• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.326-329
• /
• 2017

ICT 기술의 발달과 함께 클라우드의 사용이 활발해지고 있으며, 클라우드의 활용성 또한 증가하고 있다. 클라우드는 각각의 활용 용도에 따라 다양한 데이터가 저장되고 있으며, 클라우드 스토리지와 클라우드 스토리지에 저장된 데이터의 중요성 또한 증가하고 있다. 또한, 클라우드를 사용하는 이용자의 수가 증가하며 CSP에 아웃소싱 되는 데이터의 양이 증가하고 있지만, 지속적으로 보안사고가 발생하고 있으며, 신뢰 되지 않는 클라우드 환경에서는 악의적 사용자 또는 CSP에 의해 데이터 액세스 로그가 위조되거나 생략이 가능해 수정 불가능한 로깅 등을 통한 책임 추적성 확보가 필요하다. 따라서 이와 같은 문제를 해결하고 클라우드 스토리지 데이터의 책임 추적성 확보를 위해 본 논문에서는 블록체인 위 변조 불가능한 특성을 활용하여 신뢰 가능한 데이터 액세스 로깅을 통해 데이터 책임 추적성 확보가 가능한 프레임워크를 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.04a
• /
• pp.318-320
• /
• 2016

본 논문은 이기종 클라우드 저장공간을 통합하여 하나의 저장공간으로 사용하는 플랫폼 환경에 필요한 보안 방법들에 대해 논한다. USB를 이용한 보안 방법을 제시하고 클라우드 스토리지의 데이터를 안전하게 사용하기 위한 방법에 대하여 논한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1157-1169
• /
• 2021

The disaster recovery refers to policies and procedures to ensure continuity of services and minimize loss of resources and finances in case of emergency situations such as natural disasters. In particular, the disaster recovery method by the cloud service provider has advantages such as management flexibility, high availability, and cost effectiveness. However, this method has a dependency on a service provider and has a structural limitation in which a user cannot be involved in personal data. In this paper, we propose a protocol using proxy re-encryption for data confidentiality by removing dependency on service providers by backing up user data using blockchain and distributed storage. The proposed method is implemented in Ethereum and IPFS environments, and presents the performance and cost required for backup and recovery operations.

• Journal of Digital Convergence
• /
• v.15 no.4
• /
• pp.285-293
• /
• 2017

They are rapidly evolving malicious attacks on smart devices, and to timely protect the smart devices from these attacks has become a very important issue. In particular, smishing attack has emerged as one of the most important threats on the smartphone. In this paper, we propose the cloud service that can fundamentally protect the user from the risk of smishing attack. The proposed scheme provides cloud messaging service that can filter text messages including URLs in the user's smart device, view and manage them through a virtual machine provided by a cloud server. The existing techniques for preventing smshing attacks protect only malicious code of a known pattern and there is the possibility of error such as FP(False Positive) or FN(False Negative). However, since the proposed method automatically filters all text messages including URLs, storing, viewing, and managing them in their own storage space on the cloud server, it can completely block the installation of malwares(malicious codes) on the user's smart device through smishing attacks.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.2
• /
• pp.1-7
• /
• 2015

As recent smartphone is used around the world, all of the subscribers of the mobile communication is up to 47.7% about 24 million people. Smartphone has a vulnerability to security, and security-related incidents are increased in damage with the smartphone. However, precautions have been made, rather than analysis of the infection of most of the damage occurs after the damaged except for the case of the expert by way of conventional post-countermeasure. In this paper, we implement a mobile-based malware analysis systems apply a virtualization technology. It is designed to analyze the behavior through it. Virtualization is a technique that provides a logical resources to the guest by abstracting the physical characteristics of computing resources. The virtualization technology can improve the efficiency of resources by integrating with cloud computing services to servers, networks, storage, and computing resources to provide a flexible. In addition, we propose a system that can be prepared in advance to buy a security from a user perspective.

• Journal of Digital Convergence
• /
• v.11 no.11
• /
• pp.775-781
• /
• 2013

N-screen is a Service that can be provide for One Service Multi Device. If the network is changed or if the device is changed after authentication the device fits seamlessly send footage. Security threats that occur here have a problem with user authentication. In this paper proposes available in a multi-device the authentication system. Homomorphic Encryption Algorithm of authentication scheme used. Among the authentication mechanism that already exists is a simple and lightweight authentication mechanism. In addition, N-screen service that uses multiple devices is simple authentication process of the device. Review the results of proposed authentication protocol, encryption algorithm to process a small storage capacity and is easy to work in low processor. And was suitable for use with multiple devices.

• Journal of Industrial Convergence
• /
• v.22 no.4
• /
• pp.1-9
• /
• 2024

Smart factories represent production facilities where cutting-edge information and communication technologies are fused with manufacturing processes, reflecting rapid advancements and changes in the global manufacturing sector. They capitalize on the integration of robotics and automation, the Internet of Things (IoT), and the convergence of artificial intelligence technologies to maximize production efficiency in various manufacturing environments. However, the smart factory environment is prone to security threats and vulnerabilities due to various attack techniques. When security threats occur in smart factories, they can lead to financial losses, damage to corporate reputation, and even human casualties, necessitating an appropriate security response. Therefore, this paper proposes a security authentication mechanism for safe communication in the smart factory environment. The components of the proposed authentication mechanism include smart devices, an internal operation management system, an authentication system, and a cloud storage server. The smart device registration process, authentication procedure, and the detailed design of anomaly detection and update procedures were meticulously developed. And the safety of the proposed authentication mechanism was analyzed, and through performance analysis with existing authentication mechanisms, we confirmed an efficiency improvement of approximately 8%. Additionally, this paper presents directions for future research on lightweight protocols and security strategies for the application of the proposed technology, aiming to enhance security.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.11
• /
• pp.469-478
• /
• 2019

Car-sharing services have been settled on as a new type of public transportation owing to their enhanced convenience, expanded awareness of practical consumption patterns, the inspiration for environmental conscientiousness, and the diffusion of smart phones following the economic crisis. With development of the market, many people have started using such services. However, security is still an issue. Damage is expected since IDs and passwords are required for log-in when renting and controlling the vehicles. The protocol suggested in this study uses bio-information, providing an optimized service, and convenient (but strong) authentication with various service-provider clouds registering car big data about users through brokers. If using the techniques suggested here, it is feasible to reduce the exposure of the bio-information, and to receive service from multiple service-provider clouds through one particular broker. In addition, the proposed protocol reduces public key operations and session key storage by 20% on mobile devices, compared to existing car-sharing platforms, and because it provides convenient, but strong, authentication (and therefore constitutes a secure channel), it is possible to proceed with secure communications. It is anticipated that the techniques suggested in this study will enhance secure communications and user convenience in the future car-sharing-service cloud environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.10
• /
• pp.5100-5119
• /
• 2018

Most of existing privacy-preserving multi-authorities attribute-based encryption schemes (PP-MA-ABE) only considers the privacy of the user identity (ID). However, in many occasions information leakage is caused by the disclosing of his/her some sensitive attributes. In this paper, we propose a collusion-resisting ciphertext-policy PP-MA-ABE (CRPP-MACP-ABE) scheme with hiding both user's ID and attributes in the cloud storage system. We present a method to depict anonymous users and introduce a managerial role denoted by IDM for the management of user's anonymous identity certificate ($AID_{Cred}$). The scheme uses $AID_{Cred}$ to realize privacy-preserving of the user, namely, by verifying which attribute authorities (AAs) obtain the blinded public attribute keys, pseudonyms involved in the $AID_{Cred}$ and then distributes corresponding private keys for the user. We use different pseudonyms of the user to resist the collusion attack launched by viciousAAs. In addition, we utilize IDM to cooperate with multiple authorities in producing consistent private key for the user to avoid the collusion attack launched by vicious users. The proposed CRPP-MACP-ABE scheme is proved secure. Some computation and communication costs in our scheme are finished in preparation phase (i.e. user registration). Compared with the existing schemes, our scheme is more efficient.

• Journal of KIISE
• /
• v.42 no.9
• /
• pp.1175-1184
• /
• 2015

Recently, there has been an explosive increase in the volume of multimedia data that is available as a result of the development of multimedia technologies. More and more data is becoming available on a variety of web sites, and it has become increasingly cost prohibitive to have a single data server store and process multimedia files locally. Therefore, many service providers have been likely to outsource data to cloud storage to reduce costs. Such behavior raises one serious concern: how can data users be authenticated in a secure and efficient way? The most widely used password-based authentication methods suffer from numerous disadvantages in terms of security. Multi-factor authentication protocols based on a variety of communication channels, such as SMS, biometric, or hardware tokens, may improve security but inevitably reduce usability. To this end, we present a data block-based authentication scheme that is secure and guarantees usability in such a manner where users do nothing more than enter a password. In addition, the proposed scheme can be effectively used to revoke user rights. To the best of our knowledge, our scheme is the first data block-based authentication scheme for outsourced data that is proven to be secure without degradation in usability. An experiment was conducted using the Amazon EC2 cloud service, and the results show that the proposed scheme guarantees a nearly constant time for user authentication.