• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.10
• /
• pp.3607-3623
• /
• 2014

The increasing demand in promoting cloud computing in either business or other areas requires more security of a cloud storage system. Traditional cloud storage systems fail to protect data integrity information (DII), when the interactive messages between the client and the data storage server are sniffed. To protect DII and support public verifiability, we propose a data integrity verification scheme by deploying a designated confirmer signature DCS as a building block. The DCS scheme strikes the balance between public verifiable signatures and zero-knowledge proofs which can address disputes between the cloud storage server and any user, whoever acting as a malicious player during the two-round verification. In addition, our verification scheme remains blockless and stateless, which is important in conducting a secure and efficient cryptosystem. We perform security analysis and performance evaluation on our scheme, and compared with the existing schemes, the results show that our scheme is more secure and efficient.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.861-868
• /
• 2023

One of the key technologies in providing data analysis in the deep learning while maintaining security is fully homomorphic encryption. Due to constraints in operations on fully homomorphically encrypted data, non-arithmetic functions used in deep learning must be approximated by polynomials. Until now, the degrees of approximation polynomials with composite minimax polynomials have been uniformly set across layers, which poses challenges for effective network designs on fully homomorphic encryption. This study theoretically proves that setting different degrees of approximation polynomials constructed by composite minimax polynomial in each layer does not pose any issues in the inference on convolutional neural networks.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.2
• /
• pp.71-85
• /
• 2016

The purpose of this research is to study technical and policy improvements of carrier billing services, which are a developing and growing industry, by adopting a meta-analysis method. Implications were derived from studying 15 years-worth of academic research papers (from 2001 to 2015), by analyzing the trends over a total of 109 such research papers on carrier billing services. First, looking at the characteristics of the main studies of the papers from 2008 to 2009, it papers appeared that dealt with preventing fraudulent transactions and preserving consumer protection. Privacy, policy proposals and studies for new systems were researched from 2010-2012. Service, success factors, damage prevention systems research, law, and institutions were discussed in 2013-2015 mainly. Second, the research showed that the number of carrier billing service studies increased due to social issues(telecommunications billing services deregulation, the emergence smartphones, fraud). Third, in sectorial research results, technology was the focus area of 47 papers (43.1%), the service sector was the focus of 39 pieces (35.8%) and law and policy improvement accounted for 23 pieces (21.1%). The study of technology and service areas was the most active and according to changes in the environment, law and policy improvement were second to most active. This study will contribute to improving relevant institutions and research directions about study trends in carrier billing services.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.9
• /
• pp.79-89
• /
• 2013

Recently, the need for outsourcing sensitive data has grown due to the wide spreading of cost-effective and flexible cloud service. However, there is a fundamental concern in using such service since users have to trust external servers. Therefore, searchable encryption can be a very valuable tool to meet the security requirements of data outsourcing. However, most of work on searchable encryption focus only on privacy preserving search function and relatively lacks research on encryption mechanism used to actually encrypt data. Without a suitable latter mechanism, searchable encryption cannot be deployed in real world cloud services. In this paper, we analyze previously used and possible data encryption mechanisms for multi-user searchable encryption system and discuss their pros and cons. Our results show that readily available tools such as broadcast encryption, attribute-based encryption, and proxy re-encryption do not provide suitable solutions. The main problem with existing tools is that they may require separate fully trusted servers and the difficulty in preventing collusion attacks between outsiders and semi-trusted servers.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.6
• /
• pp.159-166
• /
• 2013

Recently, because the interest and needs in privacy protection are growing, smartcard-based remote user authentication schemes have been actively studied to provide the user anonymity. In 2008, Kim et al. first proposed an authentication scheme in order to ensure the user anonymity against both external attackers and the remote server and track malicious users with the help of a trusted trace sever. However, in 2010, Lee et al. showed that Kim et al.'s scheme cannot provide the user anonymity against remote server, which is because the server can trace users without any help of the trace server, and then proposed a improved scheme. On the other hand, in 2010, Horng et al. proposed an authentication scheme with non-tamper resistant smart cards, in which the non-tamper resistant smart card means that an attacker may find out secret information stored in the smart card through special data analysis techniques such as monitoring power consumption, to be secure against a variety of attacks and to provide the user anonymity against external attackers. In this paper, we will propose a remote user authentication scheme with non-tamper resistant smart cards not only to ensure the user anonymity against both external attackers and the remote server but also to track malicious users with only the help of a trusted trace sever.