• Journal of the Korea Society of Computer and Information
• /
• v.25 no.7
• /
• pp.93-101
• /
• 2020

Regional CRL(certificate revocation list) in vehicular communications is to partition Full CRL into several small CRLs according to geographic location to keep the size of individual CRLs with smaller. However, since a Regional CRL includes vehicle's revoked certificates within its administrative region, it has to know vehicle' location. For this, how to know vehicle' location effectively corresponding to every region represents a major challenge. This paper proposes a Regional CRL scheme which is envisioned to achieve vehicle's location and to make regional CRLs according to vehicles current location efficiently. The scheme is based on the short-lived pseudonyms defined by WAVE standard. It also acquires issued pseudonyms, vehicle's id and region information whenever a vehicle initiates pseudonyms refill after that, utilizes them to create and distribute the Regional CRL. To keep location privacy-preserving for vehicles, the scheme uses the blockchain technology in the network. The analysis results show that it reduces CRL size and database query time for finding revoked certificates sharply in the vehicle's on-board unit.

• Spatial Information Research
• /
• v.20 no.3
• /
• pp.67-81
• /
• 2012

Due to the recent advancement of cloud computing, the research on database outsourcing has been actively done. Moreover, the number of users who utilize Location-based Services(LBS) has been increasing with the development in w ireless communication technology and mobile devices. Therefore, LBS providers attempt to outsource their spatial database to service provider, in order to reduce costs for data storage and management. However, because unauthorized access to sensitive data is possible in spatial database outsourcing, it is necessary to study on the preservation of a user's privacy. Thus, we, in this paper, propose a spatial data encryption scheme to produce outsourced database from an original database. We also propose a k-Nearest Neighbor(k-NN) query processing algorithm that efficiently performs k-NN by using the outsourced database. Finally, we show from performance analysis that our algorithm outperforms the existing one.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1551-1560
• /
• 2016

With the advancement of wearable devices and wireless body are networks, smart healthcare systems based on such technologies have been emerging to effectively monitor patient health and disease progression. In order to implement viable smart healthcare systems, the security and privacy of patient's personal health information must be considered. Yang et al. proposed a privacy-preserving authentication scheme using key-insulation technique for remote health monitoring system, however, key-insulation technique is not properly adapted to their scheme which in turn causes a security pitfall contrary to their assertions. Besides, Yang et al.'s scheme does not guarantee user anonymity against healthcare service provider. Therefore, in this paper, we discuss the security concerns for Yang et al.'s scheme and present an improved anonymous authentication scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1247-1260
• /
• 2021

For more efficient energy management of nodes in wireless sensor networks, research has been conducted on mobile sink nodes that deliver data from sensor nodes to server recently. UAV (Unmanned Aerial vehicle) is used as a representative mobile sink node. Also, most studies on UAV propose algorithms for calculating optimal paths and have produced rapid advances in the IoD (Internet of Drones) environment. At the same time, some papers proposed mutual authentication and secure key exchange considering nature of the IoD, which requires efficient creation of multiple nodes and session keys in security perspective. However, most papers that proposed secure communication in mobile sink nodes did not protect end-to-end data privacy. Therefore, in this paper, we propose integrated security model that authentication between mobile sink nodes and sensor nodes to securely relay sensor data to base stations. Also, we show informal security analysis that our scheme is secure from various known attacks. Finally, we compare communication overhead with other key exchange schemes previously proposed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.1055-1065
• /
• 2023

Recently, various studies using deep reinforcement learning (deep RL) technology have been conducted to solve complex problems using big data collected at industrial internet of things. Deep RL uses reinforcement learning"s trial-and-error algorithms and cumulative compensation functions to generate and learn its own data and quickly explore neural network structures and parameter decisions. However, studies so far have shown that the larger the size of the learning data is, the higher are the memory usage and search time, and the lower is the accuracy. In this study, model-agnostic learning for efficient federated deep RL was utilized to solve privacy invasion by increasing robustness as 55.9% and achieve 97.8% accuracy, an improvement of 5.5% compared with the comparative optimization-based meta learning models, and to reduce the delay time by 28.9% on average.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.621-635
• /
• 2012

Although most proposed security schemes have scrutinized their own security models for protecting different types of threats and attacks, this naturally causes a problem as follows-- if a security analysis tool would fit a certain scheme, it may not be proper to other schemes. In order to address this problem, this paper analyzes how security requirements of each paper could be different by comparing with two schemes: Agrawal et al.'s scheme OPES (Order Preserving Encryption Scheme) and Zdonik et al.'s FCE (Fast Comparison Encryption). Zdonik et al. have formally disproved the security of Agrawal et al.'s scheme OPES. Thereafter, some scholars have wondered whether the OPES can guarantee its applicability in a real world for its insecurity or not. However, the analysis by Zdonik et al. does not have valid objectivity because they used the security model INFO-CPA-DB for their scheme FCE to analyze Agrawal et al.'s scheme OPES, in spite of the differences between two schemes. In order to analyze any scheme correctly and apply it to a real world properly, the analysis tool should be comprehensively standardized. We re-analyze Zdonik et al.'s analysis for OPES and then propose general formalizations of security and privacy for all of the encrypted retrieval systems. Finally, we recommend the minimum level of security requirements under our formal definitions. Additional considerations should be also supplemented in accordance with the conditions of each system.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.12
• /
• pp.291-306
• /
• 2020

Nowadays, Data-Network-AI (DNA)-based intelligent services and applications have become a reality to provide a new dimension of services that improve the quality of life and productivity of businesses. Artificial intelligence (AI) can enhance the value of IoT data (data collected by IoT devices). The internet of things (IoT) promotes the learning and intelligence capability of AI. To extract insights from massive volume IoT data in real-time using deep learning, processing capability needs to happen in the IoT end devices where data is generated. However, deep learning requires a significant number of computational resources that may not be available at the IoT end devices. Such problems have been addressed by transporting bulks of data from the IoT end devices to the cloud datacenters for processing. But transferring IoT big data to the cloud incurs prohibitively high transmission delay and privacy issues which are a major concern. Edge computing, where distributed computing nodes are placed close to the IoT end devices, is a viable solution to meet the high computation and low-latency requirements and to preserve the privacy of users. This paper provides a comprehensive review of the current state of leveraging deep learning within edge computing to unleash the potential of IoT big data generated from IoT end devices. We believe that the revision will have a contribution to the development of DNA-based intelligent services and applications. It describes the different distributed training and inference architectures of deep learning models across multiple nodes of the edge computing platform. It also provides the different privacy-preserving approaches of deep learning on the edge computing environment and the various application domains where deep learning on the network edge can be useful. Finally, it discusses open issues and challenges leveraging deep learning within edge computing.

• Journal of Internet Computing and Services
• /
• v.24 no.5
• /
• pp.85-96
• /
• 2023

With advance of cloud computing technology, Blockchain as a Service of Cloud Service Provider has been utilized in various areas such as e-Commerce and financial companies to manage customer history and distribution history. However, if users' search history, purchase history, etc. are to be utilized in a BaaS in areas such as recommendation algorithms and search engine development, the users' search queries will be exposed to the company operating the BaaS, and privacy issues will be occured. Z. Guan et al. ensure the unlinkability between users' search query and search result using searchable encryption, and based on the inner product similarity, they select Top-k results that are highly relevant to the users' search query. However, there is a problem that the Top-k results selection may be not possible due to ties of inner product similarity, and BaaS over cloud is not considered. Therefore, this paper solve the problem of Z. Guan et al. using cosine similarity, so we improve accuracy of search result. And based on this, we design a BaaS with secure Top-k search that improved accuracy. Furthermore, we design a smart contracts that preserve privacy of users' search and obtain Top-k search results that are highly relevant to the users' search.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.1
• /
• pp.1-14
• /
• 2015

To conform to new emerging computing paradigm, various researches and challenges are being done. New information technologies make easy to access and acquire information in various ways. In other side, however, it also makes illegal access more powerful and various threat to system security. In this paper, we suggest a new extended access control method that make it possible to conform to security policies enforcement even with discrepancy between policy based constraints rules and query based constraints rules, based on their semantic information. New method is to derive security policy rules using context tree structure and to control the exceed granting of privileges through the degree of the semantic discrepancy. In addition, we illustrate prototype system architecture and make performance comparison with existing access control methods.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.10
• /
• pp.3607-3623
• /
• 2014

The increasing demand in promoting cloud computing in either business or other areas requires more security of a cloud storage system. Traditional cloud storage systems fail to protect data integrity information (DII), when the interactive messages between the client and the data storage server are sniffed. To protect DII and support public verifiability, we propose a data integrity verification scheme by deploying a designated confirmer signature DCS as a building block. The DCS scheme strikes the balance between public verifiable signatures and zero-knowledge proofs which can address disputes between the cloud storage server and any user, whoever acting as a malicious player during the two-round verification. In addition, our verification scheme remains blockless and stateless, which is important in conducting a secure and efficient cryptosystem. We perform security analysis and performance evaluation on our scheme, and compared with the existing schemes, the results show that our scheme is more secure and efficient.