. In order that, we present the research model which prime variables of SDT, which emphasized on natural immanent motivation of human, applied to. To verify the research model of this study empirically, we conducted a survey targeting the public and university students which have ever used mobile messenger applications. With this, we desire to contribute to emphasizing the significance of individual messenger security and playing a positive role to develop security guide for consumers. The path analysis results are as follows. First, perceived autonomy has a positive effect on both security awareness and security intention. Second, perceived competence has a positive effect on security intention. Third, perceived relatedness has a positive effect on both security awareness and security intention. Last, security awareness and security intention. have a positive effect on privacy protection behavior. Through emphasizing the importance of the security of the messenger of individuals and contribute to a positive role for development of the necessary security guidelines to consumers.

• Journal of the Korea Safety Management & Science
• /
• v.10 no.3
• /
• pp.145-154
• /
• 2008

The Location Based Services (LBS) comprise spatial information and mobile technology allow users to receive various services based on Global Positioning Systems (GPS). Although, spatial information based services are very useful, it has lots of possibility to damage privacy protection. But the contents of the legislation by government have problems conflicted between protection of a person's location information and invigoration LBS. Therefore, in this study suggest a causal model to deal with user satisfaction and factors affecting spatial information based services to customer perspective. The proposed research model is tested empirically with one hundred and forty one usable questionnaires and partial least square (PLS) method. Experimental results showed that the usefulness, playfulness, and service quality play a prominent role in influencing the spatial information services satisfaction compared to other factors. But, easy of use and perceived risk are not significant.