• Title/Summary/Keyword: Privacy security

Search Result 1,539, Processing Time 0.025 seconds

New Secret Sharing Scheme for Privacy Data Management

  • Song You-Jin;Lee Dong-Hyeok
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2006.06a
    • /
    • pp.765-773
    • /
    • 2006
  • In ubiquitous environment, private enterprise or public institution's privacy data are sometimes exposed to hackers because of the lack of the sense of information security. We apply secret sharing scheme to solve the privacy problems. But, the existing secret sharing scheme are not suitable for the management of large a quantity of data because that required operation of large capacity. In this paper, We propose new secret sharing scheme for privacy data management. Our scheme makes high-speed operation possible, and it also allows for set weight for each secret pieces depending on weight of participants. The scheme proposed in this paper makes it efficient to collect and manage secure privacy data in ubiquitous environment.

  • PDF

An Exhaustive Review on Security Issues in Cloud Computing

  • Fatima, Shahin;Ahmad, Shish
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.6
    • /
    • pp.3219-3237
    • /
    • 2019
  • The Cloud Computing is growing rapidly in the current IT industry. Cloud computing has become a buzzword in relation to Grid & Utility computing. It provides on demand services to customers and customers will pay for what they get. Various "Cloud Service Provider" such as Microsoft Azure, Google Web Services etc. enables the users to access the cloud in cost effective manner. However, security, privacy and integrity of data is a major concern. In this paper various security challenges have been identified and the survey briefs the comprehensive overview of various security issues in cloud computing. The classification of security issues in cloud computing have been studied. In this paper we have discussed security challenges in cloud computing and also list recommended methods available for addressing them in the literature.

Internet of Things (IoT) Framework for Granting Trust among Objects

  • Suryani, Vera;Sulistyo, Selo;Widyawan, Widyawan
    • Journal of Information Processing Systems
    • /
    • v.13 no.6
    • /
    • pp.1613-1627
    • /
    • 2017
  • The concept of the Internet of Things (IoT) enables physical objects or things to be virtually accessible for both consuming and providing services. Undue access from irresponsible activities becomes an interesting issue to address. Maintenance of data integrity and privacy of objects is important from the perspective of security. Privacy can be achieved through various techniques: password authentication, cryptography, and the use of mathematical models to assess the level of security of other objects. Individual methods like these are less effective in increasing the security aspect. Comprehensive security schemes such as the use of frameworks are considered better, regardless of the framework model used, whether centralized, semi-centralized, or distributed ones. In this paper, we propose a new semi-centralized security framework that aims to improve privacy in IoT using the parameters of trust and reputation. A new algorithm to elect a reputation coordinator, i.e., ConTrust Manager is proposed in this framework. This framework allows each object to determine other objects that are considered trusted before the communication process is implemented. Evaluation of the proposed framework was done through simulation, which shows that the framework can be used as an alternative solution for improving security in the IoT.

Security and Privacy in Ubiquitous Sensor Networks

  • Perez, Alfredo J.;Zeadally, Sherali;Jabeur, Nafaa
    • Journal of Information Processing Systems
    • /
    • v.14 no.2
    • /
    • pp.286-308
    • /
    • 2018
  • The availability of powerful and sensor-enabled mobile and Internet-connected devices have enabled the advent of the ubiquitous sensor network (USN) paradigm. USN provides various types of solutions to the general public in multiple sectors, including environmental monitoring, entertainment, transportation, security, and healthcare. Here, we explore and compare the features of wireless sensor networks and USN. Based on our extensive study, we classify the security- and privacy-related challenges of USNs. We identify and discuss solutions available to address these challenges. Finally, we briefly discuss open challenges for designing more secure and privacy-preserving approaches in next-generation USNs.

A Survey of Security and Privacy Challenges in Cloud Computing: Solutions and Future Directions

  • Liu, Yuhong;Sun, Yan Lindsay;Ryoo, Jungwoo;Rizvi, Syed;Vasilakos, Athanasios V.
    • Journal of Computing Science and Engineering
    • /
    • v.9 no.3
    • /
    • pp.119-133
    • /
    • 2015
  • While cloud computing is gaining popularity, diverse security and privacy issues are emerging that hinder the rapid adoption of this new computing paradigm. And the development of defensive solutions is lagging behind. To ensure a secure and trustworthy cloud environment it is essential to identify the limitations of existing solutions and envision directions for future research. In this paper, we have surveyed critical security and privacy challenges in cloud computing, categorized diverse existing solutions, compared their strengths and limitations, and envisioned future research directions.

A Study on countermeasure for privacy in mobile office (모바일 오피스 개인정보 보호 방안에 대한 연구)

  • Park, Yongjoon;Lee, Yunjung
    • Journal of Korea Multimedia Society
    • /
    • v.18 no.2
    • /
    • pp.178-188
    • /
    • 2015
  • The proliferation of devices such as tablets and smart phones, which are now used by many people in their daily lives, has led to a number of companies allowing employees to bring their own devices to work due to perceived productivity gains and cost savings. However, despite many advantage, security breaches (e.g., information leakage) can happen for various reasons (e.g., loss or theft of devices, and malicious code) and privacy breaches can happen by using personal devices for business. We should carefully scrutinize security threats in this area. We present the security threats analysis and the technical approach in this area, and discuss privacy threats and countermeasures.

Security, Privacy, and Efficiency of Sustainable Computing for Future Smart Cities

  • Jeong, Young-Sik;Park, Jong Hyuk
    • Journal of Information Processing Systems
    • /
    • v.16 no.1
    • /
    • pp.1-5
    • /
    • 2020
  • Sustainable computing is a rapidly expanding field of research covering the fields of multidisciplinary engineering. With the rapid adoption of Internet of Things (IoT) devices, issues such as security, privacy, efficiency, and green computing infrastructure are increasing day by day. To achieve a sustainable computing ecosystem for future smart cities, it is important to take into account their entire life cycle from design and manufacturing to recycling and disposal as well as their wider impact on humans and the places around them. The energy efficiency aspects of the computing system range from electronic circuits to applications for systems covering small IoT devices up to large data centers. This editorial focuses on the security, privacy, and efficiency of sustainable computing for future smart cities. This issue accepted 17 articles after a rigorous review process.

Advanced insider threat detection model to apply periodic work atmosphere

  • Oh, Junhyoung;Kim, Tae Ho;Lee, Kyung Ho
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.3
    • /
    • pp.1722-1737
    • /
    • 2019
  • We developed an insider threat detection model to be used by organizations that repeat tasks at regular intervals. The model identifies the best combination of different feature selection algorithms, unsupervised learning algorithms, and standard scores. We derive a model specifically optimized for the organization by evaluating each combination in terms of accuracy, AUC (Area Under the Curve), and TPR (True Positive Rate). In order to validate this model, a four-year log was applied to the system handling sensitive information from public institutions. In the research target system, the user log was analyzed monthly based on the fact that the business process is processed at a cycle of one year, and the roles are determined for each person in charge. In order to classify the behavior of a user as abnormal, the standard scores of each organization were calculated and classified as abnormal when they exceeded certain thresholds. Using this method, we proposed an optimized model for the organization and verified it.

Advanced approach to information security management system utilizing maturity models in critical infrastructure

  • You, Youngin;Oh, Junhyoung;Kim, Sooheon;Lee, Kyungho
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.10
    • /
    • pp.4995-5014
    • /
    • 2018
  • As the area covered by the CPS grows wider, agencies such as public institutions and critical infrastructure are collectively measuring and evaluating information security capabilities. Currently, these methods of measuring information security are a concrete method of recommendation in related standards. However, the security controls used in these methods are lacking in connectivity, causing silo effect. In order to solve this problem, there has been an attempt to study the information security management system in terms of maturity. However, to the best of our knowledge, no research has considered the specific definitions of each level that measures organizational security maturity or specific methods and criteria for constructing such levels. This study developed an information security maturity model that can measure and manage the information security capability of critical infrastructure based on information provided by an expert critical infrastructure information protection group. The proposed model is simulated using the thermal power sector in critical infrastructure of the Republic of Korea to confirm the possibility of its application to the field and derive core security processes and goals that constitute infrastructure security maturity. The findings will be useful for future research or practical application of infrastructure ISMSs.

User-Centric Access Control Service for Blockchain-Based Private Information Management (블록체인 기반의 개인정보 관리를 위한 사용자 중심의 접근제어 서비스)

  • Kim, Seung-Hyun;Kim, Soohyung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.3
    • /
    • pp.341-351
    • /
    • 2021
  • Recently, user-driven privacy control technology, such as distributed ID management, has been gaining attention. However, the existing blockchain-based access control studies have not provided a sufficient level of privacy control method to users. This paper proposes a method that combines permissioned blockchain technology and a recent privacy control standard. To allow users to participate in privacy control, a token-based user access control service that conforms to the UMA2 standard was applied to the blockchain dApp. By combining the blockchain and UMA2, the proposed method provides a user-centered privacy control function that the existing blockchain could not provide. In addition, we solved the problem of privacy, security, and availability of entities, which are the disadvantages of UMA2.