• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.27 no.4
• /
• pp.15-22
• /
• 2004

본 논문의 목적은 유한 저장공간을 가지는 대기행렬 시스템에서 완전공유(Complete Sharing), 완전분할(Complete Partitioning), 최소할당공유(Sharing with Minimum Allocation)와 같은 다양한 저장공간 공유방안들을 비교ㆍ분석하는 것으로, 이를 위하여 먼저 각각의 공유방안에서의 대기행렬 안정상태확률을 효율적으로 구할 수 있는 방법이 제시되었다. 다음으로 각각의 저장공간 공유방안을 특징짓는데 필요한 몇 가지 성질들이 규명되었으며, 이를 토대로 각각의 저장공간 공유방안에 대하여 시스템 성능척도인 생산률들을 도출하는 한편, 이들의 대소관계를 파악하고, 수치실험을 통하여 이를 입증하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.7
• /
• pp.2703-2718
• /
• 2015

Nowadays, public cloud storage is gaining popularity and a growing number of users are beginning to use the public cloud storage for online data storing and sharing. However, how the encrypted data stored in public clouds can be effectively shared becomes a new challenge. Proxy re-encryption is a public-key primitive that can delegate the decryption right from one user to another. In a proxy re-encryption system, a semi-trusted proxy authorized by a data owner is allowed to transform an encrypted data under the data owner's public key into a re-encrypted data under an authorized recipient's public key without seeing the underlying plaintext. Hence, the paradigm of proxy re-encryption provides a promising solution to effectively share encrypted data. In this paper, we propose a new certificate-based proxy re-encryption scheme for encrypted data sharing in public clouds. In the random oracle model, we formally prove that the proposed scheme achieves chosen-ciphertext security. The simulation results show that it is more efficient than the previous certificate-based proxy re-encryption schemes.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.11
• /
• pp.1558-1561
• /
• 2020

In this paper, we propose a blockchain scheme to enhance fault tolerance in distributed storage blockchain systems. Traditional blockchain systems suffer from ever-increasing storage cost. To overcome this problem, distributed storage blockchain techniques have been proposed. Distributed storage blockchain schemes effectively reduce the storage cost, but there are still limitations in reducing recovery cost and fault tolerance. The proposed approach recovers multiple errors within a group by utilizing locally repairable codes with availability. This improves the fault tolerance of the blockchain systems. Simulation results show that the proposed scheme enhances the fault tolerance while minimizing storage cost and recovery cost compared to other state-of-art schemes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.3
• /
• pp.1065-1085
• /
• 2020

With rapid growth of content demands, device-to-device (D2D) content sharing is exploited to effectively improve the service quality of users. Considering the limited storage space and various content demands of users, caching schemes are significant. However, most of them ignore the influence of the asynchronous content reuse and the selfishness of users. In this work, the user preferences are defined by exploiting the user-oriented content popularity and the current caching situation, and further, we propose the social-aware rate, which comprehensively reflects the achievable contents download rate affected by the social ties, the caching indicators, and the user preferences. Guided by this, we model the collaborative caching problem by making a trade-off between the redundancy of caching contents and the cache hit ratio, with the goal of maximizing the sum of social-aware rate over the constraint of limited storage space. Due to its intractability, it is computationally reduced to the maximization of a monotone submodular function, subject to a matroid constraint. Subsequently, two social-aware collaborative caching algorithms are designed by leveraging the standard and continuous greedy algorithms respectively, which are proved to achieve different approximation ratios in unequal polynomial-time. We present the simulation results to illustrate the performance of our schemes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.1
• /
• pp.145-164
• /
• 2023

Cloud computing offers a platform that is both adaptable and scalable, making it ideal for outsourcing data for sharing. Various organizations outsource their data on cloud storage servers for availing management and sharing services. When the organizations outsource the data, they lose direct control on the data. This raises the privacy and security concerns. Cryptographic encryption methods can secure the data from the intruders as well as cloud service providers. Data owners may also specify access control policies such that only the users, who satisfy the policies, can access the data. Attribute based access control techniques are more suitable for the cloud environment as they cover large number of users coming from various domains. Multi-authority attribute-based encryption (MA-ABE) technique is one of the propitious attribute based access control technique, which allows data owner to enforce access policies on encrypted data. The main aim of this paper is to comprehensively survey various state-of-the-art MA-ABE schemes to explore different features such as attribute and key management techniques, access policy structure and its expressiveness, revocation of access rights, policy updating techniques, privacy preservation techniques, fast decryption and computation outsourcing, proxy re-encryption etc. Moreover, the paper presents feature-wise comparison of all the pertinent schemes in the field. Finally, some research challenges and directions are summarized that need to be addressed in near future.

• ETRI Journal
• /
• v.33 no.4
• /
• pp.621-628
• /
• 2011

The redactable signature scheme was introduced by Johnson and others in 2002 as a mechanism to support disclosing verifiable subdocuments of a signed document. In their paper, a redactable signature based on RSA was presented. In 2009, Nojima and others presented a redactable signature scheme based on RSA. Both schemes are very efficient in terms of storage. However, the schemes need mechanisms to share random prime numbers, which causes huge time consuming computation. Moreover, the public key in the scheme of Johnson and others is designed to be used only once. In this paper, we improve the computational efficiency of these schemes by eliminating the use of a random prime sharing mechanism while sustaining the storage efficiency of them. The size of our signature scheme is the same as that of the standard RSA signature scheme plus the size of the security parameter. In our scheme, the public key can be used multiple times, and more efficient key management than the scheme of Johnson and others is possible. We also prove that the security of our scheme is reduced to the security of the full domain RSA signature scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.12
• /
• pp.4552-4567
• /
• 2014

A (n,t,n) secret sharing scheme is to share a secret among n group members, where each member also plays a role of a dealer,and any t shares can be used to recover the secret. In this paper, we propose a strong (k,t,n) verifiable multi-secret sharing scheme, where any k out of n participants operate as dealers. The scheme realizes both threshold structure and adversary structure simultaneously, and removes a trusted third party. The secret reconstruction phase is performed using an additive homomorphism for decreasing the storage cost. Meanwhile, the scheme achieves the pre-verification property in the sense that any participant doesn't need to reveal any information about real master shares in the verification phase. We compare our proposal with the previous (n,t,n) secret sharing schemes from the perspectives of what kinds of access structures they achieve, what kinds of functionalities they support and whether heavy storage cost for secret share is required. Then it shows that our scheme takes the following advantages: (a) realizing the adversary structure, (b) allowing any k out of n participants to operate as dealers, (c) small sized secret share. Moreover, our proposed scheme is a favorable candidate to be used in many applications, such as secure multi-party computation and privacy preserving data mining, etc.

• Journal of KIISE
• /
• v.43 no.8
• /
• pp.933-945
• /
• 2016

Sharing data by multiple users on the public storage, e.g., the cloud, is considered to be efficient because the cloud provides on-demand computing service at anytime and anywhere. Secure data sharing is achieved by fine-grained access control. Existing symmetric and public key encryption schemes are not suitable for secure data sharing because they support 1-to-1 relationship between a ciphertext and a secret key. Attribute based encryption supports fine-grained access control, however it incurs linearly increasing ciphertexts as the number of attributes increases. Additionally, the decryption process has high computational cost so that it is not applicable in case of resource-constrained environments. In this study, we propose an efficient attribute-based secure data sharing scheme with outsourceable decryption. The proposed scheme guarantees constant-size ciphertexts irrespective of the number of attributes. In case of static attributes, the computation cost to the user is reduced by delegating approximately 95.3% of decryption operations to the more powerful storage systems, whereas 72.3% of decryption operations are outsourced in terms of dynamic attributes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.11
• /
• pp.4028-4049
• /
• 2014

Attribute-based encryption (ABE) is a promising cryptographic primitive for implementing fine-grained data sharing in cloud computing. However, before ABE can be widely deployed in practical cloud storage systems, a challenging issue with regard to attributes and user revocation has to be addressed. To our knowledge, most of the existing ABE schemes fail to support flexible and direct revocation owing to the burdensome update of attribute secret keys and all the ciphertexts. Aiming at tackling the challenge above, we formalize the notion of ciphertext-policy ABE supporting flexible and direct revocation (FDR-CP-ABE), and present a concrete construction. The proposed scheme supports direct attribute and user revocation. To achieve this goal, we introduce an auxiliary function to determine the ciphertexts involved in revocation events, and then only update these involved ciphertexts by adopting the technique of broadcast encryption. Furthermore, our construction is proven secure in the standard model. Theoretical analysis and experimental results indicate that FDR-CP-ABE outperforms the previous revocation-related methods.

• The KIPS Transactions:PartA
• /
• v.8A no.4
• /
• pp.367-374
• /
• 2001

Recently, LINUX cluster file systems based on the storage area network (SAN) have been developed. In those systems, without using a central file server, multiple clients sharing the whole disk storage through Fibre Channel can freely access disk storage and act as file servers. Accordingly, they can offer advantages such as availability, load balancing, and scalability. In this paper, we describe metadata management schemes designed for a new SAN-based LINUX cluster file system. First, we present a new inode structure which is better than previous ones in disk block access time. Second, a new directory structure which uses extendible hashing is described. Third, we describe a novel scheme to manage free disk blocks, which is suitable for very large file systems. Finally, we present how we handle metadata journaling. Through performance evaluation, we show that our proposed schemes have better performance than previous ones.