• Proceedings of the Korea Information Processing Society Conference
• /
• 2004.05a
• /
• pp.1133-1136
• /
• 2004

환자의 의료 및 질환정보는 개인의 프라이버시에 관련되므로 민감하게 취급되어야 하며 이러한 의료 및 질환정보의 유출은 환자의 사회적인 고립뿐 아니라 환자의 생명도 위협하게 되므로 철저한 보안이 필요하다. 따라서, 의료진, 환자, 일반인 등의 사용자 식별을 통한 진료 기록의 접근 통제 및 사용 권한에 따른 정보의 암호화 수준과 해당 정보에 대한 역할 기반의 접근 제어(Role-Based Access Control)를 제공해야 한다. 본 논문에서는 RBAC 모델을 현재의 의료 및 질환 정보 관리에 적용시켜 각 정보 개체들과 사용자 간의 효율적인 역할 분담과 정보 보호를 위한 시스템을 설계 및 구현하여 실제 시스템에 적용하고자 한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.363-366
• /
• 2014

OMG 그룹에서 제안하고 있는 DDS(Data Distribution Service) 미들웨어에서 디스커버리 프로토콜은 미들웨어 간의 상호 운용성 지원을 위한 기본 요소이다. DDS 미들웨어가 적용되는 대부분의 환경에서는 다수의 노드에서 생성된 참여자를 찾기 위해 한꺼번에 많은 수의 디스커버리 정보가 교환되기 때문에 노드 및 네트워크의 성능에 많은 영향을 미친다. 본 논문에서는 DDS 미들웨어 개발 후에 시험이 되어야 하는 디스커버리 기능의 검증과 성능 측정을 위한 응용을 설계하고 이를 구현하였다. 디스커버리 시험 응용은 디스커버리 시험 전체를 관리하는 제어 응용, DDS 미들웨어를 통하여 DDS 개체를 생성하고 이들간의 정보교환을 담당하는 DDS 응용, 그리고 DDS 응용을 통제하고 실행 결과를 수집하여 제어 응용으로 전송하는 데몬 서버로 구성된다. 구현된 디스커버리 시험 응용은 디스커버리 기능 검증 및 성능 정보의 수집을 프로세서 간의 통신을 통하여 효과적으로 수행한다. 또한, DDS 응용의 동작 권한을 제어 응용이 위치한 노드에 집중시킴으로써 많은 수의 노드에서 시험이 필요한 환경에 적합하도록 설계되었다.

• 전자공학회논문지 IE
• /
• v.43 no.1
• /
• pp.46-51
• /
• 2006

Recently, smart card system which is known as easy to portable and also safe from physical, electrical, and software attack is observed to manage information that becomes the target of security in safety. And java card graft upon java technology to smart card platform is having very good advantage with object-oriented techniques and also, java card have the open type OS that can show the same action in different hardware characteristic which allows various application programs. In this paper, we introduced independent execution characteristic of java platform because being set to each smart card was uncomfortable till now and we designed access control member card that allows several administrators in different access privilege by single card using java card. Several administrators can approach to various information of file type that is included on issued card to user by using different PIN. In the proposed method, confirmation of personal information, administration contents update, demand by contents, is possible by single card. At this moment, wish to do safer user certification that improve security limitation which is from PIN, used for user certification, and signature data. In the proposed method, as design and implementation of utilization technology of java card, biometrics, user certification which uses multi PIN, provide that more safety and conveniently.

• Journal of Digital Contents Society
• /
• v.18 no.4
• /
• pp.795-802
• /
• 2017

If the function of the national infrastructure is suspended due to natural disasters and social disasters, the damage of the national infrastructure can be a serious threat to the national security as well as the life, body and property damage of the people. In this paper, we examine the domestic and overseas trends of the national system protection system and examine the domestic and overseas trends of the national system protection system. The detailed function of the essential function continuity, essential function, succession order, authority delegation, continuity facility, continuity communication, We examined the specific issues related to testing, education and training, transferring control and directing authority, analyzing the system related to the national infrastructure protection plan, and examined the specific problems and suggested an effective improvement plan for the critical infrastructure protection system.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.6
• /
• pp.1-8
• /
• 2019

Medical information is an important personal information for patients, and it must be protected. In particular, when medical personnel approach electronic medical records, authentication for enhanced security is essential. However, the existing public certificate-based certification model did not reflect the security characteristics of the electronic medical record(EMR) due to problems such as personal key management and authority delegation. In this study, we propose a fingerprint recognition-based authentication model with enhanced security to solve problems in the approach of the existing electronic medical record system. The proposed authentication model is an EMR system based on fingerprint recognition using PEMS (Private-key Escrow Management Server), which is applied with the private key commission protocol and the private key withdrawal protocol, enabling the problem of personal key management and authority delegation to be resolved at source. The performance experiment of the proposed certification model confirmed that the performance time was improved compared to the existing public certificate-based authentication, and the user's convenience was increased by recognizing fingerprints by replacing the electronic signature password.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.2
• /
• pp.171-179
• /
• 2008

RBAC(Role based Access Control) is effective way of managing user's access to information object in enterprise level and e-government system. The concept of RBAC is that the access right to object in a system is not directly assigned o users but assigned by being a member of a role which is defined in a organization. RBAC is utilized for controling access range of privacy but it does not support the personal legal right of control over information and right of limited access to the self. Nor it contains the way of observation of privacy flow that is guided in a legal level. In this paper, extended RBAC model for protecting privacy will be suggested and discussed. Two components of Data Right and Assigning Data Right are added to existed RBAC and the definition of each component is redefined in aspect of privacy preservation. Data Right in extended RBAC represents the access right to privacy data. This component provides the way of control over who can access which privacy and ensures limitation of access quantity of privacy. Based on this extended RBAC, implemented examples are presented and the evaluation is discussed by comparing existed RBAC with extended RBAC.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.06c
• /
• pp.265-267
• /
• 2006

사용목적(Purpose)은 최근 개인 프라이버시 보호와 관련하여 데이타 수집과 수집 후 보안관리에 있어서 중요한 요소로 사용되고 있다. W3C(World Wide Web Consortium)는 데이타 제공자가 자신이 방문한 웹 사이트에 개인정보를 제공하는 것을 통제할 수 있도록 하는 표준을 제시하였다. 그러나 데이타 수집 후 유통과정에서 개인정보에 대한 보안관리에 대한 언급이 없다. 현재 히포크라테스 데이타베이스(Hippocratic Databases), 사용목적기반 접근제어(Purpose Based Access Control)등은 W3C의 데이타 수집 메커니즘을 따르고 있으며, 데이타 수집 후 보안관리에 대하여 사용목적 관리와 접근제어 기법을 사용하여 관리를 하고 있으나 사용목적에 대한 표현과 사용목적 관리의 미흡함으로 인하여 그에 따르는 개인정보의 프라이버시 보호에 있어서 효과적인 해결책을 제시하지 못하고 있다. 본 논문은 사용목적의 표현력을 향상시키면서. 사용목적의 효과적인 관리기법을 제시한다. 또한 개인의 프라이버시 보호를 위한 방법으로 사용목적의 분류화를 통해 최소권한의 원칙을 따르는 접근제어 기법을 제시한다. 본 논문에서는 사용목적을 상속적, 시간적 그리고 독립적 구조로 분류화하였으며, 이렇게 분류화된 사용목적에 대한 각기 다른 관리기법을 제시한다. 또한 접근제어의 유연성을 위해 RBAC의 역할계층 구조를 사용하였으며, 일의 최소 단위인 태스크(task)의 최소권한을 얻기 위한 조건으로 몇몇 특성의 사용목적을 사용하여 만족할 경우 태스크를 처리하기 위한 기존 모델보다 향상된 최소사용권한을 제공하는 기법을 제시한다. Interference Contrast)에 의한 내부구조 관찰이 최종 동정기준이 되어야할 것으로 나타났다.cillus로 구성되었다. 한편, DAL세균군(42균주)은 high G+C 및 low G+C gram positive 계통군 이외에도 proteobacteria -subdivision에 속하는 Afipia와 Ralstonia, proteobacteria -subdivision에 속하는 Variovorax, proteobacteria $\beta$-subdivision에 속하는Pseudomonas로 구성되어 계통학적으로 다양한 세균임이 확인되었다. 40%까지 대체가 가능하였으며, 아울러 높은 라이신 부산물의 대체 수준에 있어서 사료효율과 단백질 전환효율을 고려한다면 아미노산 첨가(라이신과 아르지닌)와 중화 효과에 좋은 결과가 있을 것으로 사료된다.의한 적정 양성수용밀도는 각고 5~6cm 크기의 경우 10~15개체가 적합하였다. 수증별 성장은 15~20 m 수층에서 빨랐으며, 성장촉진과 폐사를 줄이기 위해서는 고수온이 지속되는 7~10월에는 20~30m수층으로 채롱을 내려 양성하고 그 외 시기에는 15 m층 내외가 좋은 것으로 나타났다. 상품으로 출하 가능한 크기 인 각고 10 cm이상, 전중량 140 g 내외로 성장시 키기까지는 채묘후 22개월이 소요되었고, 출하시기는 전중량 증가가 최대에 이르는 3월에서 4월 중순이 경제적일 것으로 판단된다.er 90 % of good relative dynamic modulus of elasticity due to fineness of formation caused by the

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.39-52
• /
• 2006

Recently purpose is used by an crucial part to security management when collecting data about privacy. The W3C(World Wide Web Consortium) describes a standard spec to control personal data that is provided by data providers who visit the web site. But they don't say anymore about security management about personal data in transit after data collection. Recently several researches, such as Hippocratic Databases, Purpose Based Access Control and Hippocratic in Databases, are dealing with security management using purpose concept and access control mechanism after data collection a W3C's standard spec about data collection mechanism but they couldn't suggest an efficient mechanism for privacy protection about personal data because they couldn't represent purpose expression and management of purposes sufficiently. In this paper we suggest a mechanism to improve the purpose expression. And then we suggest an accesscontrol mechanism that is under least privilege principle using the purpose classification for privacy protection. We classify purpose into Along purpose structure, Inheritance purpose structure and Stream purpose structure. We suggest different mechanisms to deal with then We use the role hierarchy structure of RBAC(Role-Based Access Control) for flexibility about access control and suggest mechanisms that provide the least privilege for processing the task in case that is satisfying using several features of purpose to get least privilege of a task that is a nit of business process.

• The Journal of the Korea Contents Association
• /
• v.15 no.11
• /
• pp.83-92
• /
• 2015

This study identifies problems of the administrative legislation (or the delegated legislation) by analyzing articles of laws, orders, and ordinances regarding the sinking of Sewol. According to the result, both of Rescue and Aid at Sea and in the River Act and Marine Transportation Act require to be complemented by additional administration legislations. Therefore bureaucrats enacted defective orders and ordinances, which became an institutional background of the sinking of Sewol. In other words, excessive administrative legislations enabled the Marine Rescue and Savage Association to exert exclusive authorities and caused insufficiencies of supervision over the Association and management for safe navigations. They resulted in corrupt relationships between bureaucrats and businesses and eventually brought citizens' lifes in mortal danger. Consequently, specialty of congressmen should be improved to avoid these excessive administration legislations. At the same time, autonomous control of the administration itself should get enhanced to regulate them. The theoretical implication of this study is that problems of the administrative legislation and necessity of the control by the National Assembly, which have been discussed abstractly and normatively, are clarified empirically, and the practical implication is that the institutional background of the sinking of Sewol is clarified and solutions to improve the institutions are proposed.

• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.61-67
• /
• 2010

Information communication the dazzling development life was convenient with to join in and planned an industrial technical advance. Not only the nation with technical security of the enterprise between the description competition keenly in the present point of view which rushes to technical competitive time of the nation between is become accomplished. The damage which is caused by with outflow of industrial secrecy that company prevents this effectively because is threatening at the degree which will threaten the existence of the nation and the technique which manages is become accomplished with the domestic foreign enemy. Prevents an industrial secret outflow the research for on a large scale with physical security technique and information security to be divided, is researched.