• 방송공학회논문지
• /
• 제13권1호
• /
• pp.43-52
• /
• 2008

암호화된 다양한 멀티미디어 컨텐츠(multimedia contents)를 공개하고 사용자가 서버에게 검색어에 대한 정보를 들어내지 않고 검색어를 포함하고 있는 멀티미디어 컨텐츠를 검색하는 검색에서의 문제점을 연구한다. 최근 Ogata와 Kurosawa는 Oblivious Transfer의 개념을 이용하여 검색 프로토콜을 제안하였다. 하지만 그들의 방식은 하나의 검색어를 이용하여 데이터를 검색할 때 공개된 모든 암호화된 데이터 수만큼의 비교를 위한 계산량이 요구된다. 이러한 문제점을 해결하기 위해 본 논문에서는 사용자가 모든 데이터를 비교 검색하지 않아도 되는 Oblivious Transfer기술을 이용한 효율적인 검색 기술을 제안한다. 본 논문에서는 제안된 프로토콜이 RSA known target inversion 문제의 어려움에 기반을 두고 안전하다는 것을 보인다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권5호
• /
• pp.2754-2767
• /
• 2019

Cloud computing is widely used in information spreading and processing, which has provided a easy and quick way for users to access data and retrieve service. Generally, in order to prevent the leakage of the information, the data in cloud is transferred in the encrypted form. As one of the traditional security technologies, access control is an important part for cloud security. However, the current access control schemes are not suitable for cloud, thus, it is a vital problem to design an access control scheme which should take account of complex factors to satisfy the various requirements for cipher text protection. We present a novel access control scheme based on proxy re-encryption(PRE) technology (PreBAC) for cipher text. It will suitable for the protection of data confidently and information privacy. At first, We will give the motivations and related works, and then specify system model for our scheme. Secondly, the algorithms are given and security of our scheme is proved. Finally, the comparisons between other schemes are made to show the advantages of PreBAC.

• 정보보호학회논문지
• /
• 제14권5호
• /
• pp.23-36
• /
• 2004

본 논문은 신뢰할 수 없는 네트워크를 통해서도 사용자를 인증하고 안전한 암호통신용 세션키 교환에 적합한 패스워드 기반 인증 프로토콜을 제안한다. 기본 아이디어는 패스워드를 분할한 후 각 분할된 패스워드 지식들을 확대(amplification)하는 구조로 설계하는 것으로서, 이는 패스워드 검증정보의 램덤성(randomness)을 증가시키기 위한 것이다. 또한 서버 검증자 파일을 암호화하여 보관함으로서 서버 파일 타협에 의한 오프라인 사전추측 공격에 강인하도록 구성한다. 더불어 검증자 파일 및 서버의 암호화 키가 다수의 서버들에게 분산되도록 설계된 방식을 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제16권4호
• /
• pp.1286-1306
• /
• 2022

Searchable symmetric encryption (SSE) provides a safe and effective solution for retrieving encrypted data on cloud servers. However, the existing SSE schemes mainly focus on single keyword search in single client, which is inefficient for multiple keywords and cannot meet the needs for multiple clients. Considering the above drawbacks, we propose a scheme enabling dynamic multi-client and Boolean query in searchable symmetric encryption for cloud storage system (DMC-SSE). DMC-SSE realizes the fine-grained access control of multi-client in SSE by attribute-based encryption (ABE) and novel access control list (ACL), and supports Boolean query of multiple keywords. In addition, DMC-SSE realizes the full dynamic update of client and file. Compared with the existing multi-client schemes, our scheme has the following advantages: 1) Dynamic. DMC-SSE not only supports the dynamic addition or deletion of multiple clients, but also realizes the dynamic update of files. 2) Non-interactivity. After being authorized, the client can query keywords without the help of the data owner and the data owner can dynamically update client's permissions without requiring the client to stay online. At last, the security analysis and experiments results demonstrate that our scheme is safe and efficient.

• The Journal of Asian Finance, Economics and Business
• /
• 제9권9호
• /
• pp.49-59
• /
• 2022

Based on assessing the impact of factors on the business efficiency of construction enterprises, the research team proposes policy implications to improve the business performance of listed construction enterprises in Vietnam in the coming time. The study used secondary data collected from the audited financial statements of 25 enterprises listed on Vietnam's stock market in the period 2015-2021 to estimate the factors affecting the business performance of construction enterprises. After collecting, the data will be encrypted and checked. The article uses a quantitative research method by using a linear regression model on Eviews 10 to analyze the data and analyze the impact of factors on the business performance of construction enterprises listed on Vietnam's stock market. The research result shows that firm size and growth rate positively affect business performance while capital structure, receivable management, fixed asset investment, and economic growth have a positive impact on the business performance of construction companies listed on the Vietnamese stock market. Based on this result, the paper also makes recommendations to the Vietnamese construction companies to enhance their business performance.

• International Journal of Computer Science & Network Security
• /
• 제24권1호
• /
• pp.140-150
• /
• 2024

Database-as-a-Service is one of the prime services provided by Cloud Computing. It provides data storage and management services to individuals, enterprises and organizations on pay and uses basis. In which any enterprise or organization can outsource its databases to the Cloud Service Provider (CSP) and query the data whenever and wherever required through any devices connected to the internet. The advantage of this service is that enterprises or organizations can reduce the cost of establishing and maintaining infrastructure locally. However, there exist some database security, privacychallenges and query performance issues to access data, to overcome these issues, in our recent research, developed a database security model using a deterministic encryption scheme, which improved query execution performance and database security level.As this model is implemented using a deterministic encryption scheme, it may suffer from chosen plain text attack, to overcome this issue. In this paper, we proposed a new model for cloud database security using nondeterministic encryption, order preserving encryption, homomorphic encryptionand database distribution schemes, andour proposed model supports execution of queries with equality check, range condition and aggregate operations on encrypted cloud database without decryption. This model is more secure with optimal query execution performance.

• International Journal of Computer Science & Network Security
• /
• 제23권12호
• /
• pp.81-90
• /
• 2023

Cloud computing is an emerging business model popularized during the last few years by the IT industry. Providing "Everything as a Service" has shifted many organizations to choose cloud-based services. However, some companies still fear shifting their data to the cloud due to issues related to the security and privacy. The paper suggests a novel Trust based Mutual Authentication Mechanism using Secret P-box based Mutual Authentication Mechanism (TbMAM-SPb) on the criticality of information. It uses a particular passcodes from one of the secret P-box to act as challenge to one party. The response is another passcode from other P-box. The mechanism is designed in a way that the response given by a party to a challenge is itself a new challenge for the other party. Access to data is provided after ensuring certain number of correct challenge-responses. The complexity can be dynamically updated on basis of criticality of the information and trust factor between the two parties. The communication is encrypted and time-stamped to avoid interceptions and reuse. Overall, it is good authentication mechanism without the use of expensive devices and participation of a trusted third party.

• 한국IT서비스학회지
• /
• 제11권2호
• /
• pp.119-130
• /
• 2012

Nowadays, encryption is core technology widely used in IT industry to protect private information of individuals and important intellectual assets of companies. However, when criminals and terror suspects abuse such technology, national security can be threatened and law enforcement can be disturbed. To prevent such adverse effects of cryptography, some nations have enacted legislations that allow legally obtained encrypted data to be decrypted by certain law enforcement agencies. Hence it is imperative that firms having international presence understand and comply by each nation's regulations on decryption order. This paper explains circumstances under which legislations on decryption order were established, organizes countries with regulations and punishment, explores what global enterprises need to consider in making policies to effectively respond to decryption orders, and suggests that technological methods and managerial guidelines for control of encryption be established.

• 한국정보보호학회:학술대회논문집
• /
• 한국정보보호학회 2006년도 하계학술대회
• /
• pp.677-680
• /
• 2006

신뢰할 수 없는 저장매체에 데이터를 안전하게 보관하기 위해서 대부분의 시스템은 데이터를 암호화하는 방식을 사용한다. 암호화된 데이터를 통해서는 원래의 평문에 어떠한 내용이 포함되어 있는지 알 수가 없으며, 해당 데이터의 내용을 열람하기 위해서는 암호화된 데이터 전체를 복호화해야만 한다. 본 논문에서는 암호화된 데이터에 대해 키워드 검색이 가능한 프로토콜을 제안하여, 데이터 전체를 복호화하지 않고 특정 키워드의 포함 여부를 판단할 수 있도록 하였다.

• Journal of information and communication convergence engineering
• /
• 제8권1호
• /
• pp.71-76
• /
• 2010

Scalable video coding (SVC) has been standardized as an extension of the H.264/AVC standard. SVC allows straightforward adaptation of video streams by providing layered bit streams. In this paper, we propose a SVC video-based multicasting system preserving scalable security which is able to provide a SVC video service while maintaining information security. In order to maintain information security between a server and a client during all transmission time, the proposed system immediately performs a packet filtering process without decoding with respect to encrypted data received in a routing device, thereby reducing an amount of calculations and latency.