• Title/Summary/Keyword: Access Control Manager

Search Result 48, Processing Time 0.024 seconds

Management of the Access Control for a WebDAV-based Collaborative System (웹데브 기반 협업시스템에서의 접근 제어 관리)

  • Kim, Seong-Hune;Lee, Hong-Chang;Lee, Myung-Joon;Park, Yang-Su
    • Journal of Internet Computing and Services
    • /
    • v.11 no.1
    • /
    • pp.167-181
    • /
    • 2010
  • WebDAV is an IETF standard protocol which supports asynchronous collaborative authoring on the Web. The WebDAV Access Control Protocol provides various methods of controlling the resources on a WebDAV server and their properties, helping high-level group activities to be performed through the WebDAV server. In this paper, to provide high level collaboration, we introduce a technique for managing access control over WebDAV resources through the WebDAV Access Control Protocol and describe the development of an access control manager for the CoSlide Collaborative system based on the technique. To provide users with the access control features in an easily understandable manner, the developed technique presents the privileges for performing WebDAV methods instead of the standard privileges in the WebDAV Access Control Protocol. In addition, we present the facility for detecting conflicts between new access privileges on resources and old access privileges on them. We applied the method-based access control management technique to the CoSlide collaborative system. The developed access control manager enables us to create group workspaces with flexible access control strategies for group members and resources.

Integrated Wireless Network Control System using a Cloud-based AP Controller (클라우드 기반의 AP Controller를 이용한 무선 네트워크 통합 관리 시스템)

  • Min, Kyung-Su;Yoon, Kwon-Jin;Park, Min-Ho;Jung, Sou-Hwan
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.40 no.4
    • /
    • pp.720-722
    • /
    • 2015
  • In this paper, we propose a new type of integrated wireless control system using a cloud-based AP Controller. With this system, network administrator can control wireless network in head office and branch hierarchically. In head office, they have an AP Controller Manager, it can control all Access Points, Access point Controllers in their networks. In addition, if we need to install new Access point Controller because of the increasing number of Access Point, the process of making virtual Access point Controller can be automated. This paper presents an architecture of the integrated wireless control system, as well as describes its components and protocols.

A Study on Architecture of Access Control System with Enforced Security Control for Ubiquitous Computing Environment (유비쿼터스 컴퓨팅 환경을 위한 보안통제가 강화된 접근제어 시스템 설계에 관한 연구)

  • Eom, Jung-Ho;Park, Seon-Ho;Chung, Tai-Myoung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.5
    • /
    • pp.71-81
    • /
    • 2008
  • In the paper, we designed a context aware task-role based access control system(CAT-RACS) which can control access and prevent illegal access efficiently for various information systems in ubiquitous computing environment. CAT-RACS applied CA-TRBAC, which adds context-role concept for achieve policy composition by context information and security level attribute to be kept confidentiality of information. CA-TRBAC doesn't permit access when context isn't coincident with access control conditions, or role and task's security level aren't accord with object's security level or their level is a lower level, even if user's role and task are coincident with access control conditions. It provides security services of user authentication and access control, etc. by a context-aware security manager, and provides context-aware security services and manages context information needed in security policy configuration by a context information fusion manager. Also, it manages CA-TRBAC policy, user authentication policy, and security domain management policy by a security policy manager.

An Access Control System for Ubiquitous Computing based on Context Awareness (상황 인식 기반의 유비쿼터스 컴퓨팅을 위한 접근 제어 시스템)

  • Lee, Ji-Yeon;Ahn, Joon-Seon;Doh, Kyung-Goo;Chang, Byeong-Mo
    • The KIPS Transactions:PartA
    • /
    • v.15A no.1
    • /
    • pp.35-44
    • /
    • 2008
  • It is important to manage access control for secure ubiquitous applications. In this paper, we present an access-control system for executing policy file which includes access control rules. We implemented Context-aware Access Control Manager(CACM) based on Java Context-Awareness Framework(JCAF) which provides infrastructure and API for creating context-aware applications. CACM controls accesses to method call based on the access control rules in the policy file. We also implemented a support tool to help programmers modify incorrect access control rules using static analysis information, and a simulator for simulating ubiquitous applications. We describe simulation results for several ubiquitous applications.

RFID Access Control Using Extended Usage Control Model (확장된 사용 제어 모델을 이용한 RFID 접근 제어)

  • Shin, Woo-Chul;Yoo, Sang-Bong
    • The Journal of Society for e-Business Studies
    • /
    • v.12 no.4
    • /
    • pp.127-144
    • /
    • 2007
  • This paper describes an Security Manager that integrally manages the Information Service related to RFID middleware, Object Name Service, and Web Service for upper level applications. In order to provide the access control of distributed RFID objects, Single-Sign-On has been implemented by extending existing UCON (Usage Control) model and SAML (Security Assertion Markup Language) assertions. The security technology of distributed RFID systems can be included in middleware and protect RFID information. In the future, it can be also applied to ubiquitous sensor networks.

  • PDF

SecureJS : A Secure JavaSpace based on Jini2.0 (SecureJS : Jini2.0 기반의 안전한 JavaSpace)

  • Yu Yang-Woo;Moon Nam-Doo;Jung Hye-Young;Lee Myung-Joon
    • The KIPS Transactions:PartC
    • /
    • v.11C no.7 s.96
    • /
    • pp.999-1008
    • /
    • 2004
  • The Jini system provides an infrastructure to facilitate a programmer to develop distributed systems. As one of the Jini services, JavaSpare has been used as a repository which is accessible publicly in the Java distributed environment. Although JavaSpace could give a useful method for saving and sharing java object, it would not be applicable to develop a distributed system requiring access securities for the objects because JavaSpare does not support secure access control. In this paper, we present a secure JavaSpare service based on Jini2.0 named SeureJS, which strengthens the security weakness of JavaSpare. The system consists of ObjectStore to store Java objects, AccessManager to control access of ObjectStore and KeyManager to manage public keys.

The Design of a Log Manager for Mandatory Access Control Mechanism of Secure Operating System (보안운영체제의 강제적 접근통제(MAC)를 위한 로그 관리자 설계)

  • Park, Chun-Goo;Shin, Wook;Kang, Jung-Min;Lee, Hyung-Hyo;Lee, Dong-Ik
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2001.04a
    • /
    • pp.805-807
    • /
    • 2001
  • 안전한 컴퓨터 시스템 평가기준인 TCSEC(Trusted Computer System Evaluation Criteria)[1] B1급 이상 시스템의 안전한 운영체제들은 강제접근통제(Mandatory Access Control : MAC) 메커니즘을 이용하여 정보의 흐름을 제어하고 있다. 하지만 아무리 정확하게 설계된 접근통제 메커니즘이라고 하더라도 시스템 관리자 또는 보안 관리자가 어떻게 시스템이 접근통제 메커니즘을 관리.운영하느냐에 따라 그 시스템의 안전성과 보안에 대한 신뢰도가 결정된다고 할 수 있다. 지금까지 연구되고 있는 대부분의 MAC을 적용한 안전한 운영체제는 접근통제메커니즘의 적용 및 관리.운영상의 보안문제점을 관리할 적당한 방법을 제시하고 있지 않다[4][5][6][7]. 본 논문은 MAC을 적용한 안전한 운영체제의 안전하고 효율적인 관리.운영을 위한 방법으로 LMACM(Log Manager for Access Control Mechanism)을 제안한다.

  • PDF

Evaluation of Access Control Function of the Standard Records Management System (표준기록관리시스템 기능 평가 접근관리 기능을 중심으로)

  • Park, Min-Yung
    • The Korean Journal of Archival Studies
    • /
    • no.38
    • /
    • pp.3-35
    • /
    • 2013
  • The physical access or control of records with material entities is relatively easy. However, in the case of electronic records, due to its heightened applicative aspect that allows anyone with the authority to have access over the data, it requires an appropriate standard and stability to ensure the authenticity and integrity of electronic records. This study performed functional evaluation by extracting the minimum critical items from the national functional requirements documents and standards to explore the access control function that play an important role for the standard records management system to maintain quality requirements of electronic records. Based on this checklist, it evaluates whether the standard records management system properly carries out the access control function and investigates the current condition of application to practical records management work. Records managers generally do not use access control function, which may be because they do not feel the necessity, since the application of records management system is not yet actively promoted. In order for the standard records management system to be developed to become a more active system, it requires system improvement as well as considerations for below factors: First, although the necessity of establishing access control conditions is already recognized, it requires a clear stipulation of the regulation. Second, measures must be taken to implement access control in the records management system through document security solution. Third, it requires self-reflection of records manager, who utilizes the records management system. Instead of placing all responsibility on the National Archives, which established the system, professionals must further develop the system through continuous evaluation and improvement. Finally, a general discussion is required to publicize the issue of functional improvement of records management system. Although there is a bulletin board already created for this purpose, its users are extremely limited and it only deals with current problems. A space in online as well as in offline is required to solve the fundamental problems and exchange opinions.

An Access Control Security Architecture for Secure Operating System supporting Flexible Access Control (유연한 접근통제를 제공하는 보안 운영체제를 위한 접근통제 보안구조)

  • Kim Jung-Sun;Kim Min-Soo;No Bong-Nam
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.16 no.2
    • /
    • pp.55-70
    • /
    • 2006
  • In this paper, we propose a new access control security architecture for supporting flexibility in Secure Operating Systems. By adding virtual access control system layer to the proposed security architecture, various access control models such as MAC, DAC, and RBAC can be applied to Secure Operating Systems easily. The proposed security architecture is designed to overcome the problem of Linux system's base access control system. A policy manager can compose various security models flexibly and apply them to Operating Systems dynamically. Also, the proposed architecture is composed of 3 modules such as access control enforcement, access control decision, and security control. And access control models are abstracted to hierarchy structure by virtual access control system. And, we present the notation of policy conflict and its resolution method by applying various access control model.

Implementation of Access Control System Based on CAN Communication (CAN통신 기반 출입 통제 시스템 구현)

  • Song, Jongkwan;Park, Jang-Sik
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.6 no.6
    • /
    • pp.951-956
    • /
    • 2011
  • CAN communication developed for communication between electric control devices in vehicle, was recently applied to automatic breaking devices, and can also be applied to field bus for production automation. Recently, field bus is introduced in engine control etc., for large ship. In this paper, cabin access control system is implemented, based on CAN communication. The cabin access control system based on CAN communication consists of access control server, embedded system based on ARM9, and micro-controller built-in CAN controller. The access control server can be able to manage overall access control system by accessing with manager. And embedded system adopted ARM9 processor transmits access information of RFID reader controller connected with CAN networks to server, also performs access control. The embedded system carry CAN frames to server, so it is used as gateway.