• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.5
• /
• pp.567-575
• /
• 2020

As online social networks are used as a critical medium for modern people's information sharing and relationship, their users are increasing rapidly every year. This not only increases usage but also surpasses the existing media in terms of information credibility. Therefore, emerging marketing strategies are deliberately attacking social networks. As a result, public opinion, which should be formed naturally, is artificially formed by online attacks, and many people trust it. Therefore, many studies have been conducted to detect agents attacking online social networks. In this paper, we analyze the trends of researches attempting to detect such online social network attackers, focusing on researches using social network graph characteristics. While the existing content-based techniques may represent classification errors due to privacy infringement and changes in attack strategies, the graph-based method proposes a more robust detection method using attacker patterns.

• The Journal of Information Systems
• /
• v.30 no.4
• /
• pp.119-152
• /
• 2021

The concept of Self-Sovereign Identity (SSI) has emerged to overcome the limitations of traditional centralized personal identity management systems in our society. Therefore, in this study, 36 seminal researches out of 112 collected studies were investigated with a systematic literature review method to deliver a core common definition as well as the research trends on SSI in the socioeconomic, legal and technological fields. SSI studies in the legal field have mainly considered the conflicts with relevant laws such as General Data Protection Regulation (GDPR) and privacy protection laws. The study of SSI in the technology field have looked at the trends of the technical components to implement SSI and discussed the necessities of establishing standards to increase interoperability for SSI diffusion worldwide. This study ultimately derived the core definition of SSI from a various academic fields as "a trust-based personal identity management system that enables autonomous self-identification by a identity owner without a centralized system or 3rd party intervention". The results of this study contribute to the understanding of the essential SSI concept which were varied on different research fields and industries. The results also provide a foundation for discovering various SSI-based business models, applications as well as future research opportunities. Furthermore, this study suggested that SSI must be developed with interdisciplinary manner among the socioeconomic, legal, and technological fields to be practically applicable system to enable autonomous self-identification by a identity owner in our society.

• International Journal of Computer Science & Network Security
• /
• v.22 no.2
• /
• pp.250-260
• /
• 2022

Mobile Banking Applications (MBAPs) is one of the recent fads in mobile trading applications (Apps). MBAPs permit users to execute exchanges of money and many more whenever it might suit them; however, the primary issue for mobile banking Apps is usability. Hardly any investigation analyzes usability issues dependent on user's age, gender, exchanging accomplices, or experience. The purpose of this study is to determine the degree of usability issues, and experience of mobile banking users. The survey employs a quantitative method and performs user experiment on 240 participants with six different tasks on the application's interface. The post experiment survey is done with concerning participants. On the other hand, banking experts and Information Technology (IT) expert's group is also involved after the experiment. Expert's opinions about existing mobile banking Apps and suggestions for improving usability of MBAPs are collected through physical means (like questionnaire and interview) and online means like Google form. After that comparison of the opinions of users and experts about MBAPs is performed. The experimentation measures the tasks usability of various mobile banking apps with respect to its effectiveness, efficiency, trustfulness, learnability, memorability and satisfaction. The usability testing was led at different Universities and the outcomes acquired show that there are privacy and trust issues with their mobile banking apps. There is also a gap between users and experts which should be minimized by applying customized usability models, modes concept like other application software and also by adding complete features of banking in MBAPs. It will benefit mobile banking apps users, developers and usability engineers by providing user-friendly which are up to the mark of user's requirements.

• Journal of Digital Convergence
• /
• v.20 no.2
• /
• pp.455-462
• /
• 2022

This study was conducted to find ways to utilize human-centered IT in caring for elderly people who live alone. Through focus group interviews with experts, this study investigated the problems with delivery system, and ethical issues. Problems such as lack of trust, supplier-centered care, and uniform service provision were derived as major problems in the delivery system. These findings indicate that IT should be used as an auxiliary means of face-to-face services and to be controllable and convenient. Issues such as "guaranteeing the right to self-determination," "protecting privacy," "sufficiently guaranteeing the right to know," and "encompassing blind spots" were raised as important ethical issues related to human-centered IT utilization. Based on the research results, this study presented the necessity of designing user-centered information technology and the necessity of developing ethical indicators for the use of human-centered technology.

• Journal of Korea Society of Industrial Information Systems
• /
• v.28 no.5
• /
• pp.41-54
• /
• 2023

Smart grid that supports efficient energy production and management is used in various fields and industries. However, because of the environment in which services are provided through open networks, it is essential to resolve trust issues regarding security vulnerabilities and privacy preservation. In particular, the identification information of smart meter is managed by a centralized server, which makes it vulnerable to security attacks such as device stolen, data forgery, alteration, and deletion. To solve these problems, this paper proposes a blockchain based authentication protocol for a smart meter. The proposed scheme issues an unique decentralized identifiers (DIDs) for individual smart meter through blockchain and utilizes a random values based on physical unclonable function (PUF) to strengthen the integrity and reliability of data. In addition, we analyze the security of the proposed scheme using informal security analysis and AVISPA simulation, and show the efficiency of the proposed scheme by comparing with related work.

• Journal of the Korean Society for information Management
• /
• v.41 no.1
• /
• pp.283-311
• /
• 2024

This study examined the factors affecting the intention of the public to share electronic medical records(EMR) based on the theory of reasoned action and the privacy calculus model. It also investigated whether the purpose of EMR sharing varies depending on personal characteristics, such as the degree of interest in health and personal medical history. According to an online survey of 145 people, altruistic enjoyment, awareness of personal information protection, recognition of legal and institutional roles, and interest in health had a positive impact on the level of EMR sharing, and trust in hospitals positively adjusted the relationship between recognition of legal and institutional roles and sharing intentions. Accordingly, we confirmed that the public recognized the role of the government and hospitals in the sharing process as necessary. The public interest benefits of sharing are critical to activating public participation in the sharing of EMR, and it is also essential to prepare guidelines that legally guarantee the security and proper use of EMR.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.801-809
• /
• 2024

In the digital age, the importance of personal information has magnified, underscoring the need for enhanced personal information protection, especially within public institutions. Despite ongoing efforts since 2007, significant breaches in public sector information underline persistent vulnerabilities. This study advocates for a transition from a diagnostic to an assessment framework to fortify privacy management in public institutions, as mandated by recent legislative revisions. The amended Personal Information Protection Act introduces an assessment approach, aiming to comprehensively assess and mitigate risks by expanding the scope of evaluation and implementing robust regulatory measures. This study examines the limitations of the current diagnostic practices through literature review and case analysis and proposes a systematic approach to adopting the new assesment system. By enhancing the assessment framework, the study expects to improve the effectiveness of personal information management in public institutions, thereby restoring public trust and ensuring a stable progression into a more secure digital era. The transition to an assessment system is designed not only to address the gaps in the current framework but also to provide a methodical assessment that supports ongoing improvement and compliance with enhanced legal standards.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.9
• /
• pp.79-89
• /
• 2013

Recently, the need for outsourcing sensitive data has grown due to the wide spreading of cost-effective and flexible cloud service. However, there is a fundamental concern in using such service since users have to trust external servers. Therefore, searchable encryption can be a very valuable tool to meet the security requirements of data outsourcing. However, most of work on searchable encryption focus only on privacy preserving search function and relatively lacks research on encryption mechanism used to actually encrypt data. Without a suitable latter mechanism, searchable encryption cannot be deployed in real world cloud services. In this paper, we analyze previously used and possible data encryption mechanisms for multi-user searchable encryption system and discuss their pros and cons. Our results show that readily available tools such as broadcast encryption, attribute-based encryption, and proxy re-encryption do not provide suitable solutions. The main problem with existing tools is that they may require separate fully trusted servers and the difficulty in preventing collusion attacks between outsiders and semi-trusted servers.

• The Korean Society of Law and Medicine
• /
• v.17 no.2
• /
• pp.315-346
• /
• 2016

With the development of big data processing technology, the potential value of healthcare big data has attracted much attention. In order to realize these potential values, various research using the healthcare big data are essential. However, the big data regulatory system centered on the Personal Information Protection Act does not take into account the aspect of big data as an economic material and causes many obstacles to utilize it as a research purpose. The regulatory system of healthcare information, centered on the primary purpose of patient treatment, should be improved in a way that is compatible with the development of technology and easy to use for public interest. To this end, it is necessary to examine the trends of overseas legal system reflecting the concerns about the balance of protection and utilization of personal information. Based on the implications of the overseas legal system, we can derive improvement points in the following directions from our legal system. First, a legal system that specializes in healthcare information and encompasses protection and utilization is needed. De-identification, which is an exception to the Privacy Act, should also clearly define its level. It is necessary to establish a legal basis for linking healthcare big data to create synergy effects in research. It is also necessary to examine the introduction of the opt-out system on the basis of the discussion on the foreign debate and social consensus. But most importantly, it is the people's trust in these systems.

• Knowledge Management Research
• /
• v.25 no.3
• /
• pp.47-71
• /
• 2024

AI-driven news recommendation systems are widely used today, providing personalized news consumption experiences. However, there are significant concerns that these systems might increase users' information bias by mainly showing information from limited perspectives. This lack of diverse information access can prevent users from forming well-rounded viewpoints on specific issues, leading to social problems like Filter bubbles or Echo chambers. These issues can deepen social divides and information inequality. This study aims to explore how AI-based news recommendation services affect users' perceived information bias and to create a foundation for ethical principles in AI services. Specifically, the study looks at the impact of ethical principles like accountability, the right to explanation, the right to choose, and privacy protection on users' perceptions of information bias in AI news systems. The findings emphasize the need for AI service providers to strengthen ethical standards to improve service quality and build user trust for long-term use. By identifying which ethical principles should be prioritized in the design and implementation of AI services, this study aims to help develop corporate ethical frameworks, internal policies, and national AI ethics guidelines.