• International Journal of Computer Science & Network Security
• /
• 제24권4호
• /
• pp.60-66
• /
• 2024

Host's data during transmission. Data tempering results in loss of host's sensitive information, which includes number of VM, storage availability, and other information. In the distributed cloud environment, each server (computing server (CS)) configured with Local Resource Monitors (LRMs) which runs independently and performs Virtual Machine (VM) migrations to nearby servers. Approaches like predictive VM migration [21] [22] by each server considering nearby server's CPU usage, roatative decision making capacity [21] among the servers in distributed cloud environment has been proposed. This approaches usage underlying server's computing power for predicting own server's future resource utilization and nearby server's resource usage computation. It results in running VM and its running application to remain in waiting state for computing power. In order to reduce this, a decentralized decision making hybrid model for VM migration need to be proposed where servers in decentralized cloud receives, future resource usage by analytical computing system and takes decision for migrating VM to its neighbor servers. Host's in the decentralized cloud shares, their detail with peer servers after fixed interval, this results in chance to tempering messages that would be exchanged in between HC and CH. At the same time, it reduces chance of over utilization of peer servers, caused due to compromised host. This paper discusses, an roatative decisive (RD) approach for VM migration among peer computing servers (CS) in decentralized cloud environment, preserving confidentiality and integrity of the host's data. Experimental result shows that, the proposed predictive VM migration approach reduces extra VM migration caused due over utilization of identified servers and reduces number of active servers in greater extent, and ensures confidentiality and integrity of peer host's data.

• 한국통신학회논문지
• /
• 제25권4B호
• /
• pp.700-707
• /
• 2000

본 논문에서는 기존의 VOD 시스템에서 예상되는 보안상의 취약 요소와 이를 해결할 수 있는 방안을 기술하고, 보안상의 안전한 VOD(Secure-VOD) 시스템을 제안한다. 본 논문에서 제안한 Secure-VOD 시스템에서는 사용자인증, 비디오 서버 정보에 대한 메시지 인증, 비디오 서버 정보의 메시지 암호화 등의 암호기술을 적용하였다. 본 Secure-VOD 시스템은 일회용 패스워드 기법을 이용하여 기존의 고정 패스워드 체계를 보강하여 안전성을 향상시켰으며, HMAC-HAS160 알고리즘을 이용한 메시지 코드 생성 및 검증으로 비디오 서버 정보에 대한 무결성을 제공하며, 비디오 서버 정보에 대한 비밀성을 보장하기 위해서, RC5 암호 알고리즘을 사용하였다.

• 한국병원경영학회지
• /
• 제10권4호
• /
• pp.98-112
• /
• 2005

The purpose of this study is to develop a framework for evaluating security levels in hospitals. We classify security indicators into administrative, technical and physical safeguards. The security evaluation model for hospital information systems was applied to three general hospitals. The analysis of the results showed a low security level in information systems. In particular, requirements for administrative and physical safeguards were very low. Hospitals need strict security policies more than other organizations because their information systems contain patients' highly confidential data. The evaluation model developed in this study can be used for guidelines and as a checklist for hospitals. The security evaluation in hospital informational systems needs to be an essential element of hospital evaluation.

• 정보학연구
• /
• 제8권1호
• /
• pp.27-41
• /
• 2005

Electronic Trade of increasing is the use of the Internet makes it possible for business to expand their markets and render services. However, it also brought up many problems caused by various issues. The problems encompass consumer protection and dispute settlement between the disputed parties. Online ADR have some advantage that are convenience, low-cost, legitimate to online users and avoids jurisdiction issues and some disadvantages that are loss of the human factor, lack of accessibility, lack of confidentiality and security and difficulty of enforcing arbitral agreements. This purpose of this paper is to reviews the types of Online ADR, as the dispute settlement way in Electronic Trade. This study points out the task that korea has to promote the Online ADR for more effective and efficient dispute settlements.

• 한국정보과학회:학술대회논문집
• /
• 한국정보과학회 1998년도 가을 학술발표논문집 Vol.25 No.2 (3)
• /
• pp.497-499
• /
• 1998

인터넷이 월드 와이드 웹()의 인기에 힘입어 일상 생활의 일부가 되고는 있지만 보안 요건 중의 하나인 '통신의 비밀성(Confidentiality)요건'을 만족시키지 못하고 있기 때문에 많은 네트워크 응용에서 문제가 되고 있다. 새로운 네트워크 프로토콜인 IPv6[4]에서는 프로토콜 단계에서의 암호화 서비스 제공을 통해 네트워크 통신을 보호해 줄 것으로 기대되지만 아직 표준으로 확정되지 않았으며 실제 네트워크 통신에 언제부터 사용 가능할 지 예측할 수도 없다. 이러한 상황에서, 기존의 네트워크 응용들에 대해 암호화 서비스를 제공하는 방법으로 원천코드(source code)를 변경하여 다시 컴파일 하는 수밖에 없다. 본 논문에서는 '포트 포워딩(port forwarding)'기법을 사용하여 클라이언트/서버 모델로 동작하는 기존 TCP/IP네트워크 응용들의 원천코드(source code)변경 없이 네트워크 통신을 보호할 수 있는 네트워크 통신 보호 시스템을 설계하고 구현하였다.

• 한국정보통신학회논문지
• /
• 제15권11호
• /
• pp.2399-2403
• /
• 2011

RFID 는 유비쿼터스 환경하에서 필수불가결한 기술이 되도 있다. 그러나 RFID 의 본질적인 단점으로 인하여 프라이버시와 같은 보안적인 취약점을 기자고 있다. 따라서 본 논문에서는 RFID 시스템의 관점하에서 태그에서의 보안적인 취약점 및 이럴 해결하기 위한 여러 가지의 프로토콜에서의 문제점을 분석하였다. 최근에는 반도체 공정 기술의 발전과 경량화프로토콜의 발전으로 인하여 태그에서의 보안성이 향상되고 있는 중이다.

• ETRI Journal
• /
• 제38권4호
• /
• pp.724-734
• /
• 2016

To achieve confidentiality, integrity, authentication, and non-repudiation simultaneously, the concept of signcryption was introduced by combining encryption and a signature in a single scheme. Certificate-based encryption schemes are designed to resolve the key escrow problem of identity-based encryption, as well as to simplify the certificate management problem in traditional public key cryptosystems. In this paper, we propose a new certificate-based signcryption scheme that has been proved to be secure against adaptive chosen ciphertext attacks and existentially unforgeable against chosen-message attacks in the random oracle model. Our scheme is not based on pairing and thus is efficient and practical. Furthermore, it allows a signcrypted message to be immediately verified by the public key of the sender. This means that verification and decryption of the signcrypted message are decoupled. To the best of our knowledge, this is the first signcryption scheme without pairing to have this feature.

• 대한전자공학회:학술대회논문집
• /
• 대한전자공학회 2002년도 ITC-CSCC -1
• /
• pp.317-320
• /
• 2002

In this paper, we will present the design and implementation of the KASUMI crypto algorithm and confidentiality algorithm (f8) to an hardware chip for 3GPP system. The f8 algorithm is based on the KASUMI which is a block cipher that produces a 64-bit output from a 64-bit input under the control of a 128-bit key. Various architectures (low hardware complexity version and high performance version) of the KASUMI are made with a Xilinx FPGA and the characteristics such as hardware complexity and thor performance are analyzed.

• 한국전자거래학회지
• /
• 제6권3호
• /
• pp.101-113
• /
• 2001

Security is very important in EC(Electronic Commerce) environment because exchanged information(that is transaction details, private data, charges data(card-no, accounts), etc) is various and is very sensitive. So, In this paper, we propose Secure-ReXpis(Reliable St excellent Xh3 Processing Infrastructure) System that transfer message and support Message Level Security(Encryption/Decryption and Digital Signature). And we implement Message Confidentiality Service, User Authentication ＆ Message Integrity Service and Non-Repudiation Service among the various Security Services. This system support XML message format and EDI message, WEB Data and Private Format Data, etc.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권8호
• /
• pp.3826-3851
• /
• 2016

With traditional data storage solutions becoming too expensive and cumbersome to support Big Data processing, enterprises are now starting to outsource their data requirements to third parties, such as cloud service providers. However, this outsourced initiative introduces a number of security and privacy concerns. In this paper, homomorphic encryption is suggested as a mechanism to protect the confidentiality and privacy of outsourced data, while at the same time allowing third parties to perform computation on encrypted data. This paper also discusses the challenges of Big Data processing protection and highlights its differences from traditional data protection. Existing works on homomorphic encryption are technically reviewed and compared in terms of their encryption scheme, homomorphism classification, algorithm design, noise management, and security assumption. Finally, this paper discusses the current implementation, challenges, and future direction towards a practical homomorphic encryption scheme for securing outsourced Big Data computation.