• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권1호
• /
• pp.323-342
• /
• 2021

Personal health records (PHRs) is an electronic medical system that enables patients to acquire, manage and share their health data. Nevertheless, data confidentiality and user privacy in PHRs have not been handled completely. As a fine-grained access control over health data, ciphertext-policy attribute-based encryption (CP-ABE) has an ability to guarantee data confidentiality. However, existing CP-ABE solutions for PHRs are facing some new challenges in access control, such as policy privacy disclosure and dynamic policy update. In terms of addressing these problems, we propose a privacy protection and dynamic share system (PPADS) based on CP-ABE for PHRs, which supports full policy hiding and flexible access control. In the system, attribute information of access policy is fully hidden by attribute bloom filter. Moreover, data user produces a transforming key for the PHRs Cloud to change access policy dynamically. Furthermore, relied on security analysis, PPADS is selectively secure under standard model. Finally, the performance comparisons and simulation results demonstrate that PPADS is suitable for PHRs.

• Journal of information and communication convergence engineering
• /
• 제5권2호
• /
• pp.88-92
• /
• 2007

In this paper, an SS-RRA protocol that is based on Code Division Multiple Access is proposed and analyzed under the integrated voice and data traffic load. The backward logical channels consist of slotted time division frames with multiple spreading codes per slot. The protocol uses a reservation mechanism for the voice traffic, and a random access scheme for the data traffic. A discrete-time, discrete-state Markov chain is used to evaluate the performance. The numerical results show that the performance can be significantly improved by a few distinct spreading codes.

• 인터넷정보학회논문지
• /
• 제18권2호
• /
• pp.1-11
• /
• 2017

스마트 디바이스를 이용하여 특정 공간에서 미리 설정된 무선랜에 접속하는 방법은 개방형 방식과 사용자 인증 방식으로 나뉠 수 있다. 개방형 방식은 무선랜 접속을 위한 인증이 없이 접속하는 방법이다. 스마트 디바이스 사용자가 자신이 사용하려는 무선랜에 대한 정보를 SSID(Service Set IDentifier)를 통해 공공 무선랜 표기 형식에 따라 제공받아야 하지만, 모든 개방형 무선랜이 이러한 방식을 수동으로 입력하는 방식에는 무리가 있다. 반면에 사용자 인증 방식은 SSID와 PW(PassWord) 설정을 통해 사용자에게 무선랜 접속을 제공하는 방식이다. 따라서 SSID를 통해 공공 무선랜 표기 형식을 따를 수는 있지만, AP 접속을 위해서는 일일이 사용자가 수동으로 패스워드 입력을 통해 AP에 접속해야만 한다. 따라서 본 논문에서는 사용자 인증방식과 공공 무선랜 표기형식을 iBeacon 메시지 수신을 통해 자동적으로 AP에 접속할 수 있는 방안을 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권9호
• /
• pp.2052-2072
• /
• 2012

Access control is an essential security component in protecting sensitive data and services from unauthorized access to the resources in mission-critical Cyber-Physical Systems (CPSs). CPSs are different from conventional information processing systems in such that they involve interactions between the cyber world and the physical world. Therefore, existing access control models cannot be used directly and even become disabled in an emergency situation. This paper proposes an adaptive Access Control model for Emergences (AC4E) for mission-critical CPSs. The principal aim of AC4E is to control the criticalities in these systems by executing corresponding responsive actions. AC4E not only provides the ability to control access to data and services in normal situations, but also grants the correct set of access privileges, at the correct time, to the correct set of subjects in emergency situations. It can facilitate adaptively responsive actions altering the privileges to specific subjects in a proactive manner without the need for any explicit access requests. A semiformal validation of the AC4E model is presented, with respect to responsiveness, correctness, safety, non-repudiation and concurrency, respectively. Then a case study is given to demonstrate how the AC4E model detects, responds, and controls the emergency events for a typical CPS adaptively in a proactive manner. Eventually, a wide set of simulations and performance comparisons of the proposed AC4E model are presented.

• Journal of Information Science Theory and Practice
• /
• 제8권2호
• /
• pp.45-54
• /
• 2020

Access to relevant information determines the quality of life of an individual in society and the academe. Academic institutions have established information literacy programmes to enhance students' access to information. With the elevation of colleges of education to tertiary status in Ghana, pre-service teachers are now required to conduct research to improve their reflective thinking in order to be certified. However, the information access skills of students in colleges of education in Ghana are uncertain. This study draws empirical evidence from students in the Nusrat Jahan Ahmadiyya College of Education, Wa, Ghana on their information access skills. Primary data were collected from 303 respondents from the college using a stratified sampling procedure. The data were collected using a questionnaire and analysed using descriptive statistics. The results indicate that information is available to students through different sources such as the Internet, libraries, and contact with friends and authorities. However, students were limited in respect to access to relevant online resources for their academic activities due to inadequate information access skills. Potential solutions are discussed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제18권7호
• /
• pp.1840-1867
• /
• 2024

In this study, we focus on addressing the functional domain of research related to indexing XML data in wireless networks, emphasizing ensuring data confidentiality. The abstract outlines a novel indexing method designed for broadcasting encrypted XML data over wireless networks. The proposed technique involves two channels: one for indexing and another for transmitting the actual XML data. The method ensures data security by encrypting the XML stream, allowing mobile devices to access only authorized bits based on their access permissions. Despite an increase in data access time and device tuning time, the study concludes that the proposed indexing technique significantly enhances the security of transmitting XML data over mobile wireless networks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권7호
• /
• pp.3319-3338
• /
• 2016

Cloud storage is becoming more and more popular because of its elasticity and pay-as-you-go storage service manner. In some cloud storage scenarios, the data that are stored in the cloud may be shared by a group of users. To verify the integrity of cloud data in this kind of applications, many auditing schemes for shared cloud data have been proposed. However, all of these schemes do not consider the access authorization problem for users, which makes the revoked users still able to access the shared cloud data belonging to the group. In order to deal with this problem, we propose a novel public auditing scheme for shared cloud data in this paper. Different from previous work, in our scheme, the user in a group cannot any longer access the shared cloud data belonging to this group once this user is revoked. In addition, we propose a new random masking technique to make our scheme preserve both data privacy and identity privacy. Furthermore, our scheme supports to enroll a new user in a group and revoke an old user from a group. We analyze the security of the proposed scheme and justify its performance by concrete implementations.

• 한국정보처리학회논문지
• /
• 제6권5호
• /
• pp.1189-1202
• /
• 1999

As compared with VOD data, NOD article data has the following characteristics: it is created at any time, has a short life cycle, is selected as not one article but several articles by a user, and has high access locality in time. Because of these intrinsic features, user access patterns of NOD article data are different from those of VOD. Thus, building NOD system using the existing techniques of VOD system leads to poor performance. In this paper, we analysis the log file of a currently running electronic newspaper, show that the popularity distribution of NOD articles is different from Zipf distribution of VOD data, and suggest a new popularity model of NOD article data MS-Zipf(Multi-Selection Zipf) distribution and its approximate solution. Also we present a life cycle model of NOD article data, which shows changes of popularity over time. Using this life cycle model, we develop LLBF (Largest Life-cycle Based Frequency) prefetching algorithm and analysis he performance by simulation. The developed LLBF algorithm supports the similar level in hit-ratio to the other prefetching algorithms such as LRU(Least Recently Used) etc, while decreasing the number of data replacement in article prefetching and reducing the overhead of the prefetching in system performance. Using the accurate user access patterns of NOD article data, we could analysis correctly the performance of NOD server system and develop the efficient policies in the implementation of NOD server system.

• 한국인터넷방송통신학회논문지
• /
• 제20권1호
• /
• pp.55-60
• /
• 2020

본 논문에서는 퍼블릭 블록체인에서 개인정보를 안전하게 보호하기 위한 방법으로, 암호기법을 이용한 접근통제 시스템을 제안한다. 제안 시스템은 거래 데이터 중에서 개인정보에 해당하는 부분을 선별하여 이를 접근정책에 따라 암호화한 다음 블록체인에 저장하고, 적정한 권한을 가진 사람만이 복호화하도록 설계된다. 성능과 확장성을 향상시키기 위하여 암호스킴을 블록체인과 연동하는 오프-체인 네트워크에 구현한다. 따라서 암호 연산에 따른 성능저하가 미미하고, 기존 블록체인 네트워크의 구성을 보존하면서도 새로운 접근통제를 반영할 수 있어 확장성이 높다. 암호화 스킴은 속성기반암호화(ABE:Attribute-Based Encryption)에 기반한다. 그러나 통상적인 ABE와 달리 정보의 속성인 보유기간을 접근구조에 포함하여 개인정보 보호규제에서 요구하는 정보의 잊혀질 권리를 제공한다. 한편 ABE의 처리 성능문제를 보완하기 위해 대칭키 방식을 혼용한 것도 본 논문의 특징이라 할 수 있다. 제안 시스템을 공개형 블록체인인 클레이튼을 이용하여 구현하고 성능 평가를 통해 타당성을 증명하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권10호
• /
• pp.4136-4156
• /
• 2020

Recently, data can be safely shared or stored using the infrastructure of cloud computing in various fields. However, issues such as data security and privacy affect cloud environments. Thus, a variety of security technologies are required, one of them is security technology using CP-ABE. Research into the CP-ABE scheme is currently ongoing, but the existing CP-ABE schemes can pose security threats and are inefficient. In terms of security, the CP-ABE approach should be secure against user collusion attacks and masquerade attacks. In addition, in a dynamic cloud environment where users are frequently added or removed, they must eliminate user access when they leave, and so users will not be able to access the cloud after removal. A user who has left should not be able to access the cloud with the existing attributes, secret key that had been granted. In addition, the existing CP-ABE scheme increases the size of the ciphertext according to the number of attributes specified by the data owner. This leads to inefficient use of cloud storage space and increases the amount of operations carried out by the user, which becomes excessive when the number of attributes is large. In this paper, CP-ABE access control is proposed to block access of withdrawn users in dynamic cloud environments. This proposed scheme focuses on the revocation of the attributes of the withdrawn users and the output of a ciphertext of a constant-size, and improves the efficiency of the user decryption operation through outsourcing.