• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.7
• /
• pp.2703-2718
• /
• 2015

Nowadays, public cloud storage is gaining popularity and a growing number of users are beginning to use the public cloud storage for online data storing and sharing. However, how the encrypted data stored in public clouds can be effectively shared becomes a new challenge. Proxy re-encryption is a public-key primitive that can delegate the decryption right from one user to another. In a proxy re-encryption system, a semi-trusted proxy authorized by a data owner is allowed to transform an encrypted data under the data owner's public key into a re-encrypted data under an authorized recipient's public key without seeing the underlying plaintext. Hence, the paradigm of proxy re-encryption provides a promising solution to effectively share encrypted data. In this paper, we propose a new certificate-based proxy re-encryption scheme for encrypted data sharing in public clouds. In the random oracle model, we formally prove that the proposed scheme achieves chosen-ciphertext security. The simulation results show that it is more efficient than the previous certificate-based proxy re-encryption schemes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.1043-1063
• /
• 2019

With delegating proxy to process data before outsourcing, data owners in restricted access could enjoy flexible and powerful cloud storage service for productivity, but still confront with data integrity breach. Identity-based data auditing as a critical technology, could address this security concern efficiently and eliminate complicated owners' public key certificates management issue. Recently, Yu et al. proposed an Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy Processing (https://doi.org/10.3837/tiis.2017.10.019). It aims to offer identity-based, privacy-preserving and batch auditing for multiple owners' data on different clouds, while allowing proxy processing. In this article, we first demonstrate this scheme is insecure in the sense that malicious cloud could pass integrity auditing without original data. Additionally, clouds and owners are able to recover proxy's private key and thus impersonate it to forge tags for any data. Secondly, we propose an improved scheme with provable security in the random oracle model, to achieve desirable secure identity based privacy-preserving batch public auditing with proxy processing. Thirdly, based on theoretical analysis and performance simulation, our scheme shows better efficiency over existing identity-based auditing scheme with proxy processing on single owner and single cloud effort, which will benefit secure big data storage if extrapolating in real application.

• Journal of the Korean Data and Information Science Society
• /
• v.20 no.6
• /
• pp.1177-1190
• /
• 2009

In this paper, we propose a fuzzy proxy cache scheme for caching web documents in mobile base stations. In this scheme, a mobile cache model is used to facilitate data caching and data replication. Using the proposed cache scheme, the individual proxy in the base station makes cache decisions based solely on its local knowledge of the global cache state so that the entire wireless proxy cache system can be effectively managed without centralized control. To improve the performance of proxy caching, the proposed cache scheme predicts the direction of movement of mobile hosts, and uses various cache methods for neighboring proxy servers according to the fuzzy-logic-based control rules based on the membership degree of the mobile host. The performance of our cache scheme is evaluated analytically in terms of average response delay and average energy cost, and is compared with that of other mobile cache schemes.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.8
• /
• pp.1463-1472
• /
• 2008

We propose Framework that (should) have data interoperability between Legacy DataBases using Proxy DataBases based on XMDR(eXtended Meta-Data Registry) Data Hub in this papers. It may occur some problems among data structure, semantics and other heterogeneous problems between interoperability of legacy DB on cooperation environment. Also, It is hard to keep consistency of Data that changes on realtime, regardless of data variety and type. In this paper, Using XMDR data hub, we solve the problem that was occurred by data integration and interoperability between legacy DB. We suggest the framework which are compatible with any class and type of interoperability-data and offer accurate information with consistency in real-time using proxy database.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.3
• /
• pp.991-1013
• /
• 2020

E-health services have provided interoperability between personal health devices in personal area network, based the ISO/IEEE 11073 standard. In the healthcare system, the manager handles most agents concurrently through wireless communication. However, due to the distance limitation and the increased number of agents, it may be difficult to provide continuous connectivity. Recently, body area devices have been equipped with various applicable agents, which can even handle agents on behalf of the manager. A BAD may act as an intermediary device to increase system efficiency and performance. In this study, a device called "proxy", which can be installed as software on BAD devices, is proposed. The data measured by an agent can be sent to the proxy first, and subsequently be sent to the manager again. Agents and the manager are not aware of the proxy existence and work normally without the proxy. Furthermore, a new smart proxy and modified manager are proposed. The smart proxy acts as one agent handling measurement data from several agents, which can transmit a significant amount of data at once. The proxy and smart proxy maintain compatibility with existing devices that conform to the 20601 standard. The proposed schemes are verified and the complexities of devices are analyzed. The analysis shows no significant difference among the proxy, smart proxy, and manager. Simulations exhibit that the proposed schemes can improve the system performance.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.4B
• /
• pp.288-299
• /
• 2012

To ensure data confidentiality and fine-grained access control in business environment, system model using KP-ABE(Key Policy-Attribute Based Encryption) and PRE(Proxy Re-Encryption) has been proposed recently. However, in previous study, data confidentiality has been effected by decryption right concentrated on cloud server. Also, Yu's work does not consider a access privilege management, so existing work become dangerous to collusion attack between malicious user and cloud server. To resolve this problem, we propose secure system model against collusion attack through dividing data file into header which is sent to privilege manager group and body which is sent to cloud server and prevent modification attack for proxy re-encryption key using d Secret Sharing, We construct protocol model in medical environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.455-472
• /
• 2020

As a user in modern societies with the rapid growth of Internet environment and more complicated business flow processes in order to be effective at work and accomplish things on time when the manager of the company went for a business trip, he/she need to delegate his/her signing authorities to someone such that, the delegatee can act as a manager and sign a message on his/her behalf. In order to make the delegation process more secure and authentic, we proposed a secure and efficient identity-based proxy signcryption in cloud data sharing (SE-IDPSC-CS), which provides a secure privilege delegation mechanism for a person to delegate his/her signcryption privilege to his/her proxy agent. Our scheme allows the manager of the company to delegate his/her signcryption privilege to his/her proxy agent and the proxy agent can act as a manager and generate signcrypted messages on his/her behalf using special information called "proxy key". Then, the proxy agent uploads the signcrypted ciphertext to a cloud service provider (CSP) which can only be downloaded, decrypted and verified by an authorized user at any time from any place through the Internet. Finally, the security analysis and experiment result determine that the proposed scheme outperforms previous works in terms of functionalities and computational time.

• Proceedings of the IEEK Conference
• /
• 2002.07a
• /
• pp.121-124
• /
• 2002

The proxy mechanism widely used in WWW systems offers low-delay data delivery by means of "proxy server". By applying the proxy mechanisms to the video streaming system, we expect that high-quality and low-delay video distribution can be accomplished without introducing extra load on the system. In addition, it is effective to adapt the quality of cached video data appropriately in the proxy if user requests are diverse due to heterogeneity in terms of the available bandwidth, end-system performance, and user′s preferences on the perceived video quality. We have proposed proxy caching mechanisms to accomplish the high-quality and highly-interactive video streaming services. In our proposed system, a video stream is divided into blocks for efficient use of the cache buffer. The proxy server is assumed to be able to adjust the quality of a cached or retrieved video block to the request through video filters. In this paper, to verify the practicality of our mechanisms, we implemented them on a real system and conducted experiments. Through evaluations from several performance aspects, it was shown that our proposed mechanisms can provide users with a low-latency and high-quality video streaming service in a heterogeneous environment.

• The KIPS Transactions:PartC
• /
• v.9C no.1
• /
• pp.79-88
• /
• 2002

Transcoding proxy strategy has been widely used as a means to reduce the delay in retrieving Web pages over wireless mobile data service networks. However, this strategy has the serious drawbacks of being a potential point of failure or a bottleneck of the service. We developed a distributed proxy server system in which multiple proxy servers are installed at geographically dispersed locations and share the workloads among them by serving mobile hosts only within assigned regions. A new handoff message protocol to enable handoffs between proxies as the mobile hosts move between regions is proposed. According to the proxy server handoff protocol, a client agent at the mobile horst requests a proxy server to start handoff processing by which two proxy servers synchronize distilled data belonging to a HTTP session that must be maintained across the handoff. Also, we introduce the architecture of the proxy server and the client agent that handles the proxy server handoff. Finally, we evaluate the proposed system through performance test.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.11B
• /
• pp.1269-1276
• /
• 2011

In the Proxy Mobile IPv6 (PMIPv6), the data transmission performance may be degraded when the two communicating hosts are located within the same mobile domain, since all the data packet shall be delivered by way of Local Mobility Anchor (LMA). In this paper we propose an extensional scheme of PMIPv6 using binding query. In the proposed Query-based PMIPv6 (Q-PMIPv6) scheme, the Mobile Access Gateway (NAG) of Correspondent Node (CN) sends a binding query to LMA to obtain the Proxy Care-of-Address of Mobile Node (MN). Since then, CN and MN can communicate with each other by using an optimized data path. For comparison, we performed the numerical analysis and the ns-2 simulations for the proposed Q-PMIPv6 scheme and the existing PMIPv6 and PMIPv6 Localized Routing (PMIPv6-LR). From the results, we can see that the proposed scheme outperforms the existing PMIPv6 and PMIPv6-LR schemes in terms of the signaling control and data delivery costs.