• Journal of KIISE
• /
• v.43 no.4
• /
• pp.497-508
• /
• 2016

With a cloud storage service, data owners can easily access their outsourced data in cloud storage on different devices and at different locations, and can share their data with others. However, as the users no longer physically have possession of their outsourced data and the cloud still facing the existence of internal/external threats, the task of checking the data integrity is formidable. Over recent years, numerous schemes have been proposed to ensure data integrity in an untrusted cloud. However, the existing public auditing schemes use a third-party auditor(TPA) to execute high computation to check data integrity and may still face many security threats. In this paper, we first demonstrate that the scheme proposed by Zhang et al. is not secure against our two threat models, and then we propose a self-certified public auditing scheme to eliminate the security threats and guarantee a constant communication cost. Moreover, we prove the securities of our public auditing scheme under three security models.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.75-82
• /
• 2015

Recently, many public auditing schemes have been proposed to support public auditability that enables a third party auditor to verify the integrity of data stored in the remote cloud server. To improve the performance of the auditor, several public auditing schemes support batch auditing which allows the auditor to handle simultaneously multiple auditing delegations from different users. However, when even one data is corrupted, the batch auditing will fail and individual and repeated auditing processes will be required. It is difficult to identify the corrupted data from the proof in which distinct data blocks and authenticators of distinct users are intricately aggregated. In this paper, we extend a public auditing scheme of Wang et al. to support batch auditing for multi-cloud and multi-user. We propose an identification scheme of the corrupted cloud when the data of a single cloud is corrupted in the batch auditing of multi-cloud and multi-user.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.8
• /
• pp.1818-1824
• /
• 2015

Cloud computing draws attention as an application to provide dynamically scalable infrastructure for application, data and file storage. An untrusted remote server can cause a variety of problems in the field of data protection. It may process intentionally or involuntarily user's data operations(modify, insert, delete) without user's permission. It may provide false information in order to hide his mistakes in the auditing process. Therefore, it is necessary to audit the integrity of data stored in the cloud server. In this paper, we propose a new data auditing system that can verify whether servers had a malicious behavior or not. Performance and security analysis have proven that our scheme is suitable for cloud computing environments in terms of performance and security aspects.

• Management Science and Financial Engineering
• /
• v.8 no.1
• /
• pp.1-19
• /
• 2002

Ordering is used to reduce the amount of fill-ins in the Cholesky factor of a symmetric positive definite matrix. One of the most efficient ordering methods is the minimum degree ordering algorithm(MDO). In this paper, we provide a few techniques that improve the performance of MDO implemented with the clique storage scheme. First, the absorption of nodes in the cliques is developed which reduces the number of cliques and the amount of storage space required for MDO. Second, we present a modified minimum degree ordering algorithm of which the number of degree updates can be reduced by introducing the lower bounds of degrees. Third, using both the lower and upper bounds of degrees, we develop an approximate minimum degree ordering algorithm. Experimental results show that the proposed algorithm is competitive with the minimum degree ordering algorithm that uses quotient graphs from the points of the ordering time and the nonzeros in the Cholesky factor.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.340-347
• /
• 2001

Security operating system applied to MAC(Mandatory Access Control) or to MLS(Multi Level Security) gives both subject and object both Security Level and value of Category, and it restrict access to object from subject. But it violates Security policy of system and could be a circulated course of illegal information. This is correctly IPC(Interprocess Communication)mechanism and Covert Channel. In this thesis, I tried to design and implementation as OS kernel in order not only to give confidence of information circulation in the Security system, but also to defend from Covert Channel by Storage and IPC mechanism used as a circulated course of illegal information. For removing a illegal information flow by IPC mechanism. I applied IPC mechanism to MLS Security policy, and I made Storage Covert Channel analyze system call Spec. and than distinguish Storage Covert Channel. By appling auditing and delaying, I dealt with making low bandwidth.

• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.95-102
• /
• 2024

In distributed computing, accessible encryption strategy over Auditable data is a hot research field. Be that as it may, most existing system on encoded look and auditable over outsourced cloud information and disregard customized seek goal. Distributed storage space get to manage is imperative for the security of given information, where information security is executed just for the encoded content. It is a smaller amount secure in light of the fact that the Intruder has been endeavored to separate the scrambled records or Information. To determine this issue we have actualize (CBC) figure piece fastening. It is tied in with adding XOR each plaintext piece to the figure content square that was already delivered. We propose a novel heterogeneous structure to evaluate the issue of single-point execution bottleneck and give a more proficient access control plot with a reviewing component. In the interim, in our plan, a CA (Central Authority) is acquainted with create mystery keys for authenticity confirmed clients. Not at all like other multi specialist get to control plots, each of the experts in our plan deals with the entire trait set independently. Keywords: Cloud storage, Access control, Auditing, CBC.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.882-885
• /
• 2013

외부 스토리지 무결성 검증 기법이란, 외부에 저장된 사용자의 데이터가 손상되었는지 확인하는 기법으로써 2004년 Deswarte 등이 제안한 이래 꾸준히 연구되어왔다. 하지만, 대부분의 기법들이 준동형 해쉬를 이용한 기법으로서 데이터를 지수에 두고 연산을 하고 있다. 따라서 데이터의 크기가 커질수록 검증에 필요한 연산량이 늘게 된다. 이를 줄이기 위한 기법으로서 데이터를 블록단위로, 블록을 조각 단위로 나누어 연산 후, 결합하여 최종 증거를 생성하는 기법들이 제안되고 있다. 본 논문은 이들 기법을 일반화하고 정리해봄으로써 향후 외부 스토리지 검증기법의 연구 방향을 제시하는 것을 목표로 하고 있다. 이를 위해 본 논문에서는 외부 스토리지 무결성 기법의 일반화 모델을 세우고, 이를 이용해 최근에 제안된 Wang 등의 기법을 일반화하였다. 일반화된 Wang 등의 기법을 토대로 개선되어야 할 점을 분석하고, 향후 연구의 방향을 정리해본다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.835-838
• /
• 2013

클라우드 컴퓨팅을 사용하면 컴퓨팅 자원을 구축하는 비용을 절감할 수 있다는 장점이 있다. 문제는 클라이언트가 데이터 센터와 서비스제공자를 완전히 신뢰할 수 없다는 것이다. 예를 들어, 클라우드에 저장된 파일이 손실되었을 때 서비스 제공자는 서비스의 신뢰도가 떨어지는 것을 막기 위해 이를 숨길 수 있다. 이때, 데이터가 저장 후에 손실되었다는 것을 증명하지 못하면, 그 피해는 클라이언트에게 돌아오게 된다. 따라서, 클라이언트의 데이터를 보호하기 위하여 무결성을 검증할 수 있는 적절한 기법을 적용하여야 한다. 기존 연구로는 homomorphic tags 기반의 기법들이 많이 제안되었으나 이 기법은 많은 지수연산을 필요로 하므로 상용화할 수 있을 만큼의 효율성을 가지지 못한다. 특히, 클라이언트가 증거 생성을 위해 많은 연산을 부담해야 한다. 본 논문에서는 효율성에 중점을 둔, 특히 클라이언트의 효율성에 중점을 둔 무결성 검증 기법을 제안한다. 제안하는 기법은 Modular arithmetic을 기반으로 설계되었으며, 무결성 검증뿐만 아니라 데이터가 자주 업데이트 되는 환경을 지원한다. Simulation result는 제안하는 기법이 기존 기법에 매우 효율적임을 보여준다.