• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.3
• /
• pp.1193-1209
• /
• 2015

Network coding is promising to maximize network throughput and improve the resilience to random network failures in various networking systems. In this paper, the problem of providing efficient confidentiality for practical network coding system against a global eavesdropper (with full eavesdropping capabilities to the network) is considered. By exploiting a novel combination between the construction technique of systematic Maximum Distance Separable (MDS) erasure coding and traditional cryptographic approach, two efficient schemes are proposed that can achieve the maximum possible rate and minimum encryption overhead respectively on top of any communication network or underlying linear network code. Every generation is first subjected to an encoding by a particular matrix generated by two (or three) Vandermonde matrices, and then parts of coded vectors (or secret symbols) are encrypted before transmitting. The proposed schemes are characterized by tunable and measurable degrees of security and also shown to be of low overhead in computation and bandwidth.

• Journal of Information Processing Systems
• /
• v.11 no.2
• /
• pp.239-247
• /
• 2015

Cryptography aims at transmitting secure data over an unsecure network in coded version so that only the intended recipient can analyze it. Communication through messages, emails, or various other modes requires high security so as to maintain the confidentiality of the content. This paper deals with IDEA's shortcoming of generating weak keys. If these keys are used for encryption and decryption may result in the easy prediction of ciphertext corresponding to the plaintext. For applying genetic approach, which is well-known optimization technique, to the weak keys, we obtained a definite solution to convert the weaker keys to stronger ones. The chances of generating a weak key in IDEA are very rare, but if it is produced, it could lead to a huge risk of attacks being made on the key, as well as on the information. Hence, measures have been taken to safeguard the key and to ensure the privacy of information.

• Journal of the Korea Society of Computer and Information
• /
• v.6 no.1
• /
• pp.60-66
• /
• 2001

We designed a role-based access control model that can resolve the complicated tasks of control requirements. The designed access control model can control permissions efficiently use of a role-based access control. It guarantees the confidentiality integrity and availa information making use of identity-based and rule-based access controls. It can also centre information flow. Our access control model protects resources from unauthorized accesses b multi-level security policies such as role, security level, integrity level and ownership.

• Journal of the Korea Society of Computer and Information
• /
• v.6 no.2
• /
• pp.70-77
• /
• 2001

This paper focuses on the design and implementation of the secure POS SYSTEM We propose a secure POS SYSTEM with RSA, MD5, Triple-DES for security and with RBAC model for access control. The client authentication is implemented before the data transferred be4ween client and server in proposed POS SYSTEM. We apply security algorithms with it, so that it can maintain confidentiality and integrity In addition. we apply RBAC model for access control of data. We verified the proposed system's stability by applying the proposed system to real works.

• Proceedings of the IEEK Conference
• /
• 2003.07d
• /
• pp.1359-1362
• /
• 2003

The intrusions appears continuously by new unknown attacks exploiting vulnerabilities of systems or components but there are no perfect solutions to protect this unknown attacks. To overcome this problem, in this paper, we have proposed and implemented a Web service intrusion tolerant system that provides continuous Web services to the end users transparently even after the occurrence of an attack against the Web services, and prevents the disclosure of system's configuration data from server Our system has an N+l node architecture which is to minimize the number of redundant server nodes and to tolerate the intrusion effectively, and it also supports diversity in its design. Experimental result obtained on an implemented system show that our system can cope with intrusion such as DoS, file modification, confidentiality compromise of system properly.

• Korean Journal of Child Studies
• /
• v.27 no.2
• /
• pp.127-151
• /
• 2006

This study examined ethical dilemmas experienced by child-counselors and coping behaviors they practiced in context. The analysis was performed for 30 child-counselors in Seoul and Kyunggi-do, Participants were asked to describe a self-report in an interview with the main researcher. Data were categorized, quantified and examined in terms of five ethical dimensions derived from antecedent research. The five ethical dimensions are "confidentiality and protection of privacy", "professional competence", "informed consent", "informing clients of the nature of treatment modality", and "adequacy and effectiveness of treatment". This study contributes basic data for the development of an inventory for the measurement of ethical practice for child counselors.

• Convergence Security Journal
• /
• v.1 no.1
• /
• pp.1-7
• /
• 2001

This paper design a role-based access control model that can resolves the complicated problems of access control requirements. In this paper, we designed an access control model which can control a permission making use up role-based access control, can guard the confidentiality, integrity and availability of information and can control illegal information flow. The designed access control model can protect resources from unauthorized accesses based on the role, multi-level security policies of security level, integrity level and ownership.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.4
• /
• pp.822-839
• /
• 2011

Group key agreement protocols derive a shared secret key for a group of users to ensure data confidentiality or/and integrity among the users in the subsequent communications. In this paper, we inspect two group key agreement schemes which have been proposed by Shi et al. and Zheng et al. in 2005 and 2007 respectively. Although both schemes were claimed to be secure in a heuristic way, we reveal several flaws using the Bellare-Rogaway security model extended to multi-party setting by Bresson et al. These flaws are found to be originated from inappropriate selection of key derivation function, inadvertent exclusion of partners' identities from the protocol specification and insufficient consideration in preserving known temporary information security and key freshness properties. Furthermore, we suggest and discuss proper countermeasures to address such flaws.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.11
• /
• pp.2928-2940
• /
• 2013

Key exposure is a major threat to secure cryptosystems. To mitigate the impact caused by key-compromise attacks, a key-insulated cryptographic mechanism is a better alternative. For securing the large message communication in peer-to-peer networks, in this paper, we propose the first novel identity-based key-insulated encryption (IB-KIE) scheme with message linkages. Our scheme has the properties of unbounded time periods and random-access key-updates. In the proposed scheme, each client can periodically update his private key while the corresponding public one remains unchanged. The essential security assumption of our proposed scheme is based on the well-known bilinear Diffie-Hellman problem (BDHP). To ensure the practical feasibility, we also formally prove that the proposed scheme achieves the security requirement of confidentiality against indistinguishability under adaptive chosen-ciphertext attacks (IND-CCA2) in the random oracle model.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.892-905
• /
• 2018

In smart home environment, certificate based signature technology is being studied by communication with Internet of Things(IoT) device. However, block - chain technology has attracted much attention because of the problems such as single - point error and management overhead of the trust server. Among them, Keyless Signature Infrastructure(KSI) provides integrity by configuring user authentication and global timestamp of distributed server into block chain by using hash-based one-time key. In this paper, we provide confidentiality by applying group key and key management based on multi - solution chain. In addition, we propose a smart home environment that can reduce the storage space by using Extended Merkle Tree and secure and efficient KSI-based authentication and communication with enhanced security strength.