• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.12
• /
• pp.3398-3415
• /
• 2023

Internet-of-Things (IoT) is an emerging technology that interconnects millions of small devices to enable communication between the devices. It is heavily deployed across small scale to large scale industries because of its wide range of applications. These devices are very capable of transferring data over the internet including critical data in few applications. Such data is exposed to various security threats and thereby raises privacy-related concerns. Even devices can be compromised by the attacker. Modern cryptographic algorithms running on traditional machines provide authentication, confidentiality, integrity, and non-repudiation in an easy manner. IoT devices have numerous constraints related to memory, storage, processors, operating systems and power. Researchers have proposed several hardware and software implementations for addressing security attacks in lightweight encryption mechanism. Several works have made on lightweight block ciphers for improving the confidentiality by means of providing security level against cryptanalysis techniques. With the advances in the cipher breaking techniques, it is important to increase the security level to much higher. This paper, focuses on securing the critical data that is being transmitted over the internet by PRESENT using key-based dynamic S-Box. Security analysis of the proposed algorithm against other lightweight block cipher shows a significant improvement against linear and differential attacks, biclique attack and avalanche effect. A novel key-based dynamic S-Box approach for PRESENT strongly withstands cryptanalytic attacks in the IoT Network.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.6
• /
• pp.1599-1618
• /
• 2024

Access control has always been one of the effective methods to protect data security. However, in new computing environments such as big data, data resources have the characteristics of distributed cross-domain sharing, massive and dynamic. Traditional access control mechanisms are difficult to meet the security needs. This paper proposes CACM-MMSR to solve distributed cross-domain access control problem for massive resources. The method uses blockchain and smart contracts as a link between different security domains. A permission decision model migration method based on access control logs is designed. It can realize the migration of historical policy to solve the problems of access control heterogeneity among different security domains and the updating of the old and new policies in the same security domain. Meanwhile, a semantic reasoning-based permission decision method for unstructured text data is designed. It can achieve a flexible permission decision by similarity thresholding. Experimental results show that the proposed method can reduce the decision time cost of distributed access control to less than 28.7% of a single node. The permission decision model migration method has a high decision accuracy of 97.4%. The semantic reasoning-based permission decision method is optimal to other reference methods in vectorization and index time cost.

• International Journal of Computer Science & Network Security
• /
• v.24 no.7
• /
• pp.123-127
• /
• 2024

Cloud computing services has gained increasing popularity in recent years for supporting various on demand and scalable services for IT consumers where there is a need of less investment towards infrastructure. While storage architecture of cloud enjoys a more robust and fault-tolerant cloud computing network, such architecture also poses a number of security challenges especially when applied in applications related to social networks, Financial transactions, etc. First, as data are stored and maintained by individual virtual machines so Cloud resources are prone to hijacked. Such attacks allow attackers to create, modify and delete machine images, and change administrative passwords and settings successfully. hence, it is significantly harder to ensure data security. Second, Due to dynamic and shared nature of the Cloud, data may be compromised in many ways. Last but not least, Service hijacking may lead to redirect client to an illegitimate website. User accounts and service instances could in turn make a new base for attackers. To address the above challenges, we propose in this paper a distributed data access control scheme that is able to fulfil fine-grained access control over cloud data and is resilient against strong attacks such as compromise and user colluding. The proposed framework exploits a novel cryptographic primitive called attribute-based encryption (ABE), tailors, and adapts it for cloud computing with respect to security requirements

• International journal of advanced smart convergence
• /
• v.13 no.3
• /
• pp.13-17
• /
• 2024

The local storage method for home cameras, which relies on inserting an SD card into the device to store data, offers a convenient and cost-effective solution, as there are no recurring expenses after purchasing the SD card. However, we recognize that this method comes with significant security challenges. In particular, the ease with which third parties can access the SD card makes it vulnerable to both physical and software tampering. As the acceptance rate of home camera footage as evidence in courts has increased, we have become increasingly aware of the critical nature of these security issues. Digital data from home cameras, unlike other types of physical evidence, can be more easily tampered with and altered. To ensure that such data is recognized as valid legal evidence, we must prove its integrity and demonstrate that it has not been tampered with. In response to these challenges, we are committed to strengthening the security measures for both the home camera device and its local storage. By doing so, we aim to ensure the integrity and reliability of the data, thereby enhancing the overall security and trustworthiness of home camera systems.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.111-118
• /
• 2021

Banking systems are sensitive to data privacy since users' data, if not well protected, may be used to perform fake transactions. Blockchains, public and private, are frequently used in such systems thanks to their efficiency and high security. Public blockchains fail to fully protect users' data, despite their power in the accuracy of the transactions. The private blockchain is better used to protect the privacy of the sensitive data. They are not open and they apply authorization to login into the blockchain. However, they have a lower security compared to public blockchain. We propose in this paper a hybrid public-private architecture that profits from network virtualization. The main novelty of this proposal is the use of network virtualization that helps to reduce the complexity and efficiency of the computations. Simulations have been conducted to evaluate the performance of the proposed solution. Findings prove the efficiency of the scheme in reducing complexity and enhancing data privacy by guarantee high security. The contribution conducted by this proposal is that the results are verified by the centralized controller that ensures a correct validation of the resulted blockchains. In addition, computation complexity is to be reduced by profiting from the cooperation performed by the virtual agents.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.10
• /
• pp.2822-2843
• /
• 2023

All aspects of human life have become increasingly dependent on data in the last few decades. The development of several applications causes an enormous issue on data volume in current years. This information must be safeguarded and kept in safe locations. Massive volumes of data have been safely stored with cloud computing. This technology is developing rapidly because of its immense potentials. As a result, protecting data and the procedures to be handled from attackers has become a top priority in order to maintain its integrity, confidentiality, protection, and privacy. Therefore, it is important to implement the appropriate security measures in order to prevent security breaches and vulnerabilities. An improved version of Modular Encryption Standard (IMES) based on layered modelling of safety mechanisms is the major focus of this paper's research work. Key generation in IMES is done using a logistic map, which estimates the values of the input data. The performance analysis demonstrates that proposed work performs better than commonly used algorithms against cloud security in terms of higher performance and additional qualitative security features. The results prove that the proposed IMES has 0.015s of processing time, where existing models have 0.017s to 0.022s of processing time for a file size of 256KB.

• Journal of Information Technology Applications and Management
• /
• v.22 no.4
• /
• pp.225-251
• /
• 2015

This paper analyzed factors for employees to violate information security policy in financial companies based on the theory of reasoned action (TRA), general deterrence theory (GDT), and information security awareness and moderating effects of perceived sensitivity of customer information. Using the 376 samples that were collected through both online and offline surveys, statistical tests were performed. We found that the perceived severity of sanction and information security policy support to information policy violation attitude and subjective norm but the perceived certainty of sanction and general information security awareness support to only subjective norm. Also, the moderating effects of perceived sensitivity of customer information against information policy violation attitude and subjective norm were supported. Academic implications of this study are expected to be the basis for future research on information security policy violations of financial companies; Employees' perceived sanctions and information security policy awareness have an impact on the subjective norm significantly. Practical implications are that it can provide a guide to establish information security management strategies for information security compliance; when implementing information security awareness training for employees to deter violations by emphasizing the sensitivity of customer information, a company should make their employees recognize that the customer information is very sensitive data.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.6
• /
• pp.219-224
• /
• 2020

The purpose of this study is mainly to provide theoretical basis of private security industry by analyzing the perception and flow of private security from the press-released materials according to periodic classification and duties through 'Big Kinds', a website of analyzing news big data. The research method has been changed to structured data to allow an analysis of various scattered unstructured data, and the keywords trend and related words by duties of private security were analyzed in growth period of private security. The perception of private security based on the results of the study was exposed a lot by the media through various crimes, accidents and incidents, and the issues related permanent position. Also, it tended to be perceived as a simple security guard, not recognized as the area of private security, and judging from the high correlation between private security and police, it was recognized not only as a role to assist the police force, but also as a common agent in charge of the public peace. Therefore, it should objectively judge the perception of private security, and through this, it is believed that it should be a foundation for recognizing private security as a main agent responsible for the safety of the nation and maintaining social orders.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.11
• /
• pp.2940-2955
• /
• 2012

In this paper, we propose aggregate signcryption for achieving data security in UWSNs. The main challenge of these networks established in sensitive environments is offline sink visiting. Moreover, the sensors must retain collected data for long enough time to offload them onto the itinerant sink. Thus, the unattended nature of data collection intervals might offer the adversary the opportunity to apply various attacks without detection. In this paper, employing low order operations (in time and space), we propose a new secure scheme in which various security goals such as confidentiality (through encrypting), authentication and integrity (through signing) are achieved. In addition, the aggregation process of our scheme reduces the space and communication overheads both for sensors and sink, i.e. the proposed technique efficiently enables the sensors and sink to protect, verify and recover all the related data. We further compare our scheme with the best alternative work in the literature.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.4
• /
• pp.2219-2236
• /
• 2017

With cloud storage services, users can handle an enormous amount of data in an efficient manner. However, due to the widespread popularization of cloud storage, users have raised concerns about the integrity of outsourced data, since they no longer possess the data locally. To address these concerns, many auditing schemes have been proposed that allow users to check the integrity of their outsourced data without retrieving it in full. Yuan and Yu proposed a public auditing scheme with a deduplication property where the cloud server does not store the duplicated data between users. In this paper, we analyze the weakness of the Yuan and Yu's scheme as well as present modifications which could improve the security of the scheme. We also define two types of adversaries and prove that our proposed scheme is secure against these adversaries under formal security models.