ETRI-Knowledge Sharing Plaform

KOREAN
논문 검색
Type SCI
Year ~ Keyword

Detail

Conference Paper A Personal Information Leakage Prevention Method on the Internet
Cited 4 time in scopus Share share facebook twitter linkedin kakaostory
Authors
Dae Seon Choi, Seung Hun Jin, Hyun Soo Yoon
Issue Date
2006-06
Citation
International Symposium on Consumer Electronics (ISCE) 2006, pp.646-650
Publisher
IEEE
Language
English
Type
Conference Paper
Abstract
In this paper, we propose a method for preventing personal information leakage on the Internet. The leakage of the personal information might cause severe problems such as privacy violation, impersonation, spam mail, and financial fraud. The main ways of the personal information leakage are the leakage of the personal information registered in web site, the Internet Phishing, and the spyware. The basic idea of our method for preventing these types of personal information leakage is "Do not send the personal information to a hazardous recipient". Every network packet transferred from a user's PC to a server via the Internet is inspected to check if the packet contains the user's personal information. When a packet containing personal information is detected, a decision about safety of the transfer is made. After decision is made, the packet sent to an unsafe destination is dismissed. The decision is made based on the predefined user control policy. The user policy specifies the safeness of a transfer in considering the information such as type of transferred personal information, the application that sends the packet and the trustworthiness of the recipient. The destination's trustworthiness is managed and provided by a trusted third party. In this paper, we present the explanation of information leakage problem and the description of related work. The presentation of our model for controlling personal information transfer and a description of the system architecture for implementing our model is included. And some security analysis of our method that shows the effectiveness of the proposed method is also presented. ©2006 IEEE.
KSP Keywords
Control policy, Financial Fraud, Information Leakage Prevention, Information transfer, Internet phishing, Personal information, Prevention method, Privacy violation, Spam mail, System architecture, Trusted Third Party