• Journal of the Society of Disaster Information
• /
• v.17 no.4
• /
• pp.897-903
• /
• 2021

Purpose: Recently, ransomware damage that encrypts victim's data through hacking and demands money in exchange for releasing it is increasing domestically and internationally. Accordingly, research and development on various response technologies and solutions are in progress. Method: A secure storage area and a general storage area were created in the same virtual environment, and the sample data was saved by registering the access process. In order to check whether the stored sample data is infringed, the ransomware sample was executed and the hash function of the sample data was checked to see if it was infringed. The access control performance checked whether the sample data was accessed through the same name and storage location as the registered access process. Result: As a result of the experiment, the sample data in the secure storage area maintained data integrity from ransomware and unauthorized processes. Conclusion: Through this study, the creation of a secure storage area and the whitelist-based access control method are evaluated as suitable as a method to protect important data, and it is possible to provide a more secure computing environment through future technology scalability and convergence with existing solutions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.3-8
• /
• 2008

Ephemeral data are easily revealed if state specific information is stored in insecure memory or a random number generator is corrupted. In this letter, we show that Nam et al.'s group key agreement scheme, which is an improvement of Bresson et al.'s scheme, is not secure against session-state reveal attacks. We then propose an improvement to fix the security flaw.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.7C
• /
• pp.733-742
• /
• 2003

Unlikely unicast transmission, there are many elements that threaten security. Thus, key management of creating and distributing group keys to authorized group members is a critical aspect of secure multicast operations. To offer security in multicast environment, the recent researches are related to most group key distribution. In this thesis, we propose a group key management protocol for efficient, scalable, and multicast operation. This proposed protocol architecture can distribute traffic centralized to the key server. since the group key rekeyed by sub-group manager. The detailed simulation compared with other group key management protocol show that the proposed group key management protocol is better for join, leave, and data latency.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.1
• /
• pp.82-89
• /
• 2021

Recently, applications are increasing the importance of security for published documents. This paper deals with data-publishing where the publishers must state sensitive information that they need to protect. If a document containing such sensitive information is accidentally posted, users can use common-sense reasoning to infer unauthorized information. In recent studied of peer-to-peer databases, studies on the security of data of various unique groups are conducted. In this paper, we propose a security framework that fundamentally blocks user inference about sensitive information that may be leaked by XML constraints and prevents sensitive information from leaking from general user. The proposed framework protects sensitive information disclosed through encryption technology. Moreover, the proposed framework is query view security without any three types of XML constraints. As a result of the experiment, the proposed framework has mathematically proved a way to prevent leakage of user information through data inference more than the existing method.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.765-773
• /
• 2006

In ubiquitous environment, private enterprise or public institution's privacy data are sometimes exposed to hackers because of the lack of the sense of information security. We apply secret sharing scheme to solve the privacy problems. But, the existing secret sharing scheme are not suitable for the management of large a quantity of data because that required operation of large capacity. In this paper, We propose new secret sharing scheme for privacy data management. Our scheme makes high-speed operation possible, and it also allows for set weight for each secret pieces depending on weight of participants. The scheme proposed in this paper makes it efficient to collect and manage secure privacy data in ubiquitous environment.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.11
• /
• pp.9-18
• /
• 2020

Recently, studies of integrated management platform and performance-based maintenance decision-marking systems have proceeded to the efficient management of port facilities. The purpose of this study was to manage and operate port facilities based on performance and to provide long-term durability and budgetary execution. Thus, it is essential to secure basic data to be analyzed in an integrated platform and decision-marking system. This study derived the data linkage measures to secure port facility design and management information. The target of deriving the data linkage was the POMS (Port Facility Management System) currently in operation by the MOF (Ministry of Oceans and Fisheries). To derive data linkage, analyze the database of POMS and select the data required for the operation-integrated platform and decision-marking system. The final data linkage target was determined by compiling the requirements of the relevant experts and selecting the final target of three groups (port and facility information, management information, and user information). As a result, the API interface design was prepared for detailed linked data and data linkage framework between the linkage data of POMS. The provision of real-time data linkage between POMS and integrated platform is expected to improve the operational efficiency of the integrated platform.

• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.369-378
• /
• 2011

To ensure data confidentiality and fine-grained access control in business environment, system model using KP-ABE(Key Policy-Attribute Based Encryption) and PRE(Proxy Re-Encryption) has been proposed recently. However, in previous study, data confidentiality has been effected by decryption right concentrated on cloud server. Also, Yu's work does not consider a access privilege management, so existing work become dangerous to collusion attack between malicious user and cloud server. To resolve this problem, we propose secure system model against collusion attack through dividing data file into header which is sent to privilege manager group and body which is sent to cloud server. And we construct the model of access privilege management using AONT based XOR threshold Secret Sharing, In addition, our scheme enable to grant weight for access privilege using XOR Share. In chapter 4, we differentiate existing scheme and proposed scheme.

• Journal of Digital Convergence
• /
• v.19 no.8
• /
• pp.205-217
• /
• 2021

Decentralized SSI(Self Sovereign Identity) has become an alternative to a new digital identity solution, but an efficient de-identification technique has not been proposed due to the unique algorithmic characteristics of data transactions. In this study, to ensure the decentralized operation of SSI, we propose a de-identification technique that does not remove identifiers by restructuring the verification results of ZKP (Zero Knowledge Proof) into a form that can be provided to the outside by the verifier. In addition, it is possible to provide restructured de-identification data without the consent of data subject by proposing the concept of differential sovereignty management for each entity participating in verification. As a result, the proposed model satisfies the domestic personal information protection law in a decnetralized SSI, in addition provides secure and efficient de-identification processing and sovereignty management.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.8
• /
• pp.2708-2721
• /
• 2014

Data outsourcing in the cloud (DOC) is a promising solution for data management at the present time, but it could result in the disclosure of outsourced data to unauthorized users. Therefore, protecting the confidentiality of such data has become a very challenging issue. The conventional way to achieve data confidentiality is to encrypt the data via asymmetric or symmetric encryptions before outsourcing. However, this is computationally inefficient because encryption/decryption operations are time-consuming. In recent years, a few DOC schemes based on secret sharing have emerged due to their low computational complexity. However, Dautrich and Ravishankar pointed out that most of them are insecure against certain kinds of collusion attacks. In this paper, we proposed a novel DOC scheme based on Shamir's secret sharing to overcome the security issues of these schemes. Our scheme can allow an authorized data user to recover all data files in a specified subset at once rather than one file at a time as required by other schemes that are based on secret sharing. Our thorough analyses showed that our proposed scheme is secure and that its performance is satisfactory.

• Journal of Information Processing Systems
• /
• v.14 no.3
• /
• pp.655-665
• /
• 2018

In efforts to increase its agricultural productivity, the Indonesian Center for Agricultural Biotechnology and Genetic Resources Research and Development has conducted a variety of genomic studies using high-throughput DNA genotyping and sequencing. The large quantity of data (big data) produced by these biotechnologies require high performance data management system to store, backup, and secure data. Additionally, these genetic studies are computationally demanding, requiring high performance processors and memory for data processing and analysis. Reliable network connectivity with large bandwidth to transfer data is essential as well as database applications and statistical tools that include cleaning, quality control, querying based on specific criteria, and exporting to various formats that are important for generating high yield varieties of crops and improving future agricultural strategies. This manuscript presents a reliable, secure, and scalable information technology infrastructure tailored to Indonesian agriculture genotyping studies.