• Title/Summary/Keyword: multi-factor access control

Search Result 15, Processing Time 0.032 seconds

PreBAC: a novel Access Control scheme based Proxy Re-Encryption for cloud computing

  • Su, Mang;Wang, Liangchen
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.5
    • /
    • pp.2754-2767
    • /
    • 2019
  • Cloud computing is widely used in information spreading and processing, which has provided a easy and quick way for users to access data and retrieve service. Generally, in order to prevent the leakage of the information, the data in cloud is transferred in the encrypted form. As one of the traditional security technologies, access control is an important part for cloud security. However, the current access control schemes are not suitable for cloud, thus, it is a vital problem to design an access control scheme which should take account of complex factors to satisfy the various requirements for cipher text protection. We present a novel access control scheme based on proxy re-encryption(PRE) technology (PreBAC) for cipher text. It will suitable for the protection of data confidently and information privacy. At first, We will give the motivations and related works, and then specify system model for our scheme. Secondly, the algorithms are given and security of our scheme is proved. Finally, the comparisons between other schemes are made to show the advantages of PreBAC.

Application Behavior-oriented Adaptive Remote Access Cache in Ring based NUMA System (링 구조 NUMA 시스템에서 적응형 다중 그레인 원격 캐쉬 설계)

  • 곽종욱;장성태;전주식
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.30 no.9
    • /
    • pp.461-476
    • /
    • 2003
  • Due to the implementation ease and alleviation of memory bottleneck effect, NUMA architecture has dominated in the multiprocessor systems for the past several years. However, because the NUMA system distributes memory in each node, frequent remote memory access is a key factor of performance degradation. Therefore, efficient design of RAC(Remote Access Cache) in NUMA system is critical for performance improvement. In this paper, we suggest Multi-Grain RAC which can adaptively control the RAC line size, with respect to each application behavior Then we simulate NUMA system with multi-grain RAC using MINT, event-driven memory hierarchy simulator. and analyze the performance results. At first, with profile-based determination method, we verify the optimal RAC line size for each application and, then, we compare and analyze the performance differences among NUMA systems with normal RAC, with optimal line size RAC, and with multi-grain RAC. The simulation shows that the worst case can be always avoided and results are very close to optimal case with any combination of application and RAC format.

An Early Spectrum Sensing for Efficient Radio Access in Cloud-Conceptual Base Station Systems (클라우드 기지국 시스템에서 효율적 무선 접속을 위한 이른 스펙트럼 감지 기법)

  • Jo, Gahee;Lee, Jae Won;Na, Jee-Hyeon;Cho, Ho-Shin
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.38A no.1
    • /
    • pp.68-78
    • /
    • 2013
  • In this paper, we propose an early spectrum sensing(ESS) as an advance preparation for radio-access trial, which enables multi-mode terminals to access the most appropriate radio-access system in a cloud-conceptual base station system where multiple radio access technologies(RATs) coexist. Prior to a random access to one of RATs, a multi-mode terminal conducts a spectrum sensing over entire frequency bands of whole RATs, then select the RAT with the lowest sensing power, that is likely to have the most available spectrum. Thus, an access failure caused by that the selected RAT has no available radio spectrum could be avoidable in advance. In computer simulation, we consider as various RATs as possible. First, circuit and packet systems are taken into consideration. In addition, the packet systems are classified according to the feasibility of carrier aggregation(CA). In case of terminal, three modes are considered with circuit-only, packet-only, and multi-mode. Subsequently, packet traffic is classified into real-time and non-real-time traffic with three different tolerable delay levels. The simulation includes a call process starting with a call generation and ending up with a resource allocation reflecting individual user's QoS requirements and evaluates the proposed scheme in terms of the successful access probability, system access time, system balancing factor and packet loss probability.

A Multi-Dimensional Node Pairing Scheme for NOMA in Underwater Acoustic Sensor Networks (수중 음향 센서 네트워크에서 비직교 다중 접속을 위한 다차원 노드 페어링 기법)

  • Cheon, Jinyong;Cho, Ho-Shin
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.22 no.6
    • /
    • pp.1-10
    • /
    • 2021
  • The interest in underwater acoustic sensor networks (UWASNs), along with the rapid development of underwater industries, has increased. To operate UWASNs efficiently, it is important to adopt well-designed medium access control (MAC) protocols that prevent collisions and allow the sharing of resources between nodes efficiently. On the other hand, underwater channels suffer from a narrow bandwidth, long propagation delay, and low data rate, so existing terrestrial node pairing schemes for non orthogonal multiple access (NOMA) cannot be applied directly to underwater environments. Therefore, a multi-dimensional node pairing scheme is proposed to consider the unique underwater channel in UWASNs. Conventional NOMA schemes have considered the channel quality only in node pairing. Unlike previous schemes, the proposed scheme considers the channel gain and many other features, such as node fairness, traffic load, and the age of data packets to find the best node-pair. In addition, the sender employs a list of candidates for node-pairs rather than path loss to reduce the computational complexity. The simulation results showed that the proposed scheme outperforms the conventional scheme by considering the fairness factor with 23.8% increases in throughput, 28% decreases in latency, and 5.7% improvements in fairness at best.

Product Phase Control During Interdiffusion Reactions (상호 확산 반응 중의 생성상 제어)

  • Park, Joon-Sik;Kim, Ji-Hoon;Perepezko, John R.
    • Journal of Korea Foundry Society
    • /
    • v.26 no.1
    • /
    • pp.27-33
    • /
    • 2006
  • Phase evolutions involving nucleation stages together with diffusional growth have been examined in order to provide a guideline for determining rate limiting stages during phase evolutions. In multiphase materials systems in coatings, composites or multilayered structures, diffusion treatments often result in the development of metastable/intermediate phases at the reaction interfaces. The development of metastable phases during solid state interdiffusion demonstrates that the nucleation reaction can be one controlling factor. Also, the concentration gradient and the relative magnitudes of the component diffusivities provide a basis for a phase selection and the application of a kinetic bias strategy in the phase selection. For multicomponent alloy systems, the identification of the operative diffusion pathway is central to control phase formation. Experimental access to the nucleation and growth stage is discussed in thin film multi layers and bulk samples.

A Multi-Scale Parallel Convolutional Neural Network Based Intelligent Human Identification Using Face Information

  • Li, Chen;Liang, Mengti;Song, Wei;Xiao, Ke
    • Journal of Information Processing Systems
    • /
    • v.14 no.6
    • /
    • pp.1494-1507
    • /
    • 2018
  • Intelligent human identification using face information has been the research hotspot ranging from Internet of Things (IoT) application, intelligent self-service bank, intelligent surveillance to public safety and intelligent access control. Since 2D face images are usually captured from a long distance in an unconstrained environment, to fully exploit this advantage and make human recognition appropriate for wider intelligent applications with higher security and convenience, the key difficulties here include gray scale change caused by illumination variance, occlusion caused by glasses, hair or scarf, self-occlusion and deformation caused by pose or expression variation. To conquer these, many solutions have been proposed. However, most of them only improve recognition performance under one influence factor, which still cannot meet the real face recognition scenario. In this paper we propose a multi-scale parallel convolutional neural network architecture to extract deep robust facial features with high discriminative ability. Abundant experiments are conducted on CMU-PIE, extended FERET and AR database. And the experiment results show that the proposed algorithm exhibits excellent discriminative ability compared with other existing algorithms.

A Minimum Data-Rate Guaranteed Resource Allocation With Low Signaling Overhead in Multi-Cell OFDMA Systems

  • Kwon, Ho-Joong;Lee, Won-Ick;Lee, Byeong-Gi
    • Journal of Communications and Networks
    • /
    • v.11 no.1
    • /
    • pp.26-35
    • /
    • 2009
  • In this paper, we investigate how to do resource allocation to guarantee a minimum user data rate at low signaling overhead in multi-cell orthogonal frequency division multiple access (OFDMA) wireless systems. We devise dynamic resource allocation (DRA) algorithms that can minimize the QoS violation ratio (i.e., the ratio of the number of users who fail to get the requested data rate to the total number of users in the overall network). We assume an OFDMA system that allows dynamic control of frequency reuse factor (FRF) of each sub-carrier. The proposed DRA algorithms determine the FRFs of the sub-carriers and allocate them to the users adaptively based on inter-cell interference and load distribution. In order to reduce the signaling overhead, we adopt a hierarchical resource allocation architecture which divides the resource allocation decision into the inter-cell coordinator (ICC) and the base station (BS) levels. We limit the information available at the ICC only to the load of each cell, that is, the total number of sub-carriers required for supporting the data rate requirement of all the users. We then present the DRA with limited coordination (DRA-LC) algorithm where the ICC performs load-adaptive inter-cell resource allocation with the limited information while the BS performs intra-cell resource allocation with full information about its own cell. For performance comparison, we design a centralized algorithm called DRA with full coordination (DRA-FC). Simulation results reveal that the DRA-LC algorithm can perform close to the DRA-FC algorithm at very low signaling overhead. In addition, it turns out to improve the QoS performance of the cell-boundary users, and achieve a better fairness among neighboring cells under non-uniform load distribution.

A Multibit Tree Bitmap based Packet Classification (멀티 비트 트리 비트맵 기반 패킷 분류)

  • 최병철;이정태
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.3B
    • /
    • pp.339-348
    • /
    • 2004
  • Packet classification is an important factor to support various services such as QoS guarantee and VPN for users in Internet. Packet classification is a searching process for best matching rule on rule tables by employing multi-field such as source address, protocol, and port number as well as destination address in If header. In this paper, we propose hardware based packet classification algorithm by employing tree bitmap of multi-bit trio. We divided prefixes of searching fields and rule into multi-bit stride, and perform a rule searching with multi-bit of fixed size. The proposed scheme can reduce the access times taking for rule search by employing indexing key in a fixed size of upper bits of rule prefixes. We also employ a marker prefixes in order to remove backtracking during searching a rule. In this paper, we generate two dimensional random rule set of source address and destination address using routing tables provided by IPMA Project, and compare its memory usages and performance.

Exploring Effective Zero Trust Architecture for Defense Cybersecurity: A Study

  • Youngho Kim;Seon-Gyoung Sohn;Kyeong Tae, Kim;Hae Sook Jeon;Sang-Min Lee;Yunkyung Lee;Jeongnyeo Kim
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.18 no.9
    • /
    • pp.2665-2691
    • /
    • 2024
  • The philosophy of Zero Trust in cybersecurity lies in the notion that nothing assumes to be trustworthy by default. This drives defense organizations to modernize their cybersecurity architecture through integrating with the zero-trust principles. The enhanced architecture is expected to shift protection strategy from static and perimeter-centric protection to dynamic and proactive measures depending on the logical contexts of users, assets, and infrastructure. Given the domain context of defense environment, we aim three challenge problems to tackle and identify four technical approaches by the security capabilities defined in the Zero Trust Architecture. First approach, dynamic access control manages visibility and accessibility to resources or services with Multi Factor Authentication and Software Defined Perimeter. Logical network separation approach divides networks on a functional basis by using Software Defined Network and Micro-segmentation. Data-driven analysis approach enables machine-aided judgement by utilizing Artificial Intelligence, User and Entity Behavior Analytics. Lastly, Security Awareness approach observes fluid security context of all resources through Continuous Monitoring and Visualization. Based on these approaches, a comprehensive study of modern technologies is presented to materialize the concept that each approach intends to achieve. We expect this study to provide a guidance for defense organizations to take a step on the implementation of their own zero-trust architecture.

Performance of SIR-based power control using unused OVSF codes for WCDMA reverse link receiver (미사용 OVSF 부호를 이용한 WCDMA 역방향 링크 수신기의 SIR 기반 전력제어 성능 분석)

  • 이영용;박수진;안재민;임민중;정성현;최형진
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.40 no.7
    • /
    • pp.282-292
    • /
    • 2003
  • In this paper, we evaluate the performance of WCDMA reverse link receiver system with closed loop fast transmit power control (TPC). For fast power control, SIR must be measured precisely. We propose a new SIR measurement algorithm having a simple structure. The proposed algorithm uses unused OVSF code for interference power evaluation. The proposed SIR measurement algorithm is compared to the conventional SIR measurement algorithm in Ref.$^{[1]}$ under closed loop fast TPC. We adopted WMSA channel estimation filter with Κ=2 for mobile radio channel estimation and considered one slot TPC delay. Extensive computer simulation results show that the proposed algorithm using unused OVSF code reduces the required Ε$_{b}$$_{0}$ at the BER of 10$^{-3}$ up to 0.9㏈ and has an improved TPC error performance compared to the conventional algorithm.