• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.155-164
• /
• 2016

In this paper, we investigate and analyze big data platform published at home and abroad. The results had a problem with personal information security on each platform. In particular, there was a vulnerability in the encryption of personal information stored in big data representative of HBase NoSQL DB that is commonly used for big data platform. However, data encryption and decryption cause the system load. In this paper, we propose a method of encryption with HBase, encryption and decryption systems, and methods for applying the personal information management system (PMIS) for each step of the way and big data platform to reduce the load on the network to communicate. And we propose a new big data platform that reflects this. Therefore, the proposed Big Data platform will greatly contribute to the activation of Big Data used to obtain personal information security and system performance efficiency.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.981-992
• /
• 2004

The established NEIS has a lot of problems in the management of security. It does not realize access control in following authority because it only uses PKI certification in user certification and the use of central concentration DBMS and plain text are increased hacking possibility in NEIS. So, This paper suggests a new NEIS for the secure management of data and authority certification. First, we suggest the approached authority in AC pf PMI and user certification in following the role, RBAC. Second, we realize DB encryption plan by digital signature for the purpose of preventig DB hacking. Third, we suggest SQL counterfeit prevention by one-way hash function and safe data transmission per-formed DB encryption by digital signature.

• Review of KIISC
• /
• v.4 no.1
• /
• pp.44-52
• /
• 1994

정보화 사회에서는 가계, 기업, 정보 등의 정보 활동의 주체들이 가진 정보자산은 데이타 베이스(이하DB)와 소프트웨어(S/W)로 대변할 수 있으며, 이중 DB는 정보화 사회의 기반시설의 하나라고 볼 수 있다. 특별히 통계DB는 각 주체들에게는 필수적인 정보를 갖고 있다. 금융자산의 정보, 국방에 관련된 병력, 장비, 군수물자등의 정보, 회계정보 뿐 아니라 인구센서스, 경제계획수립 등등의 다양한 분야에 이 통계 DB는 사용되고 있다. 이러한 통계DB는 기존의DB에서의 데이타의 저장, 관리, 추출 기능외에 통계적인 데이타의 분석기능이 요구되고 있다. 통계 처리를 위한 데이타베이스관리 시스템(DBMS, database management system)은 주로 기존의 DBMS 에 통계처리를 위한 기능을 추가하거나 통계를 위한 DB를 따로 구축하는 방법을 사용하고 있다. 따라서 일반적인 DB 보호 기술과 더불어 통계 의 환경을 이해하는 보호 기술이 요구되고 있다. 일반적으로 DB 를 보호하는 방법으로는 물리적인 보안(physical security)과 운영체계 보안(operating system security) 이 있으며, 이들과 함께 데이타 암호화(data encryption)의 방법을 사용하고 있다. DB 의 보안 방법에 관한 연구 중 George I. Davida 등에 의한 방법은 중국인의 나머지 정리(chinese remainder thorem)를 사용하는 암호화 알고리즘을 이용하여 레코드(record) 단위의 암호화를 하며, Khamis A. Omar등에 의한 방법은 읽기, 쓰기, 갱신의 3단계의 사용자 등급을 부여하여 DB 접근의 제약을 가하는 기능을 갖고 있다. 본고에서는 특히 그 중요성이 더해가고 있는 통계 의 일반적인 개념을 살펴보며, 특성 지향형 질의 모델(characteristic-specified query model)의 보호기술을 살펴본다. 특별히 본고는 통계 DB의 보호에 대한 일반적인 조사 연구로서 잘 알려진 사실들을 많은 참고 문헌과 더불어 소개하는 내용으로 통계 DB의 보호에 관한 새로운 연구 결과는 아니다.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.209-216
• /
• 2002

This treatise deals with designing a database encryption model that interworks with Intranet within a system. Today attempts are being made to substitute legacy client/server computing environment with what interworks with web and database, and thus the question how the security for the database that interworks with Intranet can be secured is emerging as a matter of great importance. This treatise, therefore, offers an encryption model which offers how to create an encryption key using an ID and a password most widely used in Intranet access and by using this key, how to encipher information ill a DB table, providing a maintenance scheme for the Key as well.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.4C
• /
• pp.197-206
• /
• 2011

In the RFID system, bulk tag information is stored into the back-end database as plaintext format not ciphertext. In this case, the tags's private informations can be easily compromised by an external hacker or an insider attacker. If the private informations of tags disclosed by the attackers, it can occur serious privacy invasion problem. Recently the database(DB) security is an important issue to prevent the above DB compromised attack. However, DB security for RFID systeme has not been considered yet. If we use the DB security technique into the RFID system, the above described privacy invasion' problem can be easily prevented. Based on this motivation, this paper proposes a secure and efficient back-end database security and authentication(S-DB) scheme with XOR-based encryption/decryption algorithm. In the proposed scheme, all tag's private information is encrypted and stored by using the DB secret key to protect the DB compromised attack. As a result, the proposed S-DB scheme 'can provide stronger security and more efficiency for the secure RFID system environment.

• Journal of Korea Society of Industrial Information Systems
• /
• v.19 no.3
• /
• pp.57-66
• /
• 2014

This paper proposes the UHISRL(Ubiquitous Healthcare Information System based on Real Time Location) which manages patient, doctor, medicine by using RFID. The proposed UHISRL monitors the patient's health state, and enables us to confirm the result with Smart Phone and Tablet PC. Also, it can block Replay and Spoofing attack by using the ERHL(Extended Randomized Hash Lock) authentication scheme designed in this paper. A patient privacy is enhanced by limiting UHISRL DB access according to attributes with CP-ABE (Cipher Text - Attributed based Encryption) technique. Specially, UHISRL can prevent an unexpected accident by monitoring a chronic patient's emergency situation in real time.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.702-705
• /
• 2017

최근 들어 개인정보 보호의 중요성에 대한 인식이 높아지고 있다. 개인정보 위협 요소 증가 및 유출 사고 증가 등으로 개인정보 보호 필요성이 높아지고 있으며, 개인정보보호법 발효 및 시행에 따른 기술적 보호 마련을 위하여 외국계 카드 발행사에서 지속적으로 PCI DSS(Payment Card Industry Data Security Standard)의 준수를 요청하고 있다. 카드 소유자의 데이터를 전송, 처리, 저장하는 환경에 대한 인증으로 적격업체 선정의 자격을 주기도 한다. 이러한 보안성 심의 기준이 강화되고 있으나 DB 암호화 제품인 TDE(Transparent Data Encryption) 방식의 암호화 방법은 암호화 기능 이외에 접근제어, 키 기밀성 보장을 위한 옵션의 추가 도입 검토가 필요하며, 서비스를 위해서 DB 전용 메모리 영역(SGA)의 Buffer Cache에 평문(Plain Text)으로 복호화한 후 로드하여 사용하므로 예상치 못한 또 다른 심각한 데이터 유출의 위험이 있다. 본 논문에서는 개인정보 암호화 방법을 연구하고 구현과정에서 발생한 문제에 대한 해결 과정을 설명하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.31-45
• /
• 2004

Public Key Infrastructure(PKI) provides a strong authentication. Privilege Management Infrastructure(PMI) as a new technology can provide user's attribute information. The main function of PMI is to give more specified authority and role to user. To authenticate net and role, we have used digital signature. Role Based Access Control(RBAC) is implemented by digital signature. RBAC provides some flexibility for security management. NEIS(National Education Information System) can not always provide satisfied quality of security management. The main idea of the proposed RNEIS(Roll Based NEIS) is that user's role is stored in AC, access control decisions are driven by authentication policy and role. Security manager enables user to refer to the role stored in user's AC, admits access control and suggests DB encryption by digital signature.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.48 no.5
• /
• pp.88-98
• /
• 2011

Recently, according as the importance of GIS(geography information system) database security is embossed, much researches had been achieved about GIS network security. But most such researches are weak against sourceful illegal reproductions and distributions of GIS vector data map. In this paper, we proposed an efficient layer unit contents based partial encryption technique in the vector map compression domain to prevent illegal distributions and unauthorized accesses. This method achieves a partial encryption about each central coordinate and directional parameters of a MCA(minimum coding attribute) that is created at the vector map compression processing in the vector space. First, the position encryption is applied as permutating randomly the center coordinate of each record that is minimum unit of vector map shape. And second, the direction encryption that changing shapes of vector map topography is applied as encrypting the direction of vertices's coordinates of each record. In experimental results, we confirmed that our proposed method can encipher the large volumed vector map data effectively in low computational complexity. Also, we could minimize the decline of compression efficiency that occurred by conventional contents based encryption schemes using AES or DES algorithms.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.5
• /
• pp.195-201
• /
• 2013

The government has invested much budget for 5years to do the Smart-education and operate digital textbook services since 2011. The private enterprises also decided to focus on constructing Smart learning system by investing much budget. If these systems are constructed nationwide and therefore can access to cyber university by using smart devices, we can reduce the information gap and study online lectures to get a grade whenever, whoever and wherever we want to. However, these convenient systems can cause serious problems like falsifying grades by hacking if security systems are weak. In this paper, we formulated cyber university which is secured in terms of security. For this, we simulated the smart-learning system which strengthened the security, considering code algorithm and encryption technique.