Fine-Grained Access Control-Enabled Logging Method on ARM TrustZone
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Lee, Seungho | - |
dc.contributor.author | Jo, Hyo Jin | - |
dc.contributor.author | Choi, Wonsuk | - |
dc.contributor.author | Kim, Hyoseung | - |
dc.contributor.author | Park, Jong Hwan | - |
dc.contributor.author | Lee, Dong Hoon | - |
dc.date.accessioned | 2021-08-31T16:07:38Z | - |
dc.date.available | 2021-08-31T16:07:38Z | - |
dc.date.created | 2021-06-19 | - |
dc.date.issued | 2020 | - |
dc.identifier.issn | 2169-3536 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/59007 | - |
dc.description.abstract | Most applications for the Internet of Things operate on embedded systems. In particular, embedded devices intended for smart healthcare, smart homes, and smart cars generate logs containing sensitive user information. These logs must be protected from malicious users while also being accessible for legitimate users to utilize them for providing customized services. Unfortunately, the existing logging system only supporting one-to-one encryption based on a server-client model, so there are limitations in building a decentralized logging infrastructure for the hyper-connected era. In this paper, we propose a new secure logging method that supports one-to-many encryption and extends existing logging systems to a decentralized logging infrastructure. In the proposed method, log publishers are able to encrypt generated logs and distribute them to cloud storage in real time and can ensure that only authorized log subscribers access the logs. For one-to-many encryption, we apply a key-policy attribute-based encryption scheme which is suitable for logging systems. For reliability and efficiency of logs, we apply a key-derivation process that cooperates with one-way hash functions within a trusted execution environment. In a real time logging scenario, the proposed method is 93% faster and occupies 83% less storage space than when an original attribute-based encryption scheme is applied. In addition, performance-tunable parameters can optimize our method for various environments. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC | - |
dc.subject | ENCRYPTION | - |
dc.title | Fine-Grained Access Control-Enabled Logging Method on ARM TrustZone | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Lee, Dong Hoon | - |
dc.identifier.doi | 10.1109/ACCESS.2020.2991431 | - |
dc.identifier.scopusid | 2-s2.0-85084949641 | - |
dc.identifier.wosid | 000549490500002 | - |
dc.identifier.bibliographicCitation | IEEE ACCESS, v.8, pp.81348 - 81364 | - |
dc.relation.isPartOf | IEEE ACCESS | - |
dc.citation.title | IEEE ACCESS | - |
dc.citation.volume | 8 | - |
dc.citation.startPage | 81348 | - |
dc.citation.endPage | 81364 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Engineering | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Engineering, Electrical & Electronic | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.subject.keywordPlus | ENCRYPTION | - |
dc.subject.keywordAuthor | Embedded system | - |
dc.subject.keywordAuthor | secure logging | - |
dc.subject.keywordAuthor | privacy | - |
dc.subject.keywordAuthor | access controls | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(02841) 서울특별시 성북구 안암로 14502-3290-1114
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.