• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.1043-1063
• /
• 2019

With delegating proxy to process data before outsourcing, data owners in restricted access could enjoy flexible and powerful cloud storage service for productivity, but still confront with data integrity breach. Identity-based data auditing as a critical technology, could address this security concern efficiently and eliminate complicated owners' public key certificates management issue. Recently, Yu et al. proposed an Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy Processing (https://doi.org/10.3837/tiis.2017.10.019). It aims to offer identity-based, privacy-preserving and batch auditing for multiple owners' data on different clouds, while allowing proxy processing. In this article, we first demonstrate this scheme is insecure in the sense that malicious cloud could pass integrity auditing without original data. Additionally, clouds and owners are able to recover proxy's private key and thus impersonate it to forge tags for any data. Secondly, we propose an improved scheme with provable security in the random oracle model, to achieve desirable secure identity based privacy-preserving batch public auditing with proxy processing. Thirdly, based on theoretical analysis and performance simulation, our scheme shows better efficiency over existing identity-based auditing scheme with proxy processing on single owner and single cloud effort, which will benefit secure big data storage if extrapolating in real application.

• Journal of Computing Science and Engineering
• /
• v.9 no.3
• /
• pp.134-141
• /
• 2015

In on-demand multimedia streaming systems, streaming techniques are usually combined with proxy caching to obtain better performance. The patch streaming technique has no start-up latency inherent to it, but requires extra bandwidth to deliver the media data in patch streams. This paper proposes a proxy caching technique which aims at reducing the bandwidth cost of the patch streaming technique. The proposed approach determines media prefixes with high patching cost and caches the appropriate media prefix at the proxy/local server. Herein the scheme is evaluated using a synthetically generated media access workload and its performance is compared with that of the popularity and prefix-aware interval caching scheme (the prefix part) and with that of patch streaming with no caching. The bandwidth saving, hit ratio and concurrent number of clients are used to compare the performance, and the proposed scheme is found to perform better for different caching capacities of the proxy server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.353-360
• /
• 2017

The Internet of Things(IoT) security has more need than a technical problem as it needs series of regulations and faultless security system for common purposes. So, this study proposes an efficient key management in order that can be trusted IoT data in cloud computing. In contrast with a key distribution center of existing sensor networks, the proposed a federation key management of cloud proxy key server is not central point of administration and enables an active key recovery and update. The proposed key management is not a method of predetermined secret keys but sharing key information of a cloud proxy key server in autonomous cloud, which can reduce key generation and space complexity. In addition, In contrast with previous IoT key researches, a federation key of cloud proxy key server provides an extraction ability from meaningful information while moving data.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.12
• /
• pp.553-560
• /
• 2013

The development of cloud computing technology and smart devices have increasingly been expanding the influence in various fields. Although DRM(Digital Rights Management) is a very important technology for secure content services, interoperability among DRM technologies must be addressed in order to provide the service without the constraints of time and place on various smart devices. In this paper, we study DRM Cloud which provides DRM functions as a service in cloud computing environment, and address interoperability problem by providing different DRM technologies as a cloud service. That is, when a user wants to play contents with the different DRM technologies on a smart device, the usage of the content is controlled by providing the corresponding DRM module and function as SaaS from DRM cloud. To do this, we define the functions and structure of DRM Proxy which performs smooth service call and provision between DRM cloud user and DRM cloud, and finally we describe the experimental implementation result.

• Convergence Security Journal
• /
• v.21 no.3
• /
• pp.25-30
• /
• 2021

Due to the current COVID-19 pandemic, companies and institutions are introducing virtual desktop technology, one of the logical network separation technologies, to establish a safe working environment in a situation where remote work is provided. With the introduction of virtual desktop technology, companies and institutions can operate the network separation environment more safely and effectively, and can access the business network quickly and safely to increase work efficiency and productivity. However, when introducing virtual desktop technology, there is a cost problem of high-spec server, storage, and license, and it is necessary to supplement in terms of operation and management. As a countermeasure to this, companies and institutions are shifting to cloud computing-based technology, virtual desktop service (DaaS, Desktop as a Service). However, in the virtual desktop service, which is a cloud computing-based technology, the shared responsibility model is responsible for user access control and data security. In this paper, based on the shared responsibility model in the virtual desktop service environment, we propose a cloud-based hardware security module (Cloud HSM) and edge-DRM proxy as an improvement method for user access control and data security.

• International Journal of Advanced Culture Technology
• /
• v.10 no.2
• /
• pp.225-232
• /
• 2022

When we drive a vehicle in an IoT environment, there is a problem in that information of car users is collected without permission. The security measures used in the existing wired network environment cannot solve the security problem of cars running in the Internet of Things environment. Information should only be shared with entities that have been given permission to use it. In this paper, we intend to propose a method to prevent the illegal use of vehicle information. The method we propose is to use attribute-based encryption and dynamic threshold encryption. Real-time processing technology and cooperative technology are required to implement our proposed method. That's why we use fog computing's proxy servers to build smart gateways in cars. Proxy servers can collect information in real time and then process large amounts of computation. The performance of our proposed algorithm and system was verified by simulating it using NS2.

• Journal of Internet Computing and Services
• /
• v.13 no.1
• /
• pp.15-25
• /
• 2012

Mobile IPv6 (MIPv6) is a host-based protocol supporting global mobility while Proxy Mobile IPv6 (PMIPv6) is a network-based protocol supporting localized mobility. This paper makes its focus on how to reduce the longer delay and extra cost arising from the combination of authentication, authorization and accounting (AAA) and PMIPv6 further. Firstly, a novel authentication scheme (Proxy-AAA) is proposed, which supports fast handover mode and forwarding mode between different local mobility anchors (LMAs). Secondly, a cost analysis model is established based on Proxy-AAA. From the theoretical analysis, it could be noted that the cost is affected by average arrival rate and residence time.

• The KIPS Transactions:PartC
• /
• v.9C no.1
• /
• pp.79-88
• /
• 2002

Transcoding proxy strategy has been widely used as a means to reduce the delay in retrieving Web pages over wireless mobile data service networks. However, this strategy has the serious drawbacks of being a potential point of failure or a bottleneck of the service. We developed a distributed proxy server system in which multiple proxy servers are installed at geographically dispersed locations and share the workloads among them by serving mobile hosts only within assigned regions. A new handoff message protocol to enable handoffs between proxies as the mobile hosts move between regions is proposed. According to the proxy server handoff protocol, a client agent at the mobile horst requests a proxy server to start handoff processing by which two proxy servers synchronize distilled data belonging to a HTTP session that must be maintained across the handoff. Also, we introduce the architecture of the proxy server and the client agent that handles the proxy server handoff. Finally, we evaluate the proposed system through performance test.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.111-117
• /
• 2003

The XTR public key system has advantage of short key length and fast computing speed. So, the XTR is used usefully in complicated operation. In this paper, we propose a new algorithm of double exponentiation operation and a proxy signature protocol based on the XTR. The double exponentiation operation should be executed to apply XTR for the proxy signature protocol. But this algorithm is inappropriate, because two secret key has to be blown in existent operation algorithm. New algorithm enable double exponentiation operation with proxy signer's secret key and public information. And the XTR is used to generation and verification of proxy at proxy signature protocol. Therefore proxy signature based on the XTR has basic advantage of the XTR. These advantage can be used in internet as well as mobile.

• Journal of KIISE:Information Networking
• /
• v.31 no.1
• /
• pp.101-111
• /
• 2004

As different from wired internet, wireless internet has limitations due to the following characteristics; low bandwidth, frequent disconnection, low computing power, small screen in user terminal, and user mobility. Also, wireless internet server should be scalable to handle a large scale traffic due to rapidly growing users. Wireless proxy servers are used for the wireless internet because their caching and transcoding functions are helpful to overcome the above limitation. TranSend was proposed as a clustering based wireless proxy server but its scalability is difficult to achieve because there is no systematic way to do it. In this Paper. we proposed a clustering based wireless internet proxy server which can be scalable in a systematic way. We performed experiments using 16 PCs and experimental results show 32.17% performance improvement of the proposed system compared to TranSend system.