• Journal of Digital Convergence
• /
• v.12 no.12
• /
• pp.303-311
• /
• 2014

The accountability of cloud service which provides the cloud users with accountable services applies various technologies such as the compliance of service policy, monitoring and auditing, logging, and others. It ultimately intends to provide trustworthy cloud service by determining who is accountable for various problems happened during data processing and service offering. In this paper, we propose a cloud ecosystem formed from the chain of content and DRM Cloud service in order to offer secure and trust DRM cloud service when providing high value-added content service. Besides this, we analyse the requirements of cloud services for content owners and users and then propose some logging information to be recorded for trace of accountability and a structure of tool for monitoring.

• Journal of the Korean Institute of Telematics and Electronics S
• /
• v.36S no.8
• /
• pp.1-7
• /
• 1999

The Internet is emerging as a powerful tool in the area of information and communication technology. The WWW has been especially contributed to increase the internet demand because of its browser which has "Graphic User Interface". Nowadays number of hosts that supply harmful information such as pornographic materials, and the infringement of human rights is rapidly increased. Access to such materials is very easy. Therefore security system which will protect young users from access to harmful host is needed. This paper presents implementation of user system has database about harmful hosts at the Internet and monitors that the user traffic over LAM get touch with the hosts. The system can not make the user access the harmful host because it can over LAN. The performance analysis on the developed system monitoring the traffic over LAN of Andong university is carried out. The performance analysis of monitoring results satisfies with preventing users from the connection to the internet harmful sites.

• Journal of Convergence Society for SMB
• /
• v.2 no.2
• /
• pp.43-49
• /
• 2012

Recently, the safety of being processed in a corporate enterprise with a wide range of IT skills applied to the Corporate Affairs information services are increasing requirement. Businesses that are required by various IT corporate information technology services to companies that need to protect information being leaked to other companies, a security incident has been applied and is growing, but is lacking about how to respond to the protection of corporate information services. In this paper, the information that is important in the corporate authority by the user's access control model to reduce the number of security incidents such as information leakage and security services for enterprise informatization is proposed. The proposed model can be used in order to block the access of the users to access information managed by a central administrator role and the rights of users to access information any abnormality has been captured. In addition, the proposed model can take advantage of protecting corporate information from the systematic recovery and operational continuity strategies to build your company's information services.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.5 s.43
• /
• pp.337-343
• /
• 2006

The number of digital camera users is increasing rapidly and countless number of photos floats about on the internet especially through wide-spreading Cyworld and blogs. Though portraits cover a large percentage of those photos, because of the property rights, near entirety or such photos are unavailable for use by web-page producers, advertising companies, web-designers, and so on, who need a variety of portraits with differing expressions and characteristics. This study offers a search engine that incorporates image characteristics based on natural language index, which can provide a fast and reliable search result. It will create an opportunity for the digital photographers to mure easily sell their pictures and simultaneously provide the would-be users of the photos a better and easier way to find the pictures they are looking for. Once the search engine is realized, it will become possible to use not only the nouns as keywords and categories but also verbs in search of portraits revealing feelings, expressions, dressings, and other characteristics.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.12
• /
• pp.117-123
• /
• 2010

In this paper, we proposed the interoperable DRM(Digital Rights Management) system that allows to redistribute contents safely based on home domain. We tried to solve the problem about contents redistribution between devices under different DRM regime so that we suggested a interoperable DRM system that allow end users to redistribute contents within home domain can solve the restriction and the inconvenience occuring in using contents and at the same time protect the right of contents producer and provider as well. In order that end users can use freely their contents using home digital device without additional payment, we must build a home domain for interoperable DRM system for contents redistribution among devices. If both of exporting device and importing device are authenticated in home domain by HADM(Home Authorized Domain Manager), then the exporting device can redistribute packaged contents under importing DRM regime to the importing device by DIM(DRM Interoperability Manager).

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.793-798
• /
• 2003

The P2P service is a technology that can share their information with each other who is able to be connected ith a relating program without passing by a server. Since all personal compiters that linked to the internet under the P2P service can opetate as server or a client, they can provide and share both their information and services through the direct connection. Currently, the P2P service is giving an equal privilege to all users for sharing their resources,.Under this situation, a lot of vulnerability against the various sttacks through the Unternet is possoble, more sophisticated security services are necessary. In this paper, We propose and access control schemae using SPKI(Simple Public Key Infrastructure). The scheme designates and access and acces control by providing the certificate to users who request a connection for resource sharing and limits the resource usage of information provider according to the access right that is given to their own rights.

• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.119-124
• /
• 2021

Today, both sides of modern culture are decisively invaded by digitalization. Authentication is considered to be one of the main components in keeping this process secure. Cyber criminals are working hard in penetrating through the existing network channels to encounter malicious attacks. When it comes to enterprises, the company's information is a major asset. Question here arises is how to protect the vital information. This takes into account various aspects of a society often termed as hyper connected society including online communication, purchases, regulation of access rights and many more. In this research paper, we will discuss about the concepts of MFA and KBA, i.e., Multi-Factor Authentication and Knowledge Based Authentication. The purpose of MFA and KBA its utilization for human.to.everything..interactions, offering easy to be used and secured validation mechanism while having access to the service. In the research, we will also explore the existing yet evolving factor providers (sensors) used for authenticating a user. This is an important tool to protect data from malicious insiders and outsiders. Access Management main goal is to provide authorized users the right to use a service also preventing access to illegal users. Multiple techniques can be implemented to ensure access management. In this paper, we will discuss various techniques to ensure access management suitable for enterprises, primarily focusing/restricting our discussion to multifactor authentication. We will also highlight the role of knowledge-based authentication in multi factor authentication and how it can make enterprises data more secure from Cyber Attack. Lastly, we will also discuss about the future of MFA and KBA.

• Journal of the Korea Convergence Society
• /
• v.10 no.7
• /
• pp.7-14
• /
• 2019

Users who use smartphone can using knowledge-based authentication, possession-based authentication, biometric-based authentication, and token-based authentication in order to access rights to systems requiring authentication. However, desktop computer users use method only ID and password, which are knowledge-based authentication factors, due to limitations of authentication devices, despite various authentication methods. In this paper, we designed and implemented a raspberry pi based authentication system that provides multiple authentication method of a user's desired type. The implementation system uses knowledge-based authentication, possessive-based authentication, biometric-based authentication, and token-based authentication. The proposed system can provide a security function that can be used by SMEs, which is difficult to hire a security officer due to the economic burden. The implemented system can be used not only for personal use but also for enterprise, and it can be applied to various fields such as finance and game.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.41-47
• /
• 2008

In a network environment, when a user requests a server's service, he/she must pass an examination of user authentication. Through this process, the server can determine if the user can use the provided services and the exact access rights of this user in these services. In these authentication schemes, the security of private information became an important issue. For this reason, many suggestions have been made in order to protect the privacy of users and smart cards have been widely used for authentication systems providing anonymity of users recently. An remote user authentication system using smart cards is a very practical solution to validate the eligibility of a user and provide secure communication. However, there are no studies in attribute-based authentication schemes using smart cards so far. In this paper, we propose a novel user authentication scheme using smart cards based on attributes. The major merits include : (1) the proposed scheme achieves the low-computation requirement for smart cards; (2) user only needs to register once and can use permitted various services according to attributes; (3) the proposed scheme guarantees perfect anonymity to remote server.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.2
• /
• pp.565-586
• /
• 2022

Cloud storage's elastic expansibility not only provides flexible services for data owners to store their data remotely, but also reduces storage operation and management costs of their data sharing. The data outsourced remotely in the storage space of cloud service provider also brings data security concerns about data integrity. Data integrity verification has become an important technology for detecting the integrity of remote shared data. However, users without data access rights to verify the data integrity will cause unnecessary overhead to data owner and cloud service provider. Especially malicious users who constantly launch data integrity verification will greatly waste service resources. Since data owner is a consumer purchasing cloud services, he needs to bear both the cost of data storage and that of data verification. This paper proposes a verification control algorithm in data integrity verification for remotely outsourced data. It designs an attribute-based encryption verification control algorithm for multiple verifiers. Moreover, data owner and cloud service provider construct a common access structure together and generate a verification sentinel to verify the authority of verifiers according to the access structure. Finally, since cloud service provider cannot know the access structure and the sentry generation operation, it can only authenticate verifiers with satisfying access policy to verify the data integrity for the corresponding outsourced data. Theoretical analysis and experimental results show that the proposed algorithm achieves fine-grained access control to multiple verifiers for the data integrity verification.