• Journal of Korea Society of Industrial Information Systems
• /
• v.19 no.1
• /
• pp.1-12
• /
• 2014

An access control system is needed to ensure only authorized users can access a sensitive resource. We propose a secure access control based on a fully secure and fine grained ciphertext-policy attribute-based encryption scheme. The access control for a sensitive resource is ensured by encrypting it with encryption algorithm from the CP-ABE scheme parameterized by an access control policy. Furthermore, the proposed access control supports non-monotone type access control policy. The ciphertext only can be recovered by users whose attributes satisfy the access control policy. We also implement and measure the performance of our proposed access control. The results of experiments show that our proposed secure access control is feasible.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.7
• /
• pp.3339-3352
• /
• 2016

In ciphertext-policy attribute-based encryption (CP-ABE) scheme, a user's secret key is associated with a set of attributes, and the ciphertext is associated with an access policy. The user can decrypt the ciphertext if and only if the attribute set of his secret key satisfies the access policy specified in the ciphertext. In the present schemes, access policy is sent to the decryptor along with the ciphertext, which means that the privacy of the encryptor is revealed. In order to solve such problem, we propose a CP-ABE scheme with hidden access policy, which is able to preserve the privacy of the encryptor and decryptor. And what's more in the present schemes, the users need to do excessive calculation for decryption to check whether their attributes match the access policy specified in the ciphertext or not, which makes the users do useless computation if the attributes don't match the hidden access policy. In order to solve efficiency issue, our scheme adds a testing phase to avoid the unnecessary operation above before decryption. The computation cost for the testing phase is much less than the decryption computation so that the efficiency in our scheme is improved. Meanwhile, our new scheme is proved to be selectively secure against chosen-plaintext attack under DDH assumption.

• International Journal of Knowledge Content Development & Technology
• /
• v.6 no.1
• /
• pp.69-84
• /
• 2016

The paper investigates open access (OA) self archiving policies of different Open Access Repositories (OARs) of COAPI (Coalition of Open Access Policy Institutions) founder members as reported in June 2011 (i.e. a total of 22 members against a total of 46 COPAI members as reported by Open Biomed (http://openbiomed.info/2011/08/coapi-cats/). The paper consulted three databases (OpenDOAR, ROAR and ROARMAP) in order to evaluate twenty-two (22) COAPI-members OARs self archiving policy documentations and highlights of some progress on issues so far. After analyzing policy documentations, key findings have been highlighted and common practices have been suggested in line with global recommendations and best practice guidelines at national and international levels for strengthening national research systems. The paper has implications for administrators, funding agencies, policy makers and professional librarians in devising institute specific self archiving policies for their own organization.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.5
• /
• pp.2768-2780
• /
• 2019

Ciphertext-policy attribute-based encryption (CP-ABE) is one of the practical technologies to share data over cloud since it can protect data confidentiality and support fine-grained access control on the encrypted data. However, most of the previous schemes only focus on data confidentiality without considering data receiver privacy preserving. Recently, Li et al.(in TIIS, 10(7), 2016.7) proposed a CP-ABE with hidden access policy and testing, where they declare their scheme achieves privacy preserving for the encryptor and decryptor, and also has high decryption efficiency. Unfortunately, in this paper, we show that their scheme fails to achieve hidden access policy at first. It means that any adversary can obtain access policy information by a simple decisional Diffie-Hellman test (DDH-test) attack. Then we give a method to overcome this shortcoming. Security and performance analyses show that the proposed scheme not only achieves the privacy protection for users, but also has higher efficiency than the original one.

• East Asian mathematical journal
• /
• v.30 no.1
• /
• pp.23-29
• /
• 2014

To solve inefficient spectrum usage problem under current static spectrum management policy, various kinds of dynamic spectrum access strategies have appeared. Myopic policy, which maximizes immediate throughput, is a simple and robust strategy with reduced complexity. In this paper, we present a simple mathematical model to evaluate the saturation throughput and medium access delay of a myopic policy in the presence of multiple channels.

• Journal of applied mathematics & informatics
• /
• v.32 no.1_2
• /
• pp.129-136
• /
• 2014

One of the fundamental issues in the design of dynamic spectrum access policy is the modeling of the dynamic behavior of channel occupancy by primary users. Under a Markovian modeling of channel occupancy, a periodic sensing and greedy access policy is known as one of the simple and practical dynamic spectrum access policies in cognitive radio networks. In this paper, the primary occupancy of each channel is modeled as a discrete-time alternating renewal process with generally distributed on- and off-periods. A periodic sensing and greedy access policy is constructed based on the general channel occupancy model. Simulation results show that the proposed policy has better throughput than the policies using channel models with exponentially distributed on- or off-periods.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.5
• /
• pp.1101-1105
• /
• 2013

Due to underutilization of spectrum under the current static spectrum management policy, various kinds of dynamic spectrum access strategies have appeared. Myopic policy is a simple policy with reduced complexity that maximizes the immediate throughput. In this paper, the distribution of its medium access delay is evaluated under saturation traffic conditions. Using the distribution of the medium access delay, we also evaluate its system delay under non-saturated traffic conditions.

• Journal of The Korean Association of Information Education
• /
• v.1 no.2
• /
• pp.57-66
• /
• 1997

The primary purpose of security mechanisms in a computer systems is to control the access to information. There are two types of access control mechanisms to be used typically. One is discretionary access control(DAC) and another is mandatory access control(MAC). In this study an access control mechanism is introduced for secure access path in security system. The security policy of this access control is that no disclosure of information and no unauthorized modification of information. To make this access control correspond to security policy, we introduce three properties; read, write and create.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.9
• /
• pp.21-31
• /
• 2013

A ciphertext policy-attribute based encryption(CP-ABE) scheme can be used to realize access control mechanism without a trusted server. We propose an attribute-based access control mechanism by incorporating a CP-ABE scheme to ensure only authorized users can access the sensitive data. The idea of CP-ABE is to include access control policy in the ciphertexts, in which they can only be decrypted if a user possesses attributes that pass through the ciphertext's access structure. In this paper, we prove a secure CP-ABE scheme where the policy can be expressed in non-monotonic access structures. We further compare the performance of our scheme with the existing CP-ABE schemes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.1
• /
• pp.323-342
• /
• 2021

Personal health records (PHRs) is an electronic medical system that enables patients to acquire, manage and share their health data. Nevertheless, data confidentiality and user privacy in PHRs have not been handled completely. As a fine-grained access control over health data, ciphertext-policy attribute-based encryption (CP-ABE) has an ability to guarantee data confidentiality. However, existing CP-ABE solutions for PHRs are facing some new challenges in access control, such as policy privacy disclosure and dynamic policy update. In terms of addressing these problems, we propose a privacy protection and dynamic share system (PPADS) based on CP-ABE for PHRs, which supports full policy hiding and flexible access control. In the system, attribute information of access policy is fully hidden by attribute bloom filter. Moreover, data user produces a transforming key for the PHRs Cloud to change access policy dynamically. Furthermore, relied on security analysis, PPADS is selectively secure under standard model. Finally, the performance comparisons and simulation results demonstrate that PPADS is suitable for PHRs.