• Title/Summary/Keyword: encrypted DB

Search Result 8, Processing Time 0.019 seconds

sDBMS for Hacking Prevention on Based PMI for Contents Protection in Web Environment (Web 환경에서 컨텐츠 보호를 위한 PMI 기반의 해킹방지 sDBMS)

  • Ryoo Du-Gyu;Kim Young-Chul;Jun Moon-Seog
    • Journal of Korea Multimedia Society
    • /
    • v.8 no.5
    • /
    • pp.679-690
    • /
    • 2005
  • Business model in Web environments is usually provided by multimedia data. Information exchange between users and service providers should be made in encrypted data. Encrypted data are secure from being hacked. Application of DB encryption is a main technology for contents protection. We have applied the access control based on RBAC and prevented the unauthorized users from using the contents. In this paper, we propose a new DB encryption scheme which uses RHAC and digital signature based on PMI.

  • PDF

The Implementation of the Index Search System in a Encrypted Data-base (암호화된 데이터베이스에서 인덱스 검색 시스템 구현)

  • Shin, Seung-Soo;Han, Kun-Hee
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.11 no.5
    • /
    • pp.1653-1660
    • /
    • 2010
  • The user information stored in database have been leaked frequently. To protect information against malevolent manager on the inside or outside aggressor, it is one of the most efficient way to encrypt information and store to database. It is better to destruct information than not to use encrypted information stored in database. The encrypted database search system is developed variously, and used widely in many fields. In this paper, we implemented the scheme that can search encrypted document without exposing user's information to the untrusted server in mobile device. We compared and analyzed the result embodied with DES, AES, and ARIA based on symmetric key by searching time.

A Study on Safe Identification Card Using Fingerprint Recognition and Encrypted QR (지문인식기술과 암호화된 QR코드를 이용한 안전한 신분증 연구)

  • Song, Chung-Geon;Lee, Keun-Ho
    • Journal of Digital Convergence
    • /
    • v.12 no.6
    • /
    • pp.317-323
    • /
    • 2014
  • The registration cards that are currently used to identify the people of Korea may cause secondary damage once stolen because they contain very specifically expressed fingerprint information. In order to solve this problem, in ID is required that can utilize the state-owned fingerprint DB, while while maintaining confidentiality of the identification information and satisfying the cost as well. At this point accordingly, a secure form of ID, which uses the encrypted QR code and fingerprint information, is proposed.

sDBMS for Hacking Prevention Based on PMI for Web Contents Protection (Web컨텐츠 보호를 위한 PMI 기반의 해킹방지 sDBMS)

  • Eyoo, Du-Gyu;Jun, Mun-Suk
    • Journal of the Korea Computer Industry Society
    • /
    • v.5 no.8
    • /
    • pp.829-840
    • /
    • 2004
  • Business model in Web environments is usually provided by digital data. Information exchange of users and service providers should be performed by encryted data. Encrypted protection. In this paper, We have prevented using contents by users is not accessed based on RBAC. in this paper, We propose a new DB encryption scheme which use RBAC and digital signature based on PMI.

  • PDF

Secure and Efficient DB Security and Authentication Scheme for RFID System (RFID 시스템을 위한 안전하고 효율적인 DB 보안 및 인증기법)

  • Ahn, Rae-Soon;Yoon, Eun-Jun;Bu, Ki-Dong;Nam, In-Gil
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.36 no.4C
    • /
    • pp.197-206
    • /
    • 2011
  • In the RFID system, bulk tag information is stored into the back-end database as plaintext format not ciphertext. In this case, the tags's private informations can be easily compromised by an external hacker or an insider attacker. If the private informations of tags disclosed by the attackers, it can occur serious privacy invasion problem. Recently the database(DB) security is an important issue to prevent the above DB compromised attack. However, DB security for RFID systeme has not been considered yet. If we use the DB security technique into the RFID system, the above described privacy invasion' problem can be easily prevented. Based on this motivation, this paper proposes a secure and efficient back-end database security and authentication(S-DB) scheme with XOR-based encryption/decryption algorithm. In the proposed scheme, all tag's private information is encrypted and stored by using the DB secret key to protect the DB compromised attack. As a result, the proposed S-DB scheme 'can provide stronger security and more efficiency for the secure RFID system environment.

Comprehensive Study on Security and Privacy Requirements for Retrieval System over Encrypted Database (암호화된 데이터베이스 검색 시스템의 보안 요구사항에 대한 통합적 관점에서의 연구)

  • Park, Hyun-A;Lee, Dong-Hoon;Chung, Taik-Yeong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.3
    • /
    • pp.621-635
    • /
    • 2012
  • Although most proposed security schemes have scrutinized their own security models for protecting different types of threats and attacks, this naturally causes a problem as follows-- if a security analysis tool would fit a certain scheme, it may not be proper to other schemes. In order to address this problem, this paper analyzes how security requirements of each paper could be different by comparing with two schemes: Agrawal et al.'s scheme OPES (Order Preserving Encryption Scheme) and Zdonik et al.'s FCE (Fast Comparison Encryption). Zdonik et al. have formally disproved the security of Agrawal et al.'s scheme OPES. Thereafter, some scholars have wondered whether the OPES can guarantee its applicability in a real world for its insecurity or not. However, the analysis by Zdonik et al. does not have valid objectivity because they used the security model INFO-CPA-DB for their scheme FCE to analyze Agrawal et al.'s scheme OPES, in spite of the differences between two schemes. In order to analyze any scheme correctly and apply it to a real world properly, the analysis tool should be comprehensively standardized. We re-analyze Zdonik et al.'s analysis for OPES and then propose general formalizations of security and privacy for all of the encrypted retrieval systems. Finally, we recommend the minimum level of security requirements under our formal definitions. Additional considerations should be also supplemented in accordance with the conditions of each system.

A Implementation of Messenger using Hybrid Cryptosystem (하이브리드 암호 시스템을 이용한 메신저 구현)

  • Han, Kun-Hee;Shin, Seung-Soo
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.11 no.10
    • /
    • pp.3942-3949
    • /
    • 2010
  • Since existing Nate-on Messenger application stores users' personal information in the database of its server, it is extremely venerable to internal threats, not to mention the communication data being transmitted without any safety measures. To solve such problematic areas of the existing application, we have developed a safer messenger application. The messenger application proposed in this paper discloses only the least required personal information of its users and the rest of the personal information is safely encrypted in the database using private passwords. This protective measure prevents the administrator or a third party from misusing the information since he/she will not be able access the information. In addition, users will be able to freely and safely communicate using this new messenger since transmitted data will also be encrypted.

Sensitive Personal Information Protection Model for RBAC System (역할기반 접근제어시스템에 적용가능한 민감한 개인정보 보호모델)

  • Mun, Hyung-Jin;Suh, Jung-Seok
    • Journal of the Korea Society of Computer and Information
    • /
    • v.13 no.5
    • /
    • pp.103-110
    • /
    • 2008
  • Due to the development of the e-commerce, the shopping mall such as auction collects and manages the personal information of the customers for efficient service. However, because of the leakage of the Personal information in auction, the image of the companies as well as the information subjects is damaged. Even though the organizations and the companies store the personal information as common sentences and protect using role based access control technique, the personal information can be leaked easily in case of getting the authority of the database administrator. And also the role based access control technique is not appropriate for protecting the sensitive information of the information subject. In this paper, we encrypted the sensitive information assigned by the information subject and then stored them into the database. We propose the personal policy based access control technique which controls the access to the information strictly according to the personal policy of the information subject. Through the proposed method we complemented the problems that the role based access control has and also we constructed the database safe from the database administrator. Finally, we get the control authority about the information of the information subject.

  • PDF