• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.1
• /
• pp.3-15
• /
• 2005

As a large quantity of information is presented in XML format on the web, there are increasing demands for XML security. Research area or n security is about Encryption Digital signature, Key management and Access control. until now research on U security has been focused on the security of data network using digital signature and encryption technology. As XML data become extensive and complex XML security comes to involve not only network security but also managerial security. Managerial security is guaranteed through access control. But XML Encryption supports simple network security. So it can't support multiple users and multiple access control policies. In this paper, we propose an integration method of encryption and access control policy for securing XML documents. This methodology can supper multiple authorizations of multiple users with integrating access control. And this can reduce the cost of evaluation process of the existing complicated access authorization with pre-processing.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.1
• /
• pp.175-182
• /
• 2018

As Internet of things with a large number of nodes emerges, wireless-power communication networks (WPCN) based on a random access protocol needs to be investigated. In the random access-based WPCN, a terminal accessing later in given random access (RA) slots can harvest more energy before transmission and thus can transmit data with higher power and achieve higher throughput if the access is successful. On the basis of this property, the proposed random access control protocol gives the terminals priority and distinguishes the RA slots according to the priority level, so that a near terminal with access point allows to access preferentially other than a remote terminal. This operation decreases the throughput of near terminal and increases the throughput of remote terminal, and then, the doubly near-far problem in WPCN is resolved and the user fairness is improved. Results show that the proposed random access control improves both channel throughput and user fairness according to the priority level.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.6
• /
• pp.123-129
• /
• 2013

Android file system is vulnerable to the external access of system resources via its arbitrary access mode and need user's control for SD and UMS medias due to its open architecture. In response to the device control, there is a drawback that its controlability is valid only in the case of embedded linux kernel with VDC function. Hence the solution is to directly implement VDC through system call, with another security module for device storage than system module being added to android system. In this paper the new method of android storage access control for personal information is proposed via VDC for mount system of storage. The access method for SD and UMS were implemented using VDC and mount mechanism. This access control system has been designed to control the granted users in kernel level if files are flowed out by copying. As a result, it was proved through testing that the access control system has exactly detected the write access operation.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.12
• /
• pp.3123-3132
• /
• 1997

In this paper, we describe access control system for protection of pay TV program in digital DBS(Direct Broadcast satellite) system. We also propose a possible access control system and operation scenario for scrambling and descrambling which are important in access control system. Transport stream structure and option, entitlement checking message and entitlement management message for access control on digital broadcasting system are described in this paper. Especially, the authentication based on Flat-Shamir and Gulllou-Quisquater schemes required for verification of proper subscriber as access control is oriented to smart card number and subscriber ID(Identity). It has less restriction than scheme oriented to descrambler number.

• The KIPS Transactions:PartA
• /
• v.13A no.4 s.101
• /
• pp.363-370
• /
• 2006

Currently, many people have been researching diverse mechansmims related to a resource access control in Grid environment. Mostly Grid user's resource access control was designed to authorize according to their attributes and roles. But, to provide Grid with resources continuously, a resource access based on utility computing must be controlled. So, in this paper we propose and implement mechanism that intergrates Grid accounting concept with resource access control. This mechanism calcuates costs of Grid service on the basis of accounting, and determines based on user's fund availibility whether they continue to make use of site resources or not. Grid jobs will be controlled according to a site resource access control policy only if the amount of available fund is less than its costs. If Grid job completed, resource consumer pays for the costs generated by using provider's idle resources. Therefore, this paper provides mechansim to be able to control user's resource access by Grid accounting, so that it is evaluated as the research to realize utility computing environment corresponding to economic principle.

• Annual Conference of KIPS
• /
• 2001.10b
• /
• pp.847-850
• /
• 2001

본 논문에서는 최근에 많은 관심이 증가하고 있는 보안 운영체제를 위한 접근제어에 대해 기술하고 이 접근제어를 FreeBSD 에 구현한 것에 대해 설명한다. 강제적 접근제어(MAC), 신분 기반 접근제어(DAC), 그리고 역할기반 접근제어(RBAC) 과 같은 접근제어 정책들을 안전한 FreeBSD 운영체제를 위해 접근제어 정책으로 사용하였다. MAC 과 ACL 의 구현은 POSIX1003.le 의 표준에 기준 하였고 RBAC 의 구현은 NIST의 표준을 기준으로 하였다. 강제적 접근제어는 군기관이나 정부 기관의 보안 요구사항들을 만족시켜주지만 보안관리 측면에서는 유동적이지 못한 면이 있다. 반면에 역할기반 접근제어는 상업적 접근제어 정책 요구 사항들을 만족시켜주는 정책으로 유동적이고 다양한 보안 관리 정책의 요구사항들을 만족 시켜준다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.2
• /
• pp.250-256
• /
• 2007

Role-based Access Control (RBAC) model appears to be the most appropriate technique for access control to minimize the errors likely to occur in managing users and network resources. In this paper, we introduced the Work-concept RBAC model that is the result of the Work concept imported to the role based access control model. Using our extended access control model a user could select a work which is more abstract and more inclusive concept than role to do his work. Additionally even if the user has an authority through selecting a work, if a user has no relation to his assigned job, it will be automatically prohibited.

• Journal of KIISE:Information Networking
• /
• v.34 no.5
• /
• pp.405-422
• /
• 2007

Recently, according to the network environment, there are many researches for home network. Nowadays, in home network, the method that access control policy is managed for each home device by using ACL is popular, and EAM (Extranet access management) is applied as a solution. In addition, the research about secure OS is ongoing based on open operating system and the research of user authentication mechanisms for home network using home server is also in progress. However, these researches have some problems as follows; First, the transmission scope of expected access technology in home network is wide, so unauthenticated outside terminal can access the home network. Second, user is inconvenient because user need to set the necessary information for each device. Third, user privacy and convenience are not considered. OSGi provides a service platform for heterogeneous technologies in home network environment. Here, user access control is one of the core parts which should have no problems such as above items, but there are no concrete researches yet. Thus in this paper, we propose an access control policy management framework and access control operation based on RBAC for user access control in home network environment in which OSGi service platform is operated. First, we list the consideration which is not clearly mentioned in OSGi standard, and then we solve these above problems through new framework. In addition, we propose the effective and economical operation method which reduces the policy change frequency for user access control by using RBAC concept though limited resource of home gateway. Besides, in this paper, these proposed policies are defined separately as user-role assignment policy and permission-role assignment policy, and user decide their own policies. In conclusion, we provide the scheme to enhance the user convenience and to solve the privacy problem.

• International Journal of Internet, Broadcasting and Communication
• /
• v.12 no.2
• /
• pp.8-14
• /
• 2020

Recently, there was an increasing demand for an integrated access control system which is capable of user recognition, door control, and facility operations control for smart buildings automation. The market available door lock access control solutions need to be improved from the current level security of door locks operations where security is compromised when a password or digital keys are exposed to the strangers. At present, the access control system solution providers focusing on developing an automatic access control system using (RF) based technologies like bluetooth, WiFi, etc. All the existing automatic door access control technologies required an additional hardware interface and always vulnerable security threads. This paper proposes the user identification and authentication solution for automatic door lock control operations using camera based visible light communication (VLC) technology. This proposed approach use the cameras installed in building facility, user smart devices and IoT open source controller based LED light sensors installed in buildings infrastructure. The building facility installed IoT LED light sensors transmit the authorized user and facility information color grid code and the smart device camera decode the user informations and verify with stored user information then indicate the authentication status to the user and send authentication acknowledgement to facility door lock integrated camera to control the door lock operations. The camera based VLC receiver uses the artificial intelligence (AI) methods to decode VLC data to improve the VLC performance. This paper implements the testbed model using IoT open-source based LED light sensor with CCTV camera and user smartphone devices. The experiment results are verified with custom made convolutional neural network (CNN) based AI techniques for VLC deciding method on smart devices and PC based CCTV monitoring solutions. The archived experiment results confirm that proposed door access control solution is effective and robust for automatic door access control.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.3
• /
• pp.911-923
• /
• 2014

Ad hoc cognitive radio wireless sensor networks allow secondary wireless sensor nodes to recognize spectrum opportunities and transmit data. Most existing protocols proposed for ad hoc cognitive radio wireless sensor networks require a dedicated common control channel. Allocating one channel just for control packet exchange is a waste of resources for channel-constrained networks. There are very few protocols that do not rely on a common control channel and that exchange channel-negotiation control packets during a pre-allocated time on the data channels. This, however, can require a substantial amount of time to access the channel when an incumbent is present on the channel, where the nodes are intended to negotiate for the data channel. This study examined channel access delay on cognitive radio wireless sensor networks that have no dedicated common control channel.