• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.75-82
• /
• 2015

Recently, many public auditing schemes have been proposed to support public auditability that enables a third party auditor to verify the integrity of data stored in the remote cloud server. To improve the performance of the auditor, several public auditing schemes support batch auditing which allows the auditor to handle simultaneously multiple auditing delegations from different users. However, when even one data is corrupted, the batch auditing will fail and individual and repeated auditing processes will be required. It is difficult to identify the corrupted data from the proof in which distinct data blocks and authenticators of distinct users are intricately aggregated. In this paper, we extend a public auditing scheme of Wang et al. to support batch auditing for multi-cloud and multi-user. We propose an identification scheme of the corrupted cloud when the data of a single cloud is corrupted in the batch auditing of multi-cloud and multi-user.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.9
• /
• pp.3322-3347
• /
• 2021

Cloud Storage is the primary component of many businesses on cloud. Majority of the enterprises today are adopting a multicloud strategy to keep away from vendor lock-in and to optimize cost. Auditing schemes are used to ascertain the integrity of cloud data. Of these schemes, only the Provable Data Possession schemes (PDP) are resilient to key-exposure. These PDP schemes are devised using Public Key Infrastructure (PKI-) based cryptography, Identity-based cryptography, etc. PKI-based systems suffer from certificate-related communication/computational complexities. The Identity-based schemes deal with the exposure of only the auditing secret key (audit key). But with the exposure of both the audit key and the secret key used to update the audit key, the auditing process itself becomes a complete failure. So, an Identity-based PDP scheme with Parallel Key-Insulation is proposed for multiple cloud storage. It reduces the risk of exposure of both the audit key and the secret key used to update the audit key. It preserves the data privacy from the Third Party Auditor, secure against malicious Cloud Service Providers and facilitates batch auditing. The resilience to key-exposure is proved using the CDH assumption. Compared to the existing Identity-based multicloud schemes, it is efficient in integrity verification.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.10
• /
• pp.5039-5061
• /
• 2017

Cloud storage becomes a new trend that more and more users move their data to cloud storage servers (CSSs). To ensure the security of cloud storage, many cloud auditing schemes are proposed to check the integrity of users' cloud data. However, most of them are based on public key infrastructure, which leads to complex certificates management and verification. Besides, most existing auditing schemes are inefficient when user uploads a large amount of data or a third party auditor (TPA) performs auditing for multiple users' data on different CSSs. To overcome these problems, in this paper, we propose an efficient and secure auditing scheme based on identity-based cryptography. To relieve user's computation burden, we introduce a proxy, which is delegated to generate and upload homomorphic verifiable tags for user. We extend our auditing scheme to support auditing for dynamic data operations. We further extend it to support batch auditing in multiple users and multiple CSSs setting, which is practical and efficient in large scale cloud storage system. Extensive security analysis shows that our scheme is provably secure in random oracle model. Performance analysis demonstrates that our scheme is highly efficient, especially reducing the computation cost of proxy and TPA.

• Journal of KIISE
• /
• v.43 no.4
• /
• pp.497-508
• /
• 2016

With a cloud storage service, data owners can easily access their outsourced data in cloud storage on different devices and at different locations, and can share their data with others. However, as the users no longer physically have possession of their outsourced data and the cloud still facing the existence of internal/external threats, the task of checking the data integrity is formidable. Over recent years, numerous schemes have been proposed to ensure data integrity in an untrusted cloud. However, the existing public auditing schemes use a third-party auditor(TPA) to execute high computation to check data integrity and may still face many security threats. In this paper, we first demonstrate that the scheme proposed by Zhang et al. is not secure against our two threat models, and then we propose a self-certified public auditing scheme to eliminate the security threats and guarantee a constant communication cost. Moreover, we prove the securities of our public auditing scheme under three security models.

• Proceedings of the CALSEC Conference
• /
• 2003.09a
• /
• pp.261-267
• /
• 2003

This study deals with controversial issues surrounding the today′s cyber-taxation and recommends feasible consumption tax system architecture titled Global Electronic Tax Invoice System (GETI). The GETI is an electronic consumption tax architecture to provide "all-in-one" tax and e-payment services through a trusted third party (TTP). GETI is designed to streamline the overall cyber-taxation process and provide simplified and transparent tax invoice services through an authorized np. To ensure information security, GETI incorporates public Key infrastructure (PKI) based digital certificates and other data encryption schemes when calculating, reporting, paying, and auditing tax in the electronic commerce environment. GETI is based on the OECD cyber-taxation agreement that was reached in January 2001, which established the taxation model for B2B and B2C electronic commerce transactions. For the value added tax systems, tax invoice is indispensable to commerce activities, since they provide documentations to prove the validity of commercial transactions. As paper-based tax invoice systems are gradually phased out and are replaced with electronic tax invoice systems, there is an increasing need to develop a reliable, efficient, transparent, and secured cyber-taxation architecture. To design such architecture, several desirable system attributes were considered -- reliability, efficiency, transparency, and security. GETI was developed with these system attributes in mind.

• The Journal of Asian Finance, Economics and Business
• /
• v.8 no.1
• /
• pp.327-333
• /
• 2021

Accounting information disclosure by enterprises is important for third-party entities (suppliers, creditors, banks, regulators, etc.). Voluntary accounting information disclosure (VAID) refers to additional information related to business activities shown on the annual report above and beyond the required information about business results and financial position as well as cash flow. This supports the stakeholders gaining useful information to make proper business decisions. The article examines the influence of ownership structure on the voluntary accounting information disclosure of the top 100 Vietnamese listed companies (VN100). Data collected by authors on regular annual reports totaled 425 observations from 2015 to 2019. The article uses OLS to test multivariate regression models with time-series data. The research results show that there are three variables affecting voluntary accounting information disclosure, of which foreign ownership and institution ownership have a positive impact, while concentration ownership has an opposite impact. Accordingly, the managers of VN100 should raise awareness in order to demonstrate the obligation of information providers to users to ensure clarity and completeness. The state agencies should encourage VN100 to enhance voluntary accounting information disclosure. This contributes to improve the information level of Vietnamese listed companies to embrace the trend of international economic integration.

• Radiation Oncology Journal
• /
• v.28 no.1
• /
• pp.50-56
• /
• 2010

Purpose: We report the results of an external audit on the absorbed dose of radiotherapy beams independently performed by third parties. For this effort, we developed a method to measure the absorbed dose to water in an easy and convenient setup of solid water phantom. Materials and Methods: In 2008, 12 radiotherapy centers voluntarily participated in the external auditing program and 47 beams of X-ray and electron were independently calibrated by the third party’s American Association of Physicists in Medicine (AAPM) task group (TG)-51 protocol. Even though the AAPM TG-51 protocol recommended the use of water, water as a phantom has a few disadvantages, especially in a busy clinic. Instead, we used solid water phantom due to its reproducibility and convenience in terms of setup and transport. Dose conversion factors between solid water and water were determined for photon and electron beams of various energies by using a scaling method and experimental measurements. Results: Most of the beams (74%) were within ${\pm}2%$ of the deviation from the third party's protocol. However, two of 20 X-ray beams and three of 27 electron beams were out of the tolerance (${\pm}3%$), including two beams with a >10% deviation. X-ray beams of higher than 6 MV had no conversion factors, while a 6 MV absorbed dose to a solid water phantom was 0.4% less than the dose to water. The electron dose conversion factors between the solid water phantom and water were determined: The higher the electron energy, the less is the conversion factor. The total uncertainty of the TG-51 protocol measurement using a solid water phantom was determined to be ${\pm}1.5%$. Conclusion: The developed method was successfully applied for the external auditing program, which could be evolved into a credential program of multi-institutional clinical trials. This dosimetry saved time for measuring doses as well as decreased the uncertainty of measurement possibly resulting from the reference setup in water.

• Journal of applied mathematics & informatics
• /
• v.41 no.1
• /
• pp.95-105
• /
• 2023

To make the network energy efficient and to protect the network from malignant user's energy efficient grid based secret key sharing scheme is proposed. The cost function is evaluated to select the optimal nodes for carrying out the data transaction process. The network is split into equal number of grids and each grid is placed with certain number of nodes. The node cost function is estimated for all the nodes present in the network. Once the optimal energy proficient nodes are selected then the data transaction process is carried out in a secured way using malicious nodes filtration process. Therefore, the message is transmitted in a secret sharing method to the end user and this process makes the network more efficient. The proposed work is evaluated in network simulated and the performance of the work are analysed in terms of energy, delay, packet delivery ratio, and false detection ratio. From the result, we observed that the work outperforms the other works and achieves better energy and reduced packet rate.