• Journal of Information Processing Systems
• /
• v.15 no.3
• /
• pp.538-549
• /
• 2019

Cloud computing is the concept of providing information technology services on the Internet, such as software, hardware, networking, and storage. These services can be accessed anywhere at any time on a pay-per-use basis. However, storing data on servers is a challenging aspect of cloud computing. This paper utilizes cryptography and access control to ensure the confidentiality, integrity, and proper control of access to sensitive data. We propose a model that can protect data in cloud computing. Our model is designed by using an enhanced RSA encryption algorithm and a combination of role-based access control model with extensible access control markup language (XACML) to facilitate security and allow data access. This paper proposes a model that uses cryptography concepts to store data in cloud computing and allows data access through the access control model with minimum time and cost for encryption and decryption.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.107-115
• /
• 2022

Recently, big data applications need another database different from the Relation database. NoSQL databases are used to save and handle massive amounts of data. NoSQL databases have many advantages over traditional databases like flexibility, efficiently processing data, scalability, and dynamic schemas. Most of the current applications are based on the web, and the size of data is in increasing. NoSQL databases are expected to be used on a more and large scale in the future. However, NoSQL suffers from many security issues, and one of them is access control. Many recent applications need Fine-Grained Access control (FGAC). The integration of the NoSQL databases with FGAC will increase their usability in various fields. It will offer customized data protection levels and enhance security in NoSQL databases. There are different NoSQL database models, and a document-based database is one type of them. In this research, we choose the CouchDB NoSQL document database and develop an access control mechanism that works at a fain-grained level. The proposed mechanism uses role-based access control of CouchDB and restricts read access to work at the document level. The experiment shows that our mechanism effectively works at the document level in CouchDB with good execution time.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.439-442
• /
• 2003

In this paper, a system that implementation of Access Control System Using Biometric System. Biometrics is science which deals with verifying or recognizing using physiological or behavioral characteristic Access Control System uses Biometric system to make an access control system. Biometrics goes under the study of bio-recognition or bio-measurement. It is a technology or study that identifies individuals using one's Biometric character. Access control system is a system used to identify one's entrance and exit, personal management, and security. Access control system can be joined with Biometric system to produce easier use and more sufficient effects. Access control system using Wiegand (Data Format) signal output, can replace earlier RF Card systems and make an access control (security) system. It uses RS-232, Rs-422 or TCP/IP type communication with the computer so an embedded system can be controlled using the software.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.2
• /
• pp.494-498
• /
• 2004

In this paper, a system that implementation of Access Control System Using Biometric System. Biometries is science which deals with verifying or recognizing using physiological or behavioral characteristic Access Control System uses Bionietric system to make an access control system. Biometrics goes under the study of bio-recognition or bio-measurement. It is a technology or study that identifies individuals using one's Biometric character. Access control system is a system used to identify one's entrance and exit, personal management, and security. Access control system can be joined with Biometric system to produce easier use and more sufficient effects. Access control system using Weigand (Data format) signal output, can replace earlier RF Card systems and make an access control (security) system. It uses RS-232, Rs-422 or TCP/IP type communication with the computer so an embedded system can be controlled using the software.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1523-1545
• /
• 2019

Cloud computing is now a widespread and economical option when data owners need to outsource or share their data. Designing secure and efficient data access control mechanism is one of the most challenging issues in cloud storage service. Anonymous broadcast encryption is a promising solution for its advantages in the respects of computation cost and communication overload. We bring forward an efficient anonymous identity-based broadcast encryption construction combined its application to the data access control mechanism in cloud storage service. The lengths for public parameters, user private key and ciphertext in the proposed scheme are all constant. Compared with the existing schemes, in terms of encrypting and decrypting computation cost, the construction of our scheme is more efficient. Furthermore, the proposed scheme is proved to achieve adaptive security against chosen-ciphertext attack adversaries in the standard model. Therefore, the proposed scheme is feasible for the system of data access control in cloud storage service.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.1
• /
• pp.145-164
• /
• 2023

Cloud computing offers a platform that is both adaptable and scalable, making it ideal for outsourcing data for sharing. Various organizations outsource their data on cloud storage servers for availing management and sharing services. When the organizations outsource the data, they lose direct control on the data. This raises the privacy and security concerns. Cryptographic encryption methods can secure the data from the intruders as well as cloud service providers. Data owners may also specify access control policies such that only the users, who satisfy the policies, can access the data. Attribute based access control techniques are more suitable for the cloud environment as they cover large number of users coming from various domains. Multi-authority attribute-based encryption (MA-ABE) technique is one of the propitious attribute based access control technique, which allows data owner to enforce access policies on encrypted data. The main aim of this paper is to comprehensively survey various state-of-the-art MA-ABE schemes to explore different features such as attribute and key management techniques, access policy structure and its expressiveness, revocation of access rights, policy updating techniques, privacy preservation techniques, fast decryption and computation outsourcing, proxy re-encryption etc. Moreover, the paper presents feature-wise comparison of all the pertinent schemes in the field. Finally, some research challenges and directions are summarized that need to be addressed in near future.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.5
• /
• pp.1634-1652
• /
• 2022

Due to the increasing need for data sharing in the age of big data, how to achieve data access control and implement user permission revocation in the blockchain environment becomes an urgent problem. To solve the above problems, we propose a novel blockchain-based data sharing scheme (BDSS) with fine-grained access control and permission revocation in this paper, which regards the medical environment as the application scenario. In this scheme, we separate the public part and private part of the electronic medical record (EMR). Then, we use symmetric searchable encryption (SSE) technology to encrypt these two parts separately, and use attribute-based encryption (ABE) technology to encrypt symmetric keys which used in SSE technology separately. This guarantees better fine-grained access control and makes patients to share data at ease. In addition, we design a mechanism for EMR permission grant and revocation so that hospital can verify attribute set to determine whether to grant and revoke access permission through blockchain, so it is no longer necessary for ciphertext re-encryption and key update. Finally, security analysis, security proof and performance evaluation demonstrate that the proposed scheme is safe and effective in practical applications.

• KIPS Transactions on Software and Data Engineering
• /
• v.4 no.9
• /
• pp.409-418
• /
• 2015

In order to delivery of the correct information in IoT environment, it is important to deduce collected information according to a user's situation and to create a new information. In this paper, we propose a control access scheme of information through context-aware to protect sensitive information in IoT environment. It focuses on the access rights management to grant access in consideration of the user's situation, and constrains(access control policy) the access of the data stored in network of unauthorized users. To this end, after analysis of the existing research 'CP-ABE-based on context information access control scheme', then include dynamic conditions in the range of status information, finally we propose a access control policy reflecting the extended multi-dimensional context attribute. Proposed in this paper, access control policy considering the dynamic conditions is designed to suit for IoT sensor fusion environment. Therefore, comparing the existing studies, there are advantages it make a possible to ensure the variety and accuracy of data, and to extend the existing context properties.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.523-526
• /
• 2010

FM Radio communication operating mode is half-duplex mode. FM radio network access control shall be used to detect the presence of active transmissions on a multiple-subscriber-access communications network and shall provide a means to preclude data transmissions from conflicting on the network. In this study, we implemented R-NAD(Random Network Access Delay) that is one of network access control method.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2097-2100
• /
• 2003

Many studies have been done on secure operating system using secure kernel that has various access control policies for system security. Secure kernel can protect user or system data from unauthorized and/or illegal accesses by applying various access control policies like DAC(Discretionary Access Control), MAC(Mandatory Access Control), RBAC(Role Based Access Control), and so on. But, even if secure operating system is running under various access control policies, network traffic among these secure operating systems can be captured and exposed easily by network monitoring tools like packet sniffer if there is no protection policy for network traffic among secure operating systems. For this reason, protection for data within network traffic is as important as protection for data within local system. In this paper, we propose a secure operating system trusted channel, SOSTC, as a prototype of a simple secure network protocol that can protect network traffic among secure operating systems and can transfer security information of the subject. It is significant that SOSTC can be used to extend a security range of secure operating system to the network environment.