• The Journal of the Korea Contents Association
• /
• v.13 no.11
• /
• pp.533-540
• /
• 2013

Currently, as the Android platform only supports single-user protection, it needs security solution for multi-users. Specially, it has to protect specific applications which have personal and financial information, and be available to support authority management for contents access. Thus, this paper proposes an integrated user authority manger model for the Android platform. It helps application authority which is capable to divide into three statuses: installation, execution, deletion with the help of information technology.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.5
• /
• pp.103-110
• /
• 2008

Due to the development of the e-commerce, the shopping mall such as auction collects and manages the personal information of the customers for efficient service. However, because of the leakage of the Personal information in auction, the image of the companies as well as the information subjects is damaged. Even though the organizations and the companies store the personal information as common sentences and protect using role based access control technique, the personal information can be leaked easily in case of getting the authority of the database administrator. And also the role based access control technique is not appropriate for protecting the sensitive information of the information subject. In this paper, we encrypted the sensitive information assigned by the information subject and then stored them into the database. We propose the personal policy based access control technique which controls the access to the information strictly according to the personal policy of the information subject. Through the proposed method we complemented the problems that the role based access control has and also we constructed the database safe from the database administrator. Finally, we get the control authority about the information of the information subject.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.11
• /
• pp.73-80
• /
• 2023

In this paper, a technology to protect important information from access in order to revitalize the cloud service market. A technology is proposed to solve the risk of leakage of important confidential and personal information stored in cloud systems, which is one of the various obstacles to the cloud service market. To protect important information, access control rights to cloud resources are granted to cloud service providers and general users. The system administrator has superuser authority to maintain and manage the system. Client computing services are managed by an external cloud service provider, and information is also stored in an external system. To protect important in-house information within the company, all users, it was designed to provide access authority with users including cloud service providers, only after they are authenticated. It is expected that the confidentiality of cloud computing resources and service reliability achieved through the proposed access control technology will contribute to revitalizing the cloud service market.

• Proceedings of the Korean Institute of Communication Sciences Conference
• /
• 1986.04a
• /
• pp.66-70
• /
• 1986

• The Journal of the Korea Contents Association
• /
• v.9 no.1
• /
• pp.53-60
• /
• 2009

In home network environments, the user authentication and authorization associated user's information and usability may be important security issue. The OSGi service platform, a well-known home network gateway already specifies the mechanism of that. The traditional authority method provided OSGi implements simple RBAC(Role Based Access Control) model. This is difficult to support efficient access control. In this paper, we propose the dynamic RBAC model based on OSGi. The proposed method describes the extended framework that manage two roles named as absolute role and relative role, extend existed framework with relative role and propose programming model to enable dynamic access control. Finally, we implement the proposed framework using AspectJ and Java annotation.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.05a
• /
• pp.648-651
• /
• 2013

클라우드 시스템에서는 데이터 소유자가 아닌 클라우드 서비스 제공자가 각 개인의 데이터에 대한 저장과 관리를 책임진다. 따라서 클라우드 서버 상의 사용자 데이터에 대한 보안을 보장해 주는 것이 가장 중요한 이슈이다. 데이터 보안 문제는 안전하고 효율적인 접근제어 기술을 통해 해결 할 수 있다. 기존 시스템에서 많이 이용되고 있는 RBAC(Role based access control)은 접근제어의 형태가 주로 수직적이고, 데이터 접근가능 여부를 역할이라는 고정적인 값에 따라 결정하기 때문에 동적인 클라우드 환경에 적합하지 않다. 반면 HASBE(Hierarchical attribute set based encryption) 모델은 ABAC(Attribute based access control)를 통해 유연하고 탄력적인 접근제어를 제공한다. 또한 HASBE 는 인가자(Authority)와 사용자의 관계 모델이 계층적인 구조를 갖고 있기 때문에 큰 조직에서 수많은 사용자들의 데이터 관리와 키 분배를 좀더 효율적으로 할 수 있다. 본 논문에서는 위의 계층적인 모델에서 더 나아가서, 실제 클라우드 환경에서 데이터가 가질 수 있는 복잡한 속성과 인가자의 관계를 고려해 다중 인가자의 개념이 더해진 모델을 제안한다.

• Journal of Information Management
• /
• v.33 no.4
• /
• pp.85-105
• /
• 2002

The purpose of this study is to review the expanded role of authority files, which uses the Knowledge Organization System(KOS) to organize contents and manage the collections in digital libraries. The KOS plays a role as a bridge between the users' information needs and materials by providing links between catalogs and digital resources on the web and supporting retrieval of the relevant items. It is described how a KOS can be used to link a digital resource to related materials, to provide more descriptive records for entities, and access to relevant physical objects.

• ETRI Journal
• /
• v.32 no.1
• /
• pp.84-92
• /
• 2010

This paper proposes the semaphore authority management (SAM) controller to optimize the dual-port SDRAM (DPSDRAM) in the mobile multimedia systems. Recently, the DPSDRAM with a shared bank enabling the exchange of data between two processors at high speed has been developed for mobile multimedia systems based on dual-processors. However, the latency of DPSDRAM caused by the semaphore for preventing the access contention at the shared bank slows down the data transfer rate and reduces the memory bandwidth. The methodology of SAM increases the data transfer rate by minimizing the semaphore latency. The SAM prevents the latency of reading the semaphore register of DPSDRAM, and reduces the latency of waiting for the authority of the shared bank to be changed. It also reduces the number of authority requests and the number of times authority changes. The experimental results using a 1 Gb DPSDRAM (OneDRAM) with the SAM controllers at 66 MHz show 1.6 times improvement of the data transfer rate between two processors compared with the traditional controller. In addition, the SAM shows bandwidth enhancement of up to 38% for port A and 31% for port B compared with the traditional controller.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.1
• /
• pp.167-175
• /
• 2010

Like most large organizations, there are business rules such as 'separation of duty' and 'delegation' which should be considered in access control. From a SOD point of view, previous SOD models built on the (Administrative) Role-Based Access Control model cannot present the best solution to security problems such as information integrity by the limited constituent units such as role hierarchy and role inheritance. Thus, we propose a new integrated management model of administration role-based access control model and SOD policy, which is called the OS-SoDAM. The OS-SoDAM defines the authority range in an organizational structure that is separated from role hierarchy and supports a decentralized security officer-level SOD policy in which a local security officer can freely perform SOD policies within a security officer's authority range without the security officer's intervention.

• Journal of Korean Library and Information Science Society
• /
• v.52 no.4
• /
• pp.153-177
• /
• 2021

The revision of the Korean Cataloging Rules (KCR) is in progress in order to conform IFLA LRM conceptual model and to strengthen its internal stability. Religious works, along with musical works and legal works, have been treated as special and important in cataloging rules. This trend continues in the new cataloging rules that seek a bibliographic model that interconnects related materials. However since KCR2(1966), there are no rules for access points or specific rules on religious works. Under the circumstances, this study analyzed (1) the contents of religious works in the recently revised cataloging rules, (2) the access points and their functions for religious works implemented in online catalogs and authority system, and finally (3) the direction and scope of KCR revision. As a result of the study, this study suggested that it is necessary to prepare detailed rules for preferred title and authorized access points for various religious works in KCR. In conclusion, some issues for further discussion were summarized.