• Journal of Internet Computing and Services
• /
• v.19 no.2
• /
• pp.1-7
• /
• 2018

Due to advances in DNA sequencing technologies, its medical value continues to grow. However, once genome data leaked, it cannot be revoked, and disclosure of personal genome information impacts a large group of individuals. Therefore, secure techniques for managing genomic big data should be developed. We first propose a privacy-preserving inner product protocol for large data sets using the homomorphic encryption of Gentry et al., and then we introduce an efficient privacy-preserving DNA matching protocol based on the proposed protocol. Our efficient protocol satisfies the requirements of correctness, confidentiality, and privacy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.5
• /
• pp.43-52
• /
• 2001

Y. Zheng introduced a new type of cryptograghic primitive as \"signcryption\", which combines a function of digital signature scheme with a symmetric key encryption algorithm. Signcryption doesn\`t only provide authenticity and confidentiality in a single step, but also give more efficient computation than the traditional \"signature-then-encryption\". And C. Gamage proposed a proxy-signcryption that efficiently combines a proxy signature with the signcryption. But, in the proposed signcryption schemes, one who obtains the sender\`s private key can recover the original message of a signcrypted text. That is, forward secrecy is not offered by the signcryption scheme with respect to the sender\`s private key. In this paper, we will propose a modified signcryption of Zheng\`s signcryption and a variant of proxy-signcryption with forward secrecy.ith forward secrecy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.45-54
• /
• 2011

Corporations use e-mail as their primary method for internal communication and business processes. By their nature, the e-mails are in general used for major business processes that contain large amounts of business information. When there is a critical event, such as Technology leakage, an e-mail message can become important evidence. However, as there is a high likelihood that a suspect will intentionally erase an e-mail message, the ability to recover deleted e-mail is very important. This pater analyzes the deleted e-mail item structure in files of various e-mail clients, and explains the possibility and methods of recovery.

• Proceedings of the CALSEC Conference
• /
• 2000.08a
• /
• pp.305-318
• /
• 2000

1 . E-Commerce 보안 ■ 인증(authentication) 정보의 송/수신자 또는 정보시스템 이용자의 신원을 식별, 확인하는 것 ■ 기밀성(confidentiality) 전송 또는 보관중인 정보를 비인가자가 부정한 방법으로 입수하더라도 그 내용을 알 수 없도록 보호하는 것 ■ 무결성(integity) 전송 또는 보관중인 정보에 대한 허가되지 않은 변경을 발견할 수 있도록 하는 것 ■ 부인방지(non-repudiation) 사용자가 정보통신시스템을 통하여 정보를 송/수신하거나 처리한 사실을 부인할 수 없도록 하는 것 ■ 접근통제(access control) 비인가자가 정보통신시스템에 부정한 방법으로 접근하여 사용하는 것을 방지하는 것(중략)

• Venture DIGEST
• /
• s.130
• /
• pp.22-24
• /
• 2009

국내 기업들의 개인정보 유출이 날로 심각해지고 있다. 우리에게 일상적인 공간에서 내 정보가 나도 모르는 사이에 누군가에 의해 유출되고 있는 것이다. 그것은 비단 개인정보뿐만이 아니다. 국가기밀에 가까운 첨단기술정보까지도 유출되고 있는 실정이다. 우리가 살아가는 시대는 눈에 보이는 것과 함께 보이지 않는 정보까지 보호하면서 생활해야하는 시대다. 이런 상황에서 국내 통합 PC 보안 시장에서 절대강자의 자리를 지키고, 국내를 넘어 세계시장까지 넘보고 있는 닉스테크(대표 박동훈, www.nicstech.com)를 찾아 업계 1위를 고수하고 있는 이유를 알아보았다.

• The Magazine of the IEIE
• /
• v.30 no.6
• /
• pp.599-607
• /
• 2003

기업간 파트너쉽이 e-비즈니스 네트워크로 발전하면서 사용자에 대한 안전하고 효과적인 인증은 물론 인증된 사용자의 특정 서비스에 대한 접근권한의 관리요구가 크게 대두되고 있다. PKI 기반 기술로 사용자 인증, 데이터 기밀성 및 무결성 서비스는 가능하지만 사용자 및 자원에 대한 권한 관리는 별도의 기반기술이 요구된다. 웹 사이트들을 파트너 쉽으로 연결해주는 크로스 도메인간의 단일인증, 보호 대상 자원에 대한 접근제어, 파트너간의 상호연동성 및 이기종 연동 등의 요구사항을 만족시키기 위한 권한관리 기반기술이 필요하다. 본고에서는 PMI 표준, 접근제어, RBAC, SAML 및 XACML 기술에 대한 소개와 권한관리 시스템 구축 모델에 대하여 설명한다.

• The Journal of the Korea Contents Association
• /
• v.14 no.11
• /
• pp.164-174
• /
• 2014

The purpose of this study is to explore ways to resolve the conflicting issues that are currently applied in medical Act and medical privacy Act through the comparative Analysis of the Privacy Act and the Medical Information Protection Act foreign. the results run to establish the Public Health Act coming for the protection of health information is a characteristic of many countries, France in Europe, the United States and Canada had been running an independent medical information laws are enacted. Prescribes penalties of up to a fairly systematic method from the case records of patients would not have occurred in the management and implementation of the law and the protection of the author of the book focuses on the subject of medical records and physician records between patient confidentiality and privacy it can be seen that the method defined in. This indicates the need for the establishment of an independent medical information laws to protect all records relating to the patient systematically Korea also.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.6
• /
• pp.2801-2806
• /
• 2011

During data transmissions via Bluetooth networks, data to be encrypted, or plain text between the application layer and the device layer, can be hacked similar to a key-logger by the major function hooking technique of Windows Kernel Driver. In this paper, we introduce an improved protection module which provides data encryption transmission by modifying the data transmission driver of the Bluetooth device layer, and also suggest a self-protecting scheme which prevents data exposure by various hacking tools. We implement the protection module to verify the confidentiality guarantee. Our protection module which provides data encryption with minimal latency can be expected the widespread utilization in Bluetooth data transmission.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.12
• /
• pp.2695-2701
• /
• 2012

We need privacy protection protocols, that satisfy three essential security requirements; confidentiality, indistinguishability and forward security, in order to protect user's privacy in RFID system. The hash-chain based protocol that Ohkubo et. al proposed is the most secure protocol, that satisfies all of the essential security requirements, among existing protocols. But, this protocol has a disadvantage that it takes very long time to identify a tag in the back-end server. In this paper, we propose a scheme to keep security just as it is and to reduce computation time for identifying a tag in back-end server. The proposed scheme shows the results that the identification time in back-end server is reduced considerably compared to the hash-chain based protocol.

• The KIPS Transactions:PartC
• /
• v.9C no.6
• /
• pp.809-816
• /
• 2002

Cryptographic applications, such as data confidentiality and authentication, must be used for secure data communications. PRNG(Pseudo-Random Number Generator) is a basic cryptographic component which is supposed to be satisfied by criteria that we provable security and randomness properties. PRNG it used for generating an initial value or key value of cipher and security of whole cryptographic module depends on the security of PRNG. In this paper, we introduce an PRNG based on a block cipher and prove their security.