• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.1
• /
• pp.145-164
• /
• 2023

Cloud computing offers a platform that is both adaptable and scalable, making it ideal for outsourcing data for sharing. Various organizations outsource their data on cloud storage servers for availing management and sharing services. When the organizations outsource the data, they lose direct control on the data. This raises the privacy and security concerns. Cryptographic encryption methods can secure the data from the intruders as well as cloud service providers. Data owners may also specify access control policies such that only the users, who satisfy the policies, can access the data. Attribute based access control techniques are more suitable for the cloud environment as they cover large number of users coming from various domains. Multi-authority attribute-based encryption (MA-ABE) technique is one of the propitious attribute based access control technique, which allows data owner to enforce access policies on encrypted data. The main aim of this paper is to comprehensively survey various state-of-the-art MA-ABE schemes to explore different features such as attribute and key management techniques, access policy structure and its expressiveness, revocation of access rights, policy updating techniques, privacy preservation techniques, fast decryption and computation outsourcing, proxy re-encryption etc. Moreover, the paper presents feature-wise comparison of all the pertinent schemes in the field. Finally, some research challenges and directions are summarized that need to be addressed in near future.

• Journal of KIISE:Information Networking
• /
• v.37 no.6
• /
• pp.420-430
• /
• 2010

Due to increasing demand for improving road safety and optimizing road traffic, Vehicular Ad-Hoc Networks (VANET) have been subject to extensive attentions from all aspects of commercial industry and academic community. Security and user privacy are fundamental issues for all possible promising applications in VANET. Most of the existing security proposals for secure VANET concentrate authentication with privacy preservation in vehicle-to-vehicle (V2V) and vehicle-to-roadside infrastructure (V2I) communications and require huge storage and network capacity for management of revocation list. Motivated by the fact, we propose a new scheme with security and privacy preservation which combines V2V and V2I communication. With our proposed scheme, the communication and computational delay for authentication and overhead for management of revocation list can be significantly reduced due to mutual authentication between a vehicle and a Roadside Unit (RSU) requires only two messages, and the RSU issues the anonymous certificate for the vehicle on behalf of the Trust Authority (TA). We demonstrate that the proposed protocol cannot only guarantee the requirements of security and privacy but can also provide efficiency of authentication and management of revocation list.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.8
• /
• pp.3852-3864
• /
• 2016

Patients' health data is very sensitive and the access to individual's health data should be strictly restricted. However, many data consumers may need to use the aggregated health data. For example, the insurance companies needs to use this data to setup the premium level for health insurances. Therefore, privacy-preserving data aggregation solutions for health data have both theoretical importance and application potentials. In this paper, we propose a privacy-preserving health data aggregation scheme using differential privacy. In our scheme, patients' health data are aggregated by the local healthcare center before it is used by data comsumers, and this prevents individual's data from being leaked. Moreover, compared with the existing schemes in the literature, our work enjoys two additional benefits: 1) it not only resists many well known attacks in the open wireless networks, but also achieves the resilience against the human-factor-aware differential aggregation attack; 2) no trusted third party is employed in our proposed scheme, hence it achieves the robustness property and it does not suffer the single point failure problem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.143-156
• /
• 2024

Federated Learning (FL) has emerged as a potent methodology for decentralized model training across multiple collaborators, eliminating the need for data sharing. Although FL is lauded for its capacity to preserve data privacy, it is not impervious to various types of privacy attacks. Differential Privacy (DP), recognized as the golden standard in privacy-preservation techniques, is widely employed to counteract these vulnerabilities. This paper makes a specific contribution by applying an existing, task-specific adaptive DP mechanism to the FL environment. Our comprehensive analysis evaluates the impact of this mechanism on the performance of a shared global model, with particular attention to varying data distribution and partitioning schemes. This study deepens the understanding of the complex interplay between privacy and utility in FL, providing a validated methodology for securing data without compromising performance.

• Journal of Korea Multimedia Society
• /
• v.19 no.7
• /
• pp.1159-1165
• /
• 2016

Traffic violations such as moving while the traffic lights are red have come from a simple omission to a premeditated act. The traffic control center cannot timely monitor all the cameras installed on the roads to trace and pursue those traffic violators. Modern vehicles are equipped and controlled by several sensors in order to support monitoring and reporting those kind of behaviors which some time end up in severe causalities. However, such applications within the vehicle environment need to provide security guaranties. In this paper, we address the limitation of previous work and present a secure and privacy preserving protocol for traffic violation reporting system in vehicular cloud environment which enables the vehicles to report the traffic violators, thus the roadside clouds collect those information which can be used as evidence to pursue the traffic violators. Particularly, we provide the unlinkability security property within the proposed protocol which also offers lightweight computational overhead compared to previous protocol. We consider the concept of conditional privacy preserving authentication without pairing operations to provide security and privacy for the reporting vehicles.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.3
• /
• pp.47-57
• /
• 2013

Location privacy has been a serious concern for mobile users who use location-based services to acquire geographical location continuously. Spatial cloaking technique is a well-known privacy preserving method, which blurs an exact user location into a cloaked area to meet privacy requirements. However, cloaking for continuous moving object suffers from cloaked area size problem as it is unlikely for all objects travel in the same direction. In this paper, we propose a grid-based privacy preservation method with an improved Earth Mover's Distance(EMD) metric weight update scheme for semantic cloaking. We also define a representative cloaking area which protects continuous location privacy for moving users. Experimental implementation and evaluation exhibit that our proposed method renders good efficiency and scalability in cloaking processing time and area size control. We also show that our proposed method outperforms the existing method by successfully protects location privacy of continuous moving objects against various adversaries.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.6
• /
• pp.2841-2860
• /
• 2018

Vehicular networks play an important role in current intelligent transportation networks and have gained much attention from academia and industry. Vehicular networks can be enhanced by Long Term Evolution-Vehicle (LTE-V) technology, which has been defined in a series of standards by the 3rd Generation Partnership Project (3GPP). LTE-V technology is a systematic and integrated V2X solution. To guarantee secure LTE-V communication, security and privacy issues must be addressed before the network is deployed. The present study aims to improve the security functionality of vehicular LTE networks by proposing an efficient and secure ID-based message authentication scheme for vehicular networks, named the ESMAV. We demonstrate its ability to simultaneously support both mutual authentication and privacy protection. In addition, the ESMAV exhibit better performance in terms of overhead computation, communication cost, and security functions, which includes privacy preservation and non-frameability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.7
• /
• pp.3375-3400
• /
• 2018

With the advent of database-as-a-service (DAAS) and cloud computing, more and more data owners are motivated to outsource their data to cloud database in consideration of convenience and cost. However, it has become a challenging work to provide security to database as service model in cloud computing, because adversaries may try to gain access to sensitive data, and curious or malicious administrators may capture and leak data. In order to realize privacy preservation, sensitive data should be encrypted before outsourcing. In this paper, we present a secure and practical system over encrypted cloud data, called QSDB (queryable and secure database), which simultaneously supports SQL query operations. The proposed system can store and process the floating point numbers without compromising the security of data. To balance tradeoff between data privacy protection and query processing efficiency, QSDB utilizes three different encryption models to encrypt data. Our strategy is to process as much queries as possible at the cloud server. Encryption of queries and decryption of encrypted queries results are performed at client. Experiments on the real-world data sets were conducted to demonstrate the efficiency and practicality of the proposed system.

• Journal of Korea Multimedia Society
• /
• v.15 no.9
• /
• pp.1126-1132
• /
• 2012

To enhance network efficiency, CCN allow intermediate network nodes between a content consumer and a content publisher to temporarily cache transmitted contents. Then the network nodes immediately return back the cached contents to another consumers when the nodes receives relevant contents request messages from the consumers. For that, CCN utilizes hierarchical content names to forward a request message as well as a response message. However, such content names semantically contain much information about domain/user as well as content itself. So it is possible to invade users' privacy. In this paper, we first review both the problem of CCN name in the view point of privacy and proposed schemes. Then we propose an improved name management scheme for users' privacy preservation.

• The Journal of the Korea Contents Association
• /
• v.16 no.9
• /
• pp.329-338
• /
• 2016

Internet of Things (IoTs) technology makes every things in physical world being digitalized and communicated with each other. The technology is emerging as a new paradigm and is expected to provide a convenient and effective life. However, for the successful realization of the IoT technologies, IoT security issues are an important prerequisite, and particularly the privacy protection is expected to become more important in view of object communication directively related with human. In this paper we describe for the security and privacy threats in IoT environment and introduce the shodan (a legitimate search engine that finds backdoor routers, switches, webcams, IoT devices connected to the Internet etc.) that can expose the security and privacy problems. Lastly, we compare the privacy threats through real-world case study of network cameras currently in use and finally derive the countermeasures for the threats.