• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.9
• /
• pp.243-250
• /
• 2021

Recently, with the development of cloud computing, interest in database outsourcing is increasing. However, when the database is outsourced, there is a problem in that the information of the data owner is exposed to internal and external attackers. Therefore, in this paper, we propose a parallel range query processing algorithm that supports privacy protection. The proposed algorithm uses the Paillier encryption system to support data protection, query protection, and access pattern protection. To reduce the operation cost of a checking protocol (SRO) for overlapping regions in the existing algorithm, the efficiency of the SRO protocol is improved through a garbled circuit. The proposed parallel range query processing algorithm is largely composed of two steps. It consists of a parallel kd-tree search step that searches the kd-tree in parallel and safely extracts the data of the leaf node including the query, and a parallel data search step through multiple threads for retrieving the data included in the query area. On the other hand, the proposed algorithm provides high query processing performance through parallelization of secure protocols and index search. We show that the performance of the proposed parallel range query processing algorithm increases in proportion to the number of threads and the proposed algorithm shows performance improvement by about 5 times compared with the existing algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1115-1130
• /
• 2020

Modern vehicles are equipped with a number of ECUs(Electronic Control Units), and ECUs can control vehicles efficiently by communicating each other through CAN(Controller Area Network). However, CAN bus is known to be vulnerable to cyber attacks because of the lack of message authentication and message encryption, and access control. To find these security issues related to vehicle hacking, CAN Fuzzing methods, that analyze the vulnerabilities of ECUs, have been studied. In the existing CAN Fuzzing methods, fuzzing inputs are randomly generated without considering the structure of CAN messages transmitted by ECUs, which results in the non-negligible fuzzing time. In addition, the existing fuzzing solutions have limitations in how to monitor fuzzing results. To deal with the limitations of CAN Fuzzing, in this paper, we propose a Non-Random CAN Fuzzing, which consider the structure of CAN messages and systematically generates fuzzing input values that can cause malfunctions to ECUs. The proposed Non-Random CAN Fuzzing takes less time than the existing CAN Fuzzing solutions, so it can quickly find CAN messages related to malfunctions of ECUs that could be originated from SW implementation errors or CAN DBC(Database CAN) design errors. We evaluated the performance of Non-Random CAN Fuzzing by conducting an experiment in a real vehicle, and proved that the proposed method can find CAN messages related to malfunctions faster than the existing fuzzing solutions.

• Radiation Oncology Journal
• /
• v.21 no.4
• /
• pp.291-298
• /
• 2003

Purpose: We report upon a web-based system for Patterns of Care Study (PCS) devised for Korean radiation oncology. This PCS was designed to establish standard tools for clinical quality assurance, to determine basic parameters for radiation oncology processes, to offer a solid system for cooperative clinical studies and a useful standard database for comparisons with other national databases. Materials and Methods: The system consisted of a main server with two back-ups in other locations. The program uses a Linux operating system and a MySQL database. Cancers with high frequencies in radiotherapy departments in Korea from 1998 to 1999 were chosen to have a developmental priority. Results: The web-based clinical PCS .system for radiotherapy in www.pcs.re.kr was developed in early 2003 for cancers of the breast, rectum, esophagus, larynx and lung, and for brain metastasis. The total number of PCS study items exceeded one thousand. Our PCS system features user-friendliness, double entry checking, data security, encryption, hard disc mirroring, double back-up, and statistical analysis. Alphanumeric data can be input as well as image data. In addition, programs were constructed for IRB submission, random sampling of data, and departmental structure. Conclusion: For the first time in the field of PCS, we have developed a web-based system and associated working programs. With this system, we can gather sample data in a short period and thus save, cost, effort and time. Data audits should be peformed to validate input data. We propose that this system should be considered as a standard method for PCS or similar types of data collection systems.