• Title/Summary/Keyword: DB encryption

Search Result 25, Processing Time 0.02 seconds

Comprehensive Study on Security and Privacy Requirements for Retrieval System over Encrypted Database (암호화된 데이터베이스 검색 시스템의 보안 요구사항에 대한 통합적 관점에서의 연구)

  • Park, Hyun-A;Lee, Dong-Hoon;Chung, Taik-Yeong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.3
    • /
    • pp.621-635
    • /
    • 2012
  • Although most proposed security schemes have scrutinized their own security models for protecting different types of threats and attacks, this naturally causes a problem as follows-- if a security analysis tool would fit a certain scheme, it may not be proper to other schemes. In order to address this problem, this paper analyzes how security requirements of each paper could be different by comparing with two schemes: Agrawal et al.'s scheme OPES (Order Preserving Encryption Scheme) and Zdonik et al.'s FCE (Fast Comparison Encryption). Zdonik et al. have formally disproved the security of Agrawal et al.'s scheme OPES. Thereafter, some scholars have wondered whether the OPES can guarantee its applicability in a real world for its insecurity or not. However, the analysis by Zdonik et al. does not have valid objectivity because they used the security model INFO-CPA-DB for their scheme FCE to analyze Agrawal et al.'s scheme OPES, in spite of the differences between two schemes. In order to analyze any scheme correctly and apply it to a real world properly, the analysis tool should be comprehensively standardized. We re-analyze Zdonik et al.'s analysis for OPES and then propose general formalizations of security and privacy for all of the encrypted retrieval systems. Finally, we recommend the minimum level of security requirements under our formal definitions. Additional considerations should be also supplemented in accordance with the conditions of each system.

A Anonymous Authorization Scheme Based on ECC for RFID Privacy (RFID 프라이버시를 위한 ECC기반의 익명인증기법)

  • Jin, Shi-Mei;Li, Yong-Zhen;Lee, Sang-Ho;Rhee, Chung-Sei
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.33 no.3C
    • /
    • pp.293-298
    • /
    • 2008
  • Recently, with the development of mobile techniques and the consideration to conveniency of using, the research on Mobile RFID Reader technique is getting more and more attentions. Until now, all security authentication algorithms of RFID are algorithms about range between Tag and Reader. The range between Reader and backend DB is composed by wired networks, so it's supposed to be secure range. But it must be taken account of the problem of information security and privacy in wireless range during the design of Mobile RFID Reader. In this paper we design an blind signature scheme based on weil-paring finite group's ECC encryption scheme, and by using this blind signature we propose the anonymous authorization scheme to Mobile RFID Reader's users.

Implementation of Secure Linux OS based on Kernel (커널 기반의 보안 리눅스 운영체제 구현)

  • 박태규;임연호
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.11 no.4
    • /
    • pp.33-43
    • /
    • 2001
  • This paper presents a secure Linux OS in which multi-level security functions are implemented at the kernel level. Current security efforts such as firewall or intrusion detection system provided in application-space without security features of the secure OS suffer from many vulnerabilities. However the development of the secure OS in Korea lies in just an initial state, and NSA has implemented a prototype of the secure Linux but published just some parts of the technologies. Thus our commercialized secure Linux OS with multi-level security kernel functions meets the minimum requirements for TCSEC B1 level as well kernel-mode encryption, real-time audit trail with DB, and restricted use of root privileges.

Study on adoption of suitable encryption scheme according to data properties on MySQL Database (MySQL 데이터베이스에서 데이터 속성에 따른 적절한 암호화 기법의 적용에 관한 연구)

  • Shin, Young-Ho;Ryou, Jae-Cheol
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2010.06d
    • /
    • pp.77-80
    • /
    • 2010
  • 최근 개인정보 및 민감한 데이터에 대한 불법적인 접근 및 유출로 인하여 사회적 문제를 야기하고, 이에 따른 경제적인 파급효과와 함께 개인정보 및 민감한 데이터에 대한 보안에 대한 관심이 더욱 증가하고 있다. 또한 법령상으로도 개인의 주민등록번호, 계좌번호, 패스워드 등 개인정보가 포함된 DB에 대하여 데이터를 암호화하여 저장, 관리하도록 규정하고있다. 본 논문에서 공개 데이터베이스인 MySQL에서 이러한 개인정보 및 민감한 데이터에 대한 암호화를 통하여 데이터를 저장, 관리하는데 있어서 데이터의 속성에 따라 적절한 암호화 기법을 사용함으로써 암호화를 통한 데이터보호와 함께 속도 등의 성능상의 오버헤드와 운영, 관리상의 효율을 높이기 위하여 지원하는 암호화 기법에 대하여 알아보고, 암호화 기법별로 성능을 시험하여 데이터의 속성에 따른 최적의 암호화 방식의 적용에 대한 방안을 제시한다.

  • PDF

Two-level Information Hiding Method for the Transmission of Military Secret Images (군사용 비밀 영상 전송을 위한 이단계 정보은닉 기법)

  • Kim, In-Taek;Kim, Jae-Cheol;Lee, Yong-Kyun
    • Journal of the Korea Institute of Military Science and Technology
    • /
    • v.14 no.3
    • /
    • pp.482-491
    • /
    • 2011
  • The purpose of this study is to design and implement a 2-level secret information transmission system which can be used for information hiding of images transmitted over various IT communication media. To increase the robustness of the hiding power, we combined the steganography method which inserts secret object into cover object to hide the very fact of information hiding itself, and the preprocessing stage to encrypt the secret object before the stego-insertion stage. As a result, even when the stego-image is broken by an attacker, the secret image is protected by encryption. We implemented the 2-level image insertion and extraction algorithm by using C++ programming language. Experiment shows that the PSNR values of stego-images of ours exceed 30.00db which is the threshold of human recognition. The methodology of this study can be applied broadly to the information hiding and protection of the military secret images.