• Journal of Convergence for Information Technology
• /
• v.8 no.2
• /
• pp.77-82
• /
• 2018

Recently, as cloud services become popular with general users, users' information is freely transmitted and received among the information used in the cloud environment, so security problems related to user information disclosure are occurring. we propose a method to secure personal information of multiple users by making personal information stored in the cloud server and a key for accessing the shared information so that the privacy information of the multi users using the cloud service can be prevented in advance do. The first key used in the proposed scheme is a key for accessing the user 's personal information, and is used to operate the information related to the personal information in the form of a multi - layer. The second key is the key to accessing information that is open to other users than to personal information, and is necessary to associate with other users of the cloud. The proposed scheme is constructed to anonymize personal information with multiple hash chains to process multiple kinds of information used in the cloud environment. As a result of the performance evaluation, the proposed method works by allowing third parties to safely access and process the personal information of multiple users processed by the multi - type structure, resulting in a reduction of the personal information management cost by 13.4%. The efficiency of the proposed method is 19.5% higher than that of the existing method.

• The Journal of Society for e-Business Studies
• /
• v.17 no.1
• /
• pp.137-150
• /
• 2012

For social demand and technological development, systematic private information management and security guidance have been enhanced; however, the issue of leakage and invasion of private information is shown in many ways. In the management of such private information, the issue of how to protect such information is one of the sensitive key elements. As a criterion to decide the management policy of each property information consisting of private information, this article suggests Dynamic-Security-Level-Measurement for property information. DSLM adopts the variable characteristics of property information as the element of measurement. By applying this method, it is possible to provide information management functions to cope with the changes of each property information security level of an individual actively. It is expected that this will improve the security of previous information management methods even more and also contribute to the improvement of security in integrated systems such as the integrated ID management system and electronic wallet.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.71-79
• /
• 2022

The smart grid system has emerged to maximize energy efficiency through real-time information exchange between power providers and consumers by combining information technology and power supply systems. The authentication schemes using blockchain in a smart grid system have been proposed, which utilize an edge server's architecture to collect and store electric power-related information and process data between a central cloud server and smart grid-IoT devices. Although authentication schemes are being proposed to enhance security in the smart grid environment, many vulnerabilities are still reported. This paper presents a new mutual authentication scheme to guarantee users' privacy and anonymity in a smart grid based on edge computing using blockchain. In the proposed scheme, we use the smart contract for the key management's efficiency, such as updating and discarding key materials. Finally, we prove that the proposed scheme not only securely establishes a session key between the smart grid-IoT device of the user and the edge server but also guarantees anonymity.

• International Journal of Computer Science & Network Security
• /
• v.23 no.12
• /
• pp.27-80
• /
• 2023

Nowadays usage of different applications of identity management IDM demands prime attention to clarify which is more efficient regarding preserve privacy as well as security to perform different operations concerning digital identity. Those operations represent the available interactions with identity during its lifecycle in the digital world e.g., create, update, delete, verify and so on. With the rapid growth in technology, this field has been evolving with a number of IDM models being proposed to ensure that identity lifecycle and face some significant issues. However, the control and ownership of data remines in the hand of identity service providers for central and federated approaches unlike in the self-sovereign identity management SSIM approach. SSIM is the recent IDM model were introduced to solve the issue regarding ownership of identity and storing the associated data of it. Thus, SSIM aims to grant the individual's ability to govern their identities without intervening administrative authorities or approval of any authority. Recently, we noticed that numerous IDM solutions enable individuals to own and control their identities in order to adapt with SSIM model. Therefore, we intend to make comparative study as much of these solutions that have proper technical documentation, reports, or whitepapers as well as provide an overview of IDM models. We will point out the existing research gaps and how this study will bridge it. Finally, the study will propose a technical enhancement, everKEY solution, to address some significant drawbacks in current SSIM solutions.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.277-280
• /
• 2015

Smishing, Phishing personal privacy caused by Incident accidents such as Phishing information security has become a hot topic. Such incidents have privacy in personal information management occurs due to a lack of user awareness. This paper is based on the existing structure of the XML Tag question bank used a different Key-Value Structure-based JSON. JSON is an advantage that does not depend on the language in the text-based interchange format. The proposed system is divided into information security sector High, Middle and Low grade. and Provides service to the user through the free space and the smart device and the PC to the constraints of time. The use of open source Apache Load Balancing technology for reliable service. It also handles the user's web page without any training sessions Require server verification result of the training(training server). The result is sent to the training server using jQuery Ajax. and The resulting data are stored in the database based on the user ID. Also to be used as a training statistical indicators. In this paper, we design a level training system to enhance the user's information security awareness.

• Information Systems Review
• /
• v.23 no.3
• /
• pp.201-223
• /
• 2021

Smart home is an advanced Internet of Things (IoT) service that enhances the convenience of human daily life and improves the quality of life at home. Recently, with the emergence of smart home products and services to which artificial intelligence (AI) technology is applied, interest in smart home is increasing. To gain a competitive edge in the smart home market, companies are providing "personalized service" to users, which is a key service that can promote smart home use. This study investigates the factors affecting the value awareness of personalized service and intention to use smart home. This research focuses on four-dimensional motivated innovativeness (cognitive, functional, hedonic, and social innovativeness) and privacy risk awareness as key factors that influence the value awareness of personalized service of smart home. In particular, this study conducts a comparative analysis between the generation MZ (young people in late teens to 30s), who are showing socially differentiated characteristics, and the generation X and baby boomers in 40s to 50s or older. Based on the analysis results, this study derives the distinctive characteristics of generation MZ that are different from the older generation, and provides academic and practical implications for expanding the use of smart home services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.81-88
• /
• 2013

As social network service(SNS) has grown rapidly, the variety information being shared through SNS. However, the privacy of individuals can be violated due to the shared information through a SNS or the post written in the past at the SNS. Although, many researches concerned about it, they did not suggest key management and access control especially. In this paper, we propose the method for the protection of the message in SNS using access control and hash-chain.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.389-394
• /
• 2012

The cloud computing is a system that provides IT resources service by using internet technologies, which grabs lots of attention today. Though cloud storage services provide service users with convenience, there is a problem in which data confidentiality is not guaranteed because it is hard for data owners to control the access to the data. This article suggested the technique by applying Public-Key Cryptosystem only to a block after dividing users' data into blocks in order to protect users' data in cloud system. Thus confidentiality and integrity are given to users' data stored in cloud storage server.

• Information and Communications Magazine
• /
• v.24 no.11
• /
• pp.5-13
• /
• 2007

광대역 무선 접속 표준을 관장하는 IEEE 802.16 워킹 그룹은 IEEE 802.16 표준을 2004년에 발표하였으며 이 IEEE 802.16 표준안에는 현재 WiMAX(Worldwide Interoperability for Microwave Access)라 불리는 고정 및 저속 이동 접속에 대한 광대역 무선 통신 지원 기술이 포함되어 있다. 특히 여러 기술 중 보안 관점에서 IEEE 802.16 표준은 MAC 계층 안에 PKM(Privacy Key Management)라고 불리는 Security Sub-layer를 가지고 있다. PKM은 PKMv1과 PKMv2로 구분되며, 먼저 PKMv1은 기본적인 인증 및 기밀성 기능을 제공하고 IEEE 802.16 표준에 기본적으로 적용되어있다. 하지만, IEEE 802.16 표준 이후 많은 연구들이 PKMv1의 보안성에 대하여 의문을 제기하였고 이에 따라 IEEE 802.16 표준안의 확장 개선안으로서 완전한 이동성을 바탕으로 하는 2005년 발표된 IEEE 802.16e 표준안에서는 향상된 보안 기능을 제공하는 PKMv2를 제공하며 기존 표준안의 부족한 점을 보완하기 위하여 시도하였다. 이러한 PKMv2는 EAP(Extensible Authentication Protocol) 인증, AES(Advanced Encryption Standard) 기반 기밀성 제공 알고리즘, CMAC/HMAC(Cipher/Hashed Message Authentication Code)을 사용한 메시지 인증 기능 제공 등 보다 다양한 보안 기능을 제공하였다. 그러나 IEEE 802.16e 표준안의 보안 기능은 SS(Subscriber Station)과 BS(Base Station)간의 통신구간 보안에 초점을 맞추어서 네트워크 도메인간의 보안 문제나 핸드오버시 보안과 같은 네트워크 구조적 보안 취약성을 여전히 가지고 있다. 하지만 표준안에서 정의하고 있는 SS와 BS 구간 보안 역시 완전한 솔루션을 제시하고 있지는 않다. 본 논문에서는 이러한 취약성을 고찰하고 그에 따른 대응방안을 제시하였다.

• Journal of Internet Computing and Services
• /
• v.22 no.5
• /
• pp.27-33
• /
• 2021

With the broad adoption of the Internet of Things (IoT) in a variety of scenarios and application services, management and orchestration entities require upgrading the traditional architecture and develop intelligent models with ultra-reliable methods. In a heterogeneous network environment, mission-critical IoT applications are significant to consider. With erroneous priorities and high failure rates, catastrophic losses in terms of human lives, great business assets, and privacy leakage will occur in emergent scenarios. In this paper, an efficient resource slicing scheme for optimizing federated learning in software-defined IoT (SDIoT) is proposed. The decentralized support vector regression (SVR) based controllers predict the IoT slices via packet inspection data during peak hour central congestion to achieve a time-sensitive condition. In off-peak hour intervals, a centralized deep neural networks (DNN) model is used within computation-intensive aspects on fine-grained slicing and remodified decentralized controller outputs. With known slice and prioritization, federated learning communications iteratively process through the adjusted resources by virtual network functions forwarding graph (VNFFG) descriptor set up in software-defined networking (SDN) and network functions virtualization (NFV) enabled architecture. To demonstrate the theoretical approach, Mininet emulator was conducted to evaluate between reference and proposed schemes by capturing the key Quality of Service (QoS) performance metrics.