Journal of information and communication convergence engineering

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

Key Management Server Design in Multiuser Environment for Critical File Protection

  • Sung-Hwa Han (Department of Information Security, TongMyong University)
  • Received : 2023.09.19
  • Accepted : 2023.11.15
  • Published : 2024.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

In enterprise environments, file owners are often required to share critical files with other users, with encryption-based file delivery systems used to maintain confidentiality. However, important information might be leaked if the cryptokey used for encryption is exposed. To recover confidentiality, the file owner must then re-encrypt and redistribute the file along with its new encryption key, which requires considerable resources. To address this, we propose a key management server that minimizes the distribution of encryption keys when critical files are compromised, with unique encryption keys assigned for each registered user to access critical files. While providing the targeted functions, the server employs a level of system resources comparable to that of legacy digital rights management. Thus, when implemented in an enterprise environment, the proposed server minimizes cryptokey redistribution while maintaining accessibility to critical files in the event of an information breach.

Keywords

Acknowledgement

This Research was supported by Tongmyong University Research Grant 2021A023.

References

  1. S. H. Han, "TTY Session Audit Techniques for Linux Platform," in IEEE/ACIS International Conference on Big Data, Cloud Computing, and Data Science Engineering, Cham: Springer International Publishing, pp. 95-105, Feb. 2023. DOI: https://doi.org/10.1007/978-3-031-19608-9_8.
  2. R. Wadolowski, "Protection of classified information in Bosnia and Herzegovina and Croatia," Selected criminal and administrative regulations. Przeglad Bezpieczenstwa Wewnetrznego, vol. 14, no. 27, pp. 276-299, Dec. 2022. DOI: https://doi.org/10.4467/20801335PBW.22.059.16950.
  3. V. S. Tchamyou, "The role of information sharing in modulating the effect of financial access on inequality," Journal of African Business, vol. 20, no. 3, pp. 317-338, Mar. 2019. DOI: https://doi.org/10.1080/15228916.2019.1584262.
  4. J. L. Peterson, "Confidentiality in medicine: how far should doctors prioritise the confidentiality of the individual they are treating?,"Postgraduate medical journal, vol. 94, no. 1116, pp. 596-600, Oct. 2018. DOI: https://doi.org/10.1136/postgradmedj-2018-136038.
  5. P. Yang, N. Xiong, and J. Ren, "Data security and privacy protection for cloud storage: A survey," IEEE Access, vol. 8, pp. 131723-131740, Jul. 2020. DOI: https://doi.org/10.1109/ACCESS.2020.3009876.
  6. G. R. Tsochev, R. D. Yoshinov, and O. P. Iliev, "Key problems of the critical information infrastructure through SCADA systems research," Информатика и автоматизация, vol. 18, no. 6, pp. 1333-1356, Dec. 2019. DOI: https://doi.org/10.15622/sp.2019.18.6.1333-1356.
  7. Z. N. Mohammad, F. Farha, A. O. Abuassba, S. Yang, and F. Zhou, "Access control and authorization in smart homes: A survey," Tsinghua Science and Technology, vol. 26, no. 6, pp. 906-917, Jun. 2021. DOI: https://doi.org/10.26599/TST.2021.9010001.
  8. M. P. K. Bachhav and M. M. A. Amritkar, "Secure Data Access Control and Efficient CP-ABE for Multi Authority Cloud Storage with Data Mirroring," in International Conference On Emanations in Modern Technology and Engineering, vol. 5, no. 3, pp. 19-22, 2017.
  9. H. E. R. Hassan, M. Tahoun, and G. S. ElTaweel, "A robust computational DRM framework for protecting multimedia contents using AES and ECC," Alexandria Engineering Journal, vol. 59, no. 3, pp. 1275-1286, Jun. 2020. DOI: https://doi.org/10.1016/j.aej.2020.02.020.
  10. C. C. Lee, C. T. Li, Z. W. Chen, Y. M. Lai, and J. C. Shieh, "An improved E-DRM scheme for mobile environments," Journal of information security and applications, vol. 39, pp. 19-30, Apr. 2018. DOI: https://doi.org/10.1016/j.jisa.2018.02.001.
  11. P. Kaushik, K. Joshi, J. Pandey, and T. Garg, "Statistical Deformity in Steganogrpahy and its Overcomings," Journal of Emerging Technologies and Innovative Research, vol 5, no. 6, pp. 697-710, Jun. 2018.
  12. E. Sultanow, M. Tobolla, A. Ullrich, and G. Vladova, "Visual Analytics Supporting Knowledge Management," in i-KNOW, Oct. 2017.
  13. K. Matsuzawa, M. Hayasaka, and T. Shinagawa, "The quick migration of file servers," in Proceedings of the 11th ACM International Systems and Storage Conference, pp. 65-75, 2018. DOI: https://doi.org/10.1145/3211890.3211894.
  14. H. K. Lee, S. H. Han, and D. Lee, "Kernel-Based Container File Access Control Architecture to Protect Important Application Information," Electronics, vol. 12, no. 1, pp. 52, Dec. 2022. DOI: https://doi.org/10.3390/electronics12010052.
  15. S. H. Han and D. Lee, "Kernel-based real-time file access monitoring structure for detecting malware activity," Electronics, vol. 11, no. 12, pp. 1871, Apr. 2022. DOI: https://doi.org/10.3390/electronics11121871.
  16. S. Cho, S. Hwang, W. Shin, N. Kim, and H. P. In, "Design of military service framework for enabling migration to military SaaS cloud environment," Electronics, vol. 10, no. 5, pp. 572, Mar. 2021. DOI: https://doi.org/10.3390/electronics10050572.
  17. L. Yang, Z. Han, Z. Huang, and J. Ma, "A remotely keyed file encryption scheme under mobile cloud computing," Journal of Network and Computer Applications, vol. 106, pp. 90-99, Mar. 2018. DOI: https://doi.org/10.1016/j.jnca.2017.12.017.
  18. H. Wang, "A Password-Based Access Control Framework for Time-Sequence Aware Media Cloudization," Cryptology ePrint Archive, Oct. 2022.
  19. D. Cho, S. Hwang, and G. Jeong, "DRM market system for media service platform supporting multi-DRM in cloud environment," Advanced Science Letters, vol. 23, no. 12, pp. 12721-12724, Dec. 2017. DOI: https://doi.org/10.1166/asl.2017.10886.
  20. A. E. Guvercin and B. Avenoglu, "Performance Analysis of Object- Relational Mapping (ORM) Tools in. Net 6 Environment," Bilisim Teknolojileri Dergisi, vol. 15, no. 4, pp. 453-465, Oct. 2022. DOI: https://doi.org/10.17671/gazibtd.1059516.