• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.10
• /
• pp.5100-5119
• /
• 2018

Most of existing privacy-preserving multi-authorities attribute-based encryption schemes (PP-MA-ABE) only considers the privacy of the user identity (ID). However, in many occasions information leakage is caused by the disclosing of his/her some sensitive attributes. In this paper, we propose a collusion-resisting ciphertext-policy PP-MA-ABE (CRPP-MACP-ABE) scheme with hiding both user's ID and attributes in the cloud storage system. We present a method to depict anonymous users and introduce a managerial role denoted by IDM for the management of user's anonymous identity certificate ($AID_{Cred}$). The scheme uses $AID_{Cred}$ to realize privacy-preserving of the user, namely, by verifying which attribute authorities (AAs) obtain the blinded public attribute keys, pseudonyms involved in the $AID_{Cred}$ and then distributes corresponding private keys for the user. We use different pseudonyms of the user to resist the collusion attack launched by viciousAAs. In addition, we utilize IDM to cooperate with multiple authorities in producing consistent private key for the user to avoid the collusion attack launched by vicious users. The proposed CRPP-MACP-ABE scheme is proved secure. Some computation and communication costs in our scheme are finished in preparation phase (i.e. user registration). Compared with the existing schemes, our scheme is more efficient.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.6
• /
• pp.3254-3272
• /
• 2017

With the development of wireless access technologies and the popularity of mobile intelligent terminals, cloud computing is expected to expand to mobile environments. Attribute-based encryption, widely applied in cloud computing, incurs massive computational cost during the encryption and decryption phases. The computational cost grows with the complexity of the access policy. This disadvantage becomes more serious for mobile devices because they have limited resources. To address this problem, we present an efficient verifiable outsourced scheme based on the bilinear group of prime order. The scheme is called the verifiable outsourced computation ciphertext-policy attribute-based encryption scheme (VOC-CP-ABE), and it provides a way to outsource intensive computing tasks during encryption and decryption phases to CSP without revealing the private information and leaves only marginal computation to the user. At the same time, the outsourced computation can be verified by two hash functions. Then, the formal security proofs of its (selective) CPA security and verifiability are provided. Finally, we discuss the performance of the proposed scheme with comparisons to several related works.

• Journal of Information Processing Systems
• /
• v.16 no.2
• /
• pp.360-376
• /
• 2020

Many heuristic attribute reduction algorithms have been proposed to find a single reduct that functions as the entire set of original attributes without loss of classification capability; however, the proposed reducts are not always perfect for these multiclass datasets. In this study, based on a probabilistic rough set model, we propose the class-oriented attribute reduction (COAR) algorithm, which separately finds a reduct for each target class. Thus, there is a strong dependence between a reduct and its target class. Consequently, we propose a type of ensemble constructed on a group of classifiers based on class-oriented reducts with a customized weighted majority voting strategy. We evaluated the performance of our proposed algorithm based on five real multiclass datasets. Experimental results confirm the superiority of the proposed method in terms of four general evaluation metrics.

• Journal of the Korean Society of Clothing and Textiles
• /
• v.35 no.9
• /
• pp.1099-1111
• /
• 2011

This study identified the types of consumer review information about apparel products based on consumer satisfaction/dissatisfaction with the availability/non-availability of consumer review information for online stores. Data were collected from 318 females aged 20s' to 30s', who had significant experience in reading consumer reviews posted on online stores. Consumer satisfaction/dissatisfaction with availability or non-availability of review information on online stores is different for information in regards to apparel product attributes, product benefits, and store attributes. According to the concept of quality elements suggested by the Kano model, two types of consumer review information were determined: Must-have information (product attribute information about size, fabric, color and design of the apparel product; benefit information about washing & care and comport of the apparel product; store attribute information about responsiveness, disclosure, delivery and after service of the store) and attracting information (attribute information about price comparison; benefit information about coordination with other items, fashionability, price discounts, value for price, reaction from others, emotion experienced during transaction, symbolic features for status, health functionality, and eco-friendly feature; store attribute information about return/refund, damage compensation and reputation/credibility of online store and interactive and dynamic nature of reviews among customers). There were significant differences between the high and low involvement groups in their perceptions of consumer review information.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.5
• /
• pp.2646-2659
• /
• 2017

Equipped with the advantages of flexible access control and fine-grained authentication, attribute based signcryption is diffusely designed for security preservation in many scenarios. However, realizing efficient key evolution and reducing the calculation costs are two challenges which should be given full consideration in attribute based cryptosystem. In this paper, we present a key-policy attribute based signcryption scheme (KP-ABSC) with delegated computation and efficient key updating. In our scheme, an access structure is embedded into user's private key, while ciphertexts corresponds a target attribute set. Only the two are matched can a user decrypt and verify the ciphertexts. When the access privileges have to be altered or key exposure happens, the system will evolve into the next time slice to preserve the forward security. What's more, data receivers can delegate most of the de-signcryption task to data server, which can reduce the calculation on client's side. By performance analysis, our scheme is shown to be secure and more efficient, which makes it a promising method for data protection in data outsourcing systems.

• Journal of Information Technology Services
• /
• v.7 no.1
• /
• pp.117-130
• /
• 2008

Multi-attribute risk assessments provide a useful framework for systematic quantitative risk assessment that the security manager can use to prioritize security requirements and threats. In the first step, the security managers identify the four significant outcome attributes(lost revenue, lost productivity, lost customer, and recovery cost). Next. the security manager estimates the frequency and severity(three points estimates for outcome attribute values) for each threat and rank the outcome attributes according to AHP(Analytic Hierarchy Process). Finally, we generate the threat index by using muiti-attribute function and make sensitivity analysis with simulation package(Crystal Ball). In this paper, we show how multi-attribute risk analysis techniques from the field of security risk management can be used by security managers to prioritize their organization's threats and their security requirements, eventually they can derive threat index. This threat index can help security managers to decide whether their security investment is consistent with the expected risks. In addition, sensitivity analysis allows the security manager to explore the estimates to understand how they affect the selection.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.1
• /
• pp.323-342
• /
• 2021

Personal health records (PHRs) is an electronic medical system that enables patients to acquire, manage and share their health data. Nevertheless, data confidentiality and user privacy in PHRs have not been handled completely. As a fine-grained access control over health data, ciphertext-policy attribute-based encryption (CP-ABE) has an ability to guarantee data confidentiality. However, existing CP-ABE solutions for PHRs are facing some new challenges in access control, such as policy privacy disclosure and dynamic policy update. In terms of addressing these problems, we propose a privacy protection and dynamic share system (PPADS) based on CP-ABE for PHRs, which supports full policy hiding and flexible access control. In the system, attribute information of access policy is fully hidden by attribute bloom filter. Moreover, data user produces a transforming key for the PHRs Cloud to change access policy dynamically. Furthermore, relied on security analysis, PPADS is selectively secure under standard model. Finally, the performance comparisons and simulation results demonstrate that PPADS is suitable for PHRs.

• The Journal of Economics, Marketing and Management
• /
• v.8 no.3
• /
• pp.9-21
• /
• 2020

Purpose: Previous literature shows that a price promotion serves as a negative cue of product quality especially when consumers have no additional information about the product's other attributes. In this research, we explore how the effect of price promotions on consumers' perceptions of product quality changes depending on their ability to compare promoted product attributes with competitive products' attributes. Research design, data and methodology: Specifically, we use a series of scenario-based lab experiments using different types of products and explore if attribute alignability among competing products in a consumer's choice set influences consumers' ability to compare the product attributes and perceived quality. Results: Our study findings show that high attribute alignability among products makes consumers easier to compare the product attributes and thereby focus more on non-price information than price information. We also show that attribute alignability serves as a moderator and decreases perceived quality when the promotion level is higher. Therefore, the attribute alignability weakens the negative impact of a price promotion on consumers' perceived product quality. Conclusions: Our study findings provide new insights on how to implement price promotion strategies while keeping products' perceived quality, by considering the product's relationships with competing products in a choice set.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.4 no.1
• /
• pp.5-24
• /
• 2010

Data fusion is an attractive technology because it allows various trade-offs related to performance metrics, e.g., energy, latency, accuracy, fault-tolerance and security in wireless sensor networks (WSNs). Under a complicated environment, each sensor node must be equipped with more than one type of sensor module to monitor multi-targets, so that the complexity for the fusion process is increased due to the existence of various physical attributes. In this paper, we first investigate the process and performance of multi-attribute fusion in data gathering of WSNs, and then propose a self-adaptive threshold method to balance the different change rates of each attributive data. Furthermore, we present a method to measure the energy-conservation efficiency of multi-attribute fusion. Based on our proposed methods, we design a novel energy equilibrium routing method for WSNs, viz., multi-attribute fusion tree (MAFT). Simulation results demonstrate that MAFT achieves very good performance in terms of the network lifetime.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.4
• /
• pp.1516-1528
• /
• 2015

We introduce attribute set based signature (ASBS), a new cryptographic primitive which organizes user attributes into a recursive set based structure such that dynamic constraints can be imposed on how those attributes may be combined to satisfy a signing policy. Compared with attribute based signature (ABS), ASBS is more flexible and efficient in managing user attributes and specifying signing policies. We present a practical construction of ASBS and prove its security in the standard model under three subgroup decision related assumptions. Its efficiency is comparable to that of the most efficient ABS scheme.