• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.1
• /
• pp.323-342
• /
• 2021

Personal health records (PHRs) is an electronic medical system that enables patients to acquire, manage and share their health data. Nevertheless, data confidentiality and user privacy in PHRs have not been handled completely. As a fine-grained access control over health data, ciphertext-policy attribute-based encryption (CP-ABE) has an ability to guarantee data confidentiality. However, existing CP-ABE solutions for PHRs are facing some new challenges in access control, such as policy privacy disclosure and dynamic policy update. In terms of addressing these problems, we propose a privacy protection and dynamic share system (PPADS) based on CP-ABE for PHRs, which supports full policy hiding and flexible access control. In the system, attribute information of access policy is fully hidden by attribute bloom filter. Moreover, data user produces a transforming key for the PHRs Cloud to change access policy dynamically. Furthermore, relied on security analysis, PPADS is selectively secure under standard model. Finally, the performance comparisons and simulation results demonstrate that PPADS is suitable for PHRs.

• Proceedings of the IEEK Conference
• /
• summer
• /
• pp.159-164
• /
• 2004

This paper aims towards designing and implementation of a new adaptive Peer to Peer (P2P) network that cluster itself on the basis of semantic proximity. We also developed an algorithm to classify the nodes to form the semantic groups and to direct the queries to appropriate groups without any human intervention. This is done using Bloom filters to summarise keywords of the documents shared by a peer. The queries are directed towards the appropriate clusters instead of flooding them. The proposed topology supports a system for maintaining a global, omnipresent trust value for each peer in an efficient manner both in terms of decision time and network load.

• Journal of the Korean Society for Marine Environment & Energy
• /
• v.3 no.1
• /
• pp.62-69
• /
• 2000

The study was performed to apply the algae removal system to coagulation-filtration process for minimize the damage to screen interruption of water treatment plants and died of fish by algae bloom on freshwater. Sample used Nokdong river water and Alkalinity, turbidity, chlorophyll-a and pH measured using Jar test and drum filter for coagulation-filtration process to determine optimum coagulation condition. A jar test apparatus and laboratory reactor were used in this study. The highest removal efficiency was observed when condition of flocculation time, coagulant dosage, drum filter rpm and chlorophyll-a concentration were to be 5min, 5mg/ℓ, 3rpm and 90㎍/ℓ, respectively. The average removal efficiencies measured of chlorophyll-a and turbidity using Alum were 50～60% and 30～50%, respectively. PAC was more effective than Alum in removal chlorophyll-a about 20%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.739-751
• /
• 2014

We are using our smartphone for our business as well as ours lives. Thus, user's privacy data and a company secret are stored at smartphone. By the way, the saved data on smartphone database can be exposed to a malicous attacker when a malicous app is installed in the smartphone or a user lose his/her smartphone because all data are stored as form of plaintext in the database. To prevent this disclosure of personal information, we need a database encryption method. However, if a database is encrypted, it causes of declining the performance. For example, when we search specific data in condition with encrypted database, we should decrypt all data stored in the database or search sequentially the data we want with accompanying overhead[1]. In this paper, we propose an efficient and searchable encryption method using variable length bloom filter under limited resource circumstances(e.g., a smartphone). We compare with existing searchable symmetric encryption. Also, we implemented the proposed method in android smartphone and evaluated the performance the proposed method. As a result through the implementation, We can confirm that our method has over a 50% improvement in the search speed compared to the simple search method about encrypted database and has over a 70% space saving compared to the method of fixed length bloom filter with the same false positive rate.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.41-52
• /
• 2010

Message authentication is an essential security element in vehicular ad-hoc network(VANET). For a secure message authentication, integrity, availability, privacy preserving skill, and also efficiency in various environment should be provided. RAISE scheme has been proposed to provide efficient message authentication in the environment crowded with lots of vehicles and generally considered to be hard to provide efficiency. However, as the number of vehicles communicating in the area increases, the overhead is also incurred in proportion to the number of vehicles so that it still needs to be reduced, and the scheme is vulnerable to some attacks. In this paper, to make up for the vulnerabilities in dense vehicular communication network, we propose a more secure and efficient scheme using a process that RSU(Road Side Unit) transmits the messages of neighbor vehicles at once with Bloom Filter, and timestamp to protect against replay attack. Moreover, by adding a handover function to the scheme, we simplify the authentication process as omitting the unnecessary key-exchange process when a vehicle moves to other area. And we confirm the safety and efficiency of the scheme by simulating the false positive probability and calculating the traffic.

• Journal of information and communication convergence engineering
• /
• v.9 no.5
• /
• pp.577-582
• /
• 2011

EMR(Electronic Medical Record) is an emerging technology that is highly-blended between non-IT and IT area. One of methodology to link non-IT and IT area is to construct databases. Nowadays, it supports before and after-treatment for patients and should satisfy all stakeholders such as practitioners, nurses, researchers, administrators and financial department and so on. In accordance with the database maintenance, DAS (Data as Service) model is one solution for outsourcing. However, there are some scalability and strategy issues when we need to plan to use DAS model properly. We constructed three kinds of databases such as plain-text, MS built-in encryption which is in-house model and custom AES (Advanced Encryption Standard) - DAS model scaling from 5K to 2560K records. To perform custom AES-DAS better, we also devised Bucket Index using Bloom Filter. The simulation showed the response times arithmetically increased in the beginning but after a certain threshold, exponentially increased in the end. In conclusion, if the database model is close to in-house model, then vendor technology is a good way to perform and get query response times in a consistent manner. If the model is DAS model, it is easy to outsource the database, however, some technique like Bucket Index enhances its utilization. To get faster query response times, designing database such as consideration of the field type is also important. This study suggests cloud computing would be a next DAS model to satisfy the scalability and the security issues.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.11B
• /
• pp.1297-1304
• /
• 2011

SIP(Session Initiation Protocol) has some security vulnerability because it works on the Internet. Therefore, the proxy server can be affected by the flooding attack such as DoS and service interruption. However, traditional schemes to corresponding Denial of Service attacks have some limitation. These schemes have high complexity and cannot protect to the variety of Denial of Service attack. In this paper, we newly define the normal user who makes a normal session observed by verifier module. Our method provides continuous service to the normal users in the various situations of Denial of Service attack as constructing a whitelist using normal user information. Various types of attack/normal traffic are modeled by using OPNET simulator to verify our scheme. The simulation results show that our proposed scheme can prevent DoS attack and achieve a low false rate and fast searching time.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1259-1266
• /
• 2013

Nowadays, the databases are getting larger and larger. As the company has difficulty in managing the database, they want to outsource the database to the cloud system. In this case the database security is more important because their database is managed by the cloud service provider. Among database security techniques, the encryption method is a well-certified and established technology for protecting sensitive data. However, once encrypted, the data can no longer be easily queried. The performance of the database depends on how to encrypt the sensitive data, and on the approach for searching, and the retrieval efficiency that is implemented. In this paper we propose the new suitable mechanism to encrypt the database and lookup process on the encrypted database under control of the cloud service provider. This database encryption algorithm uses the bloom filter with the variable keyword based index. Finally, we demonstrate that the proposed algorithm should be useful for database encryption related research and application activities.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.4B
• /
• pp.403-418
• /
• 2009

IP version 6 (IPv6) is a new If addressing scheme that has 128-bit address space. IPv6 is proposed to solve the address space problem of IP version 4 (IPv4) which has 32-bit address space. For a given IPv6 routing set, if a forwarding table is built using a trio structure, the trio has a lot more levels than that for IPv4. Hence, for IPv6 address lookup, the binary search on trio levels would be more appropriate and give better search performance than linear search on trio levels. This paper proposes a new IPv6 address lookup algorithm performing binary search on trio levels. The proposed algorithm uses a Bloom filter in pre-filtering levels which do not have matching nodes, and hence it reduces the number of off-chip memory accesses. Simulation has been performed using actual IPv6 routing sets, and the result shows that an IPv6 address lookup can be performed with 1-3 memory accesses in average for a routing data set with 1096 prefixes.

• Journal of Broadcast Engineering
• /
• v.26 no.3
• /
• pp.321-326
• /
• 2021

Blockchain is increasing in value as a platform for safe transmission of capital transactions or secure data. In addition, blockchain has the potential as a new platform that can safely store large amounts of data such as videos, music, and photos, and safely manage transaction details and service usage specifications. Since it is not possible to store large-capacity media data in a block, research on the performance of storing sound source information in a block and retrieving the stored sound source data by using the distributed storage system (IPFS) and the hash information of the sound source signature data was conducted. In this paper, we propose a sound source signature indexing method using a bloom filter that can improve the search speed suggested by previous studies. As a result of the experiment, it was confirmed that improved search performance (O(1)) than the existing search performance (O(n)) can be achieved.