• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1594-1597
• /
• 2005

A rapid development and a wide use of the Internet have expanded a network environment. Further, the network environment has become more complex due to a simple and convenient network connection and various services of the Internet. However, the Internet has been constantly exposed to the danger of various network attacks such as a virus, a hacking, a system intrusion, a system manager authority acquisition, an intrusion cover-up and the like. As a result, a network security technology such as a virus vaccine, a firewall, an integrated security management, an intrusion detection system, and the like are required in order to handle the security problems of Internet. Accordingly, a router, which is a key component of the Internet, controls a data packet flow in a network and determines an optimal path thereof so as to reach an appropriate destination. An error of the router or an attack against the router can damage an entire network. This paper relates to a method for RSMS (router security management system) for secure networking based on a security policy. Security router provides functions of a packet filtering, an authentication, an access control, an intrusion analysis and an audit trail in a kernel region. Security policy has the definition of security function against a network intrusion.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.65-70
• /
• 2004

The method of broadcast encryption has been applied to the transmission of digital information such as multimedia, software, and paid TV on the open network. In this broadcast encryption method, only previously authorized users can gain access to digital information. When broadcast message is transmitted, authorized users can first decode the session key using the previously given private key and get digital information using this session key. This way, users retrieve a message or a session key using the key transmitted by broadcasters. For their part, broadcasters need to generate and distribute keys. Broadcasters should also carry out efficient key renewal when users subscribe or un-subscriber. In this paper use a broadcast, and present the DRM model, using that look into the requirement about the contents and apply also the concept of a broadcast encryption. We offer the authority to copy as the number of reproduction to want to the user, and the low so that we were convenient because we used.

• The Journal of Information Technology
• /
• v.4 no.3
• /
• pp.139-154
• /
• 2001

In current role-based systems, security officers handle assignments of users to roles. This may increase management efforts in a distributed environment because of the continuous involvement from security officers. The technology of role-based delegation provides a means for implementing RBAC in a distributed environment with empowerment of individual users. The basic idea behind a role-based delegation is that users themselves may delegate role authorities to other users to carry out some functions on behalf of the former. This paper presents a rule-based framework for user-level delegation model in which a user can delegate role authority by creating new delegation roles. Also, a rule-based language for specifying and enforcing the policies is introduced.

• Journal of the Korean Institute of Landscape Architecture
• /
• v.33 no.6 s.113
• /
• pp.127-139
• /
• 2006

Mt. Yokmang landscape design awarded first in [North container terminal site furtherance construction in Busan new port], design competition sponsoring in the Korea Container Terminal Authority in 2005. Design guideline was to propose the symbol of new port and to establish landscape plan in consideration of view and geological location. Because landscape plan required establishment of restoration plan for cutting slope, Mt. Yokmang became the major object. The purpose of planning are as follows. The first purpose is to minimize existent natural environment damage, and the second, to connect with ambit and create new image. The third is to provide place of rest and interchange for local resident. Reflecting stratum structure and landscape characteristics, cutting slope consisted of [utilization slope], [presentation slope], [landscape slope], and [ecological slope]. Vegetation design applied ecological restoration method through restoration of stratum, and eve environment-friendly afforestation, planned program that can connect area with existing ecosystem. In process that decides form of the cutting slope, analyze view structure and visual exposure in various access routes, sensitivity etc. was accomplished. Also, symbolic tower(Ocean Polaris) that presents in architecture and landscaping features, night landscape planning could gain synergy effect by keeping consistence with landscape and ecological planning. Passing through final design and construction process, I expect that the Mt. Yokmang will be a new landmark in Busan new port.

• Journal of Pharmaceutical Investigation
• /
• v.39 no.4
• /
• pp.299-307
• /
• 2009

Data exclusivity is one of the most important intellectual property rights of pharmaceuticals. During data exclusivity period, third parties are prohibited from relying on the data which the original company has submitted to regulatory authority for drug application. I investigated data exclusivity systems for pharmaceuticals in the US, EU, Canada and Korea. New chemical entities were usually given the longest periods of data exclusivity compared to drugs with new indication or new formulation, although the protection periods varied by country. For new drugs to be entitled to a data exclusivity, strict conditions should be met. Data exclusivity has also been provided as an incentive to promote clinical investigation and drug development for pediatric population or orphan diseases. In Korea, data exclusivity was adopted in 1995 as an additive provision to "drug re-examination" which is to investigate post-marketing safety information of new drugs. It was introduced with few discussion on the purposes or effects of data exclusivity on pharmaceutical industry and pharmaceutical market in this country. I found that Korea's data exclusivity system falls short of considerations on valuing innovation of pharmaceutical research. It is necessary to improve data exclusivity system in order to promote innovative pharmaceutical development and to balance intellectual property rights protection and access to drugs in this country.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.225-228
• /
• 2017

In this paper, we propose a methodology to deal with the IOT system gradually as the use of effective systems such as electronic devices, healthcare, smart cars, smart home, remote meter reading and telemedicine closely related to our real life in the IOT system An IOT integrated account solution is needed as a way to address these needs as the demand grows for the need to identify and manage how users access and use the system for what period of time and at what point in time. We propose the communication algorithms for endpoint system, IOT system management rights policy, user information, and how to apply them to IOT system smart car and smart home on each object internet.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.403-404
• /
• 2014

WAVE(Wireless Access in Vehicular Environment)에서 V2V(Vehicle to Vehicle) 통신 시 OBU(On Board Unit)인 자동차 단말은 수신한 정보가 제대로 된 정보인지를 확인하는 과정에서 공인인증서가 필요하다. 동시에 자동차 단말은 이 공인인증서의 상태가 유효한 지를 확인해야 한다. 이것을 확인하는 방법은 자동차 단말이 도로변에 설치돼 있는 RSU(Road Side Unit)인 OCSP(Online Certificate Status Protocol) 서버에게 공인인증서의 상태 확인 요청을 하는 것이다. OCSP 서버는 자동차 단말의 요청에 응답하기 위해서 인증서 폐지 목록인 CRL(Certificate Revocation List)을 가지고 있어야 한다. 본 논문에서는 WAVE 시스템의 OCSP 서버가 공인인증서 상태 정보를 자동차 단말로 알려줄 수 있도록 하기 위해 CA(Certificate Authority)의 CRL 저장소로부터 CRL 을 업데이트 하는 프로토콜을 제안한다. OCSP 서버가 CRL 을 업데이트 할 때, OCSP 서버가 가지고 있는 CRL 과 CRL 저장소가 가지고 있는 CRL 의 값을 비교하여 두 값이 같은 경우에는 CRL 을 업데이트 하지 않도록 한다. OCSP 서버가 선택적으로 CRL 을 업데이트 함으로써 불필요한 부하를 줄일 수 있을 것으로 기대된다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.11-26
• /
• 2011

The existing anonymous authentication schemes based on group signatures for protecting privacy do not provide anonymous authorization which is required in the practical environments. In this paper, we propose an anonymous authentication and authorization scheme that enables a service provider both to authenticate anonymously its users and to provide different service according to their authorization. In the proposed scheme, a user's real identity, anonymity and authorization are managed distinctly through the separation of group manager's capabilities and an authorization authority. It is also possible for the proposed scheme to apply various access control models.

• The Journal of Society for e-Business Studies
• /
• v.27 no.1
• /
• pp.95-109
• /
• 2022

A blockchain based platform can ensure data integrity, reliability, and security by applying distributed processing and encryption technology for transaction records. In the existing knowledge sharing platform, the created knowledge could not be shared or utilized sufficiently due to information asymmetry and centralization. However little research has been done so far on this area. In this study, we will examine case studies and development potentials for blockchain based knowledge sharing platforms based on previous studies of blockchain technology, token economy, knowledge sharing, motivation theory, and social exchange theory. Blockchain based platforms can contribute to the activation of knowledge sharing, by resolving information asymmetry, simplifying unnecessary work procedures through unified knowledge sharing flow and excluded centralization of authority by decentralization, and strengthening access and utilization of the knowledge produced by the platform.

• International Journal of Computer Science & Network Security
• /
• v.23 no.5
• /
• pp.13-20
• /
• 2023

In connected vehicles, drivers are exposed to attacks when they communicate with unauthenticated peers. This occurs when a vehicle relies on outdated information resulting in interactions with vehicles that have expired or revoked certificates claiming to be legitimate nodes. Vehicles must frequently receive or query an updated revoked certificate list to avoid communicating with suspicious vehicles to protect themselves. In this paper, we propose a scheme that works on a highway divided into clusters and managed by roadside units (RSUs) to ensure authenticity and preserve hidden identities of vehicles. The proposed scheme includes four main components each of which plays a major role. In the top hierarchy, we have the authority that is responsible for issuing long-term certificates and managing and controlling all descending intermediate authorities, which cover specific regions (e.g., RSUs) and provide vehicles with short-term pseudonyms certificates to hide their identity and avoid traceability. Every certificate-related operation is recorded in a blockchain storage to ensure integrity and transparency. To regulate communication among nodes, security managers were introduced to enable authorization and access right during communications. Together, these components provide vehicles with an immediately revoked certificate list through RSUs, which are provided with publish/subscribe brokers that enable a controlled messaging infrastructure. We validate our work in a simulated smart highway environment comprising interconnected RSUs to demonstrate our technique's effectiveness.