• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.2
• /
• pp.565-586
• /
• 2022

Cloud storage's elastic expansibility not only provides flexible services for data owners to store their data remotely, but also reduces storage operation and management costs of their data sharing. The data outsourced remotely in the storage space of cloud service provider also brings data security concerns about data integrity. Data integrity verification has become an important technology for detecting the integrity of remote shared data. However, users without data access rights to verify the data integrity will cause unnecessary overhead to data owner and cloud service provider. Especially malicious users who constantly launch data integrity verification will greatly waste service resources. Since data owner is a consumer purchasing cloud services, he needs to bear both the cost of data storage and that of data verification. This paper proposes a verification control algorithm in data integrity verification for remotely outsourced data. It designs an attribute-based encryption verification control algorithm for multiple verifiers. Moreover, data owner and cloud service provider construct a common access structure together and generate a verification sentinel to verify the authority of verifiers according to the access structure. Finally, since cloud service provider cannot know the access structure and the sentry generation operation, it can only authenticate verifiers with satisfying access policy to verify the data integrity for the corresponding outsourced data. Theoretical analysis and experimental results show that the proposed algorithm achieves fine-grained access control to multiple verifiers for the data integrity verification.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.5
• /
• pp.1634-1652
• /
• 2022

Due to the increasing need for data sharing in the age of big data, how to achieve data access control and implement user permission revocation in the blockchain environment becomes an urgent problem. To solve the above problems, we propose a novel blockchain-based data sharing scheme (BDSS) with fine-grained access control and permission revocation in this paper, which regards the medical environment as the application scenario. In this scheme, we separate the public part and private part of the electronic medical record (EMR). Then, we use symmetric searchable encryption (SSE) technology to encrypt these two parts separately, and use attribute-based encryption (ABE) technology to encrypt symmetric keys which used in SSE technology separately. This guarantees better fine-grained access control and makes patients to share data at ease. In addition, we design a mechanism for EMR permission grant and revocation so that hospital can verify attribute set to determine whether to grant and revoke access permission through blockchain, so it is no longer necessary for ciphertext re-encryption and key update. Finally, security analysis, security proof and performance evaluation demonstrate that the proposed scheme is safe and effective in practical applications.

• Journal of Information Technology Applications and Management
• /
• v.11 no.1
• /
• pp.189-200
• /
• 2004

Recently Flash Memory which is small and low-powered is widely used as a storage of embedded system, because an embedded system requests portability and a fast response. To resolve a difference of access time between a storage and RAM, Linux is using disk caching which copies a part of file on disk into RAM. It is not also an exception on embedded system. A READ access-time of flash memory is similar to RAMs. So, when a process on an embedded system reads data, it is similar to the time to access cached data in RAM and to access directly data on a flash memory. On the embedded system using limited memory, using a disk cache is that wastes much time and memory spaces to manage it and can not reflects the characteristic of a flash memory. This paper proposes the regular file access of limited using a page cache in the file system based on a flash memory and reflects the characteristic of a flash memory. The proposed algorithm minimizes power consumption because access numbers of the RAM are reduced and doesn't waste a memory space because it accesses directly to a flash memory Therefore, the performance improvement of the system applying the proposed algorithm is expected.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.6057-6078
• /
• 2018

Smart home systems provide a safe, comfortable, and convenient living environment for users, whereby users enjoy featured home services supported by the data collected and generated by smart devices in smart home systems. However, existing smart devices lack sufficient protection in terms of data security and privacy, and challenging security and privacy issues inevitably emerge when using these data. This article aims to address these challenging issues by proposing a private blockchain-based access control (PBAC) scheme. PBAC involves employing a private blockchain to provide an unforgeable and auditable foundation for smart home systems, that can thwart illegal data access, and ensure the accuracy, integrity, and timeliness of access records. A detailed security analysis shows that PBAC could preserve data security against various attacks. In addition, we conduct a comprehensive performance evaluation to demonstrate that PBAC is feasible and efficient.

• Journal of KIISE:Databases
• /
• v.30 no.5
• /
• pp.476-493
• /
• 2003

Data broadcast is an effective data transmission method from a data base server to numerous mobile clients due to the restrictions on mobile environment such as low wireless communication bandwidth and energy shortage of mobile devices. There are various broadcast methods based on clients' data access frequencies or semantic relationship of data. The broadcast schedule based only on the access frequencies does not consider semantic relations of data, so that when a client needs to access a series of semantically related data, the client has to listen to the wireless channel for a long time. On the other hand, the broadcast schedule based only on semantic relationship of data makes data access time longer when clients highly request specific data which are not semantically related but frequently accessed. In this paper, we present an efficient data broadcast method based on not only data access frequencies but also semantic relationship to improve mobile clients' query response time. The new hybrid broadcast method we propose creates a data broadcast schedule according to the data access frequencies and then the schedule is adjusted to reflect semantic relationship of data. We show our method is efficient by experimental performance analysis.

• Journal of Platform Technology
• /
• v.9 no.1
• /
• pp.46-57
• /
• 2021

Recently, research has been actively conducted to utilize blockchain technology in various fields. In particular, blockchain-based smart contracts are applied to various automation systems that require reliability as they have the characteristics of recording data in a distributed ledger environment to verify the integrity and validity of data. However, blockchain does not provide data access control and information security because data is shared among network participants. In this paper, we propose a user dynamic access control mechanism utilizing smart contracts in blockchain environments. The proposed mechanism identifies the user's contextual information when accessing data, allocating the user's role and dynamically controlling the data access range. This can increase the security of the system and the efficiency of data management by granting data access dynamically at the time of user authentication, rather than providing the same services in roles assigned to each user group of the network system. The proposed mechanism is expected to provide flexible authentication capabilities through dynamic data access control by users to enhance the security of data stored within blockchain networks.

• Journal of KIISE:Databases
• /
• v.37 no.5
• /
• pp.221-227
• /
• 2010

Web access sequence mining can discover the frequently accessed web pages pursued by users. Utility-based web access sequence mining handles non-binary occurrences of web pages and extracts more useful knowledge from web logs. However, the existing utility-based web access sequence mining approach considers web access sequences from the very beginning of web logs and therefore it is not suitable for mining data streams where the volume of data is huge and unbounded. At the same time, it cannot find the recent change of knowledge in data streams adaptively. The existing approach has many other limitations such as considering only forward references of web access sequences, suffers in the level-wise candidate generation-and-test methodology, needs several database scans, etc. In this paper, we propose a new approach for high utility web access sequence mining over data streams with a sliding window method. Our approach can not only handle large-scale data but also efficiently discover the recently generated information from data streams. Moreover, it can solve the other limitations of the existing algorithm over data streams. Extensive performance analyses show that our approach is very efficient and outperforms the existing algorithm.

• KIPS Transactions on Software and Data Engineering
• /
• v.4 no.9
• /
• pp.409-418
• /
• 2015

In order to delivery of the correct information in IoT environment, it is important to deduce collected information according to a user's situation and to create a new information. In this paper, we propose a control access scheme of information through context-aware to protect sensitive information in IoT environment. It focuses on the access rights management to grant access in consideration of the user's situation, and constrains(access control policy) the access of the data stored in network of unauthorized users. To this end, after analysis of the existing research 'CP-ABE-based on context information access control scheme', then include dynamic conditions in the range of status information, finally we propose a access control policy reflecting the extended multi-dimensional context attribute. Proposed in this paper, access control policy considering the dynamic conditions is designed to suit for IoT sensor fusion environment. Therefore, comparing the existing studies, there are advantages it make a possible to ensure the variety and accuracy of data, and to extend the existing context properties.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.9
• /
• pp.1-10
• /
• 2015

In this paper, we propose a new variable latency L1 data cache architecture for multi-core processors. Our proposed architecture extends the traditional variable latency cache to be geared toward the multi-core processors. We added a specialized data structure for recording the latency of the L1 data cache. Depending on the added latency to the L1 data cache, the value stored to the data structure is determined. It also tracks the remaining cycles of the L1 data cache which notifies data arrival to the reservation station in the core. As in the variable latency cache of the single-core architecture, our proposed architecture flexibly extends the cache access cycles considering process variation. The proposed cache architecture can reduce yield losses incurred by L1 cache access time failures to nearly 0%. Moreover, we quantitatively evaluate performance, power, energy consumption, power-delay product, and energy-delay product when increasing the number of cache access cycles.

• Journal of Communications and Networks
• /
• v.13 no.4
• /
• pp.400-407
• /
• 2011

Various air indexing and data scheduling schemes for wireless broadcast of spatial data have been developed for energy efficient query processing. The existing schemes are not effective when the clients' data access patterns are skewed to some items. It is because the schemes are based on flat broadcast that does not take the popularity of the data items into consideration. In this paper, thus, we propose a data scheduling scheme letting the popular items appear more frequently on the channel, and grid-based distributed index for non-flat broadcast (GDIN) for window query processing. The proposed GDIN allows quick and energy efficient processing of window query, matching the clients' linear channel access pattern and letting the clients access only the queried data items. The simulation results show that the proposed GDIN significantly outperforms the existing schemes in terms of access time, tuning time, and energy efficiency.