• Journal of the Korea Society of Computer and Information
• /
• v.10 no.5 s.37
• /
• pp.57-64
• /
• 2005

While the secure concurrency control schemes in multilevel secure database management systems synchronize transactions cleared at different security level they must consider the problem covert channel. although previous works achieve the confidentiality successfully, they overlook the integrity or the availability. For being evaluated as highly secure database systems , the multilevel secure database management systems must achieve the confidentiality, integrity, and the availability that are the well-known major security aspects. By use of verified transactions ordering relationship, in this Paper, we Propose a new secure concurrency control scheme that is capable of increasing the degree of fairness among transactions cleared at different security levels.

• Journal of the Korean Data and Information Science Society
• /
• v.15 no.4
• /
• pp.855-866
• /
• 2004

In many surveys, one of the most important goals is to obtain reliable and valid responses from respondents. To achieve the goal, a researcher have to make efforts to protect respondents' confidentiality and to reduce the effects of social desirability on answers. The key question of this paper is whether the position of demographic questions have an effect on responses. Two types of questionnaires are considered: one puts the demographic questions at the beginning and the other does at the last. On both types, I asked only a small number of demographic questions which are considered as essential on analytic purposes. The results show no evidence of position effects when the risk to threat confidentiality was minimized.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.10
• /
• pp.4198-4213
• /
• 2020

Data encryption, particularly application-level data encryption, is a common solution to protect data confidentiality and deal with security threats. Application-level encryption is a process in which data is encrypted before being sent to the database. However, cryptography transforms data and makes the query difficult to execute. Various studies have been carried out to find ways in order to implement a searchable encrypted database. In the current paper, we provide a new encrypting method and querying on encrypted data (ZSDB) for different data types. It is worth mentioning that the proposed method is based on secret sharing. ZSDB provides data confidentiality by dividing sensitive data into two parts and using the additional server as Dictionary Server. In addition, it supports required operations on various types of data, especially LIKE operator functioning on string data type. ZSDB dedicates the largest volume of execution tasks on queries to the server. Therefore, the data owner only needs to encrypt and decrypt data.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.5
• /
• pp.1904-1919
• /
• 2015

Deniable authentication protocol allows a sender to deny his/her involvement after the protocol run and a receiver can identify the true source of a given message. Meanwhile, the receiver has no ability to convince any third party of the fact that the message was sent by the specific sender. However, most of the proposed protocols didn't achieve confidentiality of the transmitted message. But, in some special application scenarios such as e-mail system, electronic voting and Internet negotiations, not only the property of deniable authentication but also message confidentiality are needed. To settle this problem, in this paper, we present a non-interactive identity-based deniable authenticated encryption (IBDAE) scheme using pairings. We give the security model and formal proof of the presented IBDAE scheme in the random oracle model under bilinear Diffie-Hellman (BDH) assumption.

• Journal of Digital Convergence
• /
• v.10 no.4
• /
• pp.235-241
• /
• 2012

To improve educational excellence and quality, academies carry forward integrative security model related to academic affairs including personal information. This paper proposes an integrative security model for academic affairs database, which guarantees DBMS access control, confidentiality, integrity, and security inspection. This proposed model considered that most academies can't make good use of data security product and suggests a detailed measure to realize the confidentiality based on the function of DBMS.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2001.05a
• /
• pp.55-63
• /
• 2001

IMT-2000 mobile system will serve many application services such as mobile internet, wireless electronics commerce applications using high data rate air interface. These applications require high data integrity, data confidentiality, user authentication, user identity confidentiality and non-repudiation. In this study, we analyze air interface performance fur network access security services in IMT-2000 mobile systems. Signal traffic for network access security services increase all link between IMT-2000 system elements. Our study focus on air interface, which is very sensitive signal traffic increase.

• Journal of the Korea Society of Computer and Information
• /
• v.21 no.11
• /
• pp.79-83
• /
• 2016

In this paper, we define four levels of analysis, design, implementation, and testing of the configuration of the development phase by S/W development life cycle. In particular, it dealt with the stage of the analysis phase to prepare an information system developed intensively. Details of the derivation of the information security requirements, it can be seen that comes from the perspective of confidentiality, integrity, availability and accountability, etc. It dealt with from the first manifestations of the projects planning to final planning to establish information security in activities of the Information Security requirements. As an example exhibited by assessing the information security analysis phase activities of S corporations, it can be seen that the improved sales rise in information security activities.

• Journal of National Security and Military Science
• /
• s.8
• /
• pp.421-465
• /
• 2010

Passwords are used in many ways to protect data, systems, and networks. Passwords are also used to protect files and other stored information. In addition, passwords are often used in less visible ways for authentication. In this article, We provides recommendations for password management, which is the process of defining, implementing, and maintaining password policies throughout an enterprise. Effective password management reduces the risk of compromise of password-based authentication systems. Organizations need to protect the confidentiality, integrity, and availability of passwords so that all authorized users - and no unauthorized users - can use passwords successfully as needed. Integrity and availability should be ensured by typical data security controls, such as using access control lists to prevent attackers from overwriting passwords and having secured backups of password files. Ensuring the confidentiality of passwords is considerably more challenging and involves a number of security controls along with decisions involving the characteristics of the passwords themselves.

• Journal of Information Processing Systems
• /
• v.11 no.3
• /
• pp.406-420
• /
• 2015

We present a secure and robust image watermarking scheme that uses combined reversible DWT-DCT-SVD transformations to increase integrity, authentication, and confidentiality. The proposed scheme uses two different kinds of watermarking images: a reversible watermark, $W_1$, which is used for verification (ensuring integrity and authentication aspects); and a second one, $W_2$, which is defined by a logo image that provides confidentiality. Our proposed scheme is shown to be robust, while its performances are evaluated with respect to the peak signal-to-noise ratio (PSNR), signal-to-noise ratio (SNR), normalized cross-correlation (NCC), and running time. The robustness of the scheme is also evaluated against different attacks, including a compression attack and Salt & Pepper attack.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.1053-1056
• /
• 2012

Location information is considered to be of prime importance in Vehicular Ad Hoc NETworks (VANETs) because important decisions are made based on accurate and sound location information. Vehicles exchange their whereabouts in the form of scheduled beacon messages with their neighbors. These messages contain location, speed, time, and lane information etc. In this paper we aim at the location security in VANET and emphasize on the confidentiality and integrity of location information in case of Nonline-of-Sight (NLoS). For location confidentiality we propose a geolock-based mechanism whereas for location integrity we leverage cooperation among neighbors. In case of NLoS, the verifier vehicle asks its one-hop neighbors in an efficient way to verify the claimed location of the node on his behalf. On the basis of trust values and weightage assigned to neighbors, it is decided whether the verification is sound.