• Journal of Internet Computing and Services
• /
• v.7 no.5
• /
• pp.109-121
• /
• 2006

In this paper, we suggest lattice based role graph security management model which changes security level in mandatory access control model as well as constraint and role hierarchy systematically in role base access control model. In this model, we solved privilege abuse of senior role that is role graph model's problem, and when produce conflict between privileges, we can keep integrity of information by reseting grade of subject through constraint. Also, we offer strong security function by doing to be controlled by subject's security level as well as privilege inheritance by role hierarchy, Finally, we present the role graph algorithms with logic to disallow roles that contain conflicting privileges.

• Survey Research
• /
• v.8 no.2
• /
• pp.21-42
• /
• 2007

In the present study, we studied the change patterns of adolescents' overt aggression during the middle school 2nd to the high school 1st grades and the effects of ecological factors on the change. For the research goals, we applied multi-level models to the Korean Youth Panel data. Results showed that adolescents' overt aggression decreased significantly during the period. Gender(males recoded as 1) and self-control had negative effects on the initial status(middle school 2nd grade) while the number of delinquency peers had a positive effect. On the other hand, gender and self-control showed positive effects on the change rate. The major strengths of the research are the study of various ecological factors and the longitudinal design. Few studies of adolescents' aggression have incorporated these methodological and substantive characteristics.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.637-641
• /
• 2002

현재 국방부는 국방 정보 통신망에서 소통되는 정보에 대한 기밀성 및 무결성을 보장하고, 접근통제, 사용자 식별 및 인증, 부인봉쇄 등의 보안서비스를 제공하기 위한 국방 인증체계 구축 사업을 추진하고 있다. 본 논문은 미 국방부의 미 국방 PKI를 연구하고, 현재 우리 군에서 추진하고 있는 국방 인증체계 구축 노력에 대한 문제점을 분석하여 앞으로 우리 군이 국방 인증체계 구축을 위해 추진해 나가야 할 방향을 제시하였다.

• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.61-67
• /
• 2010

Information communication the dazzling development life was convenient with to join in and planned an industrial technical advance. Not only the nation with technical security of the enterprise between the description competition keenly in the present point of view which rushes to technical competitive time of the nation between is become accomplished. The damage which is caused by with outflow of industrial secrecy that company prevents this effectively because is threatening at the degree which will threaten the existence of the nation and the technique which manages is become accomplished with the domestic foreign enemy. Prevents an industrial secret outflow the research for on a large scale with physical security technique and information security to be divided, is researched.

• Journal of Internet Computing and Services
• /
• v.19 no.6
• /
• pp.9-20
• /
• 2018

Financial service industry has introduced and operated management systems such as information security management system (ISMS), personal information security management system, business continuity management system to protect and maintain suitably customer's financial information and financial service. This study started that it's desirable financial industry takes consideration of ISMS and it can be different types among various organizations taking consideration of culture, practical work, and guideline of information security. The study derives primary control areas of ISMS through analyzing non-conformity trends and control factors according to certification audit for finance-related organizations introduced international ISMS of ISO27001 which is well known and commonly applicable irrespective of areas in financial service industry. Through case analyses for five finance-related organizations operating ISMS, this study analyzed improvement effects of ISMS. It has a meaning as an initial research though it was difficulty in acquiring data for empirical study because of rare organizations maintaining certification in financial sector. As a result, number of non-confirmity from the first audit to three years' elapse was decreased every year. Physical and environmental security, communication and operations management, and access control having the highest frequency of non-conformity each presented 23%, 19%, and 17%, which reached 59% in total and they are derived into primary control areas. ISMS can fulfill technical, managerial, physical security issues, which have not been treated importantly in financial industry. In addition, this study presented that ISMS can be an effective management system applicable for financial service industry.

• Convergence Security Journal
• /
• v.15 no.3_1
• /
• pp.83-90
• /
• 2015

Current PKI system will confront more dangerous elements in the wireless network. Accordingly, this study suggests a plan to strengthen authentication system plan with using access control and encryption to the location. Locational information collecting devices such as GPS and sensor are utilized to create a new key for authentication and collect locational information. Such a key encodes data and creates an authentication code for are access control. By using the method suggested by this study, it is possible to control access of a military secret from unauthorized place and to protect unauthorized user with unproposed technique. In addition, this technique enables access control by stage with utilizing the existing PKI system more wisely.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.129-138
• /
• 2003

Role-Based Access Control(RBAC) model is becoming a promising model for enterprise environments with various organization structures. In terms of role hierarchy, each senior role inherits all the permissions of its junior roles in the role hierarchy, and a user who is a member of senior role is authorized to carry out the inherited permissions as well as his/her own ones. But there is a possibility for senior role members to abuse permissions. Since senior role members need not have all the authority of junior roles in the real world, enterprise environments require a restricted inheritance rather than a unconditional or blocked inheritance. In this paper, we propose a new role-based delegation model using the role hierarchy model with restricted inheritance functionality, in which security administrator can easily control permission inheritance behavior using sub-roles. Also, we describe how role-based user-to-user, role-to-role delegations are accomplished in the model and the characteristics of the proposed role-based delegation model.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.04a
• /
• pp.358-360
• /
• 2004

환자의 의료 및 질환정보는 개인의 프라이버시에 관련되므로 민감하게 취급되어야 하는 정보이다. 이러한 의료 및 질환정보의 유출은 환자의 사회적인 고립뿐 아니라 환자의 생명도 위협하게 되므로 철저한 보안이 필요하다. 따라서, 의료진, 환자, 일반인 등의 사용자 식별을 통한 진료 기록의 접근 통제 및 사용 권한에 따른 정보의 암호화 수준과 해당 정보에 대한 역할 기반의 접근 제어(Role-Based Access Control)를 제공해야 한다. 또한, 환자 자신으로 하여금 자신의 의료 및 질환정보에 대한 다른 사람의 접근권한을 줄 수 있으며, 그 외의 대부분의 접근 권한들은 Role-Permission Broker를 통해서 제어될 수 있다. 본 논문은 RBAC 모델을 현재의 의료 및 질환 정보 관리에 적용시켜 각 정보 개체들과 사용자간의 효율적인 역할 분담과 정보 보호를 추구한다. 이러한 방식은 현재의 의료 및 질환정보 관리 체계를 개선할 것으로 기대한다.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.11-16
• /
• 2022

Development of science technology make integrated CPS(Cyber-Physical System) appear. In CPS era, cyberspace and physical-space are hard to separate anymore, that is developing toward integrated CPS. The reality is not stopping, that is consistently changing and the concept of space is developing too. But several articles are considering for cyberspace and physical-space separately, and they are developing tailed alternative each case. The theorical approaching that is not considering reality is dwelled on past, and is dangerous from dropping down to floating cloud that is not considering progressed reality. This article is suggested to consider rimland theory to control measures in cyberspace. That is dedicated to integrated approaching from physical-space to cyberspace. And that is developing concreted controling measures in cyberspace. Especially, this article is suggested to policy alternative by analyzing north korea cyber warfare from rimland theory including human sources. Simplicity is the ultimate sophistication. This article make integrated approaching effects about cyberspace and physical-space to preparing in the CPS era.

• Korean Journal of Cognitive Science
• /
• v.21 no.4
• /
• pp.505-534
• /
• 2010

The purpose of this study was aimed to compare the lexical access and representation of semantic system in the bilinguals. The participants(late Korean-English bilinguals) performed the word-picture matching task. The task was to decide whether the pictures presented after the words(basic-level categories) represent the Korean(L1) or English(L2) words' meaning or not. The stimuli were consisted of common object belonged to four different categories(animal, part of body, clothes, tool). To control the translation strategies, the SOA(stimulus onset asynchrony) were manipulated as 650ms(Exp. 1) and 200ms(Exp. 2). In both experiment, the RTs were faster in L1 condition. The decision time of the part of body categories were shorter than the animal in L1 condition. In L2 condition, clothes were responded faster than the tools. The differences of the lexical access time implied that the bilingual semantic system seemed to be structured by more sub-level categories than the super-level, living or non-living things, and the ways to access the bilingual lexicon might be differentiated according to the languages.