• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권11호
• /
• pp.4028-4049
• /
• 2014

Attribute-based encryption (ABE) is a promising cryptographic primitive for implementing fine-grained data sharing in cloud computing. However, before ABE can be widely deployed in practical cloud storage systems, a challenging issue with regard to attributes and user revocation has to be addressed. To our knowledge, most of the existing ABE schemes fail to support flexible and direct revocation owing to the burdensome update of attribute secret keys and all the ciphertexts. Aiming at tackling the challenge above, we formalize the notion of ciphertext-policy ABE supporting flexible and direct revocation (FDR-CP-ABE), and present a concrete construction. The proposed scheme supports direct attribute and user revocation. To achieve this goal, we introduce an auxiliary function to determine the ciphertexts involved in revocation events, and then only update these involved ciphertexts by adopting the technique of broadcast encryption. Furthermore, our construction is proven secure in the standard model. Theoretical analysis and experimental results indicate that FDR-CP-ABE outperforms the previous revocation-related methods.

• Journal of Computing Science and Engineering
• /
• 제10권1호
• /
• pp.21-31
• /
• 2016

With the application and development of biomedical techniques such as next-generation sequencing, mass spectrometry, and medical imaging, the amount of biomedical data have been growing explosively. In terms of processing such data, we face the problems surrounding big data, highly intensive computation, and high dimensionality data. Fortunately, cloud computing represents significant advantages of resource allocation, data storage, computation, and sharing and offers a solution to solve big data problems of biomedical research. In order to improve the efficiency of resource management in cloud computing, this paper proposes a clustering method and adopts Radial Basis Function in order to compress comprehensive data sets found in biology and medicine in high quality, and stores these data with resource management in cloud computing. Experiments have validated that with such a data-compression-based resource management in cloud computing, one can store large data sets from biology and medicine in fewer capacities. Furthermore, with reverse operation of the Radial Basis Function, these compressed data can be reconstructed with high accuracy.

• International Journal of Contents
• /
• 제13권2호
• /
• pp.29-34
• /
• 2017

Cloud computing is becoming an effective and efficient way of computing resources and computing service integration. Through centralized management of resources and services, cloud computing delivers hosted services over the internet, such that access to shared hardware, software, applications, information, and all resources is elastically provided to the consumer on-demand. The main enabling technology for cloud computing is virtualization. Virtualization software creates a temporarily simulated or extended version of computing and network resources. The objectives of virtualization are as follows: first, to fully utilize the shared resources by applying partitioning and time-sharing; second, to centralize resource management; third, to enhance cloud data center agility and provide the required scalability and elasticity for on-demand capabilities; fourth, to improve testing and running software diagnostics on different operating platforms; and fifth, to improve the portability of applications and workload migration capabilities. One of the key features of cloud computing is elasticity. It enables users to create and remove virtual computing resources dynamically according to the changing demand, but it is not easy to make a decision regarding the right amount of resources. Indeed, proper provisioning of the resources to applications is an important issue in IaaS cloud computing. Most web applications encounter large and fluctuating task requests. In predictable situations, the resources can be provisioned in advance through capacity planning techniques. But in case of unplanned and spike requests, it would be desirable to automatically scale the resources, called auto-scaling, which adjusts the resources allocated to applications based on its need at any given time. This would free the user from the burden of deciding how many resources are necessary each time. In this work, we propose an analytical and efficient VM-level scaling scheme by modeling each VM in a data center as an M/M/1 processor sharing queue. Our proposed VM-level scaling scheme is validated via a numerical experiment.

• 한국통신학회논문지
• /
• 제37권4B호
• /
• pp.288-299
• /
• 2012

최근 모바일 클라우드 환경에서 공유되는 데이터의 기밀성과 유연성있는 접근제어를 보장하기 위해서 KP-ABE(Key Policy-Attribute Based Encryption)와 PRE(Proxy Re-Encryption)를 활용한 시스템 모델이 제안되었다. 그러나 기존 방식은 철회된 사용자와 클라우드 서버간의 공모 공격으로 데이터 기밀성을 침해하게 된다. 이러한 문제를 해결하기 위해서 제안 방식은 클라우드 서버에 저장되는 데이터 파일(data file)을 분산 저장하여 데이터 기밀성을 보장하고 비밀분산(Secret Sharing)를 통해서 프록시 재암호화키에 대한 변조 공격을 방지한다. 그리고 제안방식을 의료 환경에 적용한 프로토콜 모델을 구성한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권4호
• /
• pp.1892-1903
• /
• 2016

Mobile social network is becoming more and more popular with respect to the development and popularity of mobile devices and interpersonal sociality. As the amount of social data increases in a great deal and cloud computing techniques become developed, the architecture of mobile social network is evolved into cloud-based that mobile clients send data to the cloud and make data accessible from clients. The data in the cloud should be stored in a secure fashion to protect user privacy and restrict data sharing defined by users. Ciphertext-policy attribute-based encryption (CP-ABE) is currently considered to be a promising security solution for cloud-based mobile social network to encrypt the sensitive data. However, its ciphertext size and decryption time grow linearly with the attribute numbers in the access structure. In order to reduce the computing overhead held by the mobile devices, in this paper we propose a new Outsourcing decryption and Match-then-decrypt CP-ABE algorithm (OM-CP-ABE) which firstly outsources the computation-intensive bilinear pairing operations to a proxy, and secondly performs the decryption test on the attributes set matching access policy in ciphertexts. The experimental performance assessments show the security strength and efficiency of the proposed solution in terms of computation, communication, and storage. Also, our construction is proven to be replayable choosen-ciphertext attacks (RCCA) secure based on the decisional bilinear Diffie-Hellman (DBDH) assumption in the standard model.

• 국제학술발표논문집
• /
• The 6th International Conference on Construction Engineering and Project Management
• /
• pp.676-677
• /
• 2015

In Korea, NSDI(National Spatial Data Infrastructure) was implemented for integrating and sharing the nationally generated spatial data. One of the main roles of implementing NSDI is providing spatial data to public agencies. And now, the establishment plan for NSDI with the technical advancement should be needed. This paper deals with the technical aspects of adopting cloud service in the NSDI. First, we propose the concept for target system, which shows the current and future NSDI. In the future NSDI model, GIS cloud and governance systems are included. Service functions for cloud system and infrastructure implementation design directions are derived. Finally, governance system implementation plan is described. This research will contribute to the implementation of NSDI cloud service system.

• International Journal of Computer Science & Network Security
• /
• 제22권6호
• /
• pp.181-186
• /
• 2022

Cloud computing is the latest approach that is developed for reducing the storage of space to store the data and helps the quick sharing of the data. An increase in the cloud computing users is observed that is also making the users be prone to hacker's attacks. To increase the efficiency of cloud storage encryption mechanisms are used. The encryption techniques that are discussed in this survey paper are searchable encryption, attribute-based, Identity-based encryption, homomorphic encryption, and cloud DES algorithms. There are several limitations and disadvantages of each of the given techniques and they are discussed in this survey paper. Techniques are found to be effective and they can increase the security of cloud storage systems.

• International journal of advanced smart convergence
• /
• 제6권3호
• /
• pp.29-37
• /
• 2017

The current behavior recognition system don't match data formats between sensor data measured by user's sensor module or device. Therefore, it is necessary to support data processing, sharing and collaboration services between users and behavior recognition system in order to process sensor data of a large capacity, which is another formats. It is also necessary for real time interaction with users and behavior recognition system. To solve this problem, we propose fog cloud based behavior recognition system for human body sensor data processing. Fog cloud based behavior recognition system solve data standard formats in DbaaS (Database as a System) cloud by servicing fog cloud to solve heterogeneity of sensor data measured in user's sensor module or device. In addition, by placing fog cloud between users and cloud, proximity between users and servers is increased, allowing for real time interaction. Based on this, we propose behavior recognition system for user's behavior recognition and service to observers in collaborative environment. Based on the proposed system, it solves the problem of servers overload due to large sensor data and the inability of real time interaction due to non-proximity between users and servers. This shows the process of delivering behavior recognition services that are consistent and capable of real time interaction.

• 한국컴퓨터정보학회논문지
• /
• 제22권6호
• /
• pp.57-68
• /
• 2017

The Linked Open Data(LOD) cloud is quickly becoming one of the largest collections of interlinked datasets and the de facto standard for publishing, sharing and connecting pieces of data on the Web. Data publishers from diverse domains publish their data using Resource Description Framework(RDF) data model and provide SPARQL endpoints to enable querying their data, which enables creating a global, distributed and interconnected dataspace on the LOD cloud. Although it is possible to extract structured data as query results by using SPARQL, users have very poor in analysis and visualization of RDF data from SPARQL query results. Therefore, to tackle this issue, based on Formal Concept Analysis, we propose a novel approach for analyzing and visualizing useful information from the LOD cloud. The RDF data analysis and visualization technique proposed in this paper can be utilized in the field of semantic web data mining by extracting and analyzing the information and knowledge inherent in LOD and supporting classification and visualization.

• 디지털융복합연구
• /
• 제12권9호
• /
• pp.153-158
• /
• 2014

협업을 위한 클라우드 스토리지란 협업에 참여하는 사용자들이 클라우드 스토리지를 공유하여 이용하는 것을 말한다. 협업에 이용되는 클라우드 스토리지는 여러 사람이 새로운 데이터를 저장하고 다른 사용자의 저장된 데이터를 읽을 수 있기 때문에 협업에 참여하는 사용자에 대한 인증과 데이터 보호의 문제가 일반의 그것보다 더 중요하다 할 것이다. 이에 본 논문에서는 협업을 위한 클라우드 스토리지를 공유하는 사용자에 대한 인증 방법과 저장된 데이터를 보호하는 방법을 제안하고자 한다.