• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권1호
• /
• pp.282-304
• /
• 2014

Each cloud service has numerous owners and tenants, so it is necessary to construct a privacy preserving identity management and access control mechanism for cloud computing. On one hand, cloud service providers (CSP) depend on tenant's identity information to enforce appropriate access control so that cloud resources are only accessed by the authorized tenants who are willing to pay. On the other hand, tenants wish to protect their personalized service access patterns, identity privacy information and accessing newfangled cloud services by on-demand ways within the scope of their permissions. There are many identity authentication and access control schemes to address these challenges to some degree, however, there are still some limitations. In this paper, we propose a new comprehensive approach, called Privacy pReserving Identity and Access Management scheme, referred to as PRIAM, which is able to satisfy all the desirable security requirements in cloud computing. The main contributions of the proposed PRIAM scheme are threefold. First, it leverages blind signature and hash chain to protect tenant's identity privacy and implement secure mutual authentication. Second, it employs the service-level agreements to provide flexible and on-demand access control for both tenants and cloud services. Third, it makes use of the BAN logic to formally verify the correctness of the proposed protocols. As a result, our proposed PRIAM scheme is suitable to cloud computing thanks to its simplicity, correctness, low overhead, and efficiency.

• 한국IT서비스학회지
• /
• 제8권2호
• /
• pp.173-187
• /
• 2009

CASE tools are complex software products offering many different features. Systems professionals have evaluated various CASE products from a feature and attribute basis. Each product has a different mix of strengths and weaknesses as perceived by the end user. Specific CASE tools support different steps of the applications development process as well as varying methodologies. In this paper we develop a method for evaluating CASE tools. The model has an analytic hierarchy process for evaluating CASE tools in terms of functionality, management efficiency, and support ability of provider, and a data envelopment analysis for overall evaluation considering cost and AHP results. We applied the developed model to a real world case study.

• 정보학연구
• /
• 제1권2호
• /
• pp.163-180
• /
• 1998

인터넷의 활용이 급속도로 증가하고 있는 실정에 비추어 볼 때 인터넷은 머지 않아 세계 상거래무역의 새로운 장으로서 큰 역할을 담당하게 될 것이다. 이런 상황하에서 인터넷의 도입이 무역에 어떠한 영향을 미치며, 그에 대한 국제적인 논의는 어떤 방향으로 전개되고 있는지를 살펴보고, 이러한 국제적 논의와 관련하여 무역에서 야기될 수 있는 문제점을 도출하고 그에 대한 우리의 대응방안을 제시하고자 하는 것이다.

• Journal of Computing Science and Engineering
• /
• 제6권2호
• /
• pp.89-104
• /
• 2012

In dynamic Web service environments, the performance of the Internet is unpredictable; the reliability and effectiveness of remote Web services are also unclear. Therefore, it can hardly be guaranteed that the quality of Web service (QoWS) attributes of Web services do not fluctuate with the dynamic Web service environments. When a composite service is planned in the context of dynamic service environments, there is another aspect which has not been taken into account by existing works, namely, concurrency - the fact that multiple requests to a composite service may arrive at the same time. Considering the dynamics of Web service environments and concurrency of requests, we propose in this paper a service selection scheme which adopts top-k dominating queries to generate a composition solution rather than only select the best composition solution for a given request. The experimental results have investigated the efficiency and effectiveness of our approach and shown that it outperforms baseline and traditional methods for service selection.

• 전자공학회논문지CI
• /
• 제45권2호
• /
• pp.18-25
• /
• 2008

소프트웨어 개발에 있어 XP, UP, CBD와 다른 케이스 툴과 같은 전통적 접근은 다양한 소프트웨어 컴포넌트들을 구축하기에 유용하다. 그러나 그러한 접근은 개방된 환경에 직면하여 서비스를 중점으로 설계된 것은 아니다. 서비스 지향 아키텍처(SOA)는 서비스는 애플리케이션간의 서비스라는 서로 다른 기능적 단위를 상호간 연결하는 컴포넌트 아키텍처이다. SOA는 잘 정의된 인터페이스들과 비즈니스 서비스간의 컨트랙트를 통해 비즈니스 프로세스를 통합할 수 있는 좋은 방법을 제공한다. 본 논문에서는 SOA에 기반 하여 P2P 접근 방법을 통해 비즈니스 프로세스를 모델링하는 방법을 제안한다. 또한, 전체적인 P2P 비즈니스 프로세스 모델링 시스템이 구현된다. 본 논문은 서비스에 기초하여 변경되는 엔터프라이즈의 실제를 받아들이고 보다 효율적이고 가시적인 방향으로의 엔터프라이즈 간 프로세스 통합을 제안한다.

• 한국방송∙미디어공학회:학술대회논문집
• /
• 한국방송공학회 2009년도 IWAIT
• /
• pp.346-350
• /
• 2009

Digital Multimedia Broadcasting (DMB) is the mobile TV service based on a digital radio transmission system that provides high quality audio/video and other auxiliary data services. As users want to store the DMB content in their device to be consumed later or to be shared among users, a standardized format needs to be specified to guarantee the interoperability for the DMB contents for various devices. DMB AF (Application Format) specification defines a file format for DMB contents and services. It specifies how to combine the variety of DMB contents with associated information for a presentation in a well-defined format that facilitates storage, interchange, management, editing, and presentation of the DMB contents in protected, governed, and interoperable ways. In this paper we present our implementation of DMB AF as part of the development of DMB AF reference software. Our implementation of DMB AF is developed as the reference software for the standard specification that consists of a three applications: packager, media player, metadata browser and collection of supporting libraries used by the applications.

• Journal of Information Processing Systems
• /
• 제14권1호
• /
• pp.228-238
• /
• 2018

With the rapid advancement of Internet services, there has been a dramatic increase in services that dynamically provide Internet resources on demand, such as cloud computing. In a cloud computing service, because the number of users in the cloud is changing dynamically, it is more efficient to utilize a flexible network technology such as software-defined networking (SDN). However, to efficiently support the SDN-based cloud computing service with limited resources, it is important to effectively manage the flow table at the SDN switch. Therefore, in this paper, a new flow management scheme is proposed that is able to, through efficient management, speed up the flow-entry search speed and simultaneously maximize the number of flow entries. The proposed scheme maximizes the capacity of the flow table by efficiently storing flow entry information while quickly executing the operation of flow-entry search by employing a hash index. In this paper, the proposed scheme is implemented by modifying the actual software SDN switch and then, its performance is analyzed. The results of the analysis show that the proposed scheme, by managing the flow tables efficiently, can support more flow entries.

• International journal of advanced smart convergence
• /
• 제10권2호
• /
• pp.21-30
• /
• 2021

With the rapid development of artificial intelligence and big data, a lot of medical data is effectively used, and the diagnosis and analysis of diseases has entered the era of intelligence. With the increasing public health awareness, ordinary citizens have also put forward new demands for panic disorder health services. Specifically, people hope to predict the risk of panic disorder as soon as possible and grasp their own condition without leaving home. Against this backdrop, the smart health industry comes into being. In the Internet age, a lot of panic disorder health data has been accumulated, such as diagnostic records, medical record information and electronic files. At the same time, various health monitoring devices emerge one after another, enabling the collection and storage of personal daily health information at any time. How to use the above data to provide people with convenient panic disorder self-assessment services and reduce the incidence of panic disorder in China has become an urgent problem to be solved. In order to solve this problem, this research applies the context awareness to the automatic diagnosis of human diseases. While helping patients find diseases early and get treatment timely, it can effectively assist doctors in making correct diagnosis of diseases and reduce the probability of misdiagnosis and missed diagnosis.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권2호
• /
• pp.974-987
• /
• 2018

This paper presents a novel and efficient data transmission scheme based on mobile edge computing for the massive IoT environments which should support various type of services and devices. Based on an accurate and precise synchronization process, it maximizes data transmission throughput, and consistently maintains a flow's latency. To this end, the proposed efficient software defined data transmission scheme (ESD-DTS) configures and utilizes synchronization zones in accordance with the 4 usage cases, which are end node-to-end node (EN-EN), end node-to-cloud network (EN-CN), end node-to-Internet node (EN-IN), and edge node-to-core node (EdN-CN); and it transmit the data by the required service attributes, which are divided into 3 groups (low-end group, medium-end group, and high-end group). In addition, the ESD-DTS provides a specific data transmission method, which is operated by a buffer threshold value, for the low-end group, and it effectively accommodates massive IT devices. By doing this, the proposed scheme not only supports a high, medium, and low quality of service, but also is complied with various 5G usage scenarios. The essential difference between the previous and the proposed scheme is that the existing schemes are used to handle each packet only to provide high quality and bandwidth, whereas the proposed scheme introduces synchronization zones for various type of services to manage the efficiency of each service flow. Performance evaluations show that the proposed scheme outperforms the previous schemes in terms of throughput, control message overhead, and latency. Therefore, the proposed ESD-DTS is very suitable for upcoming 5G networks in a variety of massive IoT environments with supporting mobile edge computing (MEC).

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권1호
• /
• pp.523-549
• /
• 2018

The increasing number of subscribers and demand of multiplicity of services has turned Multi-Server Authentication (MSA) into an integral part of remote authentication paradigm. MSA not only offers an efficient mode to register the users by engaging a trusted third party (Registration Centre), but also a cost-effective architecture for service procurement, onwards. Recently, Lu et al.'s scheme demonstrated that Mishra et al.'s scheme is unguarded to perfect forward secrecy compromise, server masquerading, and forgery attacks, and presented a better scheme. However, we discovered that Lu et al.'s scheme is still susceptible to malicious insider attack and non-compliant to perfect forward secrecy. This study presents a critical review on Lu et al.'s scheme and then proposes a secure multi-server authentication scheme. The security properties of contributed work are validated with automated Proverif tool and proved under formal security analysis.