• Journal of Convergence for Information Technology
• /
• v.8 no.2
• /
• pp.77-82
• /
• 2018

Recently, as cloud services become popular with general users, users' information is freely transmitted and received among the information used in the cloud environment, so security problems related to user information disclosure are occurring. we propose a method to secure personal information of multiple users by making personal information stored in the cloud server and a key for accessing the shared information so that the privacy information of the multi users using the cloud service can be prevented in advance do. The first key used in the proposed scheme is a key for accessing the user 's personal information, and is used to operate the information related to the personal information in the form of a multi - layer. The second key is the key to accessing information that is open to other users than to personal information, and is necessary to associate with other users of the cloud. The proposed scheme is constructed to anonymize personal information with multiple hash chains to process multiple kinds of information used in the cloud environment. As a result of the performance evaluation, the proposed method works by allowing third parties to safely access and process the personal information of multiple users processed by the multi - type structure, resulting in a reduction of the personal information management cost by 13.4%. The efficiency of the proposed method is 19.5% higher than that of the existing method.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.393-399
• /
• 2013

Recently, the quantity and type of data that is being processed in cloud environment are varied. A method for easy access in different network in a heterogeneous environment of big data stored in the device is required. This paper propose security management method for smoothly access to big data in other network environment conjunction with attribute information between big data and user. The proposed method has a high level of safety even if user-generated random bit signal is modulated. The proposed method is sufficient to deliver any number of bits the user to share information used to secure recognition. Also, the security awareness information bit sequence generated by a third party to avoid unnecessary exposure value by passing a hash chain of the user anonymity is to be guaranteed to receive.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.2 no.1
• /
• pp.19-24
• /
• 2007

Abstract. In the ubiquitous environment of the next generation, RFID is predicted to occupy an important technical location and also expected to apply to various fields. However, the properties of tags in itself which is the core of RFID have a dysfunction like an invasion of privacy for user. An existing cryptanalytic protection scheme of the information leakage have a difficult problem to apply to RFID tags for privacy protection. We applied Ohkubo et al.'s scheme to the protection of the tag's information efficiently in the RFID system environment using low-cost tags. But, this method has all informations of tagsto identify tag's ID and then performs the process of identification in sequence in the Back-end server. These processes have lots of computations so that it have problems about a scalability. In this paper, we are based on Ohkubo et al.'s scheme to solve problems, and then analyze the parallelism with the Hellman's tradeoff method, divide it into nodesin parallel. In this paper, we are based on Okubo et al.'s scheme to solve problems, and then analyze the parallelism with Hellman's tradeoff method, divide it into the ${\omega}$ node in parallel. as a result, we can reduce the computing complexity of key search to $O(\frac{m^{2/3}n^{2/3}}{\omega})$ seconds from O(mm) seconds. finally we show the results to be enhanced the scalability.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.6
• /
• pp.1462-1470
• /
• 2013

This paper proposes an SWAD-KNH(Sybil & Wormhole Attack Detection using Key, Neighbor list and Hop count) technique which consists of an SWAD(Sybil & Wormhole Attack Detection) module detecting an Worm attack and a KGDC(Key Generation and Distribution based on Cluster) module generating and an sense node key and a Group key by the cluster and distributing them. The KGDC module generates a group key and an sense node key by using an ECDH algorithm, a hash function, and a key-chain technique and distributes them safely. An SWAD module strengthens the detection of an Sybil attack by accomplishing 2-step key acknowledgement procedure and detects a Wormhole attack by using the number of the common neighbor nodes and hop counts of an source and destination node. As the result of the SWAD-KNH technique shows an Sybil attack detection rate is 91.2% and its average FPR 3.82%, a Wormhole attack detection rate is 90%, and its average FPR 4.64%, Sybil and wormhole attack detection rate and its reliability are improved.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.12C
• /
• pp.1288-1296
• /
• 2006

This paper proposes a fast authentication scheme based on hierarchical key structure (HiFA) for roaming mobile nodes in both intra-domain and inter-domain. The full authentication procedure standardized in IEEE 802.11 and 802.16 is difficult to be applied to a handover since it needs a heavy operation and long delay time during a handover. Though a number of schemes were proposed to solve the problem, the existing schemes might degrade the security of authentication or impose heavy administrative burden on the Pome authentication server. The main contribution of this paper is to reduce the communication and computation overhead of the home authentication sewer without degrading the security strength of the fast roaming authentication using hierarchical authentication key structure. The proposed scheme iii this paper decentralizes the administrative burden of the home authentication server to other network entities such as a local authentication server or access point and supports the security separation of the authentication key among local authentication servers using hash key chain.

• Journal of Digital Convergence
• /
• v.13 no.9
• /
• pp.235-242
• /
• 2015

Social network technology has been increasing interest in the big data service and development. However, the data stored in the distributed server and not on the central server technology is easy enough to find and extract. In this paper, we propose a big data management techniques to minimize the processing time of information you want from the content server and the management server that provides big data services. The proposed method is to link the in-group data, classified data and groups according to the type, feature, characteristic of big data and the attribute information applied to a hash chain. Further, the data generated to extract the stored data in the distributed server to record time for improving the data index information processing speed of the data classification of the multi-attribute information imparted to the data. As experimental result, The average seek time of the data through the number of cluster groups was increased an average of 14.6% and the data processing time through the number of keywords was reduced an average of 13%.

• Journal of Convergence for Information Technology
• /
• v.8 no.2
• /
• pp.233-238
• /
• 2018

SMEs and small enterprises are making various attempts to manage SMEs in terms of equipment, safety and energy management as well as production management. However, SMEs do not have the investment capacity and it is not easy to build a smart factory to improve management and productivity of SMEs. In this paper, we propose a smart factory construction algorithm that partially integrates the factory equipment currently operated by SMEs. The proposed algorithm supports collection, storage, management and processing of product information and release information through IoT device during the whole manufacturing process so that SMEs' smart factory environment can be constructed and operated in stages. In addition, the proposed algorithm is characterized in that central server manages authentication information between devices to automate the linkage between IoT devices regardless of the number of IoT devices. As a result of the performance evaluation, the proposed algorithm obtained 13.7% improvement in the factory process and efficiency before building the Smart Factory environment, and 19.8% improvement in the processing time in the factory. Also, the cost of input of manpower into process process was reduced by 37.1%.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.1
• /
• pp.68-75
• /
• 2013

Recently IPTV that transmits multimedia contents in real time through internet, cable TV net and satelite net gets the limelight. But IPTV service that gives service to users by various media has a problem of not supporting user certification fully. This paper suggests a certification model which prevents getting access permission of IPTV service by sending illegal certification information by adolescent through integrating mobile communication technique with RFID(Radio Frequency IDentification) technique which is a key technique of Ubiquitous environment. This model performs the process of adult certification by keeping synchronization with user's certificaiton information that is saved in data-base of certification server and contents server after getting the system of class categorization in contents server to overcome disadvantage of simple adult certification system that is popular in the existing internet. Also, it adapts double hash chain technique not to down load illegally contents without the permission of manager even if an adolescent gets manager's approval key.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.1
• /
• pp.282-304
• /
• 2014

Each cloud service has numerous owners and tenants, so it is necessary to construct a privacy preserving identity management and access control mechanism for cloud computing. On one hand, cloud service providers (CSP) depend on tenant's identity information to enforce appropriate access control so that cloud resources are only accessed by the authorized tenants who are willing to pay. On the other hand, tenants wish to protect their personalized service access patterns, identity privacy information and accessing newfangled cloud services by on-demand ways within the scope of their permissions. There are many identity authentication and access control schemes to address these challenges to some degree, however, there are still some limitations. In this paper, we propose a new comprehensive approach, called Privacy pReserving Identity and Access Management scheme, referred to as PRIAM, which is able to satisfy all the desirable security requirements in cloud computing. The main contributions of the proposed PRIAM scheme are threefold. First, it leverages blind signature and hash chain to protect tenant's identity privacy and implement secure mutual authentication. Second, it employs the service-level agreements to provide flexible and on-demand access control for both tenants and cloud services. Third, it makes use of the BAN logic to formally verify the correctness of the proposed protocols. As a result, our proposed PRIAM scheme is suitable to cloud computing thanks to its simplicity, correctness, low overhead, and efficiency.

• Journal of Advanced Navigation Technology
• /
• v.17 no.6
• /
• pp.736-748
• /
• 2013

In this paper, we analyse the vulnerabilities of KL scheme which is an ID-based authentication scheme for AMI network, and propose two kinds of authentication schemes which satisfy forward secrecy as well as security requirements introduced in the previous works. In the first scheme, we use MDMS which is the supervising system located in an electrical company for a time-synchronizing server, in order to synchronize smart grid devices in home, and we process device authentication with a new secret value generated by OTP function every session. In the second scheme, we use a secret hash-chain mechanism for authentication process, so we can use a new secret value every session. The proposed two schemes have strong points and weak points respectively and those depend on the services area and its environment, so we can select one of them efficiently considering real aspects of AMI environment.