You Jin Song

Bio: You Jin Song is an academic researcher from Dongguk University. The author has contributed to research in topics: Encryption & Plaintext. The author has an hindex of 3, co-authored 4 publications receiving 17 citations.

Privacy Aware Adaptable Web Services Using Petri Nets

Abstract: Many researchers have developed frameworks capable of handling context information and able to be adapted and used by any Web service. However, no research has been conducted on the systematic analysis of existing frameworks. This paper analyses the context framework, an example of existing frameworks, using a Petri net, and analyzing the advantages and disadvantages of it. Then, a Petri net model is introduced, with disadvantages removed. Based on the model, a new framework is presented. The proposed PAWS (privacy aware Web services) framework provides extension to context management and communicates flexible context information for every session. The proposed framework can solve overhead problems of context in SOAP messages. It also protects user privacy according to user preferences.

How to Construct a New Encryption Scheme Supporting Range Queries on Encrypted Database

Abstract: When the traditional encryption algorithms are applied to the database, efficiency degradation occurs because the orders of ciphertext and plaintext are not the same. Therefore, the encryption mechanisms suitable for database environment are required. We propose an encryption mechanism that can support range queries without exposing the order of plaintext. This method is more powerful than the previous order-preserving methods and is expected to handle data more efficiently than other methods including auxiliary B+-tree.

A Bucket ID Transformation Scheme for Efficient Database Encryption

Abstract: Encryption is a well established technology for protecting sensitive data. Unfortunately, the integration of existing encryption techniques with database systems causes undesirable performance degradation. We propose the bucket ID transformation that supports range queries without exposing the order of plaintext. The Bucket ID Transformation is performed by modulo arithmetic or pseudo-random number generation. This method is more powerful than the previous order-preserving methods and is expected to handle data more efficiently than other methods. Experiment results show that our scheme outperforms other method in encryption and query speed.

How to Construct a New Encryption Scheme Supporting Range Queries on Encrypted Database

Abstract: When the traditional encryption algorithms are applied to the database, efficiency degradation occurs because the orders of ciphertext and plaintext are not the same. Therefore, the encryption mechanisms suitable for database environment are required. We propose an encryption mechanism that can support range queries without exposing the order of plaintext. This method is more powerful than the previous order-preserving methods and is expected to handle data more efficiently than other methods including auxiliary B+-tree.

A framework for efficient storage security in RDBMS

Abstract: With the widespread use of e-business coupled with the public's awareness of data privacy issues and recent database security related legislations, incorporating security features into modern database products has become an increasingly important topic. Several database vendors already offer integrated solutions that provide data privacy within existing products. However, treating security and privacy issues as an afterthought often results in inefficient implementations. Some notable RDBMS storage models (such as the N-ary Storage Model) suffer from this problem. In this work, we analyze issues in storage security and discuss a number of trade-offs between security and efficiency. We then propose a new secure storage model and a key management architecture which enable efficient cryptographic operations while maintaining a very high level of security. We also assess the performance of our proposed model by experimenting with a prototype implementation based on the well-known TPC-H data set.

Improving device-aware Web services and their mobile clients through an aspect-oriented, model-driven approach

Abstract: Context: Mobile devices have become an essential element in our daily lives, even for connecting to the Internet. Consequently, Web services have become extremely important when offering services through the Internet. However, current Web services are very inflexible as regards their invocation from different types of device, especially if we consider the need for them to be adaptable when being invoked from mobile devices. Objective: In this paper, we provide an approach for the creation of flexible Web services which can be invoked transparently from different device types and which return subsequent responses, as well as providing the client's adaptation as a result of the particular device characteristics and end-user preferences in a completely decoupled way. Method: Aspect-Oriented Programming and model-driven development have been used to reduce both the impact of service and client code adaptation for multiple devices as well as to facilitate the developer's task. Results: A model-driven methodology can be followed from system models to code, providing the Web service developer with the option of marking which services should be adapted to mobile devices in the UML models, and obtaining the decoupled adaptation code automatically from the models. Conclusion: We can conclude that the approach presented in this paper provides us with the possibility of following the development of mobile-aware Web services in an integrated platform, benefiting from the use of aspect-oriented techniques not only for maintaining device-related code completely decoupled from the main functionality one, but also allowing a modularized non-intrusive adaptation of mobile clients to the specific device characteristics as well as to final user preferences.

Adapting Web Services for Multiple Devices: A Model-Driven, Aspect-Oriented Approach

Abstract: Mobile devices have become an essential element in our daily lives, even for connecting to the Internet. Web Services have become extremely important when offering services through the Internet. However, current Web Services are very inflexible as regards their invocation from different types of device, especially if we consider the need for them to be adaptable when being invoked from a mobile device. In this paper, we will propose several alternatives for the creation of flexible web services which can be invoked from different types of device, and compare the different proposed approaches. Aspect-Oriented Programming and Model-Driven Development have been used in all proposals to reduce the impact of service adaption, not only for the service developer, but also to maintain the correct code structure.

Adapting Web Services for Multiple Devices: a Model-Driven, Aspect-Oriented Approach.

Abstract: Mobile devices have become an essential element in our daily lives, even for connecting to the Internet. Web Services have become extremely important when offering services through the Internet. However, current Web Services are very inflexible as regards their invocation from different types of device, especially if we consider the need for them to be adaptable when being invoked from a mobile device. In this paper, we will propose several alternatives for the creation of flexible web services which can be invoked from different types of device, and compare the different proposed approaches. Aspect -Oriented Programming and Model-Driven Development have been used in all proposals to reduce the impact of service adaption, not only for the service developer, but also to maintain the correct code structure. This work has been developed thanks to the support of MEC (contract TIN2008-02985).

Privacy-Aware Business Processes Modeling Notation (PrvBPMN) in the Context of Distributed Mobile Applications

Abstract: Distributed mobile applications are increasingly being considered as solutions which provide robustness and performance benefits, especially in contexts such as emergency response systems, where a conventional centralized ICT infrastructure can be rendered inoperative. The information intensive nature of such systems brings to the fore the importance of data distribution through the right workflow channels under conditions of data privacy and short timescales. This paper reports on the early stages of a project aimed at developing a privacy-aware process-level framework for such distributed mobile applications, exemplified through a distributed prototype that can be used to model and manage fire emergency situations in airports. The novelty of the framework arises from modeling, reasoning and generating privacy preserving business processes applicable to distributed mobile information systems.