• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.6
• /
• pp.115-125
• /
• 2001

Authentication and access control are essential requirements for the information security of distributed environment. Delegation is process whereby an initiator principal in a distributed environment authorizes another principal to carry out some functions on behalf of the former. Delegation of access rights also increases the availability of services offer safety in distributed environments. A delegation easily provides principal to grant privileges in the single domain with Role-Based Access Control(RBAC). But in the multi-domain, initiators who request delegation may require to limit the access right of their delegates with restrictions that are called delegate restriction to protect the abuse of privilege. In this paper, we propose the delegation view as function of delegation restrictions. Proposed delegation view model not only prevent over-exposure of documents from granting multiple step delegation to document sharing in multi-domain with RBAC infrastructure but also reduce overload of security administrator and communication.

• Journal of the Korea institute for structural maintenance and inspection
• /
• v.28 no.3
• /
• pp.100-107
• /
• 2024

Currently, in Korea, due to the rapid aging and deterioration of facilities, the minimum Maintenance Level and Performance Level' of facilities are required by the 'Facility Safety Act' or 'Infrastructure Management Act'. Since infrastructure assets have a long lifespan and the pattern of deterioration over time is complex, it is very difficult to maintain infrastructure as 'minimum maintenance state' or 'minimum performance state' by the current way of management. 'Asset Management' shall be performed not only by a technical perspective, but also by an accounting perspective such as cost and asset value. However, due to lack of awareness of 'asset management' among stakeholder, only technical perspective management is being carried out in practice. In order to effectively manage infrastructure assets, complex consideration of various asset value factors such as budget and service as well as safety and durability are required. In this paper, we presented a theory to evaluate and quantify the road network value for efficient asset management of the road network. We also presented a method of simulation to apply the theory presented in this paper. Through simulation and the results derived from this study, it is possible to specify the budget for the future national asset management, and to optimize the strategy for the management of old road facilities.

• Journal of KIISE
• /
• v.42 no.11
• /
• pp.1441-1451
• /
• 2015

As one of the most spotlighted research areas, these days, the Internet of Things (IoT) aims to provide users with various services through many devices. Since there exist so many devices in IoT environments, it is inefficient to manually configure the domain name system (DNS) names of such devices. Thus, for IPv6-based IoT environments, this paper proposes a scheme called the DNS Name Autoconfiguration (DNSNA) that autoconfigures an IoT device's DNS name and manages it. In the procedure for generating and registering an IoT device's DNS name, the standard protocols of the Internet Engineering Task Force (IETF) are used. Since the proposed scheme resolves an IoT device's DNS name into an IPv6 address in unicast through a DNS server, it generates less traffic than multicast-based mDNS (Multicast DNS) which is a legacy DNS application for the DNS name service in the smart home. Thus, the proposed scheme is more appropriate in multi-hop IoT networks than mDNS. This paper explains the design of the proposed scheme and its service scenarios, such as smart home and smart road. It also explains the implementation and testing of the proposed scheme in the smart grid.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2002.05a
• /
• pp.987-993
• /
• 2002

최근 들어 전자상거래의 급속한 발달로 전 세계적으로 수송 물동량이 급격히 증대되고 있고, 이로 인해 택배사업이 대단히 활성화되고 있다. 출발지와 목적지가 서로 상이한 무수히 만은 수송 요구가 들어오면 수송 요구화물의 신속한 집배송을 위한 배차계획 및 수송계획을 세우는 것이 택배회사의 주요 업무이다. 이러한 배차 계획 및 수송 계획을 어떻게 수립하느냐에 따라 전체 수송비용뿐만 아니라 고객들의 서비스 수준에 상당한 영향을 미치게 된다. 그러나 이러한 운영적 차원에서의 의사결정 이전에 훨씬 중요하게 고려해야 할 내용이 택배네트워크의 설계 문제이다. 이러한 택배네트워크의 설계에는 터미널 개수 및 위치를 결정하는 전략적 문제와 영업소들을 터미널에 할당하는 전술적 문제로 구분될 수 있다. 현재 우리 국내에는 크고 작은 수많은 택배사업자들이 있으나, 그 중에서 비교적 규모가 큰 주요 택배회사들은 대부분 전국에 걸쳐 다수의 터미널을 설치하여 두고 수송화물의 집배송을 위한 물류거점으로 운영하고 있다. 이와 같은 터미널 위치 및 개수가 정해진 상태에서 전국에 걸쳐 분포되어 있는 영업소들을 어떤 터미널에 할당하여 처리되도록 하느냐의 여부는 수송비용 측면에서뿐만 아니라 고객들에 대한 서비스 측면에서 대단히 중요한 의사결정 중의 하나이다. 본 연구에서는 비용과 시간을 고려하여 전국에 걸쳐 분포되어 있는 영업소들을 어떤 터미널에 할당해야 하는지를 결정하기 위한 수리적 모형을 제시하고, 이에 대한 탐색적 해법을 제시하며, 국내의 택배회사 사례를 대상으로 모형을 적용해 보고자 한다.무가 많이 발생하는 유통 분야의 프랜차이즈 산업을 대상으로 기업정보시스템 구현 및 경쟁력 강화를 뒷받침하기 위해서, 기업간 프로세스 협업(collaboration) 부분의 데이터 및 서식, 이를 취급하는 기능과 프로세스에 대란 분석을 통해 업무 프로세스 모델링 방법론과 관련한 모델링 지침 및 메타모델을 이용한 표준 업무 프로세스 모델을 개발하여 기업간 업무 프로세스 표준화에 대한 체계적인 관리에 대한 방안을 연구하고자 한다.의Bullwhip effect를 감소시킬 수 있는 장점이 있다. 동시에 이것은 향후 e-Business 시스템 구축을 위한 기본 인프라 역할을 수행할 수 있게 된다. 많았고 년도에 따른 변화는 보이지 않았다. 스키손상의 발생빈도는 초기에 비하여 점차 감소하는 경향을 보였으며, 손상의 특성도 부위별, 연령별로 다양한 변화를 나타내었다.해가능성을 가진 균이 상당수 검출되므로 원료의 수송, 김치의 제조 및 유통과정에서 병원균에 대한 오염방지에 유의하여야 할 것이다. 확인할 수 있었다. 이상의 결과에 의하면 고농도의 유기물이 함유된 음식물쓰레기는 Hybrid Anaerobic Reactor (HAR)를 이용하여 HRT 30일 정도에서 충분히 직접 혐기성처리가 가능하며, 이때 발생된 $CH_{4}$를 회수하여 이용하면 대체에너지원으로 활용 가치가 높은 것으로 판단된다./207), $99.2\%$(238/240), $98.5\%$(133/135) 및 $100\%$ (313)였다. 각

• KIPS Transactions on Software and Data Engineering
• /
• v.5 no.6
• /
• pp.295-306
• /
• 2016

The purpose of this paper is both to analyze research trends and to predict industrial flows using the meta-data from the previous studies on data quality. There have been many attempts to analyze the research trends in various fields till lately. However, analysis of previous studies on data quality has produced poor results because of its vast scope and data. Therefore, in this paper, we used a text mining, social network analysis for time series network analysis to analyze the vast scope and data of data quality collected from a Web of Science index database of papers published in the international data quality-field journals for 10 years. The analysis results are as follows: Decreases in Mathematical & Computational Biology, Chemistry, Health Care Sciences & Services, Biochemistry & Molecular Biology, Biochemistry & Molecular Biology, and Medical Information Science. Increases, on the contrary, in Environmental Sciences, Water Resources, Geology, and Instruments & Instrumentation. In addition, the social network analysis results show that the subjects which have the high centrality are analysis, algorithm, and network, and also, image, model, sensor, and optimization are increasing subjects in the data quality field. Furthermore, the industrial connection analysis result on data quality shows that there is high correlation between technique, industry, health, infrastructure, and customer service. And it predicted that the Environmental Sciences, Biotechnology, and Health Industry will be continuously developed. This paper will be useful for people, not only who are in the data quality industry field, but also the researchers who analyze research patterns and find out the industry connection on data quality.

• Journal of KIISE:Computing Practices and Letters
• /
• v.6 no.4
• /
• pp.421-429
• /
• 2000

In present, ATM integrated switching system has been developed to a mixed modules that complexed switching system including maintenance, operation based on B-ISDN/LAN service and plug-in module, , which runs on workstation computer system. Meanwhile, workstation has HMI operation system feature including file system management, time management, graphic processing, TMN agent function. The workstation has communicated with between ATM switching module and clients. This computer system architecture has much burden messages communication among processes or processor. These messages communication consume system resources which are socket, message queue, IO device files, regular files, and so on. Therefore, in this paper we proposed new performance modeling with this system architecture. We will analyze the system bottleneck and improve system performance. In addition, in the future, the system has many additional features should be migrated to workstation system, we need previously to evaluate system bottleneck and redesign it. In performance model, we use queueing network model and the simulation package is used PDQ and C-program.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.10
• /
• pp.421-428
• /
• 2017

The need for various approaches to non-face-to-face identification technology for registering and authenticating users online is being required because of the growth of online financial services and the rapid development of financial technology. In general, non-face-to-face approaches can be exposed to a greater number of threats than face-to-face approaches. Therefore, identification policies and technologies to verify users by using various factors and channels are being studied in order to complement the risks and to be more reliable non-face-to-face identification methods. One of these new approaches is to collect and verify a large number of personal information of user. Therefore, we propose a big-data based non-face-to-face Identity Proofing method that verifies identity on online based on various and large amount of information of user. The proposed method also provides an identification information management scheme that collects and verifies only the user information required for the identity verification level required by the service. In addition, we propose an identity information sharing model that can provide the information to other service providers so that user can reuse verified identity information. Finally, we prove by implementing a system that verifies and manages only the identity assurance level required by the service through the enhanced user verification in the non-face-to-face identity proofing process.

• Journal of Internet Computing and Services
• /
• v.6 no.6
• /
• pp.139-148
• /
• 2005

The desired level for multimedia services in the mobile web environment, the next generation web environment, is expected to be of PC level quality. And great efforts have been made in the development of hadware technology, communication technology, various kinds of services and standardization to support these services, In the mobile web environment, multimedia contents adaptation services should be available through supporting various kinds of devices, network abilities and users' preferences. It means that due to the variety of both desired devices' hardware specifications, called destinations, and desired QoSes, the QoSes in the destinations are not fixed or defined. If a new user wants to stream multimedia contents in a server through a new kind of terminal device, it should be considered whether the existing transcoders are able to adapt the multimedia contents. However, the existing libraries for multimedia adaptation have heavy transcoder figures which include all adaptive functions in one library, The challenge of universal access is too complex to be solved with these all in one solutions. Therefore, in this paper we propose an application independent multimedia adaptation framework which meets the QoS of new and varied mobile devices. This framework is composed of a group of unit transcoders having only one transcoding function respectively, Instead of heavy transcoders. Also, It includes the transcoder manager supporting the dynamic connections of the unit transcoders in order to satisfy end to end QoS.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.8
• /
• pp.432-444
• /
• 2004

In this paper, we construct the TMO-based object group model on distributed environment, and analyze and evaluate the executability for distributed real-time service of our object group model by developing the distributed real-time application simulator applying the model. The Time-triggered Message-triggered Object(TMO) is a real-time server object having real-time property itself. The TMO-based object group is defined as a set of objects which logically reconfigured the physically distributed one or more TMOs on network by a given distributed application. For supporting group management of the server objects, the TMO-based object group we suggested provides the functions which register and withdraw the solver objects as a group member to an arbitrary object group, and also provides the functions which insert and delete the access rights of server objects from clients. Also, our model was designed and implemented to support the appropriate object selection and dynamic binding service for a single TMO as well as the duplicated TMOs, and to support the real-time scheduling service for the clients which are requesting the service. Finally, we developed the Defence System against Invading Enemy Planes(DSIEP) simulator as a practical example of distributed real-time application by applying our model, and evaluated the adaptability of distributed service strategies for the group components and the executability of real-time services that the TMO-based object group model provides.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.295-303
• /
• 2023

As the cloud computing market grows, a variety of cloud services are now reliably delivered. Administrative agencies and public institutions of South Korea are transferring all their information systems to cloud systems. It is essential to develop security solutions in advance in order to safely operate cloud services, as protecting cloud services from misuse and malicious access by insiders and outsiders over the Internet is challenging. In this paper, we propose a zero trust model for cloud storage services that store sensitive data. We then verify the effectiveness of the proposed model by operating a cloud storage service. Memory, web, and network forensics are also performed to track access and usage of cloud users depending on the adoption of the zero trust model. As a cloud storage service, we use Amazon S3(Simple Storage Service) and deploy zero trust techniques such as access control lists and key management systems. In order to consider the different types of access to S3, furthermore, we generate service requests inside and outside AWS(Amazon Web Services) and then analyze the results of the zero trust techniques depending on the location of the service request.