• Journal of Korea Society of Digital Industry and Information Management
• /
• v.19 no.2
• /
• pp.39-46
• /
• 2023

The rise in popularity of cloud services has brought about a heightened concern for security in the field of cloud computing. As a response, governments have implemented CSAP(Cloud Security Assurance Program) to ensure the security of these services. However, despite such measures, the emergence of various security vulnerabilities persists, resulting in incidents related to cloud security breaches. To address this, the utilization of Common Vulnerabilities and Exposures (CVE) has been proposed as a means to facilitate the sharing of vulnerability information across different domains. Nevertheless, the unique characteristics of cloud services present challenges in assigning CVE IDs to the diverse range of vulnerabilities within the cloud environment. In this study, we analyzed how CVE can be effectively employed to enhance cloud security. The assignment of a CVE ID is contingent upon the fulfillment of three rules in the Counting Decision and five rules in the Inclusion Decision. Notably, the third rule in the Inclusion Decision, INC3, clashes with the nature of cloud services, resulting in obstacles in assigning CVE IDs to various cloud vulnerabilities. To tackle this issue, we suggest the appointment of designated individuals who would be responsible for overseeing specific areas of cloud services, thereby enabling the issuance of CVE IDs. This proposed approach aims to overcome the challenges associated with the unique characteristics of cloud services and ensure the seamless sharing of vulnerability information. Information sharing regarding vulnerabilities is crucial in the field of security, and by incorporating cloud vulnerabilities into the CVE system, this method can contribute to enhancing the security of cloud services.

• Convergence Security Journal
• /
• v.1 no.1
• /
• pp.47-55
• /
• 2001

This paper proposes a method which inserts watermark created by secret sharing method and then extracts it from watermarked image for the protection of copyrights of digital images. To do this, after image's DCT transform, once some values created by Key sharing method which used Lagrange interpolation are inserted into a frequency domain, one can recreate original watermark even if only k seeds are extracted among n of inserted seeds ($n{\geq}k$).

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.7
• /
• pp.2703-2718
• /
• 2015

Nowadays, public cloud storage is gaining popularity and a growing number of users are beginning to use the public cloud storage for online data storing and sharing. However, how the encrypted data stored in public clouds can be effectively shared becomes a new challenge. Proxy re-encryption is a public-key primitive that can delegate the decryption right from one user to another. In a proxy re-encryption system, a semi-trusted proxy authorized by a data owner is allowed to transform an encrypted data under the data owner's public key into a re-encrypted data under an authorized recipient's public key without seeing the underlying plaintext. Hence, the paradigm of proxy re-encryption provides a promising solution to effectively share encrypted data. In this paper, we propose a new certificate-based proxy re-encryption scheme for encrypted data sharing in public clouds. In the random oracle model, we formally prove that the proposed scheme achieves chosen-ciphertext security. The simulation results show that it is more efficient than the previous certificate-based proxy re-encryption schemes.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.311-318
• /
• 2013

It is very important to design security policy and technical framework on sensitive private data in order to protect user privacy in smart grid environment. This paper introduces secret data sharing schemes proposed for privacy protection in smart grid, and presents technical problems of them. The proposed scheme in this paper, reduces the number of rounds in sharing process and also in restoration process, and can select how many databases would be used, so eventually it shows enhancements in terms of efficiency and security.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.5
• /
• pp.2394-2406
• /
• 2016

ABE has become an effective tool for data protection in cloud computing. However, since users possessing the same attributes share the same private keys, there exist some malicious users exposing their private keys deliberately for illegal data sharing without being detected, which will threaten the security of the cloud system. Such issues remain in many current ABE schemes since the private keys are rarely associated with any user specific identifiers. In order to achieve user accountability as well as provide key exposure protection, in this paper, we propose a key-insulated ciphertext policy attribute based encryption with key exposure accountability (KI-CPABE-KEA). In our scheme, data receiver can decrypt the ciphertext if the attributes he owns match with the self-centric policy which is set by the data owner. Besides, a unique identifier is embedded into each user's private key. If a malicious user exposes his private key for illegal data sharing, his identity can be exactly pinpointed by system manager. The key-insulation mechanism guarantees forward and backward security when key exposure happens as well as provides efficient key updating for users in the cloud system. The higher efficiency with proved security make our KI-CPABE-KEA more appropriate for secure data sharing in cloud computing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.193-201
• /
• 2013

Sharing copyrighted files without copyright holder's permission is illegal. But, a number of illegal file sharers using BitTorrent increase. However, it is difficult to find appropriate digital evidences and legal basis to punish them. And, there are no framework for digital investigation of illegal sharing using BitTorrent. Additionally, role of server in BitTorrent had been reduced than server in conventional P2P. So, It is difficult to apply investigation framework for illegal sharing using conventional P2P to investigation process of illegal sharing using BitTorrent. This paper proposes the methodology about punishing illegal sharer using BitTorrent by suggesting the digital investigation framework.

• Journal of Communications and Networks
• /
• v.12 no.4
• /
• pp.382-394
• /
• 2010

Cross-domain event information sharing is a topic of great interest in the area of event based network management. In this work we use data sets which represent actual attacks in the operational Internet. We analyze the data sets to understand the dynamics of the attacks and then go onto show the effectiveness of sharing incident related information to contain these attacks. We describe universal data acquisition system for event based management (UniDAS), a novel system for secure and automated cross-domain event information sharing. The system uses a generic, structured data format based on a standardized incident object description and exchange format (IODEF). IODEF is an XML-based extensible data format for security incident information exchange. We propose a simple and effective security model for IODEF and apply it to the secure and automated generic event information sharing system UniDAS. We present the system we have developed and evaluate its effectiveness.

• International Journal of Computer Science & Network Security
• /
• v.23 no.10
• /
• pp.21-29
• /
• 2023

Recently there has been an increase in interest and competition in sharing economy platforms. The success stories of many companies have spread in this field, such as Uber, but on the other hand, there are many other companies that have failed. We studied and analyzed the factors that affect the user's participation in the sharing economy platforms as an essential part of this system, and how to maintain the consumer's intention of use without compromising consumer satisfaction, as it has become an issue of great importance on the path to the success of the sharing platforms. Relying on the expanded valence framework and expectation confirmation theory as a basis, we constructed hypotheses that influence intention to participate in participatory platforms. Results show that system quality, trust, perceived benefits, and satisfaction are important factors that positively influence intention to continue to participate. This research is expected to help researchers move forward with research related to the future and help business managers understand user insights and integrate them with their business model to help the success, development and expansion of their business in the Kingdom of Saudi Arabia.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1167-1188
• /
• 2017

The purpose of this study is to investigate the factors affecting cyber threat information provision in order to activate cyber threat information sharing in Korea. In particular, we looked at the intention to provide simple information and important information according to the importance of information. The research method was conducted on the information security practitioners' online survey in terms of users of information sharing system. And empirical analysis was conducted. As a result of the study, only the CEO's attitude influenced the intention to provide simple information. On the other hand, important information was influenced not only by the CEO's attitude but also by the information evaluation system, privatization, and mitigating legal penalties. The results of this study can identify the problems of the cyber threat information sharing system in Korea. And we can confirm the priority of improvement and the change of information providing intention before and after improvement of information sharing system.

• Current Optics and Photonics
• /
• v.3 no.2
• /
• pp.119-127
• /
• 2019

A new secret-key-sharing cryptosystem using optical phase-shifting digital holography is proposed. The proposed secret-key-sharing algorithm is based on the Diffie-Hellman key-exchange protocol, which is modified to an optical cipher system implemented by a two-step quadrature phase-shifting digital holographic encryption method using orthogonal polarization. Two unknown users' private keys are encrypted by two-step phase-shifting digital holography and are changed into three digital-hologram ciphers, which are stored by computer and are opened to a public communication network for secret-key-sharing. Two-step phase-shifting digital holograms are acquired by applying a phase step of 0 or ${\pi}/2$ in the reference beam's path. The encrypted digital hologram in the optical setup is a Fourier-transform hologram, and is recorded on CCDs with 256 quantized gray-level intensities. The digital hologram shows an analog-type noise-like randomized cipher with a two-dimensional array, which has a stronger security level than conventional electronic cryptography, due to the complexity of optical encryption, and protects against the possibility of a replay attack. Decryption with three encrypted digital holograms generates the same shared secret key for each user. Schematically, the proposed optical configuration has the advantage of producing a kind of double-key encryption, which can enhance security strength compared to the conventional Diffie-Hellman key-exchange protocol. Another advantage of the proposed secret-key-sharing cryptosystem is that it is free to change each user's private key in generating the public keys at any time. The proposed method is very effective cryptography when applied to a secret-key-exchange cryptosystem with high security strength.