• International Journal of Contents
• /
• 제12권2호
• /
• pp.6-11
• /
• 2016

We developed a pilot-job based large-scale distributed computing system to support HTC and MTC, called HTCaaS (High-Throughput Computing as a Service), which helps scientists solve large-scale scientific problems in areas such as pharmaceutical domains, high-energy physics, nuclear physics and bio science. Since most of these problems involve critical data that affect the national economy and activate basic industries, data privacy is a very important issue. In this paper, we implement a privacy enhanced data security mechanism to support HTC and MTC in a large-scale distributed computing system and show how this technique affects performance in our system. With this mechanism, users can securely store data in our system.

• International Journal of Computer Science & Network Security
• /
• 제23권2호
• /
• pp.89-95
• /
• 2023

Cloud computing today provides huge computational resources, storage capacity, and many kinds of data services. Data sharing in the cloud is the practice of exchanging files between various users via cloud technology. The main difficulty with file sharing in the public cloud is maintaining privacy and integrity through data encryption. To address this issue, this paper proposes an Enhanced RSA encryption schema (ERSA) for data sharing in the public cloud that protects privacy and strengthens data integrity. The data owners store their files in the cloud after encrypting the data using the ERSA which combines the RSA algorithm, XOR operation, and SHA-512. This approach can preserve the confidentiality and integrity of a file in any cloud system while data owners are authorized with their unique identities for data access. Furthermore, analysis and experimental results are presented to verify the efficiency and security of the proposed schema.

• 디지털산업정보학회논문지
• /
• 제12권3호
• /
• pp.133-155
• /
• 2016

Recently, in the adoption of cloud computing are emerging as locations are key requirements of security and privacy, at home and abroad, several organizations recognize the importance of privacy in cloud computing environments and research-based transcription and systematic approach in progress have. The purpose of this study was to recognize the importance of privacy in the cloud computing environment based on personal information security methodology to the security of cloud computing, cloud computing, users must be verified, empirical research on the improvement plan. Therefore, for existing users of enhanced security in cloud computing security consisted framework of existing cloud computing environments. Personal information protection management system: This is important to strengthen security for existing users of cloud computing security through a variety of personal information security methodology and lead to positive word-of-mouth to create and foster the cloud industry ubiquitous expression, working environments.

• 융합정보논문지
• /
• 제10권11호
• /
• pp.40-46
• /
• 2020

금융권 공동 오픈 플랫폼 구축·서비스에 따라 스타트업 생태계에 안전한 보안 기술이 요구되고 있다. 금융권 표준 오픈 API는 상호인증 과정의 핵심 API 인증키 보호를 위해, 결제 관련 핀테크 기업이 추가 보안 기술을 개발/적용하는 것을 권고하고 있다. 본 연구는 다중 채널을 사용하는 강화된 API 보안 프로토콜을 제안한다. 기존 오픈 API 관련 연구의 문제점과 취약점을 추가 분석하고, 이기종 플랫폼의 호환성을 고려하여 설계되었다. 기존 보안 프로토콜의 단일 채널에 추가 보안 채널을 분리하여 은닉하는 방법을 적용했다. 성능 분석 결과 다중 채널의 통신 세션 양방향 안전성과 강화된 인증키의 중간자 공격 안전성을 확인하였으며, 다중 세션에서 지연시간의 연산 성능(1초 이하)을 확인하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권3호
• /
• pp.1502-1522
• /
• 2019

Leakage of secret keys may be the most devastating problem in public key cryptosystems because it means that all security guarantees are missing. The forward security mechanism allows users to update secret keys frequently without updating public keys. Meanwhile, it ensures that an attacker is unable to derive a user's secret keys for any past time, even if it compromises the user's current secret key. Therefore, it offers an effective cryptographic approach to address the private key leakage problem. As an extension of the forward security mechanism in certificate-based public key cryptography, forward-secure certificate-based signature (FS-CBS) has many appealing merits, such as no key escrow, no secure channel and implicit authentication. Until now, there is only one FS-CBS scheme that does not employ the random oracles. Unfortunately, our cryptanalysis indicates that the scheme is subject to the security vulnerability due to the existential forgery attack from the malicious CA. Our attack demonstrates that a CA can destroy its existential unforgeability by implanting trapdoors in system parameters without knowing the target user's secret key. Therefore, it is fair to say that to design a FS-CBS scheme secure against malicious CAs without lying random oracles is still an unsolved issue. To address this problem, we put forward an enhanced FS-CBS scheme without random oracles. Our FS-CBS scheme not only fixes the security weakness in the original scheme, but also significantly optimizes the scheme efficiency. In the standard model, we formally prove its security under the complexity assumption of the square computational Diffie-Hellman problem. In addition, the comparison with the original FS-CBS scheme shows that our scheme offers stronger security guarantee and enjoys better performance.

• International Journal of Computer Science & Network Security
• /
• 제22권2호
• /
• pp.139-144
• /
• 2022

The smart cities are evolving constantly and are responsible for the current transformation of cities and countries into a completely connected network of information and technology This interconnected network of a huge number of smart devices is capable of exchanging complex information and provides tremendous support including enhanced quality of life within urban locations. Unfortunately this set-up is vulnerable to security attacks and requires the widespread ubiquitous network to authorize access through privacy and thus offer security in order to ensure civilian participation in a country. The smart network should benefit the individuals of the country by developing potential strategies to protect the smart cities and their participating entities from the unauthorized attacks. Trustworthy data sharing strategies based on the utilization of advanced technology features via smart communication network could solve some issues of privacy and security. This paper presents the challenges and issues related to protection and highlights the important aspects of securing the smart cities and its components. It also presents the role of cloud security for building a secure smart city.

• International journal of advanced smart convergence
• /
• 제13권2호
• /
• pp.25-34
• /
• 2024

The paper investigates how the semiconductor and electric vehicle industries are addressing safety and security concerns in the era of autonomous driving, emphasizing the prioritization of safety over security for market competitiveness. Collaboration between these sectors is deemed essential for maintaining competitiveness and value. The research suggests solutions such as advanced autonomous driving technologies and enhanced battery safety measures, with the integration of AI chips playing a pivotal role. However, challenges persist, including the limitations of big data and potential errors in semiconductor-related issues. Legacy automotive manufacturers are transitioning towards software-driven cars, leveraging artificial intelligence to mitigate risks associated with safety and security. Conflicting safety expectations and security concerns can lead to accidents, underscoring the continuous need for safety improvements. We analyzed the expansion of electric vehicles as a means to enhance safety within a framework of converging security concerns, with AI chips being instrumental in this process. Ultimately, the paper advocates for informed safety and security decisions to drive technological advancements in electric vehicles, ensuring significant strides in safety innovation.

• Journal of Communications and Networks
• /
• 제11권6호
• /
• pp.634-644
• /
• 2009

A diversity of wireless networks, with rapidly evolving wireless technology, are currently in service. Due to their innate physical layer vulnerability, wireless networks require enhanced security components. WLAN, WiBro, and UMTS have defined proper security components that meet standard security requirements. Extensive research has been conducted to enhance the security of individual wireless platforms, and we now have meaningful results at hand. However, with the advent of ubiquitous service, new horizontal platform service models with vertical crosslayer security are expected to be proposed. Research on synchronized security service and interoperability in a heterogeneous environment must be conducted. In heterogeneous environments, to design the balanced security components, quantitative evaluation model of security policy in wireless networks is required. To design appropriate evaluation method of security policies in heterogeneous wireless networks, we formalize the security properties in wireless networks. As the benefit of security protocols is indicated by the quality of protection (QoP), we improve the QoP model and evaluate hybrid security policy in heterogeneous wireless networks by applying to the QoP model. Deriving relative indicators from the positive impact of security points, and using these indicators to quantify a total reward function, this paper will help to assure the appropriate benchmark for combined security components in wireless networks.

• 정보보호학회논문지
• /
• 제21권4호
• /
• pp.137-147
• /
• 2011

인터넷과 방송 통신과의 융합으로 IPTV서비스가 제공되면서, 사용자는 멀티미디어 콘텐츠를 시간에 상관없이 이용할 수 있게 되었다. 또한, 기존의 단방향 서비스에서 양방향 서비스로 변화하면서 사용자에게 좀 더 효율적이고 유용한 서비스 제공이 가능하게 되었다. 그러나 기존의 IPTV 서비스가 단말에 설치된 셋톱박스를 통해 멀티미디어 콘텐츠를 제공하면서, 개별적 사용자 인증이 이루어지지 않아 개별적 서비스에 한계점이 나타났다. 또한 셋톱박스가 방송 통신 사업자마다 달라 서비스 변경 시 호환성 문제도 대두되었다. 따라서 본 논문에서는 개별적 사용자 인증 및 서비스 호환성 향상을 위한 셋톱박스 가상화를 통한 향상된 IPTV 사용자 인증 시스템을 제안한다.

• 융합보안논문지
• /
• 제9권2호
• /
• pp.71-78
• /
• 2009

무선 센서 네트워크(WSN : Wireless Sensor Network)는 계산 능력, 전력, 통신 대역폭 등 다양한 제약 조건을 가지기 때문에 기존의 보안 기법을 WSN에 적용하기는 매우 어렵다. 이러한 문제점을 해결하기 위해 본 논문에서는 무선 센서 네트워크에 적용 가능한 안전한 그룹통신 기법을 제안한다. 제안한 기법은 클러스터링 기반의 계층적 라우팅 프로토콜인 TEEN(Threshold sensitive Energy Efficient sensor Network protocol) 알고리즘에 보안 메커니즘이 결합된 형태로서, 네트워크는 센서노드, 클러스터 헤더, 베이스 스테이션(BS : Base Station)으로 이루어진다. 보다 강력한 보안성 제공과 효율적인 키 관리를 위해 제안된 기법은 비밀 키 및 공개 키 알고리즘 모두를 사용하며, 전력소모를 줄이기 위해 참여 노드들 간의 통신은 계층적 트리구조에 의해 이루어진다. 따라서 본 논문에서 제안한 기법은 강력한 보안성을 제공할 뿐만 아니라, 통신에 있어 보다 낮은 전력을 소모하므로 무선 센서 네트워크 환경에 적합하다고 할 수 있다.