• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1025-1035
• /
• 2013

There has been an explosive increase in the population of OSN(online social network) for 10 years. OSN provides users with many opportunities to have communication among friends, families and goes so far as to make relationships among unknown people having similar belief or interest. However, OSN also produced adverse effects such as privacy breaches, leaking uncontrolled information or disseminating false information. Access control models such as MAC, DAC, RBAC are applied to the OSN to control those problems but those models in OSN are not fit in dynamic OSN environment because user's acts in OSN are unpredictable and static access control imposes burden on users to change access control rules one by one. This paper proposes the dynamic trust-based access control to solve the problems of traditional static access control in OSN.

• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.5
• /
• pp.282-296
• /
• 2013

With the emergence of cloud computing, more and more sensitive user data are outsourced to remote storage servers. The privacy of users' access pattern to the data should be protected to prevent un-trusted storage servers from inferring users' private information or launching stealthy attacks. Meanwhile, the privacy protection schemes should be efficient as cloud users often use thin client devices to access the data. In this paper, we propose a lightweight scheme to protect the privacy of data access pattern. Comparing with existing state-of-the-art solutions, our scheme incurs less communication and computational overhead, requires significantly less storage space at the user side, while consuming similar storage space at the server. Rigorous proofs and extensive evaluations have been conducted to show that the proposed scheme can hide the data access pattern effectively in the long run after a reasonable number of accesses have been made.

• Journal of Korea Multimedia Society
• /
• v.22 no.8
• /
• pp.823-831
• /
• 2019

In recent years, there has been developed systems such as a surveillance system and access control using a face recognition function instead of a password or an RFID chip, thereby reducing the risk of falsification. Moreover, deep learning technology has been applied to real-time face recognition technology in video, so it makes possible the development of access control system that improves the accuracy of recognition and efficiency of management. In this paper, we propose a real-time access management system based on face recognition using ResNet. The system is based on web server, which make it possible to manage the access by recognizing the person of the image through the camera and access information stored in the database. It can be accessed by a user application to receive various information. The implemented system identifies a person in real time and allows access control by accurately distinguishing whether they are members or not, and the test results can recognize in 0.2 seconds. The accuracy of recognition rate is up to about 97% depending on the experiment environment. With this system, access can be managed quickly and effectively, even many people rush to it.

• Annual Conference of KIPS
• /
• 2013.05a
• /
• pp.157-158
• /
• 2013

Data privacy and access control policies in computer clouds are a prime concerns while talking about the sensitive data. Authorized access is ensured with the help of secret keys given to a range of valid users. Granting the role access is a trivial matter but revoking user access is tricky and compute intensive. To revoke a user and making his data access ineffective the data owner has to compute new set of keys for the rest of effective users. This situation is inappropriate where user revocation is a frequent phenomenon. Time based revocation is another way to deal this issue where key for data access expires automatically. This solution rests in a very strong assumption of time determination in advance. In this paper we have proposed a mutable encryption for oblivious data access in cloud storage where the access key becomes ineffective after defined number of threshold by the data owner. The proposed solution adds to its novelty by introducing mutable encryption while accessing the data obliviously.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.6 no.5
• /
• pp.676-683
• /
• 2002

In this paper, LAN Access Point is realized by making out bluetooth protocol stack in Linux Kernel, porting Linux in an embeded system employed bluetooth module. Hardware for a general-purpose embeded system is designed and Linux Kernel is ported after deploying Bluetooth Module. Also, Boot loader for system booting and management is composed, and Kernel is modified to meet with the system. Finally, Ethernet devise driver is made out, and bluetooth protocol Stack and Lan Access Point are realized. The possibility of TCP/IP communication through LAN Access Point to PC employed Bluetooth module, which is considered as client, is evaluated. From the evaluation results, we can see that the performance in Telnet FTP, Web browsing through Bluetooth LAN Access Point is satisfactory.

• Journal of Information Management
• /
• v.36 no.1
• /
• pp.1-32
• /
• 2005

The scholarly communication crisis is not a journals crisis, but rather a broader crisis in information communications. It is the loss of access to the scholarly research literature, as the rising cost of STM journal subscriptions far out-strip academic library budgets. Now, the open access as alternatives to traditional journal subscription model are emerging for STM scholarly information. There are basically three forms for OA strategies : Open Access Journals(OAJ), Author Self Archiving(ASA), Academic Institutional Repositories(AIR). This paper describes the current trends and analyses potentially serious limitations and obstacles or various issues of the OA strategies, including the notion of scholarly information as a public good, myths of free access, author pay model, holder of copyright, etc.

• Journal of the Korean Society for information Management
• /
• v.27 no.4
• /
• pp.89-107
• /
• 2010

Open access journal has been one of the major academic information sources for researcherscharacterizing itself as free resource. Recently, as competition among academic information service provides becomes intense, open access journal also needs to enhance its service and expand information service function. This study aims to propose service features for next generation service of open access journals by analyzing service features of leading journal database services. As a result, four service features are suggested such as journal article components and multimedia features, expanded searching features, social service features and mobile information service.

• Journal of Communications and Networks
• /
• v.15 no.4
• /
• pp.407-410
• /
• 2013

Secret sharing is that a dealer distributes a piece of information (called a share) about a secret to each participant such that authorized subsets of participants can reconstruct the secret but unauthorized subsets of participants cannot determine the secret. In this paper, an access structure can be represented by a label graph G, where a vertex denotes a participant and a complete subgraph of G corresponds to a minimal authorized subset. The vertices of G are labeled into distinct vectors uniquely determined by the maximum prohibited structure. Based on such a label graph, a verifiable secret sharing scheme realizing general access structures is proposed. A major advantage of this scheme is that it applies to any access structure, rather than only structures representable as previous graphs, i.e., the access structures of rank two. Furthermore, verifiability of the proposed scheme can resist possible internal attack performed by malicious participants, who want to obtain additional shares or provide a fake share to other participants.

• Journal of Internet Computing and Services
• /
• v.16 no.1
• /
• pp.47-55
• /
• 2015

Recently, the environment of a hospital information system is a trend to combine various SMART technologies. Accordingly, various smart devices, such as a smart phone, Tablet PC is utilized in the medical information system. Also, these environments consist of various applications executing on heterogeneous sensors, devices, systems and networks. In these hospital information system environment, applying a security service by traditional access control method cause a problems. Most of the existing security system uses the access control list structure. It is only permitted access defined by an access control matrix such as client name, service object method name. The major problem with the static approach cannot quickly adapt to changed situations. Hence, we needs to new security mechanisms which provides more flexible and can be easily adapted to various environments with very different security requirements. In addition, for addressing the changing of service medical treatment of the patient, the researching is needed. In this paper, we suggest a dynamic approach to medical information systems in smart mobile environments. We focus on how to access medical information systems according to dynamic access control methods based on the existence of the hospital's information system environments. The physical environments consist of a mobile x-ray imaging devices, dedicated mobile/general smart devices, PACS, EMR server and authorization server. The software environment was developed based on the .Net Framework for synchronization and monitoring services based on mobile X-ray imaging equipment Windows7 OS. And dedicated a smart device application, we implemented a dynamic access services through JSP and Java SDK is based on the Android OS. PACS and mobile X-ray image devices in hospital, medical information between the dedicated smart devices are based on the DICOM medical image standard information. In addition, EMR information is based on H7. In order to providing dynamic access control service, we classify the context of the patients according to conditions of bio-information such as oxygen saturation, heart rate, BP and body temperature etc. It shows event trace diagrams which divided into two parts like general situation, emergency situation. And, we designed the dynamic approach of the medical care information by authentication method. The authentication Information are contained ID/PWD, the roles, position and working hours, emergency certification codes for emergency patients. General situations of dynamic access control method may have access to medical information by the value of the authentication information. In the case of an emergency, was to have access to medical information by an emergency code, without the authentication information. And, we constructed the medical information integration database scheme that is consist medical information, patient, medical staff and medical image information according to medical information standards.y Finally, we show the usefulness of the dynamic access application service based on the smart devices for execution results of the proposed system according to patient contexts such as general and emergency situation. Especially, the proposed systems are providing effective medical information services with smart devices in emergency situation by dynamic access control methods. As results, we expect the proposed systems to be useful for u-hospital information systems and services.

• Journal of the Korean BIBLIA Society for library and Information Science
• /
• v.20 no.4
• /
• pp.101-113
• /
• 2009

This paper reports the results of the analysis on the access points of two bibliographic databases specialized in children's materials: "A" public library's online catalog and "N" children's novel database. The analysis particularly focused on the access points that lead users to discover their own needs and on the ways users search and navigate. The findings showed that the selected bibliographic systems supported many access points that were taken from the materials as well as from other relevant information sources and that browsing and navigating with hyperlinks supported the users' 'recognition' of information through 'interactivity' between the users and the systems, 'information encountering,' and 'serendipity.' The findings of this paper have implications for librarians and systems designers who want to develop user-friendly bibliographic systems that give access to children's materials.