• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.6
• /
• pp.2851-2873
• /
• 2016

Cloud storage as a service provides high scalability and availability as per need of user, without large investment on infrastructure. However, data security risks, such as confidentiality, privacy, and integrity of the outsourced data are associated with the cloud-computing model. Over the year's techniques such as, remote data checking (RDC), data integrity protection (DIP), provable data possession (PDP), proof of storage (POS), and proof of retrievability (POR) have been devised to frequently and securely check the integrity of outsourced data. In this paper, we improve the efficiency of PDP scheme, in terms of computation, storage, and communication cost for large data archives. By utilizing the capabilities of JAR and ZIP technology, the cost of searching the metadata in proof generation process is reduced from O(n) to O(1). Moreover, due to direct access to metadata, disk I/O cost is reduced and resulting in 50 to 60 time faster proof generation for large datasets. Furthermore, our proposed scheme achieved 50% reduction in storage size of data and respective metadata that result in providing storage and communication efficiency.

• Journal of Digital Convergence
• /
• v.16 no.9
• /
• pp.179-185
• /
• 2018

Technology of Internet of Things (IoT) which is receiving the spotlight recently as a new growth engine of Information Communications Technology (ICT) industry in the $4^{th}$ Industrial Revolution needs trustworthiness beyond simple technology of security. IoT devices should consider trustworthiness from planning and design of IoTs so that everyone who develop, evaluate and use the device can measure and trust its security. Increased number of IoTs and long lifetime result in the increased securituy vulnerability due to the difficulty of software patch and update. In this paper, we investigated security and scalability issues of current IoT devices through research of the technical, political and industrial trend of IoT. In order to overcome the limitations, we propose an automatic verification of software integrity utilizing and a political solution to apply cyber killchain based security mechanism using hash which is an element technology of blockchain to solve these problems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1205-1214
• /
• 2021

Edge Computing is used as a solution to the cost problem and transmission delay problem caused by network bandwidth consumption that occurs when IoT/CPS devices are integrated into the cloud by performing artificial intelligence (AI) in an environment close to the data source. Since edge computing runs on devices that provide high-performance computation and network connectivity located in the real world, it is necessary to consider application integrity so that it is not exploited by cyber terrorism that can cause human and material damage. In this paper, we propose a technique to protect the integrity of edge computing applications implemented in a script language that is vulnerable to tampering, such as Python, which is used for implementing artificial intelligence, as container images and then digitally signed. The proposed method is based on the integrity protection technology (Docker Contents Trust) provided by the open source container technology. The Docker Client was modified and used to utilize the whitelist for container signature information so that only containers allowed on edge computing devices can be operated.

• Journal of Fisheries and Marine Sciences Education
• /
• v.17 no.2
• /
• pp.270-280
• /
• 2005

Many researchers have proposed the various methods to detect illegal intrusion in order to improve internet environment. Among these researches, IDS(Intrusion Detection System) is classified the most common model to protect network security. In this paper, we propose new log format instead of Apache log format for SSL integrity verification. We translate file-DB log format into R-DB log format. Using these methods we can manage Web server's integrity, and log data is transmitted verification system to be able to perform both primary function of IDS and Web server's integrity management at the same time. The proposed system in this paper is also able to use for wire and wireless environment based on PDA.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.753-762
• /
• 2021

WebAssembly(WASM) is a low-level instruction format that can be run in a web environment. Since WASM has a excellent performance, various web applications use webassembly. However, according to our security analysis WASM has a security pitfall related to control flow integrity (CFI) for indirect calls. To address the problem in this paper we propose a new code instrumentation scheme to protect indirect calls, named WACFI. Specifically WACFI enhances a CFI technique for indirect call in WASM based on source code anlysis and binary instrumentation. To test the feasibility of WACFI, we applied WACFI to a sound-encoding application. According to our experimental results WACFI only adds 2.75% overhead on the execution time while protecting indirect calls safely.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1103-1112
• /
• 2022

Blockchain technology is widespread in everyday life and various industry fields. It guarantees integrity and transparency between blockchain network participants through a distributed ledger. The smart contract is modifying and managing the distributed ledger, which is the most important component of guaranteeing integrity and transparency of blockchain network. Still, smart contracts are also a component of blockchain networks, it is disclosed to network participants transparently. For this reason, the vulnerability of smart contracts could be revealed easily. To mitigate this, various studies are leveraging TEE to guarantee the confidentiality of smart contracts. In existing studies, TEE provides confidentiality of smart contracts but guaranteeing the integrity of smart contracts is out of their scope. In this study, we provide not only the confidentiality of smart contracts but also their integrity, by guaranteeing the CFI of smart contracts within TEE.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.95-110
• /
• 2018

With the widespread use of smartphones, various personal information of users is being recorded on a smartphone in real time. For the purpose of preventing the loss of important personal information of users, manufacturer provides a smartphone backup applications. Recently, not only backup programs for PC but also backup mobile apps for smart phones have been provided. From the point of view acquiring forensic data, it is important not to compromise the acquisition possibilities and the integrity of the original data. Especially, in the case of Android smartphones, various studies are being carried out to acquire the data without damaging the integrity of the original data. However, there are limitations to apply the existing research methods. In this paper, we describe the process of acquiring data using the backup mobile app provided by the manufacturer without compromising the integrity of the latest smartphone.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.754-756
• /
• 2011

Most of the sources of security and privacy issues in RFID technology arise from the violation of the air interface between a tag and its reader. This paper will approach the security risk analysis is process from the perspective of the RFID tag life cycle, identify the tag usage processes, identify the associated vulnerability and threat to the confidentiality, integrity and availability of the information assets and its implications for privacy, and then mitigate the risks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.5
• /
• pp.1744-1765
• /
• 2014

A client stores data in the cloud and uses remote data checking (RDC) schemes to check the integrity of the data. The client can detect the corruption of the data using RDC schemes. Recently, robust RDC schemes have integrated forward error-correcting codes (FECs) to ensure the integrity of data while enabling dynamic update operations. Thus, minor data corruption can be recovered by FECs, whereas major data corruption can be detected by spot-checking techniques. However, this requires high communication overhead for dynamic update, because a small update may require the client to download an entire file. The Variable Length Constraint Group (VLCG) scheme overcomes this disadvantage by downloading the RS-encoded parity data for update instead of the entire file. Despite this, it needs to download all the parity data for any minor update. In this paper, we propose an improved RDC scheme in which the communication overhead can be reduced by downloading only a part of the parity data for update while simultaneously ensuring the integrity of the data. Efficiency and security analysis show that the proposed scheme enhances efficiency without any security degradation.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2019.11a
• /
• pp.165-168
• /
• 2019

The advancement in technology has led to the enormous use of multimedia applications. The video/image recorded by such applications provides critical information that can be used as a visual evidence. However, owing to the adequacy in using different editing tools, it is susceptible to malicious alterations. Thus, the reliability or the integrity of the visual information should be verified before using it as an evidence. In this paper, we propose an integrity verification method for the surveillance system using randomized hashing. The integrity value of the surveillance data is generated using the randomized hashing and elliptic curve cryptography (ECC), which is used later for the validation. The experimental results obtained from the embedded accident data recorder (ADR) system shows that the proposed method is very efficient and provides a high level of security.