• Convergence Security Journal
• /
• v.14 no.6_1
• /
• pp.147-155
• /
• 2014

Encryption and authentication system in National Defense is divided into three system; KMI, MPKI, and GPKI. In this paper, we report inherent problem and security threaten in MPKI and propose an attribute-based authentication scheme using attribute-based signature in order to improve user authentication. In our scheme, access structure is used by Monotone Span Program, and system server provides service after user authentication.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.7
• /
• pp.3339-3352
• /
• 2016

In ciphertext-policy attribute-based encryption (CP-ABE) scheme, a user's secret key is associated with a set of attributes, and the ciphertext is associated with an access policy. The user can decrypt the ciphertext if and only if the attribute set of his secret key satisfies the access policy specified in the ciphertext. In the present schemes, access policy is sent to the decryptor along with the ciphertext, which means that the privacy of the encryptor is revealed. In order to solve such problem, we propose a CP-ABE scheme with hidden access policy, which is able to preserve the privacy of the encryptor and decryptor. And what's more in the present schemes, the users need to do excessive calculation for decryption to check whether their attributes match the access policy specified in the ciphertext or not, which makes the users do useless computation if the attributes don't match the hidden access policy. In order to solve efficiency issue, our scheme adds a testing phase to avoid the unnecessary operation above before decryption. The computation cost for the testing phase is much less than the decryption computation so that the efficiency in our scheme is improved. Meanwhile, our new scheme is proved to be selectively secure against chosen-plaintext attack under DDH assumption.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.5 no.3
• /
• pp.168-174
• /
• 2010

User authentication is an important requirement to provide secure network service. Therefore, many authentication schemes have been proposed to provide secure authentication, such as key agreement and anonymity. However, authority of scheme is limited to one's self. It is inefficient when authenticated users grant a certification to other users who are in an organization which has a hierarchical structure, such as a company or school. In this paper, we propose the first authentication scheme to use Attributes-Based Re-encryption that creates a certification to other users with specified attributes. The scheme, which has expanded from Rhee et al. scheme, has optimized computation performance on a smart card, ensuring the user's anonymity and key agreement between users and server.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.4
• /
• pp.127-132
• /
• 2014

Some laws and regulations may require internet service providers to provide services based on the age of users. Age verification in the online environment should be used as a tool to provide service that is appropriate to child based on age. Using the minimum attribute information, processes on age verification provides the proper guidance to the internet services. However, there is a lack of a globally accepted trust framework for age verification process including evaluation factors for age verification information. In this paper the federation model of user attributes were described and evaluation factors for the age verification information were suggested. Also using the suggested evaluation factors, performance evaluation of federation model of user evaluation was performed. To meet the requirements of evaluation factors, framework of federation model should consider the unlinkability pseudonym support, eavesdropping protection and cloning protection.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.12
• /
• pp.133-142
• /
• 2021

Travel pattern recognition is widely used in many aspects such as user trajectory query, user behavior prediction, interest recommendation based on user location, user privacy protection and municipal transportation planning. Because the current recognition accuracy cannot meet the application requirements, the study of travel pattern recognition is the focus of trajectory data research. With the popularization of GPS navigation technology and intelligent mobile devices, a large amount of user mobile data information can be obtained from it, and many meaningful researches can be carried out based on this information. In the current travel pattern research method, the feature extraction of trajectory is limited to the basic attributes of trajectory (speed, angle, acceleration, etc.). In this paper, permutation entropy was used as an eigenvalue of trajectory to participate in the research of trajectory classification, and also used as an attribute to measure the complexity of time series. Velocity permutation entropy and angle permutation entropy were used as characteristics of trajectory to participate in the classification of travel patterns, and the accuracy of attribute classification based on permutation entropy used in this paper reached 81.47%.

• The KIPS Transactions:PartB
• /
• v.10B no.3
• /
• pp.287-296
• /
• 2003

There has been much research focused on collaborative filtering technique in Recommender System. However, these studies have shown the First-Rater Problem and the Sparsity Problem. The main purpose of this Paper is to solve these Problems. In this Paper, we suggest the user's predicting preference method using Bayesian estimated value and the associative user clustering for the recalculation of preference. In addition to this method, to complement a shortcoming, which doesn't regard the attribution of item, we use Representative Attribute-Neighborhood method that is used for the prediction when we find the similar neighborhood through extracting the representative attribution, which most affect the preference. We improved the efficiency by using the associative user's clustering analysis in order to calculate the preference of specific item within the cluster item vector to the collaborative filtering algorithm. Besides, for the problem of the Sparsity and First-Rater, through using Association Rule Hypergraph Partitioning algorithm associative users are clustered according to the genre. New users are classified into one of these genres by Naive Bayes classifier. In addition, in order to get the similarity value between users belonged to the classified genre and new users, and this paper allows the different estimated value to item which user evaluated through Naive Bayes learning. As applying the preference granted the estimated value to Pearson correlation coefficient, it can make the higher accuracy because the errors that cause the missing value come less. We evaluate our method on a large collaborative filtering database of user rating and it significantly outperforms previous proposed method.

• Journal of Information Technology Applications and Management
• /
• v.16 no.4
• /
• pp.93-107
• /
• 2009

This study investigated consumer preferences for Internet medical information service in China using the multi-attribute utility theory. The multi-attribute utility theory is a compositional approach for modeling consumer preferences wherein researchers calculate the overall service utility by summing up the evaluation results for each attribute. We found that Chinese Internet medical information users consider the availability of information and quick response to be the most important attributes. Further, they think that the comment feature is less important as compared to other attributes such as costs and updates. In addition, we found that the Internet users having more Internet experience consider these attributes to be more important as compared to the people who are just beginning to surf the Internet. For any successful Internet business, Internet marketers should assess individual-level preference and accordingly organize a fresh campaign. As of now, Internet marketers need estimation methods to predict the market performance of new services in many different business environments. We believe that the multi-attribute utility theory is a useful approach in this regard.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.6
• /
• pp.3254-3272
• /
• 2017

With the development of wireless access technologies and the popularity of mobile intelligent terminals, cloud computing is expected to expand to mobile environments. Attribute-based encryption, widely applied in cloud computing, incurs massive computational cost during the encryption and decryption phases. The computational cost grows with the complexity of the access policy. This disadvantage becomes more serious for mobile devices because they have limited resources. To address this problem, we present an efficient verifiable outsourced scheme based on the bilinear group of prime order. The scheme is called the verifiable outsourced computation ciphertext-policy attribute-based encryption scheme (VOC-CP-ABE), and it provides a way to outsource intensive computing tasks during encryption and decryption phases to CSP without revealing the private information and leaves only marginal computation to the user. At the same time, the outsourced computation can be verified by two hash functions. Then, the formal security proofs of its (selective) CPA security and verifiability are provided. Finally, we discuss the performance of the proposed scheme with comparisons to several related works.

• The KIPS Transactions:PartB
• /
• v.13B no.2 s.105
• /
• pp.133-138
• /
• 2006

Learning with Attribute Value Taxonomies (AVT) has shown that it is possible to construct accurate, compact and robust classifiers from a partially missing dataset (dataset that contains attribute values specified with different level of precision). Yet, in many cases AVTs are generated from experts or people with specialized knowledge in their domain. Unfortunately these user-provided AVTs can be time-consuming to construct and misguided during the AVT building process. Moreover experts are occasionally unavailable to provide an AVT for a particular domain. Against these backgrounds, this paper introduces an AVT generating method called GA-AVT-Learner, which finds a near optimal AVT with a given training dataset using a genetic algorithm. This paper conducted experiments generating AVTs through GA-AVT-Learner with a variety of real world datasets. We compared these AVTs with other types of AVTs such as HAC-AVTs and user-provided AVTs. Through the experiments we have proved that GA-AVT-Learner provides AVTs that yield more accurate and compact classifiers and improve performance in learning missing data.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.9
• /
• pp.3274-3297
• /
• 2021

Permission delegation is an important research issue in access control. It allows a user to delegate some of his permissions to others to reduce his workload, or enables others to complete some tasks on his behalf when he is unavailable to do so. As an ideal solution for controlling read access on outsourced data objects on the cloud, Ciphertext-Policy Attribute-Based Encryption (CP-ABE) has attracted much attention. Some existing CP-ABE schemes handle the read permission delegation through the delegation of the user's private key to others. Still, these schemes lack the further consideration of granularity and traceability of the permission delegation. To this end, this article proposes a flexible and fine-grained CP-ABE key delegation approach that supports white-box traceability. In this approach, the key delegator first examines the relations between the data objects, read permission thereof that he intends to delegate, and the attributes associated with the access policies of these data objects. Then he chooses a minimal attribute set from his attributes according to the principle of least privilege. He constructs the delegation key with the minimal attribute set. Thus, we can achieve the shortest delegation key and minimize the time of key delegation under the premise of guaranteeing the delegator's access control requirement. The Key Generation Center (KGC) then embeds the delegatee's identity into the key to trace the route of the delegation key. Our approach prevents the delegatee from combining his existing key with the new delegation key to access unauthorized data objects. Theoretical analysis and test results show that our approach helps the KGC transfer some of its burdensome key generation tasks to regular users (delegators) to accommodate more users.