• International Journal of Computer Science & Network Security
• /
• v.23 no.11
• /
• pp.110-116
• /
• 2023

Data confidentiality refers to the characteristic that information kept undisclosed or hidden from unauthorized parties. It considered a key security requirement in current supply chain management (SCM) systems. Currently, academia and industry tend to adopt blockchain and IoT technologies in order to develop efficient and secure SCM systems. However, providing confidential data sharing among these technologies is quite challenging due to the limitations associated with blockchain and IoT devices. This review paper illustrates the importance of preserving data confidentiality in SCM systems by highlighting the state of the art on confidentiality-preserving methodologies in the context of blockchain based IoT-SCM systems and the challenges associated with it.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.1096-1097
• /
• 2007

We address the data confidentiality for wireless broadband (WiBro) networks. In WiBro, as the channel is wireless in nature, it suffers from passive and active attack. Passive attack, for example is to decrypt traffic based on statistical analysis and active attack is to modify traffic or inject new traffic from unauthorized mobile stations. Due to high mobility, frequent session key distribution is a bottleneck for the mobile stations. In aspect of WiBro, there is a communication between mobile station to base station, and also in mobile station to mobile station. It is expected to ensure data confidentiality while maintaining minimum overhead for the resource constrained mobile stations. In this paper, we proposed a security framework based on the concept of hyper-encryption to provide data confidentiality for wireless broadband networks.

• Journal of Research and Publication Ethics
• /
• v.4 no.1
• /
• pp.1-7
• /
• 2023

Purpose: Poor anonymity and confidential strategies by a researcher not only develop unprecedented and precedented harm to participants but also impacts the overall critical appraisal of the research outcomes. Therefore, understanding and applying anonymity and confidentiality in research is key for credible research. As such, this research expansively presents the importance of anonymity and confidentiality for research surveys through critical literature reviews of past works. Research design, data and methodology: This research has selected the literature content approach to obtain proper literature dataset which was proven by high degree of validity and reliability using only books and peer-reviewed research articles. The current authors have conducted screening procedure thoroughly to collect better fitted resources. Results: Research findings consistently mentioned the confidentiality and anonymity principles are preserved and implemented as a means of protecting the privacy of all individuals, establishing trust and rapport between researchers and study participants, as a way of critically upholding research ethical standards, and preserving the integrity of research processes. Conclusions: Confidentiality and anonymity are research ethical principles that help in providing informed consent to participants assuring subjects of the privacy of their personal data. As provided by research bodies and organizations, every research process has to incorporate the principles to meet credibility.

• International Journal of Computer Science & Network Security
• /
• v.23 no.7
• /
• pp.49-60
• /
• 2023

The amount of data generated by electronic systems through e-commerce, social networks, and data computation has risen. However, the security of data has always been a challenge. The problem is not with the quantity of data but how to secure the data by ensuring its confidentiality and privacy. Though there are several research on cloud data security, this study proposes a security scheme with the lowest execution time. The approach employs a non-linear time complexity to achieve data confidentiality and privacy. A symmetric algorithm dubbed the Non-Deterministic Cryptographic Scheme (NCS) is proposed to address the increased execution time of existing cryptographic schemes. NCS has linear time complexity with a low and unpredicted trend of execution times. It achieves confidentiality and privacy of data on the cloud by converting the plaintext into Ciphertext with a small number of iterations thereby decreasing the execution time but with high security. The algorithm is based on Good Prime Numbers, Linear Congruential Generator (LGC), Sliding Window Algorithm (SWA), and XOR gate. For the implementation in C, thirty different execution times were performed and their average was taken. A comparative analysis of the NCS was performed against AES, DES, and RSA algorithms based on key sizes of 128kb, 256kb, and 512kb using the dataset from Kaggle. The results showed the proposed NCS execution times were lower in comparison to AES, which had better execution time than DES with RSA having the longest. Contrary, to existing knowledge that execution time is relative to data size, the results obtained from the experiment indicated otherwise for the proposed NCS algorithm. With data sizes of 128kb, 256kb, and 512kb, the execution times in milliseconds were 38, 711, and 378 respectively. This validates the NCS as a Non-Deterministic Cryptographic Algorithm. The study findings hence are in support of the argument that data size does not determine the execution.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.37-50
• /
• 2022

Modern supply chains include multiple activities from collecting raw materials to transferring final products. These activities involve many parties who share a huge amount of valuable data, which makes managing supply chain systems a challenging task. Current supply chain management (SCM) systems adopt digital technologies such as the Internet of Things (IoT) and blockchain for optimization purposes. Although these technologies can significantly enhance SCM systems, they have their own limitations that directly affect SCM systems. Security, performance, and scalability are essential components of SCM systems. Yet, confidentiality and scalability are one of blockchain's main limitations. Moreover, IoT devices are lightweight and have limited power and storage. These limitations should be considered when developing blockchain-based IoT-SCM systems. In this paper, the requirements of efficient supply chain systems are analyzed and the role of both IoT and blockchain technologies in providing each requirement are discussed. The limitations of blockchain and the challenges of IoT integration are investigated. The limitations of current literature in the same field are identified, and a secure and scalable blockchain-based IoT-SCM system is proposed. The proposed solution employs a Hyperledger fabric blockchain platform and tackles confidentiality by implementing private data collection to achieve confidentiality without decreasing performance. Moreover, the proposed framework integrates IoT data to stream live data without consuming its limited resources and implements a dualstorge model to support supply chain scalability. The proposed framework is evaluated in terms of security, throughput, and latency. The results demonstrate that the proposed framework maintains confidentiality, integrity, and availability of on-chain and off-chain supply chain data. It achieved better performance through 31.2% and 18% increases in read operation throughput and write operation throughput, respectively. Furthermore, it decreased the write operation latency by 83.3%.

• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.364-374
• /
• 2022

Health information systems (HIS) are facing security challenges on data privacy and confidentiality. These challenges are based on centralized system architecture creating a target for malicious attacks. Blockchain technology has emerged as a trending technology with the potential to improve data security. Despite the effectiveness of this technology, still HIS are suffering from a lack of data privacy and confidentiality. This paper presents a blockchain-based data storage security architecture integrated with an e-Health care system to improve its security. The study employed a qualitative research method where data were collected using interviews and document analysis. Execute-order-validate Fabric's storage security architecture was implemented through private data collection, which is the combination of the actual private data stored in a private state, and a hash of that private data to guarantee data privacy. The key findings of this research show that data privacy and confidentiality are attained through a private data policy. Network peers are decentralized with blockchain only for hash storage to avoid storage challenges. Cost-effectiveness is achieved through data storage within a database of a Hyperledger Fabric. The overall performance of Fabric is higher than Ethereum. Ethereum's low performance is due to its execute-validate architecture which has high computation power with transaction inconsistencies. E-Health care system administrators should be trained and engaged with blockchain architectural designs for health data storage security. Health policymakers should be aware of blockchain technology and make use of the findings. The scientific contribution of this study is based on; cost-effectiveness of secured data storage, the use of hashes of network data stored in each node, and low energy consumption of Fabric leading to high performance.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.5
• /
• pp.439-444
• /
• 2016

This paper proposes the technique to protect the privacy of those who uses Smart Tourism Service based on location. The proposed privacy protection technique (1) generates a shared private key, OTK(One Time Key) without information exchanging Users with a Tourism Server and provides Users and a Tourism Server with message confidentiality by encrypting data with the key, (2) concatenates users' ID, login time(timestamp), and randomly-generated nonce, generates OTK by hashing with a hash function, encrypts users' location information and query by using the operation of OTK and XOR and provides Users and a Tourism Server with message confidentiality by sending the encrypted result. (3) protects a message replay attack by adding OTK and timestamp. Therefore, this paper not only provides data confidentiality and users' privacy protection but also guarantees the safety of location information and behavior pattern data.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.4B
• /
• pp.288-299
• /
• 2012

To ensure data confidentiality and fine-grained access control in business environment, system model using KP-ABE(Key Policy-Attribute Based Encryption) and PRE(Proxy Re-Encryption) has been proposed recently. However, in previous study, data confidentiality has been effected by decryption right concentrated on cloud server. Also, Yu's work does not consider a access privilege management, so existing work become dangerous to collusion attack between malicious user and cloud server. To resolve this problem, we propose secure system model against collusion attack through dividing data file into header which is sent to privilege manager group and body which is sent to cloud server and prevent modification attack for proxy re-encryption key using d Secret Sharing, We construct protocol model in medical environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.131-139
• /
• 2012

The cloud storage has the client lend and use the device as a form of service rather than owning it, and thus the client pays the charge for the service that he or she actually uses, making it beneficial over the self-managed data center. When the storage service is provided on public cloud, however, the clients does not have any control over the user data, which brings a problem of violating data confidentiality. In this paper, we propose a gateway that works between the public cloud and the client for the purpose of guaranteeing the confidentiality of user data stored in cloud. The gateway encrypts or decrypts, and then delivers the user data without the client's intervention. In addition, it provides the function of exchanging keys to allow the client to access through another gateway. The proposed idea has been tested on a commercial public cloud and verified to satisfy security and compatibility.

• Journal of Preventive Medicine and Public Health
• /
• v.40 no.2
• /
• pp.122-129
• /
• 2007

During the last decade, genomic cohort study has been developed in many countries by linking health data and genetic data in stored samples. Genomic cohort study is expected to find key genetic components that contribute to common diseases, thereby promising great advance in genome medicine. While many countries endeavor to build biobank systems, biobank-based genome research has raised important ethical concerns including genetic privacy, confidentiality, discrimination, and informed consent. Informed consent for biobank poses an important question: whether true informed consent is possible in population-based genomic cohort research where the nature of future studies is unforeseeable when consent is obtained. Due to the sensitive character of genetic information, protecting privacy and keeping confidentiality become important topics. To minimize ethical problems and achieve scientific goals to its maximum degree, each country strives to build population-based genomic cohort research project, by organizing public consultation, trying public and expert consensus in research, and providing safeguards to protect privacy and confidentiality.