한국융합학회논문지 (Journal of the Korea Convergence Society)

  • 제9권4호
  • /
  • Pages.9-14
  • /
  • 2018
  • /
  • 2233-4890(pISSN)
  • /
  • 2713-6353(eISSN)
한국융합학회 (Korea Convergence Society)
권호 표지
DOI QR코드

DOI QR Code

클라우드 환경에서 이중 복제 키를 사용한 사용자 프라이버시 보호 기법

User Privacy Security Scheme using Double Replication Key in the Cloud Environment

  • 정윤수 (목원대학교 정보통신융합공학부)
  • Jeong, Yoon-Su (Dept. of information Communication & Convergence Engineering, Mokwon University)
  • 투고 : 2018.02.13
  • 심사 : 2018.04.20
  • 발행 : 2018.04.28
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

최근 인터넷 속도가 빨라지면서 클라우드 환경에서는 서비스 수신 장치가 일반 PC에서 휴대폰 또는 태블릿 PC 등의 소형 장치로 변화되고 있는 추세이다. 휴대폰 또는 태브릿 PC 등과 같은 소형 장치들은 유선보다는 무선에서 사용되는 경우가 많기 때문에 제3자로부터 악의적으로 개인 정보가 노출될 수 있는 문제점이 많다. 본 논문에서는 다양한 무선 매체를 통해서 서비스되고 있는 클라우드 서비스 중에서 사용자의 프라이버시를 제3자로부터 안전하게 보호할 수 있는 이중 복제키 생성 과정을 통한 사용자 프라이버시 보호 기법을 제안한다. 제안 기법은 복제된 키를 서버와 중간 장치의 동기화를 위해서 사용되며, 사용자의 프라이버시를 보호하는 인증 처리 과정의 시간을 단축하는 것을 목표로 한다. 이 때, 제안기법은 서버와 중간 장치의 동기화에 Interleave()수와 랜덤수를 사용하기 때문에 제3자의 악의적인 공격을 안전하게 예방할 수 있다.

Recently, as the internet speed is getting faster, in the cloud environment, the service receiving device is changing from a general PC to a compact device such as a mobile phone or a tablet PC. Since handheld devices such as mobile phones or tablet PCs are often used in wireless rather than wired, there are many problems that personal information may be exposed maliciously from a third party. In this paper, we propose a user privacy protection scheme through a duplicate duplicate key generation process which can safely protect user 's privacy from third party among cloud services being served through various wireless media. The proposed scheme is used to synchronize the duplicated key between the server and the intermediary device, and aims at shortening the time of the authentication process protecting the user 's privacy. In this case, the proposed scheme uses Interleave() function and random number to synchronize the server and the intermediary device, so it can safely prevent the malicious attack of the third party.

키워드

참고문헌

  1. J. G. Choi & B. N. Noh. (2011). Security Technology Research in Cloud Computing Environment. Journal of Security Engineering, 8(3), 371-384.
  2. Y. S. Jeong. (2015). An Efficiency Management Scheme using Big Data of Healthcare Patients using Puzzy AHP. Journal of Digital Convergence, 13(4), 227-233. https://doi.org/10.14400/JDC.2015.13.4.227
  3. Y. S. Jeong. (2016). An Efficient IoT Healthcare Service Management Model of Location Tracking Sensor. Journal of Digital Convergence, 14(3), 261-267. https://doi.org/10.14400/JDC.2016.14.3.261
  4. Y. S. Jeong. (2016). Measuring and Analyzing WiMAX Security adopt to Wireless Environment of U-Healthcare. Journal of Digital Convergence, 11(3), pp. 279-284. https://doi.org/10.14400/JDPM.2013.11.3.279
  5. A. Singh & K. Chatterjee. (2017). Cloud security issues and challenges: A survey. Journal of Network and Computer Applications, 79, 88-115. https://doi.org/10.1016/j.jnca.2016.11.027
  6. S. Singh, Y.-S. Jeong & J. H. Park. (2016). A survey on cloud computing security: Issues, threats, and solutions. Journal of Network and Computer Applications, 75, 200-222. https://doi.org/10.1016/j.jnca.2016.09.002
  7. J. Zhang, H. Huang & X. Wang. (2016). Resource provision algorithms in cloud computing: A survey. Journal of Network and Computer Applications, 64, 23-42. https://doi.org/10.1016/j.jnca.2015.12.018
  8. V. Varadharajan & U. Tupakula. (2014). Security as a service model for cloud environment. IEEE Transactions on Network and Service Management, 11(1), 60-75. https://doi.org/10.1109/TNSM.2014.041614.120394
  9. A. Iera, G. Morabito & L. Atzori. (2016). The internet of things moves into the cloud. Proceedings of the 2016 IEEE International Conference on Cloud Engineering Workshop (IC2EW), 191-191.
  10. H. N. Saha, A. Mandal & A. Sinha. (2017). Recent trends in the internet of things. Proceedings of the 2017 IEEE 7th Annual Computing and Communication Workshop and Conference (CCWC), 1-4.
  11. A. Celesti, D. Mulfari, M. Fazio, M. Villari & A. Puliafito. (2016). Exploring container virtualization in iot clouds. Proceedings of the 2016 IEEE International Conference on Smart Computing (SMARTCOMP), 1-6.
  12. K. S. Dar, A. Taherkordi & F. Eliassen. (2016). Enhancing dependability of cloud-based iot services through virtualization. Proceedings of the 2016 IEEE First International Conference on Internet-of-Things Design and Implementation (IoTDI), 106-116.
  13. Y. S. Jeong & S. H. Lee. (2015). Personal Information Leakage Prevention Scheme of Smartphone Users in the Mobile Office Environment. Journal of Digital Convergence, 13(5), 205-211. https://doi.org/10.14400/JDC.2015.13.5.205
  14. B. Anggorojati, N. R. Prasad & R. Prasad. (2014). Secure capability-based access control in the m2m local cloud platform. Proceedings of the 2014 4th International Conference on Wireless Communications, Vehicular Technology, Information Theory and Aerospace Electronic Systems (VITAE), 1-5.
  15. A. Ouaddah, H. Mousannif, A. A. Elkalam & A. A. Ouahman. (2017). Access control in the internet of things: Big challenges and new opportunities. Computer Networks, 112, 237-262. https://doi.org/10.1016/j.comnet.2016.11.007
  16. R. S. Sandhu & P. Samarati. (1994). Access control: Principle and practice. Comm. Mag., 32(9), 40-48.
  17. A. Ouaddah, A. A. Elkalam & A. A. Ouahman. (2017). Towards a Novel Privacy-Preserving Access Control Model Based on Blockchain Technology in IoT. Cham: Springer International Publishing, 523-533.