• Journal of information and communication convergence engineering
• /
• v.22 no.2
• /
• pp.121-126
• /
• 2024

In enterprise environments, file owners are often required to share critical files with other users, with encryption-based file delivery systems used to maintain confidentiality. However, important information might be leaked if the cryptokey used for encryption is exposed. To recover confidentiality, the file owner must then re-encrypt and redistribute the file along with its new encryption key, which requires considerable resources. To address this, we propose a key management server that minimizes the distribution of encryption keys when critical files are compromised, with unique encryption keys assigned for each registered user to access critical files. While providing the targeted functions, the server employs a level of system resources comparable to that of legacy digital rights management. Thus, when implemented in an enterprise environment, the proposed server minimizes cryptokey redistribution while maintaining accessibility to critical files in the event of an information breach.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.549-551
• /
• 2017

There are currently various file encryption systems and applications for encryption and storage of file on disk. However, the existing file encryption solutions handle encryption and decryption all at once by file or directory. In this study, we propose a system call supporting partial encryption function of the file. The user sets the partial encryption of the file by using system call interface, and writes the contents. And then the data is encrypted and stored on the disk. Also if the user sets the decryption and reads the data, the necessary part of data is decrypted by applying the user setting. According to the user setting, only the necessary part is encrypted and stored on a storage medium. As a result, the information in a secret level can be saved efficiently and securely.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.316-319
• /
• 2010

File security is typically protected by encryption methods. The development of a network environment, such as the Internet according to the sharing of information between systems become commonplace, while providing convenience to users, individuals or organizations that facilitate access to sensitive information caused by hacking the system to attack the rapidly growing is a trend. This paper is the latest generation file system caused by the hacking attacks on the Sniffing for users using file encryption and key generation, Packet Sniffing Tool IP and data through the analysis are discussed. Through this study, the importance of protecting personal information by imprinting Proactive in the hacking incident, and what users will contribute to increase the level of security awareness.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.849-858
• /
• 2013

In today's mobile computing environment, there are many threats, such as device loss or theft, malware, to the sensitive information stored on end user device. To prevent disclosure of information, encryption and authentication method are properly adjusted to the device. In cryptographic file systems, CBC mode of operation has been commonly used. It requires an IV need not be secret, but must be unpredictable and protect integrity of the IV. In this paper, we propose file system-level encryption mechanism with HSM that satisfy the requirement of the IV and improve the performance. Moreover, Design and experimental results prove the efficiency of our proposed method.

• International Journal of Computer Science & Network Security
• /
• v.24 no.8
• /
• pp.85-104
• /
• 2024

The DNA (Deoxyribonucleic Acid) database size increases tremendously transmuting from millions to billions in a year. Ergo for storing, probing the DNA database requires efficient lossless compression and encryption algorithm for secure communication. The DNA short pattern repetitions are of paramount characteristics in biological sequences. This algorithm is predicated on probing exact reiterate, substring substitute by corresponding ASCII code and engender a Library file, as a result get cumulating of the data stream. In this technique the data is secured utilizing ASCII value and engendering Library file which acts as a signature. The security of information is the most challenging question with veneration to the communication perspective. The selective encryption method is used for security purpose, this technique is applied on compressed data or in the library file or in both files. The fractional part of a message is encrypted in the selective encryption method keeping the remaining part unchanged, this is very paramount with reference to selective encryption system. The Huffman's algorithm is applied in the output of the first phase reiterate technique, including transmuting the Huffman's tree level position and node position for encryption. The mass demand is the minimum storage requirement and computation cost. Time and space complexity of Repeat algorithm are O(N²) and O(N). Time and space complexity of Huffman algorithm are O(n log n) and O(n log n). The artificial data of equipollent length is additionally tested by this algorithm. This modified Huffman technique reduces the compression rate & ratio. The experimental result shows that only 58% to 100% encryption on actual file is done when above 99% modification is in actual file can be observed and compression rate is 1.97bits/base.

• The KIPS Transactions:PartC
• /
• v.10C no.4
• /
• pp.387-396
• /
• 2003

Many studies have been done on secure kernel and encryption filesystem for system security. Secure kernel can protect user or system data from unauthorized and/or illegal accesses by applying various access control policy like ACL, MAC, RBAC and so on, but cannot protect user or system data from stealing backup media or disk itself. In addition to access control policy, there are many studies on encryption filesystem that encrypt file data within system level. However few studies have been done on combining access control policy and encryption filesystem. In this paper we proposed a new encryption filesystem that provides a transparency to the user by integrating encryption service into virtual filesystem layer within secure kernel that has various access control policies. Proposed encryption filesystem can provide a simple encryption key management architecture by using encryption keys based on classes of MAC policy and overcome a limit of physical data security of access control policy for stealing.

• Journal of Platform Technology
• /
• v.6 no.4
• /
• pp.69-77
• /
• 2018

In the case of personal information files containing personal information, there is insufficient awareness of personal information protection in end-point areas such as personal computers, smart terminals, and personal storage devices. In this study, we use Diffie-Hellman method to securely retrieve personal information files generated by web crawler. We designed SEED and ARIA using hybrid slicing to protect against attack on personal information file. The encryption performance of the personal information file collected by the Web crawling method is compared with the encryption decryption rate according to the key generation and the encryption decryption sharing according to the user key level. The simulation was performed on the personal information file delivered to the external agency transmission process. As a result, we compared the performance of existing methods and found that the detection rate is improved by 4.64 times and the information protection rate is improved by 18.3%.

• Journal of Internet Computing and Services
• /
• v.13 no.2
• /
• pp.59-71
• /
• 2012

PKI-based public key scheme is outstanding in terms of authenticity and privacy. Nevertheless its application brings big burden due to the certificate/key management. It is difficult to apply it to limited computing devices in WSN because of its high encryption complexity. The Bilinear Pairing emerged from the original IBE to eliminate the certificate, is a future significant cryptosystem as based on the DDH(Decisional DH) algorithm which is significant in terms of computation and secure enough for authentication, as well as secure and faster. The practical EC Weil Pairing presents that its encryption algorithm is simple and it satisfies IND/NM security constraints against CCA. The Random Oracle Model based IBE PKG is appropriate to the structure of our target system with one secret file server in the operational perspective. Our work proposes modification of the Weil Pairing as proper to the closed network for secret file distribution[2]. First we proposed the improved one computing both encryption and message/user authentication as fast as O(DES) level, in which our scheme satisfies privacy, authenticity and integrity. Secondly as using the public key ID as effective as PKI, our improved IBE variant reduces the key exposure risk.

• Journal of KIISE:Computing Practices and Letters
• /
• v.9 no.4
• /
• pp.470-485
• /
• 2003

The steganography is one of methods that users can hide data. Some steganography softwares use audio data among multimedia data. However, these commercialized audio steganography softwares have disadvantages that the existence of hidden messages can or easily recognized visually and only certain-sized data can be hidden. To solve these problems, this study suggested, designed and implemented Dynamic Message Embedding (DME) algorithm. Also, to improve the security level of the secret message, the file encryption algorithm has been applied. Through these, StegoWaveK system that performs audio steganography was designed and implemented. Then, the suggested system and the commercialized audio steganography system were compared and analyzed on criteria of the Human Visilable System (HVS), Human Auditory System (HAS), Statistical Analysis (SA), and Audio Measurement (AM).

• Journal of the Korean Association of Geographic Information Studies
• /
• v.26 no.4
• /
• pp.67-79
• /
• 2023

Service environments through laptops, smart devices, and various IoT devices are developing very rapidly. Recent security measures in these Internet environments mainly consist of network application level solutions such as firewall(Intrusion Prevention Systems) and IDS (intrusion detection system). In addition, various security data have recently been used on-site, and issues regarding the management and destruction of such security data have been raised. Products such as DRM(Digital Rights Management) and DLP(Data Loss Prevention) are being used to manage these security data. However despite these security measures, data security measures taken out to be used in the field are operated to the extent that the data is encrypted, delivered, and stored in many environments, and measures for encryption key management or data destruction are insufficient. Based on these issues we aim to propose a SecureOS Module, an OS-based security module. With this module users can manage and operate security data through a consistent interface, addressing the problems mentioned above.