• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.4 s.304
• /
• pp.25-32
• /
• 2005

The spread of mobile devices, PDAs and sensors has enabled the construction of ubiquitous computing environments, transforming regular physical spaces into 'Smart space' augmented with intelligence and enhanced with services. However, the deployment of this computing paradigm in real-life is disturbed by poor security, particularly, the lack of proper authentication and authorization techniques. Also, it is very important not only to find security measures but also to preserve user privacy in ubiquitous computing environments. In this Paper, we propose efficient user authentication and authorization model with anonymity for the privacy-preserving for ubiquitous computing environments. Our model is suitable for distributed environments with the computational constrained devices by using MAC-based anonymous certificate and security association token instead of using Public key encryption technique. And our Proposed Protocol is better than Kerberos system in sense of cryptographic computation processing.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.8
• /
• pp.1155-1160
• /
• 2013

The rapid growth of smart phones has made location-based services (LBSs) widely available. However, the use of LBS can raise privacy issues, as LBS can allow adversaries to violate the location privacy of users. There has been a considerable amount of research on preserving user location privacy. Most of these studies try to preserve location privacy by achieving what is known as location K-anonymity. In this paper, we propose a hierarchical clustering-based spatial cloaking algorithm for LBSs. The proposed algorithm constructs a tree using a modified version of agglomerative hierarchical clustering. The experimental results show, in terms of the ASR size, that the proposed algorithm is better than Hilbert Cloak and comparable to RC-AR (R-tree Cloak implementation of Reciprocal with an Asymmetric R-tree split). In terms of the ASR generation time, the proposed algorithm is much better in its performance than RC-AR and similar in performance to Hilbert Cloak.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.49 no.1
• /
• pp.81-87
• /
• 2012

The current defacing method for keeping an anonymity of brain images damages the integrity of a precise brain analysis due to over removal, although it maintains the patients' privacy. A novel method has been developed to create an anonymous face model while keeping the voxel values of an image exactly the same as that of the original one. The method contains two steps: construction of a mockup brain template from ten normalized brain images and a substitution of the mockup brain to the brain image. A level set segmentation algorithm is applied to segment a scalp-skull apart from the whole brain volume. The segmented mockup brain is coregistered and normalized to the subject brain image to create an anonymous face model. The validity of this modification is tested through comparing the intensity of voxels inside a brain area from the mockup brain with the original brain image. The result shows that the intensity of voxels inside from the mockup brain is same as ones from an original brain image, while its anonymity is guaranteed.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.465-467
• /
• 2019

최근 많은 단체나 기업에서 다양하고 방대한 데이터를 요구로 하고, 그에 따라서 국가 공공데이터나 데이터 브로커등 데이터를 통해 직접 수집 하거나 구매해야 하는 경우가 많아지고 있다. 하지만 개인정보의 경우 개인의 동의 없이는 타인에게 양도가 불가능하여 이러한 데이터에 대한 연구에 어려움이 있다. 그래서 특정 개인을 추론할 수 없도록 하는 비식별 처리 기술이 연구되고 있다. 이러한 비식별화의 정도는 모델로 나타낼 수가 있는데, 현재 k-anonymity 와 l-diversity 모델 등이 많이 사용된다. 이 중에서 l-diversity 는 k-anonymity 의 만족 조건을 포함하고 있어 비식별화의 정도가 더욱 강하다. 이러한 l-diversity 모델을 만족하는 알고리즘은 The Hardness and Approximation, Anatomy 등이 있는데 본 논문에서는 일반화 과정을 거치지 않아 유용성이 높은 Anatomy 의 구현에 대해 연구하였다. 또한 비식별화 과정은 전체 데이터에 대한 특성을 고려해야 하기 때문에 데이터의 크기가 커짐에 따라 실질적인 처리량이 방대해지는데, 이러한 문제를 Spark 를 통해 데이터가 커짐에 따라서 최대한 안정적으로 대응하여 처리할 수 있는 시스템을 구현하였다.

• Journal of Internet Computing and Services
• /
• v.20 no.6
• /
• pp.105-117
• /
• 2019

Bitcoin, which can be classified as a cryptocurrency, has attracted attention from various industries because it is an innovative digital currency and the beginning of a Blockchain system. However, as the research on Bitcoin progressed, several security vulnerabilities and possible attacks were analyzed. Among them, the security problem caused by the transparency of the Blockchain database prevents the Blockchain system from being applied to various fields. This vulnerability is further classified as the weak anonymity of participating nodes and privacy problem due to disclosure of transaction details. In recent years, several countermeasures have been developed against these vulnerabilities. In this paper, we first describe the main features of the public and private Blockchain, and explain privacy, unlinkability and anonymity. And, three public Blockchain platforms, Dash, Zcash and Monero which are derived from Bitcoin, and Hyperledger Fabric which is a private Blockchain platform, are examined. And we analyze the operating principles of the protocols applied on each platform. In addition, we classify the applied technologies into anonymity and privacy protection in detail, analyze the advantages and disadvantages, and compare the features and relative performance of the platforms based on the computational speed of the applied cryptographic mechanisms.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.5
• /
• pp.1313-1327
• /
• 2013

How to make people keep both the confidentiality of the sensitive data and the privacy of their real identity in communication networks has been a hot topic in recent years. Researchers proposed privacy-preserving authenticated key exchange protocols (PPAKE) to answer this question. However, lots of PPAKE protocols need users to remember long secrets which are inconvenient for them. In this paper we propose a lightweight three-party privacy-preserving authentication key exchange (3PPAKE) protocol using smart card to address the problem. The advantages of the new 3PPAKE protocol are: 1. The only secrets that the users need to remember in the authentication are their short passwords; 2. Both of the users can negotiate a common key and keep their identity privacy, i.e., providing anonymity for both users in the communication; 3. It enjoys better performance in terms of computation cost and security. The security of the scheme is given in the random oracle model. To the best of our knowledge, the new protocol is the first provably secure authentication protocol which provides anonymity for both users in the three-party setting.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.12
• /
• pp.6169-6187
• /
• 2017

With the fast growth of mobile services, Mobile Cloud Computing(MCC) has gained a great deal of attention from researchers in the academic and industrial field. User authentication and privacy are significant issues in MCC environment. Recently, Tsai and Lo proposed a privacy-aware authentication scheme for distributed MCC services, which claimed to support mutual authentication and user anonymity. However, Irshad et.al. pointed out this scheme cannot achieve desired security goals and improved it. Unfortunately, this paper shall show that security features of Irshad et.al.'s scheme are achieved at the price of multiple time-consuming operations, such as three bilinear pairing operations, one map-to-point hash function operation, etc. Besides, it still suffers from two minor design flaws, including incapability of achieving three-factor security and no user revocation and re-registration. To address these issues, an enhanced and provably secure authentication scheme for distributed MCC services will be designed in this work. The proposed scheme can meet all desirable security requirements and is able to resist against various kinds of attacks. Moreover, compared with previously proposed schemes, the proposed scheme provides more security features while achieving lower computation and communication costs.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.12
• /
• pp.5572-5595
• /
• 2016

Multi-server authentication enables the subscribers to enjoy an assortment of services from various service providers based on a single registration from any registration centre. Previously, a subscriber had to register from each service provider individually to avail respective services relying on single server authentication. In the past, a number of multi-server authentication techniques can be witnessed that employed lightweight and even computationally intensive cryptographic operations. In line with this, Zhu has presented a chaotic map based multi-server authentication scheme recently, which is not only vulnerable to denial-of-service attack, stolen-verifier attack, but also lacks anonymity. This research aims at improving the Zhu's protocol in terms of cost and efficiency. Moreover, the comparative study is presented for the performance of improved model against the existing scheme, and the security of proposed model is formally proved using BAN Logic.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.12
• /
• pp.5616-5642
• /
• 2016

Different from traditional auctions, electronic auctions provide a platform to allow bidders and auctioneers merchandise to each other over network anytime and anywhere. Auctioneers can publish information of goods, and bidders can choose the interested targets through this bidding platform. To ensure the fairness and security of electronic auctions, Li et al. have proposed a practical electronic auction scheme which can confirm the requirement of strong anonymity, bidding privacy, and secret bidding price. However, we have found out that Li et al.'s scheme may lurk the risk of the denial-of-service attack during the bidding phase in a sealed-bid auction. Thus, we propose a brand-new sealed-bid auction mechanism, in which the essentials of e-auction can be firmly preserved. In particular, each bidder only needs to register at the center once and then can join to multiple plays launched by different auctioneers. Moreover, the correctness of mutual authentication is confirmed according to the BAN logic model.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.12 no.5
• /
• pp.805-816
• /
• 2017

Tor is a popular, low-latency open network that offers online anonymity to users by concealing their information from anyone conducting traffic analysis. At the same time, a number of conventional passive and active attacking schemes have been proposed to compromise the anonymity provided by the Tor network. In addition to attacks on the network through traffic analysis, interacting with an unsecured application can reveal a Tor user's IP address. Specific traffic from such applications bypasses Tor proxy settings in the user's machine and forms connections outside the Tor network. This paper presents such applications and shows how they can be used to deanonymize Tor users. Extensive test studies performed in the paper show that applications such as Flash and BitTorrent can reveal the IP addresses of Tor users.