• Journal of KIISE
• /
• v.42 no.1
• /
• pp.97-106
• /
• 2015

Recently, research on database encryption for data protection and query result authentication methods has been performed more actively in the database outsourcing environment. Existing database encryption schemes are vulnerable to order matching and counting attack of intruders who have background knowledge of the original database domain. Existing query result integrity auditing methods suffer from the transmission overhead of verification object. To resolve these problems, we propose a group-order preserving encryption index and a query result authentication method based on the encryption index. Our group-order preserving encryption index groups the original data for data encryption and support query processing without data decryption. We generate group ids by using the Hilbert-curve so that we can protect the group information while processing a query. Finally, our periodic function based data grouping and query result authentication scheme can reduce the data size of the query result verification. Through performance evaluation, we show that our method achieves better performance than an existing bucket-based verification scheme, it is 1.6 times faster in terms of query processing time and produces verification data that is 20 times smaller.

• Journal of KIISE
• /
• v.42 no.9
• /
• pp.1175-1184
• /
• 2015

Recently, there has been an explosive increase in the volume of multimedia data that is available as a result of the development of multimedia technologies. More and more data is becoming available on a variety of web sites, and it has become increasingly cost prohibitive to have a single data server store and process multimedia files locally. Therefore, many service providers have been likely to outsource data to cloud storage to reduce costs. Such behavior raises one serious concern: how can data users be authenticated in a secure and efficient way? The most widely used password-based authentication methods suffer from numerous disadvantages in terms of security. Multi-factor authentication protocols based on a variety of communication channels, such as SMS, biometric, or hardware tokens, may improve security but inevitably reduce usability. To this end, we present a data block-based authentication scheme that is secure and guarantees usability in such a manner where users do nothing more than enter a password. In addition, the proposed scheme can be effectively used to revoke user rights. To the best of our knowledge, our scheme is the first data block-based authentication scheme for outsourced data that is proven to be secure without degradation in usability. An experiment was conducted using the Amazon EC2 cloud service, and the results show that the proposed scheme guarantees a nearly constant time for user authentication.

• Journal of Korea Port Economic Association
• /
• v.38 no.4
• /
• pp.45-64
• /
• 2022

Due to the recent and rapid globalization, logistics outsourcing has expanded globally and is seen as a means of creating a robust logistics system. However, many businesses continue to have difficulties with their logistics outsourcing contracts, which compels them to reinstate the logistics function for internal management. This study aims to investigate how organizational capabilities of logistics service providers (LSPs), notably flexibility, integration, innovation, and technological capabilities, impact on the logistics outsourcing success in Ugandan food processing firms. Using a structured questionnaire survey, cross-sectional data collected from 211 food processing firms in Kampala - Uganda were analyzed by partial least squares-structural equation modeling (PLS-SEM) using SmartPLS 3.3.7 software to examine the theorized relationships. The study findings revealed that whereas the technological and innovation capabilities positively and significantly influence logistics outsourcing success, the effects of flexibility and integration capabilities were insignificant. Additionally, the importance-performance map analysis (IPMA) reveals that the technological capability is a priority capability, followed by the innovation capability if logistics outsourcing success is to be achieved. Conversely, flexibility and integration capabilities are of low priority.

• Journal of KIISE
• /
• v.43 no.8
• /
• pp.933-945
• /
• 2016

Sharing data by multiple users on the public storage, e.g., the cloud, is considered to be efficient because the cloud provides on-demand computing service at anytime and anywhere. Secure data sharing is achieved by fine-grained access control. Existing symmetric and public key encryption schemes are not suitable for secure data sharing because they support 1-to-1 relationship between a ciphertext and a secret key. Attribute based encryption supports fine-grained access control, however it incurs linearly increasing ciphertexts as the number of attributes increases. Additionally, the decryption process has high computational cost so that it is not applicable in case of resource-constrained environments. In this study, we propose an efficient attribute-based secure data sharing scheme with outsourceable decryption. The proposed scheme guarantees constant-size ciphertexts irrespective of the number of attributes. In case of static attributes, the computation cost to the user is reduced by delegating approximately 95.3% of decryption operations to the more powerful storage systems, whereas 72.3% of decryption operations are outsourced in terms of dynamic attributes.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.1250-1253
• /
• 2007

데이터베이스를 아웃소싱하는 DAS 모델 환경에서 데이터베이스를 암호화하기 위해 암호화 알고리즘을 적용할 때, 암호화된 데이터의 순서는 평문과 달라, 인덱스를 구축할 수 없기 때문에 암호화된 데이터베이스에 대한 검색 처리상의 효율성 문제가 발생한다. 따라서, 아웃소싱된 데이터베이스 환경에 적합한 효율적인 암호화 메커니즘이 요구된다. 본 논문에서는 평문을 노출시키지 않은 상태에서 범위 검색이 가능한 새로운 고속 메커니즘을 제안하였다. 제안한 메커니즘은 복호화시 평문 데이터당 1 회의 XOR 연산과 버킷당 1 회의 암호화 연산만을 요구하므로 기 제안된 $Hacig{\ddot{u}}m{\ddot{u}}{\c{s}}$의 방식보다 효율적이다.

• Journal of Service Research and Studies
• /
• v.13 no.1
• /
• pp.144-158
• /
• 2023

R&D (Research and Development) investment by companies and the government continues to increase, and the total R&D expenditure of public and private sectors in 2021 reached KRW 102 trillion, and the ratio of R&D investment to GDP was 4.96%. It ranks second in the world after Israel. This study analyzes the current status of the domestic R&D service industry and the research and development (R&D) innovation ecosystem based on the business activity survey data of the National Statistical Office in terms of improving R&D productivity of domestic R&D investment that has exceeded 100 trillion won, and analyzes the global R&D service industry and analyzes the global research service industry and R&D service Industry support government policy As a result of the analysis, in the domestic R&D ecosystem, the R&D outsourcing demand of service companies is rapidly increasing, compared to the stagnant R&D outsourcing demand of traditional manufacturing companies. In order to respond to these changing demands for technological innovation, this study suggests balanced support for R&D outsourcing for manufacturing and service companies, expansion of domestic R&D outsourcing, establishment of R&D outsourcing strategies specialized for the service industry, establishment of an open R&D ecosystem, and innovation in connection with materials/parts/equipment strategies.

• Journal of Information Technology Applications and Management
• /
• v.12 no.1
• /
• pp.241-259
• /
• 2005

This study explores a model of partnership to the success of outsourcing CTI(computer telephony integration) based customer service centers of a telecommunication service company. The motivation of the study is to extend the research on IT outsourcing to IT-enabled BPO of customer service centers as a specific IT outsourcing practice. Previous research on IT outsourcing partnership and success is reviewed for developing an a research model of IT-enabled BPO. This model is proposed based on the previous partnership success models in information systems research. The results of the study confirm major factors related to successful IT-enabled BPO in previous research. Especially, the specificity of a contract and strategic collaboration in partnership are found to be influential on the success of IT-enabled BPO.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.05a
• /
• pp.159-162
• /
• 2021

최근 클라우드 컴퓨팅이 발전함에 따라 데이터베이스 아웃소싱에 대한 관심이 증가하였다. 그러나 데이터베이스를 아웃소싱하는 경우, 데이터 소유자의 정보가 내외부 공격자에게 노출되는 문제점을 지닌다. 따라서 본 논문에서는 정보 보호를 지원하는 병렬 영역 질의처리 알고리즘을 제안한다. 제안하는 알고리즘은 garbled circuit 및 thread pool을 통해 암호화 연산 프로토콜의 효율성을 향상시키고, 알고리즘의 처리과정을 병렬화함으로써 높은 질의 처리 성능을 제공한다. 성능평가를 통해, 제안하는 알고리즘이 고수준의 정보 보호를 지원하는 동시에 기존 알고리즘에 비해 약 20배의 우수한 질의 처리 성능을 보인다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.326-329
• /
• 2017

ICT 기술의 발달과 함께 클라우드의 사용이 활발해지고 있으며, 클라우드의 활용성 또한 증가하고 있다. 클라우드는 각각의 활용 용도에 따라 다양한 데이터가 저장되고 있으며, 클라우드 스토리지와 클라우드 스토리지에 저장된 데이터의 중요성 또한 증가하고 있다. 또한, 클라우드를 사용하는 이용자의 수가 증가하며 CSP에 아웃소싱 되는 데이터의 양이 증가하고 있지만, 지속적으로 보안사고가 발생하고 있으며, 신뢰 되지 않는 클라우드 환경에서는 악의적 사용자 또는 CSP에 의해 데이터 액세스 로그가 위조되거나 생략이 가능해 수정 불가능한 로깅 등을 통한 책임 추적성 확보가 필요하다. 따라서 이와 같은 문제를 해결하고 클라우드 스토리지 데이터의 책임 추적성 확보를 위해 본 논문에서는 블록체인 위 변조 불가능한 특성을 활용하여 신뢰 가능한 데이터 액세스 로깅을 통해 데이터 책임 추적성 확보가 가능한 프레임워크를 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.11a
• /
• pp.945-947
• /
• 2011

클라우드 컴퓨팅 인프라를 사용할 때 사용자의 민감한 정보가 포함된 데이터를 사용하게 될 수 있다. 데이터를 아웃소싱하여 처리하는 경우 클라우드 제공자가 데이터 처리자로서 사용자의 데이터에 접근해야 한다. 사용자는 데이터를 처리하는 과정에서 행하는 클라우드 제공자의 동작을 알 수 없으므로 클라우드 컴퓨팅을 사용하는 것을 불안해하게 되고 공개를 해도 되는 일부의 데이터만을 사용하게 된다. 본 연구에서는 클라우드 컴퓨팅을 통해 연산을 수행하는 환경에서 사용자의 데이터를 보호하기 위한 연구의 일환으로써, 시스템 및 환경을 정의하고 주로 발생할 수 있는 정보보호 위협을 정리하였다. 또한 현재 연구가 진행되고 있는 SMPC(Secure Multi-Party Computation)을 소개하고 이를 클라우드 컴퓨팅을 통해 연산을 수행하는 환경에 적용하기 위해 고려해야 할 사항들을 제시하며, 향후 연구 방향을 모색한다.