• Journal of Information Processing Systems
• /
• v.15 no.5
• /
• pp.1211-1217
• /
• 2019

Developing methods to search over an encrypted database (EDB) have received a lot of attention in the last few years. Among them, order-revealing encryption (OREnc) and order-preserving encryption (OPEnc) are the core parts in the case of range queries. Recently, some ideally-secure OPEnc schemes whose ciphertexts reveal no additional information beyond the order of the underlying plaintexts have been proposed. However, these schemes either require a large round complexity or a large persistent client-side storage of size O(n) where n denotes the number of encrypted items stored in EDB. In this work, we propose a new construction of an efficient OPEnc scheme based on an OREnc scheme. Security of our construction inherits the security of the underlying OREnc scheme. Moreover, we also show that the construction of a non-interactive ideally-secure OPEnc scheme with a constant client-side storage is theoretically possible from our construction.

• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.90-97
• /
• 2021

The study aimed to analyze the reality of the scientific publishing of the faculty members of the Northern Border University, in both the Web of Science database and the SCOPUS database, with the analysis of publishing indicators and trends for the period between 2008-2020, and the researcher's keenness to apply the bibliometric study research methodology to obtain an account Full and detailed publications indicators under the two databases, including a full analysis of scientific publishing through objective, temporal, quantitative, authors, languages, open access journals, information forms, the most productive authors, the most published scientific journals, the most scientific bodies involved with the university. The study found results, the most important of which is the existence of a high increase in scientific publishing, starting from 2015, with an increase in publishing in the scientific field compared to other disciplines, and that the vast majority of publishing is in the form of articles, as well as publishing in English for the rest of the languages.

• International Journal of Computer Science & Network Security
• /
• v.22 no.9
• /
• pp.280-286
• /
• 2022

Facial recognition system is a biometric manipulation. Its applicability is simpler, and its work range is broader than fingerprints, iris scans, signatures, etc. The system utilizes two technologies, such as face detection and recognition. This study aims to develop a facial recognition system to recognize person's faces. Facial recognition system can map facial characteristics from photos or videos and compare the information with a given facial database to find a match, which helps identify a face. The proposed system can assist in face recognition. The developed system records several images, processes recorded images, checks for any match in the database, and returns the result. The developed technology can recognize multiple faces in live recordings.

• Journal of Korean Society of societal Security
• /
• v.2 no.1
• /
• pp.81-89
• /
• 2009

A web-based information management system to share engineering data of truss bridge is developed through construction of standardized database of truss bridge. 3D shape information is stored in database according to AP 203 of STEP, and 3D visualization on the web is implemented by using the web 3D technology that helps users to understand geometrical shape of structures, directly. AP209 is used to store structural analysis information such as finite elements, material properties, and analysis result into relational database. Based on the developed database, a prototype of integrated information management system for truss bridge is developed, and it provides additional information such as specifications and inspection information related with shape object to end users.

• Journal of Korea Society of Industrial Information Systems
• /
• v.5 no.4
• /
• pp.16-21
• /
• 2000

Role Based Access Control(RBAC) reduces the cost of administering access control policies as well as making the process less error-prone. Administration tool is most important component in the concept of RBAC. The administration tool for the RBAC security system must be maintain the integrity of user-role and role-role relationships in the RBAC Database. Therefor, it is required set functions, properties defining integrity of database. When it will be designed security systems which is applying RBAC policy on the Linux(server system environments, this paper defines integrity of database for user-role and role-role relationships, and we propose formal specification of operation in order to manage these relationships. The proposed formal specification leads to the consistency requirements for the RBAC database which are defined as a set of relationship. Also, this paper can easily derive the implementation of the RBAC administration tool by formal specification of operations. It leads us tn the minimal set for a more efficiently implementation of administration tool.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.667-680
• /
• 2024

If the software is not updated after the vulnerability is disclosed, it can continue to be attacked. As a result, the importance of N-day detection is increasing as attacks that exploit vulnerabilities increase. However, there is a problem that it is difficult to find specific version information in the published vulnerability database, or that the wrong version or software is outputted. There is also a limitation in that the connection between the published vulnerability databases is not good. In order to overcome these limitations, this paper proposes a method of building information including comprehensive vulnerability information such as CVE, CPE, and Exploit Database into an integrated database. Furthermore, by developing a website for searching for vulnerabilities based on an integrated database built as a result of this study, it is effective in detecting and utilizing vulnerabilities in specific software versions and Windows operating systems.

• Journal of Internet of Things and Convergence
• /
• v.6 no.1
• /
• pp.9-15
• /
• 2020

Recently, interest in blockchain technology has increased. The data industry is increasingly growing around the world. In addition, databases which obtain important information such as personal data are targeted by hackers. Data exposed by attackers happen frequently. In 2017, OWASP announced SQL injection is a top 1 threat to web applications. However, the proportion of data security is the smallest in the data industry. To prevent data exposure, this paper proposes a method that can protect databases by using hybrid blockchain.

• Journal of the Institute of Electronics Engineers of Korea TE
• /
• v.42 no.2
• /
• pp.29-36
• /
• 2005

The methode of user authorization used to the cookie, session and database in the blug site using the DHTML editor, frequently, of course, it is the detail and technical authorization methode but the above mentioned the methode to used, usually. But those methode have the problem in the security. In this paper proposed to the new methode of user authorization which it used to cookie, session and database in the using the DHTML editor. The proposed methode confirm to the impossible to the analysis and changing of the cookie information by hacker.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.65-74
• /
• 2021

Digital image processing and retrieving have increasingly become very popular on the Internet and getting more attention from various multimedia fields. That results in additional privacy requirements placed on efficient image matching techniques in various applications. Hence, several searching methods have been developed when confidential images are used in image matching between pairs of security agencies, most of these search methods either limited by its cost or precision. This study proposes a secure and efficient method that preserves image privacy and confidentially between two communicating parties. To retrieve an image, feature vector is extracted from the given query image, and then the similarities with the stored database images features vector are calculated to retrieve the matched images based on an indexing scheme and matching strategy. We used a secure content-based image retrieval features detector algorithm called Speeded-Up Robust Features (SURF) algorithm over public cloud to extract the features and the Honey Encryption algorithm. The purpose of using the encrypted images database is to provide an accurate searching through encrypted documents without needing decryption. Progress in this area helps protect the privacy of sensitive data stored on the cloud. The experimental results (conducted on a well-known image-set) show that the performance of the proposed methodology achieved a noticeable enhancement level in terms of precision, recall, F-Measure, and execution time.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.645-648
• /
• 2006

Buffer Overflow 취약점은 오래전에 발표된 기술이지만 현재까지도 보안 취약점에서 많은 부분을 차지하는 것 중에 하나이다. CVE Vulnerability Database에서 Buffer Overflow를 검색해보면 알 수 있듯이 지금까지 수많은 Buffer Overflow 취약점득의 발견되었고 이를 바탕으로 하는 공격들이 많이 일어나고 있다. 또한 공격에 대처하기 위하여 각각의 공격방법에 대한 대처방법을 제시하고 커널과 컴파일러의 패치에 이루어지고 있지만 해커들은 그에 대응하는 공격방법들을 찾아내곤 한다. 본 논문에는 지금까지 발표된 많은 Buffer Overflow 공격 기술에 대해 주제별로 확인하고 보다 근본적인 해결책을 만들기 위한 방향을 제시하고자 한다.