• International Journal of Computer Science & Network Security
• /
• 제23권12호
• /
• pp.27-80
• /
• 2023

Nowadays usage of different applications of identity management IDM demands prime attention to clarify which is more efficient regarding preserve privacy as well as security to perform different operations concerning digital identity. Those operations represent the available interactions with identity during its lifecycle in the digital world e.g., create, update, delete, verify and so on. With the rapid growth in technology, this field has been evolving with a number of IDM models being proposed to ensure that identity lifecycle and face some significant issues. However, the control and ownership of data remines in the hand of identity service providers for central and federated approaches unlike in the self-sovereign identity management SSIM approach. SSIM is the recent IDM model were introduced to solve the issue regarding ownership of identity and storing the associated data of it. Thus, SSIM aims to grant the individual's ability to govern their identities without intervening administrative authorities or approval of any authority. Recently, we noticed that numerous IDM solutions enable individuals to own and control their identities in order to adapt with SSIM model. Therefore, we intend to make comparative study as much of these solutions that have proper technical documentation, reports, or whitepapers as well as provide an overview of IDM models. We will point out the existing research gaps and how this study will bridge it. Finally, the study will propose a technical enhancement, everKEY solution, to address some significant drawbacks in current SSIM solutions.

• 디지털융복합연구
• /
• 제11권5호
• /
• pp.291-298
• /
• 2013

방문 측정 방식은 많은 방문자, 서버들 그리고 서버들에 의해 처리되는 방문자의 정보를 수집하는 감사 기관으로 구성된다. 많은 효율적이고 안전한 방문 측정 방식들이 문헌상에 제안되어 있지만, 이들은 방문자의 프라이버시 문제를 고려하고 있지 않다. 관련 연구에서의 이러한 제약을 완화하기 위하여, 인터넷상의 방문자의 프라이버시를 보호하는 방문 측정 방식을 제안하고자 한다. 좀 더 구체적으로, 방문자와의 감사 기관 사이에 RSA 기반 blind signature를 적용하였다. 만일 방문자가 2회 이상의 방문 정보를 서버에 보내게 되는 경우, 서버나 감사 기관에 의해 방문자의 신분은 드러나게 된다.

• 한국정보통신학회논문지
• /
• 제10권12호
• /
• pp.2193-2201
• /
• 2006

이동통신 환경과 관련하여 프라이버시 측면에서 모바일 이용자들의 현 위치와 행적 노출에 대한 문제를 해결하기 위해 Kesdogan과 Pfitzmann[1,2,3]은 TP(Temporary Pseudonym)라는 임시 익명 아이디를 이용한 방법들을 제안하였으며, 그 후 우리는 [4]에서 네트워크 제공자 측의 능동적인 공격들로부터 모바일 이용자들을 보호할 수 있는 보다 개선된 방법을 제안한 바 있다. 그러나 우리가 기존에 제안한 프로토콜은 이동 사용자가 홈도메인 내에 위치 할 경우만을 가정한 것이다. 본 논문에서는 이를 보다 확장하여 이동 사용자가 홈도메인 내에서 원격지에 있는 방문 도메인으로 이동할 경우에 사용자의 프라이버시를 보호할 수 있는 새로운 이동 착호 프로토콜을 제안하고 그것의 안전성에 대해 분석하고자 한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권7호
• /
• pp.3319-3338
• /
• 2016

Cloud storage is becoming more and more popular because of its elasticity and pay-as-you-go storage service manner. In some cloud storage scenarios, the data that are stored in the cloud may be shared by a group of users. To verify the integrity of cloud data in this kind of applications, many auditing schemes for shared cloud data have been proposed. However, all of these schemes do not consider the access authorization problem for users, which makes the revoked users still able to access the shared cloud data belonging to the group. In order to deal with this problem, we propose a novel public auditing scheme for shared cloud data in this paper. Different from previous work, in our scheme, the user in a group cannot any longer access the shared cloud data belonging to this group once this user is revoked. In addition, we propose a new random masking technique to make our scheme preserve both data privacy and identity privacy. Furthermore, our scheme supports to enroll a new user in a group and revoke an old user from a group. We analyze the security of the proposed scheme and justify its performance by concrete implementations.

• Journal of Information Processing Systems
• /
• 제10권4호
• /
• pp.618-627
• /
• 2014

Nowadays mobile users are using a popular service called Location-Based Services (LBS). LBS is very helpful for a mobile user in finding various Point of Interests (POIs) in their vicinity. To get these services, users must provide their personal information, such as user identity or current location, which severely risks the location privacy of the user. Many researchers are developing schemes that enable a user to use these LBS services anonymously, but these approaches have some limitations (i.e., either the privacy prevention mechanism is weak or the cost of the solution is too much). As such, we are presenting a robust scheme for mobile users that allows them to use LBS anonymously. Our scheme involves a client side application that interacts with an untrusted LBS server to find the nearest POI for a service required by a user. The scheme is not only efficient in its approach, but is also very practical with respect to the computations that are done on a client's resource constrained device. With our scheme, not only can a client anonymously use LBS without any use of a trusted third party, but also a server's database is completely secure from the client. We performed experiments by developing and testing an Android-based client side smartphone application to support our argument.

• 인터넷정보학회논문지
• /
• 제10권2호
• /
• pp.29-40
• /
• 2009

인터넷 등의 정보기술의 발전은 기존의 의료기술에 빠른 변화를 가져오면서 e-Healthcare가 사회적 이슈로 등장하고 있다. 의료정보화 패러다임의 새로운 전환점이라 할 수 있는 e-Healthcare는 국내에서 의료정책방안이나 기술개발을 하고 있지만, 아직 의료정보화의 기반이 되는 인프라는 부족한 수준이며 개방된 인터넷 환경 내 역공학적 측면으로 민감한 의료정보 유출 및 프라이버시 침해에 대한 문제가 대두되는 실정이다. 본 논문에서는 앞서 제시한 문제점의 해결방안으로 e-Healthcare환경 내 개인의 의료정보 보호를 위한 역할기반의 접근제어 시스템(HPIP - Health Privacy Information Protection)을 네 가지 주요 메커니즘(사용자 신분확인, 병원 권한확인, 진료기록 접근제어, 환자진단)으로 제안하였으며, 실 환경에서 효과적으로 활용될 수 있도록 프로토타이핑을 통해 그 가능성을 타진해 보았다.

• Current Optics and Photonics
• /
• 제6권5호
• /
• pp.453-462
• /
• 2022

Blockchain technology provides a decentralized and peer-to-peer network, which has the advantages of transparency and immutability. In this paper, a novel secure authentication scheme applying digital holography to blockchain technology is proposed to protect privacy information in network nodes. The transactional information of the node is chained permanently and immutably in the blockchain to ensure network security. By designing a novel two-dimensional (2D) array data structure of the block, a proof of work (PoW) in the blockchain is executed through digital holography technology to verify true authentication and legal block linkage. A hash generated from the proposed algorithm reveals a random number of 2D array data. The real identity of each node in the network cannot be forged by a hacker's tampering because the privacy information of the node is encrypted using digital holography and stored in the blockchain. The reliability and feasibility of the proposed scheme are analyzed with the help of the research results, which evaluate the effectiveness of the proposed method. Forgery by a malicious node is impossible with the proposed method by rejecting a tampered transaction. The principal application is a secure anonymity system guaranteeing privacy information protection for handling of large information.

• International Journal of Computer Science & Network Security
• /
• 제23권2호
• /
• pp.101-110
• /
• 2023

Vehicular Ad Hoc Network (VANET) is considered to be a subclass of Mobile Ad Hoc Networks (MANET). It has some challenges and issues of privacy which require to be solved before practical implementation of the system i.e., location preservation privacy. Many schemes have been proposed. The most prominent is pseudonym change based location preservation scheme. Safety message can be compromised when it sends via a wireless medium, consequently, an adversary can eavesdrop the communication to analyze and track targeted vehicle. The issue can be counter by use of pseudo identity instead of real and their change while communication proves to be a sufficient solution for such problems. In this context, a large amount of literature on pseudonym change strategies has been proposed to solve such problems in VANET. In this paper, we have given details on strategies proposed last two decades on pseudonym change based location preservation along with issues that they focus to resolve and try to give full understanding to readers.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권9호
• /
• pp.3365-3383
• /
• 2021

The rapid growth of data has successfully promoted the development of modern information and communication technologies, which are used to process data generated by public urban departments and citizens in modern cities. In specific application areas where the ciphertext of messages generated by different users' needs to be transmitted, the concept of broadcast encryption is important. It can not only improve the transmission efficiency but also reduce the cost. However, the existing schemes cannot entirely ensure the privacy of receivers and dynamically adjust the user authorization. To mitigate these deficiencies, we propose an efficient, secure identity-based broadcast encryption scheme that achieves direct revocation and receiver anonymity, along with the analysis of smart grid solutions. Moreover, we constructed a security model to ensure wireless data transmission under cloud computing and internet of things integrated devices. The achieved results reveal that the proposed scheme is semantically secure in the random oracle model. The performance of the proposed scheme is evaluated through theoretical analysis and numerical experiments.

• 한국정보과학회논문지:정보통신
• /
• 제28권4호
• /
• pp.570-577
• /
• 2001

이동 네트워크 상에서의 인터넷 서비스가 활성화됨에 따라 이동 호스트에 대한 인증 및 비밀성이 요구되었고, 이동 호스트의 이동성에 따른 익명성 및 불추적성이 중요한 고려사항이 되었다. 본 논문에서는 이동 호스트가 도메인간을 이동하면서 노출될 수 있는 이동 호스트의 Identity의 보호를 위해 사용자 Alias를 사용하였으며, 원격 도메인에도 Alias를 사용함으로 익명성 보장 및 불추적성을 지원한 안전한 인증 프로토콜을 제시한다. 본 논문에서는 안전성을 높이기 위해서 Alias 생성시 공개키 암호 시스템을 이용하였다.