• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38A no.11
• /
• pp.967-969
• /
• 2013

In this paper, we propose an efficient mult-signature scheme based on a bilinear mapping for shared data in the cloud and prove the security of the proposed scheme using the difficulty of the computational Diffie-Hellman problem. For verification, the scheme is using the sum of the hash values of stored data rather than the entire data, which makes it feasible to reduce the size of the downloaded data.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.2
• /
• pp.558-579
• /
• 2021

The cloud storage provides flexible data storage services for data owners to remotely outsource their data, and reduces data storage operations and management costs for data owners. These outsourced data bring data security concerns to the data owner due to malicious deletion or corruption by the cloud service provider. Data integrity verification is an important way to check outsourced data integrity. However, the existing data verification schemes only consider the case that a verifier launches multiple data verification challenges, and neglect the verification overhead of multiple data verification challenges launched by multiple verifiers at a similar time. In this case, the duplicate data in multiple challenges are verified repeatedly so that verification resources are consumed in vain. We propose a duplicate data verification algorithm based on multiple verifiers and multiple challenges to reduce the verification overhead. The algorithm dynamically schedules the multiple verifiers' challenges based on verification time and the frequent itemsets of duplicate verification data in challenge sets by applying FP-Growth algorithm, and computes the batch proofs of frequent itemsets. Then the challenges are split into two parts, i.e., duplicate data and unique data according to the results of data extraction. Finally, the proofs of duplicate data and unique data are computed and combined to generate a complete proof of every original challenge. Theoretical analysis and experiment evaluation show that the algorithm reduces the verification cost and ensures the correctness of the data integrity verification by flexible batch data verification.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.1
• /
• pp.145-164
• /
• 2023

Cloud computing offers a platform that is both adaptable and scalable, making it ideal for outsourcing data for sharing. Various organizations outsource their data on cloud storage servers for availing management and sharing services. When the organizations outsource the data, they lose direct control on the data. This raises the privacy and security concerns. Cryptographic encryption methods can secure the data from the intruders as well as cloud service providers. Data owners may also specify access control policies such that only the users, who satisfy the policies, can access the data. Attribute based access control techniques are more suitable for the cloud environment as they cover large number of users coming from various domains. Multi-authority attribute-based encryption (MA-ABE) technique is one of the propitious attribute based access control technique, which allows data owner to enforce access policies on encrypted data. The main aim of this paper is to comprehensively survey various state-of-the-art MA-ABE schemes to explore different features such as attribute and key management techniques, access policy structure and its expressiveness, revocation of access rights, policy updating techniques, privacy preservation techniques, fast decryption and computation outsourcing, proxy re-encryption etc. Moreover, the paper presents feature-wise comparison of all the pertinent schemes in the field. Finally, some research challenges and directions are summarized that need to be addressed in near future.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.8
• /
• pp.1818-1824
• /
• 2015

Cloud computing draws attention as an application to provide dynamically scalable infrastructure for application, data and file storage. An untrusted remote server can cause a variety of problems in the field of data protection. It may process intentionally or involuntarily user's data operations(modify, insert, delete) without user's permission. It may provide false information in order to hide his mistakes in the auditing process. Therefore, it is necessary to audit the integrity of data stored in the cloud server. In this paper, we propose a new data auditing system that can verify whether servers had a malicious behavior or not. Performance and security analysis have proven that our scheme is suitable for cloud computing environments in terms of performance and security aspects.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.8 no.6
• /
• pp.491-496
• /
• 2015

Cloud computing has emerged with promise to decrease the cost of server additional cost and expanding the data storage and ease for computer resource sharing and apply the new technologies. However, Cloud computing also raises many new security concerns due to the new structure of the cloud service models. Therefore, the secure user authentication is required when the user is using cloud computing. This paper, we propose the enhanced AdaBoost algorithm for access cloud security zone. The AdaBoost algorithm despite the disadvantage of not detect a face inclined at least 20, is widely used because of speed and responsibility. In the experimental results confirm that a face inclined at least 20 degrees tilted face was recognized. Using the FEI Face Database that can be used in research to obtain a result of 98% success rate of the algorithm perform. The 2% failed rate is due to eye detection error which is the people wearing glasses in the picture.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.10
• /
• pp.339-346
• /
• 2016

1 person media is becoming the leading trend among several media in the Internet era exploiting the individual desire of showing off. But, the vast accessibility of Internet produces the worry about privacy risk, which concludes in the increasement of closed SNS. In this paper, we propose a system based on PWW (Person Wide Web) where a person is producing a media and share it with other persons. PWW is an information system which consists of a smart-phone, mobile anchors, a standard web document, and his own cloud storage. An information consumer gets the link using his smart-phone from the mobile anchors attached on the objects in the field. The web browser in the smart-phone obtains the web documents designated by the link and presents it. We also explains the 1 person media system based on PWW and presents the example utilized in the field. We compared and analyzed the security factor of the system based on between WWW and PWW, and concluded that PWW is better than WWW in the aspect of security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.981-987
• /
• 2017

Proliferation of cloud computing services brings about reduction of the maintenance and management costs by allowing data to be outsourced to a dedicated third-party remote storage. At the same time, the majority of storage service providers have adopted a data deduplication technique for efficient utilization of storage resources. When a hash tree is employed for duplicate identification as part of deduplication process, size information of the attested data and partial information about the tree can be deduced from eavesdropping. To mitigate such side channels, in this paper, a new duplicate identification method is presented by exploiting a multi-set hash function.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.61-70
• /
• 2019

Recently, developments on quantum computers and cloud computing have been actively conducted. Quantum computers have been known to show tremendous computing power and Cloud computing has high accessibility for information and low cost. For quantum computers, quantum error correcting codes are essential. Similarly, cloud computing requires homomorphic encryption to ensure security. These two techniques, which are used for different purposes, are based on similar assumptions. Then, there have been studies to construct quantum homomorphic encryption based on quantum error correction code. Therefore, in this paper, we propose a scheme which can process the homomorphic encryption like quantum computation by modifying the QECCs. Conventional quantum homomorphic encryption schemes based on quantum error correcting codes does not have error correction capability. However, using the proposed scheme, it is possible to process the homomorphic encryption like quantum computation and correct the errors during computation and storage of quantum information unlike the homogeneous encryption scheme with quantum error correction code.

• Annual Conference of KIPS
• /
• 2015.10a
• /
• pp.672-675
• /
• 2015

다른 IT 분야에 비해 헬스케어 IT 분야는 의료정보의 중요성이 매우 높으나 현재 의료정보 보관, 데이터 전송에 대한 보안 부분이 매우 취약하며 보안관리에 대한 인력 또한 매우 부족한 상태이다. 향후 클라우드발전법으로 인한 의료영상저장전송시스템의 환경 변화로 보안에 대한 취약성은 더욱 두드러질 것이며 사고 또한 급증할 것이다. 이에 대한 보안성 향상에 대한 방안을 제시 하고자 한다.

• Annual Conference of KIPS
• /
• 2014.04a
• /
• pp.479-482
• /
• 2014

최근 모바일 컴퓨팅 환경이 발전함에 따라 모바일 디바이스 이용자들에게 다양한 서비스를 제공하기 위한 방법으로 클라우드 스토리지 서비스가 주목받고 있으며, 여러 장치의 데이터 동기화를 지원해준다. 이러한 편리성을 제공하고 있지만, 개인과 기업의 핵심 자료 유출에 따른 보안 이슈가 중요한 문제로 대두되고 있기 때문에, 클라우드 스토리지 보안 검증의 중요성도 증대되었다. 이처럼 클라우드 스토리지 서비스는 보안 검증 과정을 거친다. 본 논문에서는 기존의 클라우드 스토리지 보안 평가 가이드라인의 문제점을 분석하여 다형성, 종속성, 병렬성, 중복성 등을 고려해 효율적인 클라우드 스토리지 보안 평가를 위한 새로운 방법론을 제시 하였다. 제시한 방법론을 이용해 클라우드 스토리지 보안검증 프로세스를 설계하였다.