• Journal of KIISE:Databases
• /
• v.37 no.1
• /
• pp.1-11
• /
• 2010

Recently, there has been a growing interest in the processing of continuous queries over multiple data streams. When the arrival rates of tuples exceed the memory capacity of the system, a load shedding technique is used to avoid the system becoming overloaded by dropping some subset of input tuples. In this paper, we propose an effective load shedding algorithm for multi-way windowed joins over multiple data streams. Most previous load shedding algorithms estimate the productivity of each tuple, i.e., the number of join output tuples produced by the tuple, based on its "join attribute value" and drop tuples with the lowest productivity. However, the productivity of a tuple cannot be accurately estimated from its join attribute value when the join attribute values are unique and do not repeat, or the distribution of the join attribute values changes over time. For these cases, we estimate the productivity of a tuple based on its "arrival order" on data streams, rather than its join attribute value. The proposed method can effectively estimate the productivity of a tuple even when the productivity of a tuple cannot be accurately estimated from its join attribute value. Through extensive experiments and analysis, we show that our proposed method outperforms the previous methods in terms of effectiveness and efficiency.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.5
• /
• pp.113-124
• /
• 2010

In this study, the hybrid authorization quotation technique is based on the device ID for the integrity of the source region guarantee of user certificate, in order to improve the convenience and security for user in the hybrid PKI certificate Mechanism for authentication. The feature of the model in which it is presented from this paper is 5. First, because the user can select the policy himself in which it matches with each authentication situation and security level, the convenience can be improved. Second, the integrity of the source region of the user certificate can be guaranteed through the comparison of the DLDI Key, that is the hash-value of the device ID. Third, the security can be improved by continuously changing an encoding, and the value of the key in which it decodes through the EOTP Key. Fourth, the index value is added to a certificate, and the storage of a certificate is possible at the Multi-Device. Fifth, since the addi the inan aratus for the integrity of the source region guarantee of a certificate is not needed, the authentication process time can be reduced and the computational load of the certificate server can be reduced also.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.393-399
• /
• 2013

Recently, the quantity and type of data that is being processed in cloud environment are varied. A method for easy access in different network in a heterogeneous environment of big data stored in the device is required. This paper propose security management method for smoothly access to big data in other network environment conjunction with attribute information between big data and user. The proposed method has a high level of safety even if user-generated random bit signal is modulated. The proposed method is sufficient to deliver any number of bits the user to share information used to secure recognition. Also, the security awareness information bit sequence generated by a third party to avoid unnecessary exposure value by passing a hash chain of the user anonymity is to be guaranteed to receive.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.5-15
• /
• 2015

Electronic transactions have been increasing with the development of the high-speed Internet and wireless communication. However, in recent years financial corporations and mobile carriers were attacked by hackers. And large numbers of privacy information have been leaked. In particular, in the case of credit card information can be misused in the online transaction, and the damage of this given to cardholder. To prevent these problems, it has been proposed to use a virtual card number instead of the actual card number. But it has security vulnerability and requires additional security infrastructure. In this paper, we analyzed the proposed virtual card number schemes. and we propose a new virtual credit card number scheme. In the newly proposed scheme, cardholder generates a key pair (public key/private key) and pre-register public key to the issuer. then, cardholder can pay no additional security infrastructure while still efficiently satisfy the security requirements.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.41-48
• /
• 2018

Until now, various studies on anti-phishing have been conducted. The most typical anti-phishing method is a method of collecting URL information of a phishing site in advance and then detecting phishing by comparing the URL of the visited site with the previously stored information. However, this blacklist-based anti-phishing method can not detect new phishing sites. For this reason, various anti-phishing authentication protocols have been proposed. but these protocols require a public key and a private key. In this paper, we propose a password-based mutual authentication protocol that is safe for phishing attacks. In the proposed protocol, the mutual authentication between the client and the server is performed through the authentication message including the password information. The proposed protocol is safe to eavesdropping attack because the authentication message uses the hash value of the password, not the original password, And it is safe to replay attack because different messages are used every time of authentication. In addition, since mutual authentication is performed, it is safe for man-in-the-middle attack. Finally, the proposed protocol does not require a key issuance process for authentication.

• Journal of Korea Multimedia Society
• /
• v.8 no.11
• /
• pp.1462-1471
• /
• 2005

Recently, the medical image has been digitized by the development of computer science and digitization of the medical devices. There are needs for database service of the medical image and long term storage because of the construction of PACS(picture archiving and communication system) following DICOM(digital imaging communications in medicine) standards, telemedicine, and et al. However, it also caused some kinds of problems, such as illegal reproduction of medical image, proprietary rights and data authentication. In this paper, we propose the new digital watermarking technique for medical image based on public key encryption algorithm for integrity verification. It prevents illegal forgery that can be caused after transmitting medical image data remotely. The watermark is the value of bit-plane in wavelet transform of the original image for certification method of integrity verification. We proposed the embedding regions are randomly chosen considering ROI, and a digital signature is made using hash function of MD5 which input is a secret key. The experimental results show that the watermark embedded by the proposed algorithm can survive successfully in image processing operations and that the watermark's invisibility is good.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.6
• /
• pp.19-25
• /
• 2017

This paper deals with integer factorization of two prime p,q of SHA-256 secure hash value n for Bit coin mining. This paper proposes an algorithm that greatly reduces the execution time of Pollard's rho integer factorization algorithm. Rho(${\rho}$) algorithm computes $x_i=x^2_{i-1}+1(mod\;n)$ and $y_i=[(y^2_{i-1}+1)^2+1](mod\;n)$ for intial values $(x_0,y_0)=(2,2)$ to find the factor 1 < $gcd({\mid}x_i-y_i{\mid},n)$ < n. It however fails to factorize some particular composite numbers. The algorithm proposed in this paper applies multiple initial values $(x_0,y_0)=(2^k,2^k)$ and ($2^k,2$), $2{\leq}k{\leq}10$ to the existing Pollard's Rho algorithm. As a results, the proposed algorithm achieves both the factorization of all the composite numbers and the reduction of the execution time of Pollard's Rho by 67.94%.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.41 no.4
• /
• pp.103-112
• /
• 2004

This paper suggests the way to realize smart card security system by using handwritten signature instead of a password which is traditionally used for user authentication. Because of the familiarity of signature we don't need to try to remember the password and signature is difficult to be used by guess or illegal forced situation. The feature data of handwritten signature is large, so we designed COS which is consist of special commands for processing user's handwritten signature data, user authentication, and basic commands based on ISO 7816-3. Also protocol among user, smart card terminal and DB server is designed. In registration process, the feature data of user signature is saved in both a DB server and a smart card. User authentication is processed by comparing the user signature and the saved feature data in a smart card and in a DB server. And the authentication result and hash value of signature data in DB server are transferred to smart card. During this process the authentication between DB server and user is finished. The proposed security system has more higher level of security in user authentication of smart card and it will Provide safer and more convenient security services.

• The Journal of the Korea Contents Association
• /
• v.5 no.2
• /
• pp.95-105
• /
• 2005

As a research on PKI is being very popular, the study relating to certificate status validation is being grown with aim to reduce an overhead of the protocol and to provide an efficient operation. The OCSP of the standard protocol related to the study enables applications to determine the revocation state of an identified certificate. However, the OCSP server can not service millions of certificate status validation requests from clients in a second on E-commerce because of the computational time for signature and verification. So, we propose the Real-time Certificate Status Validation Protocol(RCSVP) that has smaller computational time than OCSP. RCSVP server reduce the computational time of certificate status validation using hash function and common secret value. Also RCSVP client does not need the computational time of certificate verification to acquire the public key from an identified certificate. Therefore, the proposed protocol enables server to response millions of certificate status validation requests from clients in a second on E-commerce.

• Journal of Digital Convergence
• /
• v.13 no.7
• /
• pp.197-205
• /
• 2015

Existing Web authentication method utilizes the resident registration number by credit rating agencies separating i-PIN authentication method which has been improved authentication using resident registration number via the real name confirmation database. By improving the existing authentication method, and it provides the available integrated ID authentication on Web. In order to enhance safety, the proposed authentication method by encrypting the user of the verification value, and stores the unique identifier in the database of the certificate authority. Then, the password required to log in to the Web is for receiving a disposable random from the certificate authority, the user does not need to remember a separate password and receives the random number by using the smart phone. It does not save the user's personal information in the database, and it is easy to management of personal information. Only the integration ID needs to be remembered with random number on every time. It doesn't need to use various IDs and passwords if you use this proposed authentication methods.