KR20100060130A - System for protecting private information and method thereof - Google Patents

System for protecting private information and method thereof Download PDF

Info

Publication number
KR20100060130A
KR20100060130A KR1020080118592A KR20080118592A KR20100060130A KR 20100060130 A KR20100060130 A KR 20100060130A KR 1020080118592 A KR1020080118592 A KR 1020080118592A KR 20080118592 A KR20080118592 A KR 20080118592A KR 20100060130 A KR20100060130 A KR 20100060130A
Authority
KR
South Korea
Prior art keywords
personal information
subscriber
rule
requested
service server
Prior art date
Application number
KR1020080118592A
Other languages
Korean (ko)
Inventor
곽병옥
최영일
Original Assignee
한국전자통신연구원
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 한국전자통신연구원 filed Critical 한국전자통신연구원
Priority to KR1020080118592A priority Critical patent/KR20100060130A/en
Publication of KR20100060130A publication Critical patent/KR20100060130A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation, e.g. computer aided management of electronic mail or groupware; Time management, e.g. calendars, reminders, meetings or time accounting

Abstract

Disclosed is a privacy management system for protecting a subscriber's personal information. The personal information protection management system includes a personal information manager that manages personal information for each subscriber; And when the subscriber's personal information is requested from an external communication device through a communication network, transmits a permission request message for providing personal information to the communication terminal of the subscriber and transmits the requested personal information of the subscriber according to the reply result. It includes; personal information providing unit provided to the communication device of the. This allows the subscriber to have control over his or her personal information.

Description

System for protecting private information and method
The present invention relates to a network-based personalization service technology, and more particularly to a technology for personal information protection management.
This study was derived from a study conducted as part of the IT growth engine technology development project of the Ministry of Knowledge Economy and the Ministry of Information and Telecommunications Research and Development. [Task Management Number: 2008-S-007-01, Network Knowledge-based Personalization Service Technology Development]
The method for protecting personal information in the existing communication network is to allow the service provider to unilaterally manage the subscriber's information according to the service level agreement between the subscriber and the service provider regardless of the subscriber's intention. If you do not agree to the privacy guidelines specified by the service provider, you will not be able to subscribe to telecommunications services. Therefore, it is impossible to have control over whether the subscriber's personal information is disclosed. After all, subscribers are always worried about the leakage of personal information.
It is an object of the present invention to provide a privacy management system and method for allowing subscribers to have control over their personal information.
Personal information protection management system according to an aspect of the present invention for achieving the above technical problem, a personal information management unit for managing the personal information for each subscriber; And when the subscriber's personal information is requested from the external communication device through the communication network, transmits a permission request message for providing personal information to the subscriber's communication terminal and transmits the requested subscriber's personal information according to the response result. Includes; provides a personal information providing unit.
Personal information protection management system according to an additional aspect of the present invention further comprises a rule management unit for managing rules for the provision of personal information for each subscriber; personal information providing unit checks the subscriber's rules when the subscriber's personal information is requested If the specified rule is specified to receive the subscriber's permission is characterized in that the authorization request message is sent to the subscriber's communication terminal.
According to an aspect of the present invention, a personal information manager receives personal information from a subscriber terminal through a communication network.
According to an aspect of the present invention, the rule manager receives rule information from a subscriber station through a communication network.
Personal information protection management system according to another aspect of the present invention, a personal information management unit for managing personal information consisting of a plurality of items for each subscriber; Rule management unit for managing the rules for the provision of personal information for each subscriber; And when the personal information item of the subscriber is requested from the service server operated by the service provider through the communication network, the personal information consisting of the items satisfying the rule among the requested personal information items by checking the rules for providing the personal information of the subscriber. It includes; a personal information providing unit for providing a service server.
According to an aspect of the present invention, the personal information providing unit transmits a personal information permission request message to the corresponding subscriber terminal according to the personal information request, and satisfies the rule when receiving the permission message in response to the personal information permission request message from the corresponding subscriber. Characterized in that the personal information consisting of the item to provide to the service server.
On the other hand, the personal information protection management method performed in the personal information protection management system according to an aspect of the present invention for achieving the above technical problem, the step of receiving a subscriber's personal information from the external communication device through a communication network; Transmitting a permission request message for providing personal information to a communication terminal of a corresponding subscriber according to a request; Receiving a reply to the permission request message from a communication terminal; And transmitting the requested personal information to an external communication device according to the reply result.
The personal information protection management system and method enables the subscriber to directly handle whether the personal information is provided for the communication service or system for which the user wants to use the personal information, thereby allowing the subscriber to directly control the disclosure of his or her personal information. Provide an environment in which you can own it. Accordingly, the subscriber can secure the privacy of personal information by preventing the undisclosed disclosure of personal information to a number of unspecified systems or third parties other than the network operators or communication services to which the subscriber subscribes. Therefore, subscribers naturally relieve anxiety about the leakage of personal information.
The foregoing and further aspects of the present invention will become more apparent through the preferred embodiments described with reference to the accompanying drawings. Hereinafter, the present invention will be described in detail to enable those skilled in the art to easily understand and reproduce the present invention.
1 is a diagram illustrating a network environment according to an embodiment of the present invention.
The subscriber station 102 is a terminal capable of network communication, and there is no particular limitation on its type such as a mobile phone or a PDA. The subscriber 101 can use the personal information protection service by operating the subscriber terminal 102. As a specific example, the subscriber 101 accesses the personal information protection management system 104 to be described later through the communication network 103 by operating the subscriber terminal 102 and registers a personal information protection service application and necessary information to protect the personal information protection service. Will be provided. The personal information protection management system 104 receives and manages usage rules for personal information from the subscriber terminal 102, and when a personal information request is received from an external service provider, the personal information of the subscriber 101 is stored. Checks the usage rule for the subscriber station 102 and requests the personal information permission. The service server 105 is a server operated by a service provider and provides a service to the subscriber station 102.
2 is a block diagram of a personal information protection management system according to an embodiment of the present invention.
The communication unit 201 is responsible for connecting to the external network and communication connection. The communication unit 201 supports one or more communication protocols. In one embodiment, the network communication unit 201 supports internet communication. In this case, the communication unit 201 is achieved by a known hardware configuration such as hardware configuration and TCP / IP (Transmission Control Protocol / Internet Protocol) required for Internet communication. The personal information manager 202, the rule manager 204, the personal information provider 208, and the authentication processor 206 may be implemented by program code. In one embodiment, these configurations are written to memory and read and executed by a processor.
The personal information manager 202 manages personal information for each subscriber. In one embodiment, personal information is stored and managed in a subscriber information database 203 for each subscriber. The personal information is composed of a plurality of items, for example, social security number, address, telephone number, age, gender, marital status, religion, and the like. In one embodiment, the personal information manager 202 receives personal information from the subscriber terminal 102 via a communication network. Specifically, for example, the subscriber 101 accesses the personal information protection management system 104 using the subscriber terminal 102 and inputs his or her personal information. Then, the personal information input to the subscriber terminal 102 is transmitted to the personal information protection management system 104 through the communication network, and the personal information management unit 202 of the personal information protection management system 104 is received by the communication unit 201. The stored personal information is classified into subscribers and stored in the subscriber information database 203.
The rule manager 204 manages subscriber rules for each subscriber. In one embodiment, the subscriber rule information is stored and managed in the rules database 205 for each subscriber. In this case, the subscriber rule information may be information for obtaining a subscriber's permission when providing personal information, and as another example, information on whether or not to allow disclosure of each personal information item may be specified. For convenience of explanation, the former case is referred to as the first rule, and the latter case is referred to as the second rule. In the case of the second rule, for example, the [resident registration number, telephone number] of the personal information items is not disclosed, and the other [address, age, gender, marital status, religion, etc.] is allowed to be disclosed. Can be set.
In one embodiment, the rule manager 204 receives subscriber rule information from the subscriber terminal 102 via a communication network. Specifically, for example, the subscriber 101 accesses the personal information protection management system 104 using the subscriber terminal 102 and inputs his rule information. Then, the rule information input to the subscriber terminal 102 is transmitted to the personal information management system 104 through the communication network, and the rule management unit 204 of the personal information protection management system 104 is received by the communication unit 201. The rule information is classified for each subscriber and stored in the rule database 205.
On the other hand, when a subscriber wants to input personal information or rules, a process for authenticating whether the subscriber is a legitimate subscriber may be prioritized. This is performed in the authentication processing unit 206. The authentication processor 206 may authenticate the subscriber 101 by comparing the information input from the connected subscriber terminal 102 with the information stored in the authentication information database. As the authentication information, the subscriber's social security number may be used. The authentication processing unit 206 may authenticate not only the subscriber but also the service provider.
The personal information providing unit 208 provides the subscriber's personal information requested to the service server 105 or a third party requesting the subscriber's personal information. When the personal information provider 208 receives the personal information item request message of a specific subscriber from the service provider or another subscriber through the communication network, the personal information provider 208 checks the rule database 205 to check the rule of the subscriber. In one embodiment, in the case of the first rule, the personal information providing unit 208 transmits a message indicating that there is a request for personal information to the subscriber terminal 102 and is approved for permission to provide personal information. When the subscriber 101 operates the subscriber terminal 102 to grant permission, the personal information providing unit 208 transmits the requested personal information to the service providing server of the requested service provider or the communication terminal of another subscriber.
In the case of the second rule, the personal information providing unit 208 confirms whether the requested personal information item satisfies the rule. If the rule is satisfied, the personal information providing unit 208 transmits the requested personal information to the service providing server of the requesting service provider or the communication terminal of another subscriber. In one embodiment, in the case of the second rule, the personal information providing unit 208 checks the rule and transmits a message indicating that there is a request for personal information to the subscriber terminal 102 even if the rule is satisfied. Get permission to provide information. When the subscriber 101 operates the subscriber terminal 102 to grant permission, the personal information providing unit 208 transmits the requested personal information to the service providing server of the requested service provider or the communication terminal of another subscriber.
In another embodiment, in the case of the second rule, if the requested personal information item is not satisfied with the rule, the personal information provider 208 transmits a message indicating that the requested personal information item is not satisfied with the rule, At the same time, a query message is sent asking whether to provide the requested personal information item although it is not satisfied with the rule. If the subscriber 101 permits the subscriber terminal 102 to operate the subscriber terminal 102 to provide the requested personal information item that does not satisfy the rule, the personal information providing unit 208 provides a service providing server of the service provider who requested the requested personal information. Or transmits to a communication terminal of another subscriber.
3 is a procedure of protecting personal information according to an embodiment of the present invention.
The subscriber station 102 accesses the personal information protection management system 104 to register personal information (301). When the personal information registration is completed, the personal information usage rule is set (302). Then, when the subscriber operates the subscriber station 102 to access the service server 105 to use the service provided by the specific service provider (303), the service server 105 is required for the privacy management system 104. A subscriber's personal information item is requested (304). The privacy management system 104 retrieves the subscriber's personal information usage rule (305). If the privacy rule is to obtain the user's permission, the privacy management system 104 sends a request for accepting the use of personal information to the subscriber terminal 102 (306). Upon confirming the request for accepting the use of personal information through the subscriber terminal 102, the subscriber 101 determines whether to accept the use of the personal information (307), and if so, operates the subscriber terminal 102 to issue a personal information permission command. To the personal information protection management system 104 (308). The privacy management system 104 provides the service server 105 with the personal information authorized by the subscriber (309). The service server 105 which has received the personal information necessary for providing the service transmits the corresponding service to the subscriber station 102 (310).
4 is a procedure for protecting personal information according to another embodiment of the present invention.
Describes the procedures to ensure that personal information protection services are implemented in accordance with subscriber-specified privacy user rules. The third subscriber 101 subscribed to the service server 105 providing the group service requests the subscriber 101 registered in the personal information management system 104 to join the group service through the service server 105. (401). Examples of group service may be generated when a group is formed for the purpose of dialogue, information exchange, and data sharing by forming a group such as joining a group, joining a UCC member, and joining a messenger in a current communication service system. The service server 105 receiving the group service subscription request requests the personal information of the corresponding subscriber 101 to the personal information protection management system 104 in order to provide the group service (402). The personal information protection management system 104 retrieves the personal information usage rule (403), and if the personal information required to join the group service needs the permission of the subscriber 101, the personal information request is sent to the subscriber terminal 102. The request for permission is sent (404). Upon receiving the permission request for the personal information through the subscriber terminal 102, the subscriber 101 determines whether to accept the use of the personal information (405), and if there is no intention to provide the use of the personal information, rejects the use of the personal information. The data is transmitted to the privacy management system 104 (406). The personal information protection management system 104 receives the personal information use denial command message and notifies the use of personal information is denied without transmitting the personal information of the subscriber 101 to the service server 105 (407). The service server 105 recognizes that the use of the personal information required to join the group service is denied, and transmits a message indicating that the subscriber 101 cannot subscribe to the group service to the third subscriber station 102 (408). Do not perform subscriber service subscription.
So far I looked at the center of the preferred embodiment for the present invention. Those skilled in the art will appreciate that the present invention can be implemented in a modified form without departing from the essential features of the present invention. Therefore, the disclosed embodiments should be considered in descriptive sense only and not for purposes of limitation. The scope of the present invention is shown in the claims rather than the foregoing description, and all differences within the scope will be construed as being included in the present invention.
1 is a diagram illustrating a network environment according to an embodiment of the present invention.
Figure 2 is a block diagram of a privacy management system according to an embodiment of the present invention.
Figure 3 is a personal information protection procedure according to an embodiment of the present invention.
Figure 4 is a personal information protection procedure according to another embodiment of the present invention.

Claims (10)

  1. A personal information manager to manage personal information for each subscriber; And
    When the personal information of the subscriber is requested from the external communication device through the communication network, the permission request message for providing the personal information is transmitted to the communication terminal of the subscriber, and the requested personal information of the subscriber is transmitted according to the reply result. A personal information providing unit provided to the communication device;
    Personal information protection management system comprising a.
  2. The method of claim 1,
    Rule management unit for managing rules for the provision of personal information for each subscriber; further includes,
    When the personal information of the subscriber is requested, the personal information provider checks the rule of the subscriber, and if it is specified that the confirmed rule should receive the permission of the subscriber, the permission request message is transmitted to the communication terminal of the subscriber. Privacy management system.
  3. The method of claim 1,
    And the personal information manager receives personal information from a subscriber terminal through a communication network.
  4. The method of claim 2,
    The rule management unit receives the rule information from the subscriber terminal via a communication network.
  5. A personal information manager which manages personal information consisting of a plurality of items for each subscriber;
    Rule management unit for managing the rules for the provision of personal information for each subscriber; And
    When a personal information item of a subscriber is requested through a communication network from a service server operated by a service provider, the personal information consisting of items satisfying the rule among the requested personal information items is checked by checking the personal information provision of the subscriber. A personal information providing unit providing information to the service server;
    Personal information protection management system comprising a.
  6. The method of claim 5,
    The personal information providing unit transmits a personal information permission request message to the corresponding subscriber terminal according to the personal information request, and if the permission message in response to the personal information permission request message is received from the corresponding subscriber, the item satisfies the rule. Personal information protection management system, characterized in that for providing the personal information consisting of the service server.
  7. The method of claim 5,
    The personal information providing unit inquires of the corresponding subscriber station whether or not some of the personal information items requested from the service server satisfy the rule of the corresponding subscriber, and may provide the service server with an item that does not satisfy the rule. And a personal information to be provided to the service server that does not satisfy the rule according to the query reply.
  8. The method of claim 6,
    The personal information providing unit inquires of the corresponding subscriber station whether or not some of the personal information items requested from the service server satisfy the rule of the corresponding subscriber, and may provide the service server with an item that does not satisfy the rule. And a personal information to be provided to the service server that does not satisfy the rule according to the query reply.
  9. Receiving a request for personal information of a subscriber through a communication network from an external communication device;
    Transmitting a permission request message for providing personal information to a communication terminal of a corresponding subscriber according to the request;
    Receiving a reply to the permission request message from the communication terminal; And
    Transmitting the requested personal information to the external communication device according to the reply result;
    Personal information protection management method performed in the personal information protection management system comprising a.
  10. 10. The method of claim 9,
    Checking the privacy rule of the subscriber according to the request;
    The permission request message transmitting step is performed in the personal information protection management system, characterized in that is performed only when the confirmed personal information rule needs to receive the permission of the subscriber.
KR1020080118592A 2008-11-27 2008-11-27 System for protecting private information and method thereof KR20100060130A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020080118592A KR20100060130A (en) 2008-11-27 2008-11-27 System for protecting private information and method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020080118592A KR20100060130A (en) 2008-11-27 2008-11-27 System for protecting private information and method thereof

Publications (1)

Publication Number Publication Date
KR20100060130A true KR20100060130A (en) 2010-06-07

Family

ID=42361084

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020080118592A KR20100060130A (en) 2008-11-27 2008-11-27 System for protecting private information and method thereof

Country Status (1)

Country Link
KR (1) KR20100060130A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101259579B1 (en) * 2012-11-08 2013-04-30 (주)유와이즈원 System and method of opertating information security task
WO2013188312A1 (en) * 2012-06-11 2013-12-19 Intertrust Technologies Corporation Data collection and analysis systems and methods
US10191972B2 (en) 2008-04-30 2019-01-29 Intertrust Technologies Corporation Content delivery systems and methods
KR102257403B1 (en) * 2020-01-06 2021-05-27 주식회사 에스앤피랩 Personal Information Management Device, System, Method and Computer-readable Non-transitory Medium therefor

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10191972B2 (en) 2008-04-30 2019-01-29 Intertrust Technologies Corporation Content delivery systems and methods
US10776831B2 (en) 2008-04-30 2020-09-15 Intertrust Technologies Corporation Content delivery systems and methods
WO2013188312A1 (en) * 2012-06-11 2013-12-19 Intertrust Technologies Corporation Data collection and analysis systems and methods
KR101259579B1 (en) * 2012-11-08 2013-04-30 (주)유와이즈원 System and method of opertating information security task
KR102257403B1 (en) * 2020-01-06 2021-05-27 주식회사 에스앤피랩 Personal Information Management Device, System, Method and Computer-readable Non-transitory Medium therefor
WO2021141235A1 (en) * 2020-01-06 2021-07-15 Snplab Inc. Personal information management device, system, method and computer-readable non-transitory medium therefor

Similar Documents

Publication Publication Date Title
Sarma et al. Identities in the future internet of things
JP4742903B2 (en) Distributed authentication system and distributed authentication method
US20160239845A1 (en) System and method to support identity theft protection as part of a distributed service oriented ecosystem
US8763089B2 (en) Flexible authentication and authorization mechanism
Hulsebosch et al. Context sensitive access control
US9639678B2 (en) Identity risk score generation and implementation
US9197639B2 (en) Method for sharing data of device in M2M communication and system therefor
US8156231B2 (en) Remote access system and method for enabling a user to remotely access terminal equipment from a subscriber terminal
US8978100B2 (en) Policy-based authentication
US9319413B2 (en) Method for establishing resource access authorization in M2M communication
CA2981789A1 (en) Method for authentication and assuring compliance of devices accessing external services
CN101567878B (en) Method for improving safety of network ID authentication
KR20050117275A (en) Method for single-sign-on based on markup language, and system for the same
US9319412B2 (en) Method for establishing resource access authorization in M2M communication
KR20190136011A (en) Core network access provider
López et al. A swift take on identity management
US8793773B2 (en) System and method for providing reputation reciprocity with anonymous identities
KR20100060130A (en) System for protecting private information and method thereof
Malik et al. Federated identity management (FIM): Challenges and opportunities
Alsaleh et al. Enhancing consumer privacy in the liberty alliance identity federation and web services frameworks
CN112187800B (en) Attribute-based access control method with anonymous access capability
JP2008003879A (en) Group participation management method, system, and program
Cuellar Location information privacy
KR101317403B1 (en) Private information management system on trust level and method thereof
Chen A privacy enabled service authorization based on a user-centric virtual identity management system

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E601 Decision to refuse application