• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.1
• /
• pp.436-453
• /
• 2018

Storage cloud scheme, pushing data to the storage cloud poses much attention regarding data confidentiality. With encryption concept, data accessibility is limited because of encrypted data. To secure storage system with high access power is complicated due to dispersed storage environment. In this paper, we propose a hardware-based security scheme such that a secure dispersed storage system using erasure code is articulated. We designed a hardware-based security scheme with data encoding operations and migration capabilities. Using TPM (Trusted Platform Module), the data integrity and security is evaluated and achieved.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11c
• /
• pp.1981-1984
• /
• 2003

본 논문에서는 보안 운영체제를 구현함에 있어서, 보다 진보적인 형태의 접근통제를 시행하기 위한 새로운 접근통제 기법에 대하여 설명한다. 새로운 접근통제 기법은 역할 기반 접근통제 기법(RBAC)을 확장하여 구성한다. 또한, 개념의 정확한 표현 및 논리의 정확성 확인을 위하여 정형 기법을 이용, 접근통제 모델을 기술하고 분석한 결과에 대하여 설명한다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.3
• /
• pp.9-18
• /
• 2008

Mobile devices do not need the fixed network infrastructure in ad-hoc network, these devices communicate each other through the distributed control. Accordingly, mobile devices can discover several services using dynamic searching method and provide safely public ownership of these services. Ad-hoc network needs the distributed control and topology of dynamic network because the limited power for processing and network communication. This paper is devoted to provide the secure protocol that provides efficient services discovery using SDP(Service Discovery Protocol) and considers the security requirements. Proposed protocol provides the distributed control based on PKI without central server, the discovery of trusted service, secure telecommunication, the identification among mobile devices, and service access control by user authority.

• Journal of Information Processing Systems
• /
• v.1 no.1 s.1
• /
• pp.86-95
• /
• 2005

Location-based services or LBS refer to value-added service by processing information utilizing mobile user location. With the rapidly increasing wireless Internet subscribers and world LBS market, the various location based applications are introduced such as buddy finder, proximity and security services. As the killer application of the wireless Internet, the LBS have reconsidered technology about location determination technology, LBS middleware server for various application, and diverse contents processing technology. However, there are fears that this new wealth of personal location information will lead to new security risks, to the invasion of the privacy of people and organizations. This paper describes a novel security approach on open LBS service to validate certificate based on current LBS platform environment using XKMS (XML Key Management Specification) and SAML (Security Assertion Markup Language), XACML (extensible Access Control Markup Language) in XML security mechanism.

• Journal of KIISE:Computer Systems and Theory
• /
• v.37 no.6
• /
• pp.348-353
• /
• 2010

A threshold decryption scheme is a multi-party public key cryptosystem that allows any sufficiently large subset of participants to decrypt a ciphertext, but disallows the decryption otherwise. When performing a threshold decryption, a third party is often involved to guarantee fairness among the participants. To maintain the security of the protocol as high as possible, it is desirable to lower the level of trust and the amount of information given to the third party. In this paper, we present a threshold decryption scheme which allows the anonymity of the participants as well as the fairness by employing a semi-trusted third party (STTP) which follows the protocol properly with the exception that it keeps a record of all its intermediate computations. Our solution preserves the security and fairness of the previous scheme and reveals no information about the identities of the participants and the plaintext even though an attacker is allowed to access the storage of the STTP.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.4
• /
• pp.2276-2291
• /
• 2017

Data protection of removable storage devices is an important issue in information security. Unfortunately, most existing data protection mechanisms are aimed at protecting computer platform which is not suitable for ultra-low-power devices. To protect the flash disk appropriately and efficiently, we propose a trust based USB flash disk, named UTrustDisk. The data protection technologies in UTrustDisk include data authentication protocol, data confidentiality protection and data leakage prevention. Usually, the data integrity protection scheme is the bottleneck in the whole system and we accelerate it by WH universal hash function and speculative caching. The speculative caching will cache the potential hot chunks for reducing the memory bandwidth pollution. We adopt the symmetric encryption algorithm to protect data confidentiality. Before mounting the UTrustDisk, we will run a trusted virtual domain based lightweight virtual machine for preventing information leakage. Besides, we prove formally that UTrustDisk can prevent sensitive data from leaking out. Experimental results show that our scheme's average writing throughput is 44.8% higher than that of NH scheme, and 316% higher than that of SHA-1 scheme. And the success rate of speculative caching mechanism is up to 94.5% since the access pattern is usually sequential.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.11
• /
• pp.5496-5505
• /
• 2012

As the IT industry develops, the smart-phone technology and functions which are actively being studied at the moment greatly influence the entire living environment. With the smart-phone technology and functions, people's interest for the wireless LAN which can be used to get access to the Internet anytime anywhere is gradually increasing. However, since the malicious attacker can easily carry out hacking or approach the contents due to the characteristics of the wireless radio wave, the personal information with a high level of importance for data security is easily exposed due to Spoofing, Denial of Service attack and Man in the Middle attack. Therefore, the demand for security is gradually increasing. In this paper, the safe wireless network service environment is provided by supplementing the vulnerability in regard to Spoofing, Session Hijacking and Man in the Middle attack after executing the client's authentication process, the AP authentication process and the Mobile Agency authentication process with the client's information in the USIM, the AP information and the Mobile Agency information when the client uses the wireless Internet through the Mobile Agency AP access in the smart phone environment.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.9 no.9
• /
• pp.819-831
• /
• 2019

The types of properties traded in modern times are rapidly increasing due to changes in consumption patterns. However, as the type of properties traded increases, estimation about the value of properties may become inaccurate. There is a problem that it is difficult for consumers to estimate the right value and the variety of trading forms makes it difficult to guarantee the reliability of value estimation As access to a variety of properties has expanded, these shortcomings are considered to be a factor that hinders the stability of the shared economic market. In this paper, to resolve this issue, we present a blockchain-based property contract service through a trusted broker. The developed service registers trusted brokers into smart contracts on the Ethereum blockchain and use them for the evaluation and contract process of properties. In addition, registered contents, proposals and contracts of properties are stored in the blockchain to ensure the reliability of the contract process. Every step of the contract process is stored in the smart contract, recorded in the transaction history of the blockchain, ensuring the reliability of the stored data. In addition, the entire process of registration, proposal, and contract is driven by smart contracts designed by state machine technology, enabling users to more securely control the contract process.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.335-345
• /
• 2024

In the digital era, data security has become an increasingly critical issue, drawing significant attention. Particularly, anti-tampering technology has emerged as a key defense mechanism against indiscriminate hacking and unauthorized access. This paper explores case studies that exemplify the trends in the development and application of TPM (Trusted Platform Module) and software anti-tampering technology in today's digital ecosystem. By analyzing various existing security guides and guidelines, this paper identifies ambiguous areas within them and investigates recent trends in domestic and international research on software anti-tampering. Consequently, while guidelines exist for applying anti-tampering techniques, it was found that there is a lack of methods for evaluating them. Therefore, this paper aims to propose a comprehensive and systematic evaluation framework for assessing both existing and future software anti-tampering techniques. To achieve this, it using various verification methods employed in recent research. The proposed evaluation framework synthesizes these methods, categorizing them into three aspects (functionality, implementation, performance), thereby providing a comprehensive and systematic evaluation approach for assessing software anti-tampering technology in detail.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.3
• /
• pp.513-525
• /
• 2022

The immutability of blockchain is core elements of security of blockchain and guarantee data integrity. However, the characteristic that the data recoreded once in the blockchain cannot be modified has place for abuse by a specific user. In fact improper contents that is inappropriate to be recorded on the blockchain, such as harmful data and user personal data, is exposed on Bitcoin. As a way to manage improper content existing in the blockchain, there is a redactable blockchain using chameleon hash proposed for the first time by Ateniese. The redactable blockchain meet the right to be forgotten of GDPR by allowing data modification and deletion. Recently, Research on personal data management is being conducted in a redactable blockchain. Research by Jia et al. proposed a model that enables users to manage their personal data in the redactable blockchain. However, semi trusted regulators, which are blockchain participation nodes, have powerful authority in the blockchain, such as modification rights and deprivation of transaction rights for all blocks, which may cause side effects. In this paper, to weaken the authority of regulators in Y. Jia et al., we propose a method of authority subject altering and authority sharing, and propose a redactable blockchain-based authority change and access control system model based on applicable scenarios.