• 제목/요약/키워드: Control of Access

검색결과 3,688건 처리시간 0.03초

Access Control for Secure Access Path (안전한 접근 경로를 보장하기 위한 접근 제어)

  • Kim, Hyun-Bae
    • Journal of The Korean Association of Information Education
    • /
    • 제1권2호
    • /
    • pp.57-66
    • /
    • 1997
  • The primary purpose of security mechanisms in a computer systems is to control the access to information. There are two types of access control mechanisms to be used typically. One is discretionary access control(DAC) and another is mandatory access control(MAC). In this study an access control mechanism is introduced for secure access path in security system. The security policy of this access control is that no disclosure of information and no unauthorized modification of information. To make this access control correspond to security policy, we introduce three properties; read, write and create.

  • PDF

Secure Attribute-Based Access Control with a Ciphertext-Policy Attribute-Based Encryption Scheme

  • Sadikin, Rifki;Park, Young Ho;Park, Kil Houm
    • Journal of Korea Society of Industrial Information Systems
    • /
    • 제19권1호
    • /
    • pp.1-12
    • /
    • 2014
  • An access control system is needed to ensure only authorized users can access a sensitive resource. We propose a secure access control based on a fully secure and fine grained ciphertext-policy attribute-based encryption scheme. The access control for a sensitive resource is ensured by encrypting it with encryption algorithm from the CP-ABE scheme parameterized by an access control policy. Furthermore, the proposed access control supports non-monotone type access control policy. The ciphertext only can be recovered by users whose attributes satisfy the access control policy. We also implement and measure the performance of our proposed access control. The results of experiments show that our proposed secure access control is feasible.

Trust and Risk based Access Control and Access Control Constraints

  • Helil, Nurmamat;Kim, Mu-Cheol;Han, Sang-Yong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제5권11호
    • /
    • pp.2254-2271
    • /
    • 2011
  • Access control in dynamic environments needs the ability to provide more access opportunities of information to users, while also ensuring protection information from malicious users. Trust and risk are essential factors and can be combined together in access control decision-making to meet the above requirement. In this paper, we propose the combination of the trust and risk in access control to balance information accessibility and protection. Access control decision is made on the basis of trustworthiness of users and risk value of permissions. We use potential relations between users and relations between permissions in access control. Our approach not only provides more access opportunities for trustworthy users in accessing permissions, but also enforces traditional access control constraints such as Chinese Wall policy and Separation of Duty (SoD) of Role-Based Access Control (RBAC) model in an effective way.

Design of a Simulation Model for Integrated Access Control (통합 접근 제어를 위한 시뮬레이션 모델 설계)

  • Lee Ho
    • Journal of the Korea Society of Computer and Information
    • /
    • 제9권4호
    • /
    • pp.49-54
    • /
    • 2004
  • Rule-based access control can not completely be replaced by identity-based access control. Neither can role-based access control be a merger of identity-based access control and rule-based access control, but can be used complementarily for each other. In this paper, is proposed a simulation model designed for a new integrated access control method that has been created by means of integrating the existing access control methods. The integrated access control method is equipped with security, integrity and flow control and can easily accomodate the requirements for access control from role-based corporate bodies. The simulation model proposed in this paper can be applied for real working system designs.

  • PDF

The implementation of Access Control System using Biometric System (Biometric System(fingerprint Reader)을 이용한 Access Control System 구현에 관한 연구)

  • 김광환;김영길
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 한국해양정보통신학회 2003년도 춘계종합학술대회
    • /
    • pp.439-442
    • /
    • 2003
  • In this paper, a system that implementation of Access Control System Using Biometric System. Biometrics is science which deals with verifying or recognizing using physiological or behavioral characteristic Access Control System uses Biometric system to make an access control system. Biometrics goes under the study of bio-recognition or bio-measurement. It is a technology or study that identifies individuals using one's Biometric character. Access control system is a system used to identify one's entrance and exit, personal management, and security. Access control system can be joined with Biometric system to produce easier use and more sufficient effects. Access control system using Wiegand (Data Format) signal output, can replace earlier RF Card systems and make an access control (security) system. It uses RS-232, Rs-422 or TCP/IP type communication with the computer so an embedded system can be controlled using the software.

  • PDF

The implementation of Access Control System using Biometric System (생체인식 시스템을 이용한 Access Control System 구현에 관한 연구)

  • 김광환;김영길
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • 제8권2호
    • /
    • pp.494-498
    • /
    • 2004
  • In this paper, a system that implementation of Access Control System Using Biometric System. Biometries is science which deals with verifying or recognizing using physiological or behavioral characteristic Access Control System uses Bionietric system to make an access control system. Biometrics goes under the study of bio-recognition or bio-measurement. It is a technology or study that identifies individuals using one's Biometric character. Access control system is a system used to identify one's entrance and exit, personal management, and security. Access control system can be joined with Biometric system to produce easier use and more sufficient effects. Access control system using Weigand (Data format) signal output, can replace earlier RF Card systems and make an access control (security) system. It uses RS-232, Rs-422 or TCP/IP type communication with the computer so an embedded system can be controlled using the software.

A Role-driven Security and Access Control Model for Secured Business Process Management Systems

  • Won Jae-Kang;Kim Kwang-Hoon
    • The Journal of Information Systems
    • /
    • 제14권3호
    • /
    • pp.1-8
    • /
    • 2005
  • This paper formally defines a role-driven security and access control model of a business process in order eventually to provide a theoretical basis for realizing the secured business process management systems. That is, we propose a graphical representation and formal description of the mechanism that generates a set of role-driven security and access control models from a business process modeled by the information control net(ICN) modeling methodology that is a typical business process modeling approach for defining and specifying business processes. Based upon the mechanism, we are able to design and accomplish a secured business process management system that provides an unified resource access control mechanism of the business process management engine domain's and the application domain's. Finally, we strongly believe that the secured access control policies from the role-driven security and access control model can be easily transformed into the RBAC(Role-based Access Control) model that is a standardized security technology for computer and communications systems of commercial and civilian government organizations.

  • PDF

Universal Description of Access Control Systems

  • Karel Burda
    • International Journal of Computer Science & Network Security
    • /
    • 제24권8호
    • /
    • pp.43-53
    • /
    • 2024
  • Access control systems are used to control the access of people to assets. In practice, assets are either tangible (e.g. goods, cash, etc.) or data. In order to handle tangible assets, a person must physically access the space in which the assets are located (e.g. a room or a building). Access control systems for this case have been known since antiquity and are based either on mechanical locks or on certificates. In the middle of the 20th century, systems based on electromagnetic phenomena appeared. In the second half of the same century, the need to control access to data also arose. And since data can also be accessed via a computer network, it was necessary to control not only the access of persons to areas with data storage, but also to control the electronic communication of persons with these storage facilities. The different types of the above systems have developed separately and more or less independently. This paper provides an overview of the current status of different types of systems, showing that these systems are converging technologically based on the use of electronics, computing and computer communication. Furthermore, the terminology and architecture of these systems is expanded in the article to allow a unified description of these systems. The article also describes the most common types of access control system configurations.

A Universal Model for Policy-Based Access Control-enabled Ubiquitous Computing

  • Jing Yixin;Kim, Jin-Hyung;Jeong, Dong-Won
    • Journal of Information Processing Systems
    • /
    • 제2권1호
    • /
    • pp.28-33
    • /
    • 2006
  • The initial research of Task Computing in the ubiquitous computing (UbiComp) environment revealed the need for access control of services. Context-awareness of service requests in ubiquitous computing necessitates a well-designed model to enable effective and adaptive invocation. However, nowadays little work is being undertaken on service access control under the UbiComp environment, which makes the exposed service suffer from the problem of ill-use. One of the research focuses is how to handle the access to the resources over the network. Policy-Based Access Control is an access control method. It adopts a security policy to evaluate requests for resources but has a light-weight combination of the resources. Motivated by the problem above, we propose a universal model and an algorithm to enhance service access control in UbiComp. We detail the architecture of the model and present the access control implementation.

Management of the Access Control for a WebDAV-based Collaborative System (웹데브 기반 협업시스템에서의 접근 제어 관리)

  • Kim, Seong-Hune;Lee, Hong-Chang;Lee, Myung-Joon;Park, Yang-Su
    • Journal of Internet Computing and Services
    • /
    • 제11권1호
    • /
    • pp.167-181
    • /
    • 2010
  • WebDAV is an IETF standard protocol which supports asynchronous collaborative authoring on the Web. The WebDAV Access Control Protocol provides various methods of controlling the resources on a WebDAV server and their properties, helping high-level group activities to be performed through the WebDAV server. In this paper, to provide high level collaboration, we introduce a technique for managing access control over WebDAV resources through the WebDAV Access Control Protocol and describe the development of an access control manager for the CoSlide Collaborative system based on the technique. To provide users with the access control features in an easily understandable manner, the developed technique presents the privileges for performing WebDAV methods instead of the standard privileges in the WebDAV Access Control Protocol. In addition, we present the facility for detecting conflicts between new access privileges on resources and old access privileges on them. We applied the method-based access control management technique to the CoSlide collaborative system. The developed access control manager enables us to create group workspaces with flexible access control strategies for group members and resources.