• Title, Summary, Keyword: Network Access Control

Search Result 1,087, Processing Time 0.056 seconds

A Study of Digital Message Transfer System based on R-NAD for FM Radios (FM무전기를 통한 디지털 메시지 전송장비에 R-NAD 적용 연구)

  • Rho, Hai-Hwan;Kim, Young-Kil
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • /
    • pp.523-526
    • /
    • 2010
  • FM Radio communication operating mode is half-duplex mode. FM radio network access control shall be used to detect the presence of active transmissions on a multiple-subscriber-access communications network and shall provide a means to preclude data transmissions from conflicting on the network. In this study, we implemented R-NAD(Random Network Access Delay) that is one of network access control method.

  • PDF

Establishment of a secure networking between Secure OSs

  • Lim, Jae-Deok;Yu, Joon-Suk;Kim, Jeong-Nyeo
    • 제어로봇시스템학회:학술대회논문집
    • /
    • /
    • pp.2097-2100
    • /
    • 2003
  • Many studies have been done on secure operating system using secure kernel that has various access control policies for system security. Secure kernel can protect user or system data from unauthorized and/or illegal accesses by applying various access control policies like DAC(Discretionary Access Control), MAC(Mandatory Access Control), RBAC(Role Based Access Control), and so on. But, even if secure operating system is running under various access control policies, network traffic among these secure operating systems can be captured and exposed easily by network monitoring tools like packet sniffer if there is no protection policy for network traffic among secure operating systems. For this reason, protection for data within network traffic is as important as protection for data within local system. In this paper, we propose a secure operating system trusted channel, SOSTC, as a prototype of a simple secure network protocol that can protect network traffic among secure operating systems and can transfer security information of the subject. It is significant that SOSTC can be used to extend a security range of secure operating system to the network environment.

  • PDF

Development of Security Metric of Network Access Control (네트워크 접근제어 시스템의 보안성 메트릭 개발)

  • Lee, Ha-Yong;Yang, Hyo-Sik
    • Journal of Digital Convergence
    • /
    • v.15 no.6
    • /
    • pp.219-227
    • /
    • 2017
  • Network access control should be able to effectively block security threats to the IT infrastructure, such as unauthorized access of unauthorized users and terminals, and illegal access of employees to internal servers. From this perspective, it is necessary to build metrics based on relevant standards to ensure that security is being met. Therefore, it is necessary to organize the method for security evaluation of NAC according to the related standards. Therefore, this study builds a model that combines the security evaluation part of ISO / IEC 15408 (CC: Common Criteria) and ISO 25000 series to develop security metric of network access control system. For this purpose, we analyzed the quality requirements of the network access control system and developed the convergence evaluation metric for security of the two international standards. It can be applied to standardization of evaluation method for network access control system in the future by constructing evaluation model of security quality level of network access control system.

A Study of Network 2-Factor Access Control Model for Prevention the Medical-Data Leakage (의료 정보유출 방지를 위한 네트워크 이중 접근통제 모델 연구)

  • Choi, Kyong-Ho;Kang, Sung-Kwan;Chung, Kyung-Yong;Lee, Jung-Hyun
    • Journal of Digital Convergence
    • /
    • v.10 no.6
    • /
    • pp.341-347
    • /
    • 2012
  • Network Access Control system of medical asset protection solutions that installation and operation on system and network to provide a process that to access internal network after verifying the safety of information communication devices. However, there are still the internal medical-data leakage threats due to spoof of authorized devices and unauthorized using of users are away hours. In this paper, Network 2-Factor Access Control Model proposed for prevention the medical-data leakage by improving the current Network Access Control system. The proposed Network 2-Factor Access Control Model allowed to access the internal network only actual users located in specific place within the organization and used authorized devices. Therefore, the proposed model to provide a safety medical asset environment that protecting medical-data by blocking unauthorized access to the internal network and unnecessary internet access of authorized users and devices.

Design and Implementation of Access Control System Based on XACML in Home Networks (XACML 기반 홈 네트워크 접근제어 시스템의 설계 및 구현)

  • Lee, Jun-Ho;Lim, Kyung-Shik;Won, Yoo-Jae
    • The KIPS Transactions:PartC
    • /
    • v.13C no.5
    • /
    • pp.549-558
    • /
    • 2006
  • For activating home network, the security service is positively necessary and especially the access control supports secure home network services and differentiated services. But, the existing security technology for home network seldom consider access control or has a architecture to be dependent on specific middleware. Therefore, in this paper we propose a scheme to support integrated access control in home network to use XACML, access control standard of next generation, to have compatability and extensibility and we design and implement XACML access control system based on this. we also had m access control experiment about various policy to connect developed XACML access control system with the UPnP proxy based on OSGi in order to verify compatability with existing home network system.

Overload Measurement and Control of Access Control Channel Based on Hysteresis at Satellite Communication of DAMA (DAMA방식 위성통신에서 Hysteresis특성에 따른 Access 제어채널의 과부하 측정 및 제어기법)

  • Choi, Hyung-Seok
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.30 no.7B
    • /
    • pp.440-449
    • /
    • 2005
  • This paper proposes the measurement scheme for network overload and the control technique in case of breaking several control channels when we support the call services of DAMA through communication satellite(GEO, Geostationary Earth Orbit). And its performance is analyzed. The proposed schemes measure the overload of access control channel of a network controller to control the call connections, detect the level of network overload, notify the terminals of DAMA network of the state, and excute overload control. As a result, it improves the system performance and the network stability at overload state. Moreover hysteresis is applied to the change of overload state for the restriction of the frequent state shifts. The results show that the proposed algorithm prevents excessive increment of call-setup delay and too much lowering of call success rate, and improves the network stability.

The medium access control protocol of virtual token bus network for real time communication (실시간 통신을 위한 가상토큰버스 통신망의 매체접근제어 프로토콜)

  • 정연괘
    • Journal of the Korean Institute of Telematics and Electronics A
    • /
    • v.33A no.7
    • /
    • pp.76-91
    • /
    • 1996
  • In this paper, we proposed the new medium access control protocol for the virtual token bus netowrk. The network is applied to inter-processor communication network of large capacity digital switching system and digital mobile system with distributed control architecture. in the virtual token bus netowrk, the existing medium access control protocols hav ea switchove rtime overhead when traffic load is light or asymmetric according ot arbitration address of node that has message to send. The proposed protocol optimized average message delay using cyclic bus access chain to exclude switchover time of node that do not have message to send. Therefore it enhanced bus tuilization and average message delay that degrades the performance of real time communication netowrks. It showed that the proposed protocol is more enhacned than virtual token medium access control protocol and virtual token medium access control protocol iwth reservation through performance analysis.

  • PDF

A RBAC-based Access Control Framework in OSGi Service Platform (OSGi 서비스 플랫폼에서 RBAC 기반의 사용자 접근제어 프레임워크)

  • Cho, Eun-Ae;Moon, Chang-Joo;Baik, Doo-Kwon
    • Journal of KIISE:Information Networking
    • /
    • v.34 no.5
    • /
    • pp.405-422
    • /
    • 2007
  • Recently, according to the network environment, there are many researches for home network. Nowadays, in home network, the method that access control policy is managed for each home device by using ACL is popular, and EAM (Extranet access management) is applied as a solution. In addition, the research about secure OS is ongoing based on open operating system and the research of user authentication mechanisms for home network using home server is also in progress. However, these researches have some problems as follows; First, the transmission scope of expected access technology in home network is wide, so unauthenticated outside terminal can access the home network. Second, user is inconvenient because user need to set the necessary information for each device. Third, user privacy and convenience are not considered. OSGi provides a service platform for heterogeneous technologies in home network environment. Here, user access control is one of the core parts which should have no problems such as above items, but there are no concrete researches yet. Thus in this paper, we propose an access control policy management framework and access control operation based on RBAC for user access control in home network environment in which OSGi service platform is operated. First, we list the consideration which is not clearly mentioned in OSGi standard, and then we solve these above problems through new framework. In addition, we propose the effective and economical operation method which reduces the policy change frequency for user access control by using RBAC concept though limited resource of home gateway. Besides, in this paper, these proposed policies are defined separately as user-role assignment policy and permission-role assignment policy, and user decide their own policies. In conclusion, we provide the scheme to enhance the user convenience and to solve the privacy problem.

An Efficient Priority Based Adaptive QoS Traffic Control Scheme for Wireless Access Networks

  • Kang Moon-sik
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.30 no.9A
    • /
    • pp.762-771
    • /
    • 2005
  • In this paper, an efficient Adaptive quality-of-service (QoS) traffic control scheme with priority scheduling is proposed for the multimedia traffic transmission over wireless access networks. The objective of the proposed adaptive QoS control (AQC) scheme is to realize end-to-end QoS, to be scalable without the excess signaling process, and to adapt dynamically to the network traffic state according to traffic flow characteristics. Here, the reservation scheme can be used over the wireless access network in order to get the per-flow guarantees necessary for implementation of some kinds of multimedia applications. The AQC model is based on both differentiated service model with different lier hop behaviors and priority scheduling one. It consists of several various routers, access points, and bandwidth broker and adopts the IEEE 802.1 le wireless radio technique for wireless access interface. The AQC scheme includes queue management and packet scheduler to transmit class-based packets with different per hop behaviors (PHBs). Simulation results demonstrate effectiveness of the proposed AQC scheme.

Design and Implementation of LonWorks/IP Router for Network-based Control (네트워크 기반 제어를 위한 Lonworks/IP 라우터의 설계 및 구현)

  • Hyun, Jin-Waok;Choi, Gi-Sang;Choi, Gi-Heung
    • Proceedings of the KIEE Conference
    • /
    • /
    • pp.409-412
    • /
    • 2007
  • Demand for the technology for access to device control network in industry and for access to building automation system via internet is on the increase. In such technology integration of a device control network with a data network such as internet and organizing wide-ranging DCS(distributed control system) is needed, and it can be realized in the framework of VDN(virtual device network). Specifications for device control network and data network are quite different because of the differences in application. So a router that translates the communication protocol between device control network and data network, and efficiently transmits information to destination is needed for implementation of the VDN(virtual device network). This paper proposes the concept of NCS(networked control system) based on VDN(virtual device network) and suggests the routing algorithm that uses embedded system.

  • PDF