• Title/Summary/Keyword: database encryption

Search Result 95, Processing Time 0.025 seconds

Encapsulation of SEED Algorithm in HCCL for Selective Encryption of Android Sensor Data (안드로이드 센서 정보의 선택적 암호화를 지원하는 HCCL 기반 SEED 암호의 캡슐화 기능 연구)

  • Kim, Hyung Jong;Ahn, Jae Yoon
    • Journal of the Korea Society for Simulation
    • /
    • v.29 no.2
    • /
    • pp.73-81
    • /
    • 2020
  • HCCL stands for Heterogenous Container Class Library. HCCL is a library that allows heterogeneous types of data to be stored in a container as a single record and to be constructed as a list of the records to be stored in database. With HCCL, encryption/decryption can be done based on the unified data type. Recently, IoT sensor which is embedded in smartphone enables developers to provide various convenient services to users. However, it is also true that infringement of personal information may occur in the process of transmitting sensor information to API and users need to be prepared for this situation in some sense. In this study, we developed a data model that enhances existing security using SEED cryptographic algorithms while managing information of sensors based on HCCL. Due to the fact that the Android environment does not provide permission management function for sensors, this study decided whether or not to encrypt sensor information based on the user's choice so that the user can determine the creation and storage of safe data. For verification of this work, we have presented the performance evaluation by comparing with the situation of storing the sensor data in plaintext.

A Design of File Leakage Response System through Event Detection (이벤트 감지를 통한 파일 유출 대응 시스템 설계)

  • Shin, Seung-Soo
    • Journal of Industrial Convergence
    • /
    • v.20 no.7
    • /
    • pp.65-71
    • /
    • 2022
  • With the development of ICT, as the era of the 4th industrial revolution arrives, the amount of data is enormous, and as big data technologies emerge, technologies for processing, storing, and processing data are becoming important. In this paper, we propose a system that detects events through monitoring and judges them using hash values because the damage to important files in case of leakage in industries and public places is serious nationally and property. As a research method, an optional event method is used to compare the hash value registered in advance after performing the encryption operation in the event of a file leakage, and then determine whether it is an important file. Monitoring of specific events minimizes system load, analyzes the signature, and determines it to improve accuracy. Confidentiality is improved by comparing and determining hash values pre-registered in the database. For future research, research on security solutions to prevent file leakage through networks and various paths is needed.

Implement of High Available Replicate Systems Based on Cloud Computing (클라우드 컴퓨팅 기반의 고가용성 복제시스템의 구현)

  • Park, Sung-Won;Lee, Moon-Goo;Lee, Nam-Yong
    • 전자공학회논문지 IE
    • /
    • v.48 no.4
    • /
    • pp.61-68
    • /
    • 2011
  • As business management has a high level of dependence on Informational Technology (IT), protecting assets of a company from disaster is one of the most important thing that IT operating managers should consider. Because data or information is a major source of operation of the company, data security is the first priority as an aspect of continuity of business management. Therefore, this paper will realize disaster recovery system, which is suspended because of disaster, based on cloud computing system. Realized High Available Replicate System applied a method of multi thread target database to improve Replicate performance, and real time synchronize technology can improve efficiency of network. From Active to Active operation, it maximizes use of backup system, and it has a effect to disperse load of source database system. Also, High Available Replicate System realized consistency verification mechanism and monitoring technique. For Performance evaluation, High Available Replicate System used multi thread method, which shows more than threefold of replicate performance than single thread method.

kNN Query Processing Algorithm based on the Encrypted Index for Hiding Data Access Patterns (데이터 접근 패턴 은닉을 지원하는 암호화 인덱스 기반 kNN 질의처리 알고리즘)

  • Kim, Hyeong-Il;Kim, Hyeong-Jin;Shin, Youngsung;Chang, Jae-woo
    • Journal of KIISE
    • /
    • v.43 no.12
    • /
    • pp.1437-1457
    • /
    • 2016
  • In outsourced databases, the cloud provides an authorized user with querying services on the outsourced database. However, sensitive data, such as financial or medical records, should be encrypted before being outsourced to the cloud. Meanwhile, k-Nearest Neighbor (kNN) query is the typical query type which is widely used in many fields and the result of the kNN query is closely related to the interest and preference of the user. Therefore, studies on secure kNN query processing algorithms that preserve both the data privacy and the query privacy have been proposed. However, existing algorithms either suffer from high computation cost or leak data access patterns because retrieved index nodes and query results are disclosed. To solve these problems, in this paper we propose a new kNN query processing algorithm on the encrypted database. Our algorithm preserves both data privacy and query privacy. It also hides data access patterns while supporting efficient query processing. To achieve this, we devise an encrypted index search scheme which can perform data filtering without revealing data access patterns. Through the performance analysis, we verify that our proposed algorithm shows better performance than the existing algorithms in terms of query processing times.

통계 데이타베이스의 보호에 관한 조사 연구

  • Kim, Chul
    • Review of KIISC
    • /
    • v.4 no.1
    • /
    • pp.44-52
    • /
    • 1994
  • 정보화 사회에서는 가계, 기업, 정보 등의 정보 활동의 주체들이 가진 정보자산은 데이타 베이스(이하DB)와 소프트웨어(S/W)로 대변할 수 있으며, 이중 DB는 정보화 사회의 기반시설의 하나라고 볼 수 있다. 특별히 통계DB는 각 주체들에게는 필수적인 정보를 갖고 있다. 금융자산의 정보, 국방에 관련된 병력, 장비, 군수물자등의 정보, 회계정보 뿐 아니라 인구센서스, 경제계획수립 등등의 다양한 분야에 이 통계 DB는 사용되고 있다. 이러한 통계DB는 기존의DB에서의 데이타의 저장, 관리, 추출 기능외에 통계적인 데이타의 분석기능이 요구되고 있다. 통계 처리를 위한 데이타베이스관리 시스템(DBMS, database management system)은 주로 기존의 DBMS 에 통계처리를 위한 기능을 추가하거나 통계를 위한 DB를 따로 구축하는 방법을 사용하고 있다. 따라서 일반적인 DB 보호 기술과 더불어 통계 의 환경을 이해하는 보호 기술이 요구되고 있다. 일반적으로 DB 를 보호하는 방법으로는 물리적인 보안(physical security)과 운영체계 보안(operating system security) 이 있으며, 이들과 함께 데이타 암호화(data encryption)의 방법을 사용하고 있다. DB 의 보안 방법에 관한 연구 중 George I. Davida 등에 의한 방법은 중국인의 나머지 정리(chinese remainder thorem)를 사용하는 암호화 알고리즘을 이용하여 레코드(record) 단위의 암호화를 하며, Khamis A. Omar등에 의한 방법은 읽기, 쓰기, 갱신의 3단계의 사용자 등급을 부여하여 DB 접근의 제약을 가하는 기능을 갖고 있다. 본고에서는 특히 그 중요성이 더해가고 있는 통계 의 일반적인 개념을 살펴보며, 특성 지향형 질의 모델(characteristic-specified query model)의 보호기술을 살펴본다. 특별히 본고는 통계 DB의 보호에 대한 일반적인 조사 연구로서 잘 알려진 사실들을 많은 참고 문헌과 더불어 소개하는 내용으로 통계 DB의 보호에 관한 새로운 연구 결과는 아니다.

  • PDF

Research about Cipher Algorithm (암호 알고리즘에 관한 연구)

  • 이호현;박종민;조범준
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2003.05a
    • /
    • pp.674-677
    • /
    • 2003
  • Modern society is information-oriented society that allow letters in electron, telecommunication, computer, highly Information-Communication and information processing by great development of semi-conductor technologies. All businesses are depending on computer. Also, Great many user according to development who is worth watching eagerly of computer network and utilization of database and technology could collect, search, handle, transmit and store data at the same time using computer. But, while processing and use of information that use computer become convenient, exposure of data became serious relatively. For these reason, Security problem of data that need the secret rose. Accordingly, new encryption methods to use computer for security of data are presented and are developed continuously. Studied about DES, 3DES, RSA, ECC algorithm to select cipher algorithm to use in research hereafter in this treatise.

  • PDF

Secured Different Disciplinaries in Electronic Medical Record based on Watermarking and Consortium Blockchain Technology

  • Mohananthini, N.;Ananth, C.;Parvees, M.Y. Mohamed
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.16 no.3
    • /
    • pp.947-971
    • /
    • 2022
  • The Electronic Medical Record (EMR) is a valuable source of medical data intelligence in e-health systems. The watermarking techniques have been used to authenticate the owner and protect the EMR from illegal copying. The existing distributive strategies, successfully operated to secure the EMR, are found to be inadequate. Blockchain technology, mainly, is employed by a sharing database that allows the digital crypto-currency. It rapidly leads to the magnified expectations acme. In this excitement, the use of consortium adopting the technology based on Blockchain, in the EMR structure, is found improving. This type of consortium adds an immutable share with a translucent record of the entire business and it is accomplished with responsibility, along with faith and transparency. The combination of watermarking and Blockchain technology provides a singular chance to promote a secured, trustworthy electronic documents administration to share with the e-records system. The authors, in this article, present their views on consortium Blockchain technology which is incorporated in the EMR system. The ledger, used for the distribution of the block structure, has team healthcare models based on dissimilar multiple image watermarking techniques.

R2NET: Storage and Analysis of Attack Behavior Patterns

  • M.R., Amal;P., Venkadesh
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.17 no.2
    • /
    • pp.295-311
    • /
    • 2023
  • Cloud computing has evolved significantly, intending to provide users with fast, dependable, and low-cost services. With its development, malicious users have become increasingly capable of attacking both its internal and external security. To ensure the security of cloud services, encryption, authorization, firewalls, and intrusion detection systems have been employed. However, these single monitoring agents, are complex, time-consuming, and they do not detect ransomware and zero-day vulnerabilities on their own. An innovative Record and Replay-based hybrid Honeynet (R2NET) system has been developed to address this issue. Combining honeynet with Record and Replay (RR) technology, the system allows fine-grained analysis by delaying time-consuming analysis to the replay step. In addition, a machine learning algorithm is utilized to cluster the logs of attackers and store them in a database. So, the accessing time for analyzing the attack may be reduced which in turn increases the efficiency of the proposed framework. The R2NET framework is compared with existing methods such as EEHH net, HoneyDoc, Honeynet system, and AHDS. The proposed system achieves 7.60%, 9.78%%, 18.47%, and 31.52% more accuracy than EEHH net, HoneyDoc, Honeynet system, and AHDS methods.

A New Efficient Private Key Reissuing Model for Identity-based Encryption Schemes Including Dynamic Information (동적 ID 정보가 포함된 신원기반 암호시스템에서 효율적인 키 재발급 모델)

  • Kim, Dong-Hyun;Kim, Sang-Jin;Koo, Bon-Seok;Ryu, Kwon-Ho;Oh, Hee-Kuck
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.2
    • /
    • pp.23-36
    • /
    • 2005
  • The main obstacle hindering the wide deployment of identity-based cryptosystem is that the entity responsible for creating the private key has too much power. As a result, private keys are no longer private. One obvious solution to this problem is to apply the threshold technique. However, this increases the authentication computation, and communication cost during the key issuing phase. In this paper, we propose a new effi ient model for issuing multiple private keys in identity-based encryption schemes based on the Weil pairing that also alleviates the key escrow problem. In our system, the private key of a user is divided into two components, KGK (Key Description Key) and KUD(Key Usage Desscriptor), which are issued separately by different parties. The KGK is issued in a threshold manner by KIC (Key Issuing Center), whereas the KW is issued by a single authority called KUM (Key Usage Manager). Changing KW results in a different private key. As a result, a user can efficiently obtain a new private key by interacting with KUM. We can also adapt Gentry's time-slot based private key revocation approach to our scheme more efficiently than others. We also show the security of the system and its efficiency by analyzing the existing systems.

Comprehensive Study on Security and Privacy Requirements for Retrieval System over Encrypted Database (암호화된 데이터베이스 검색 시스템의 보안 요구사항에 대한 통합적 관점에서의 연구)

  • Park, Hyun-A;Lee, Dong-Hoon;Chung, Taik-Yeong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.3
    • /
    • pp.621-635
    • /
    • 2012
  • Although most proposed security schemes have scrutinized their own security models for protecting different types of threats and attacks, this naturally causes a problem as follows-- if a security analysis tool would fit a certain scheme, it may not be proper to other schemes. In order to address this problem, this paper analyzes how security requirements of each paper could be different by comparing with two schemes: Agrawal et al.'s scheme OPES (Order Preserving Encryption Scheme) and Zdonik et al.'s FCE (Fast Comparison Encryption). Zdonik et al. have formally disproved the security of Agrawal et al.'s scheme OPES. Thereafter, some scholars have wondered whether the OPES can guarantee its applicability in a real world for its insecurity or not. However, the analysis by Zdonik et al. does not have valid objectivity because they used the security model INFO-CPA-DB for their scheme FCE to analyze Agrawal et al.'s scheme OPES, in spite of the differences between two schemes. In order to analyze any scheme correctly and apply it to a real world properly, the analysis tool should be comprehensively standardized. We re-analyze Zdonik et al.'s analysis for OPES and then propose general formalizations of security and privacy for all of the encrypted retrieval systems. Finally, we recommend the minimum level of security requirements under our formal definitions. Additional considerations should be also supplemented in accordance with the conditions of each system.