• Title/Summary/Keyword: key exposure protection

Search Result 38, Processing Time 0.027 seconds

A key-insulated CP-ABE with key exposure accountability for secure data sharing in the cloud

  • Hong, Hanshu;Sun, Zhixin;Liu, Ximeng
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.5
    • /
    • pp.2394-2406
    • /
    • 2016
  • ABE has become an effective tool for data protection in cloud computing. However, since users possessing the same attributes share the same private keys, there exist some malicious users exposing their private keys deliberately for illegal data sharing without being detected, which will threaten the security of the cloud system. Such issues remain in many current ABE schemes since the private keys are rarely associated with any user specific identifiers. In order to achieve user accountability as well as provide key exposure protection, in this paper, we propose a key-insulated ciphertext policy attribute based encryption with key exposure accountability (KI-CPABE-KEA). In our scheme, data receiver can decrypt the ciphertext if the attributes he owns match with the self-centric policy which is set by the data owner. Besides, a unique identifier is embedded into each user's private key. If a malicious user exposes his private key for illegal data sharing, his identity can be exactly pinpointed by system manager. The key-insulation mechanism guarantees forward and backward security when key exposure happens as well as provides efficient key updating for users in the cloud system. The higher efficiency with proved security make our KI-CPABE-KEA more appropriate for secure data sharing in cloud computing.

Design and Implementation of Secure Web System with Cookies Protection Function (쿠키보호기능을 제공하는 안전한 웹 시스템의 설계 및 구현)

  • Choi, Eun-Bok;Choi, Hyang-Chang;Lee, Hyeong-Ok
    • Journal of Korea Multimedia Society
    • /
    • v.7 no.7
    • /
    • pp.934-943
    • /
    • 2004
  • In this paper, we propose cookie protection-key management system for cookie protection and maintain separate cookie protection-key of each user. We provide integrity, confidentiality, and user authentication of cookie by using registered cookie protection-key and applying encryption techniques. And, we use the technique for hiding the URL of an internal document to a user to minimize the problem of its exposure. When this system is applied to the intranet of an enterprise, it will be able to provide a security to cookie and minimize the problem of internal document exposure by an internal user.

  • PDF

A License Administration Protocol Providing User Privacy in Digital Rights Management (디지털 저작권 관리에서 사용자의 프라이버시 보호를 제공하는 라이센스 관리 프로토콜)

  • 박복녕;김태윤
    • Journal of KIISE:Information Networking
    • /
    • v.30 no.2
    • /
    • pp.189-198
    • /
    • 2003
  • As people are damaged increasingly by personal information leakage, awareness about user privacy infringement is increasing. However, the existing DRM system does not support the protection of user's personal information because it is not necessary for the protection of copyrights. This paper is suggesting a license administration protocol which is more powerful to protect personal information in DRM. To protect the exposure of users identifier, this protocol uses temporary ID and token to guarantee anonymity and it uses a session key by ECDH to cryptography and Public-Key Cryptosystem for a message so that it can protect the exposure of personal information and user's privacy.

A Review of Organ Dose Calculation Methods and Tools for Patients Undergoing Diagnostic Nuclear Medicine Procedures

  • Choonsik Lee
    • Journal of Radiation Protection and Research
    • /
    • v.49 no.1
    • /
    • pp.1-18
    • /
    • 2024
  • Exponential growth has been observed in nuclear medicine procedures worldwide in the past decades. The considerable increase is attributed to the advance of positron emission tomography and single photon emission computed tomography, as well as the introduction of new radiopharmaceuticals. Although nuclear medicine procedures provide undisputable diagnostic and therapeutic benefits to patients, the substantial increase in radiation exposure to nuclear medicine patients raises concerns about potential adverse health effects and calls for the urgent need to monitor exposure levels. In the current article, model-based internal dosimetry methods were reviewed, focusing on Medical Internal Radiation Dose (MIRD) formalism, biokinetic data, human anatomy models (stylized, voxel, and hybrid computational human phantoms), and energy spectrum data of radionuclides. Key results from many articles on nuclear medicine dosimetry and comparisons of dosimetry quantities based on different types of human anatomy models were summarized. Key characteristics of seven model-based dose calculation tools were tabulated and discussed, including dose quantities, computational human phantoms used for dose calculations, decay data for radionuclides, biokinetic data, and user interface. Lastly, future research needs in nuclear medicine dosimetry were discussed. Model-based internal dosimetry methods were reviewed focusing on MIRD formalism, biokinetic data, human anatomy models, and energy spectrum data of radionuclides. Future research should focus on updating biokinetic data, revising energy transfer quantities for alimentary and gastrointestinal tracts, accounting for body size in nuclear medicine dosimetry, and recalculating dose coefficients based on the latest biokinetic and energy transfer data.

A Design of Interdependent Multi Session Authentication Scheme for Secure Cloud Service (안전한 클라우드 서비스를 위한 상호의존적 다중세션 인증 기법 설계)

  • Song, Jun Ho;Choi, Do Hyun;Park, Jung Oh
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.10 no.3
    • /
    • pp.181-196
    • /
    • 2014
  • Cloud computer technology currently provides diverse services based on a comprehensive environment ranging from hardware to solution, network and service. While the target of services has been extended from institutions and corporations to personal infrastructure and issues were made about security problems involved with protection of private information, measures on additional security demands for such service characteristics are insufficient. This paper proposes a multi-session authentication technique based on the characteristics of SaaS (Software as a Service) among cloud services. With no reliable authentication authority, the proposed technique reinforced communication sessions by performing key agreement protocol safe against key exposure and multi-channel session authentication, providing high efficiency of performance through key renewal using optimzied key table. Each formed sessions have resistance against deprivation of individual confirmation and service authority. Suggested confirmation technique that uses these features is expected to provide safe computing service in clouding environment.

A Study on the Cryptography Technology for Computing Stored and Encrypted Information without Key Leakage (키 유출 없이 저장되고 암호화된 정보를 계산할 수 있는 암호기술에 관한 연구)

  • Mun, Hyung-Jin;Hwang, Yoon-Cheol
    • Journal of Industrial Convergence
    • /
    • v.17 no.1
    • /
    • pp.1-6
    • /
    • 2019
  • Various cryptographic technologies have been proposed from ancient times and are developing in various ways to ensure the confidentiality of information. Due to exponentially increasing computer power, the encryption key is gradually increasing for security. Technology are being developed; however, security is guaranteed only in a short period of time. With the advent of the 4th Industrial Revolution, encryption technology is required in various fields. Recently, encryption technology using homomorphic encryption has attracted attention. Security threats arise due to the exposure of keys and plain texts used in the decryption processing for the operation of encrypted information. The homomorphic encryption can compute the data of the cipher text and secure process the information without exposing the plain text. When using the homomorphic encryption in processing big data like stored personal information in various services, security threats can be avoided because there is no exposure to key usage and decrypted information.

Provably secure attribute based signcryption with delegated computation and efficient key updating

  • Hong, Hanshu;Xia, Yunhao;Sun, Zhixin;Liu, Ximeng
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.5
    • /
    • pp.2646-2659
    • /
    • 2017
  • Equipped with the advantages of flexible access control and fine-grained authentication, attribute based signcryption is diffusely designed for security preservation in many scenarios. However, realizing efficient key evolution and reducing the calculation costs are two challenges which should be given full consideration in attribute based cryptosystem. In this paper, we present a key-policy attribute based signcryption scheme (KP-ABSC) with delegated computation and efficient key updating. In our scheme, an access structure is embedded into user's private key, while ciphertexts corresponds a target attribute set. Only the two are matched can a user decrypt and verify the ciphertexts. When the access privileges have to be altered or key exposure happens, the system will evolve into the next time slice to preserve the forward security. What's more, data receivers can delegate most of the de-signcryption task to data server, which can reduce the calculation on client's side. By performance analysis, our scheme is shown to be secure and more efficient, which makes it a promising method for data protection in data outsourcing systems.

Analysis of Metabolism and Effective Half-life for Tritium Intake of Radiation Workers at Pressurized Heavy Water Reactor (중수로원전 종사자의 삼중수소 체내섭취에 따른 인체대사모델과 유효반감기 분석)

  • Kim, Hee-Geun;Kong, Tae-Young
    • Journal of Radiation Protection and Research
    • /
    • v.34 no.2
    • /
    • pp.87-94
    • /
    • 2009
  • Tritium is the one of the dominant contributors to the internal radiation exposure of workers at pressurized heavy water reactors (PHWRs). This nuclide is likely to release to work places as tritiated water vapor (HTO) from a nuclear reactor and gets relatively easily into the body of workers by inhalation. Inhaled tritium usually reaches the equilibrium of concentration after approximately 2 hours inside the body and then is excreted from the body with a half-life of 10 days. Because tritium inside the body transports with body fluids, a whole body receives radiation exposure. Internal radiation exposure at PHWRs accounts for approximately 20-40% of total radiation exposure; most internal radiation exposure is attributed to tritium. Thus, tritium is an important nuclide to be necessarily monitored for the radiation management safety. In this paper, metabolism for tritium is established using its excretion rate results in urine samples of workers at PHWRs and an effective half-life, a key parameter to estimate the radiation exposure, was derived from these results. As a result, it was found that the effective half-life for workers at Korean nuclear power plants is shorter than that of International Commission on Radiological Protection guides, a half-life of 10 days.

Prevention of UV-induced Skin Damage by Activation of Tumor Suppressor Genes p53 and $p14^{ARF}$

  • Petersen, R.;John, S.;Lueder, M.;Borchert, S.
    • Proceedings of the SCSK Conference
    • /
    • 2003.09a
    • /
    • pp.338-351
    • /
    • 2003
  • UV radiation is the most dangerous stress factor among permanent environmental impacts on human skin. Consequences of UV exposure are aberrant tissue architecture, alterations in skin cells including functional changes. Nowadays new kinds of outdoor leisure-time activities and changing environmental conditions make the question of sun protection more important than ever. It is necessary to recognize that self-confident consumers do not consider to change their way of life, they demand modern solutions on the basis of new scientific developments. In the past one fundamental principle of cosmetics was the use of physical and organic filter systems against damaging UV-rays. Today new research results demonstrate that natural protecting cell mechanisms can be activated. Suitable biological actives strongly support the protection function not from the surface but from the inside of the cell. A soy seed preparation (SSP) was proven to stimulate natural skin protective functions. The major functions are an increased energy level and the prevention of DNA damage. These functions can I be defined as biological UV protection. The tumor suppressor protein p53 plays a key role in the regulation of DNA repair. p53 must be transferred into the phosphorylated form to work as transcription factor for genes which are regulating the cell cycle or organizing DNA repair. A pretreatment with SSP increases the phosphorylation rate of p53 of chronically UV-irradiated human keratinocytes significantly. According to the same test procedure SSP induces a dramatic increase in the expression of the tumor suppressor protein p14$^{ARF}$ that is supporting the p53 activity by blocking the antagonist of p53, the oncoprotein Mdm2. Mdm2, a ubiquitin E3-ligase, downregulates p53 and at the same time it prevents phosphorylation of p53. The positive influence of the tumor suppressor proteins explains the stimulation of DNA repair and prevention of sunburn cell formation by SSP, which was proven in cell culture experiments. In vivo the increased skin tolerance against UV irradiation by SSP could be confirmed too. We have assumed, that an increased repair potential provides full cell functionality.y.

  • PDF

A study of analysis and improvement of security vulnerability in Bluetooth for data transfer (블루투스 환경에서 데이터 전송 시 보안 취약점 분석 및 개선 방안 관련 연구)

  • Baek, Jong-Kyung;Park, Jae-Pyo
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.12 no.6
    • /
    • pp.2801-2806
    • /
    • 2011
  • During data transmissions via Bluetooth networks, data to be encrypted, or plain text between the application layer and the device layer, can be hacked similar to a key-logger by the major function hooking technique of Windows Kernel Driver. In this paper, we introduce an improved protection module which provides data encryption transmission by modifying the data transmission driver of the Bluetooth device layer, and also suggest a self-protecting scheme which prevents data exposure by various hacking tools. We implement the protection module to verify the confidentiality guarantee. Our protection module which provides data encryption with minimal latency can be expected the widespread utilization in Bluetooth data transmission.