• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.9
• /
• pp.1730-1740
• /
• 2016

This paper introduces a guest identity provider system for eduroam which is a global Wi-Fi service targeting users enrolled in higher education and research institutions. Developed eduroam AND (AutheNtication Delegation) system enables users to create their eduroam user accounts and to access eduroam regardless of their locations. Users with no organizational eduroam account therefore can freely access eduroam using the system. A federated authentication model is implemented in the system, and thus the system has merits of having high accessibility, indirectly verifying users and organizations possible, saving management overhead. Status monitoring is essential because authentication request and response messages are routed by eduroam network. eduroam AND performs active monitoring to check service availability and visualizes the results, which increases operational and management efficiency. We leveraged open-source libraries to implement eduroam AND and run the system on KREONET (Korea REsearch Open NETwork). Lastly, we present implementation details and qualitively evaluate the system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.2 no.1
• /
• pp.23-35
• /
• 2008

Mobile IP (MIP) is the solution supporting the mobility of Mobile Nodes (MNs), however, it is known to lack the support for NEtwork MObility (NEMO). NEMO manages situations when an entire network, composed of one or more subnets, dynamically changes its point of attachment to the Internet. NEMO Basic Support (NBS) protocol ensures session continuity for all the nodes in a mobile network, however, there exists a serious pinball routing problem. To overcome this weakness, there are many Route Optimization (RO) solutions such as Bi-directional Tunneling (BT) mechanism, Aggregation and Surrogate (A&S) mechanism, Recursive Approach, etc. The A&S RO mechanism is known to outperform the other RO mechanisms, except for the Binding Update (BU) cost. Although Improved Prefix Delegation (IPD) reduces the cost problem of Prefix Delegation (PD), a well-known A&S protocol, the BU cost problem still presents, especially when a large number of Mobile Routers (MRs) and MNs exist in the environment such as train, bus, ship, or aircraft. In this paper, a solution to reduce the cost of delivering the BU messages is proposed using a multicast mechanism instead of unicasting such as the traditional BU of the RO. The performance of the proposed multicast-based BU scheme is examined with an analytical model which shows that the BU cost enhancement is up to 32.9% over IPDbased, hence, it is feasible to predict that the proposed scheme could benefit in other NEMO RO protocols.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.1
• /
• pp.167-175
• /
• 2010

Like most large organizations, there are business rules such as 'separation of duty' and 'delegation' which should be considered in access control. From a SOD point of view, previous SOD models built on the (Administrative) Role-Based Access Control model cannot present the best solution to security problems such as information integrity by the limited constituent units such as role hierarchy and role inheritance. Thus, we propose a new integrated management model of administration role-based access control model and SOD policy, which is called the OS-SoDAM. The OS-SoDAM defines the authority range in an organizational structure that is separated from role hierarchy and supports a decentralized security officer-level SOD policy in which a local security officer can freely perform SOD policies within a security officer's authority range without the security officer's intervention.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.669-685
• /
• 2003

Nowadays mobile phones and PDAs are part and parcel of our lives. By carrying a portable mobile device with us all the time we are already living in partial Pervasive Computing Environment (PCE) that is waiting to be exploited very soon. One of the advantages of pervasive computing is that it strongly supports the deployment of Location-Based Service(s) (LBSs). In PCE, there would be many competitive service providers (SPs) trying to sell different or similar LBSs to users. In order to reserve a particular service, it becomes very difficult for a low-computing and resource-poor mobile device to handle many such SPs at a time, and to identify and securely communicate with only genuine ones. Our paper establishes a convincing trust model through which secure job delegation is accomplished. Secure Job delegation and cost effective cryptographic techniques largely help in reducing the burden on the mobile device to securely communicate with trusted SPs. Our protocol also provides users privacy protection, replay protection, entity authentication, and message authentication, integrity, and confidentiality. This paper explains our protocol by suggesting one of the LBSs namely“Secure Automated Taxi Calling Service”.

• The Journal of the Korea Contents Association
• /
• v.20 no.5
• /
• pp.476-499
• /
• 2020

The impacts of internal marketing in the security firms have not been studied much. This study analyzes the impact of internal marketing on job satisfaction, job commitment, customer orientation, and job performance for the security firm's branches using multiple mediation model which differs from simple mediation model. The data were collected from 263 employees of securities firm's branches in Seoul, Busan and other Korean metropolitan cities. The research hypothesis was validated by the tools of SPSS 22.0 and AMOS 22.0. The results are as follows. First, among the internal marketing factors, delegation of authority, reward systems and education training had a significant effect on job satisfaction. And internal communications were shown to have a significant effect on job commitment and customer orientation. Second, job satisfaction have a significant direct impact on the job commitment, customer orientation. And customer orientation have direct impact on the job performance. Also, delegation of authority and reward systems were found to have a significant indirect effect on the job performance in mediation of job satisfaction and customer orientation. These results imply that internal marketing factors affect job performance mainly through the mediation of job satisfaction, job orientation and that specially delegation of authority and reward system affect on the performance much, which are different from other industry cases.

• Journal of Communications and Networks
• /
• v.15 no.1
• /
• pp.1-7
• /
• 2013

Most of the provably-secure proxy signature schemes rely on the average-case hardness problems such as the integer factorization problems and the discrete logarithm problems. Therefore, those schemes are insecure to quantum analysis algorithms, since there exist quantum algorithms efficiently solving the factorization and logarithm problems. To make secure proxy signature schemes against quantum analysis, some lattice-based proxy signature schemes are suggested. However, none of the suggested lattice-based proxy signature schemes is proxy-protected in the adaptive security model. In the paper, we propose a provably-secure ID-based proxy signature scheme based on the lattice problems. Our scheme is proxy-protected in the adaptive security model.

• Journal of Korea Technology Innovation Society
• /
• v.19 no.3
• /
• pp.439-464
• /
• 2016

The technical regulation and conformity assessment procedure of our country on ICT equipments is currently required to have more innovation due to the request of main trade countries, the second phase conclusion of MRA, necessity of expansion of conformity assessment service market and demand of manufacturers. The world's leading advanced countries have already proceeded with innovation based on privatization plan. According to the comparative analysis of the level, it turned out that Japan obtained the highest level of privatization while South Korea ranked the lowest level. According to the research result of examination and certification ability of private institutions of our country, it turned out that our country is expected to have possibility of achieving higher level of privatization than that of the present. Moreover, according to the questionnaire survey conducted to the persons concerned regarding privatization direction, they gave positive response to all the indicated survey contents of privatization direction in terms of "delegation of certification services to private sectors (contracting-out)", "transformation of EMC into private voluntary standard" and "changeover of conformity assessment agent". However, from the view of acceptance and conflict model, it is estimated that starting from "delegation of certification services to private sectors (contracting-out)" seems to be the most advisable plan. Also, prior to privatization, it is required to improve relevant systems such as certification examiner system.

• The KIPS Transactions:PartC
• /
• v.18C no.3
• /
• pp.135-142
• /
• 2011

Recently, the strategy for N-screen service is in the spotlight along with the consumer's need to use contents regardless of time and place due to the rapid development of communication technology, which is meshing with the desire of service providers seeking a new business model. N-screen, as a screen-extension-concept service which enables consumers to continuously share and use contents in various equipments such as TV, computer and portable terminals, is an advanced type of 3-screen service strategy initially proposed by AT&T, an American telecommunication company. In the N-screen service for pay-contents, in order to support continuous screen changes to and from various equipments, temporary watching right should be given to the equipment intended for screen change. However, it is impossible to give the temporary watching right in the present broadcasting environment, adopting an access-control system. In this paper, the access-control technology being used for pay-contents in the present broadcasting environment and the reason for not being able to give temporary watching right, will be examined. After the examination, the solution for delegation of watching right by using an additional key on the basis of currently used access-control technology, will be proposed.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.71-79
• /
• 2019

The demand of smart cars is increasing rapidly. International stand organize such as 3GPP and 5GAA are proposing standard communication protocvols for connected-car, and automotive network infrastructure. But Smart car network have many security threats and more dangerous against the existed wire communication network. Typically, peripheral devices of a smart car may disguise their identity and steal location information and personal information about the vehicle. In addition, the infrastructure elements around smart cars can conspire and put driving cars in danger, threatening lives. This is a very serious security threat. Therefore, in order to solve these problems, we proposed a system that is secure from collusion and tampering attacks using attribute-based authorize delegation method and threshold encryption algorithms. We have demonstrated using a semantic safety model that the proposed system can be safe from collusion attack.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.871-873
• /
• 2002

RBAC은 역할 계층구조에서 권한의 계승과 의무분리와 같은 제약조건을 다룸으로써 접근권한의 관리를 수월하게 하고 기업환경을 잘 반영말 수 있는 장점이 있다. 하지만 RBAC은 현실세계의 기업환경에서 빈번히 이루어지는 권한의 위임을 제대로 구현하지 못한다는 문제점을 가지고 있다. 본 논문에서는 자신의 고유역할 뿐만 아니라 상위 역할로부터 위임받은 새로운 위임 역할을 생성함으로써 역할계층 구조상의 다른 역할의 사용자에게 다른 과업을 할당해 줄 수 있도록 하여, 최소 권한의 원칙을 만족하는 다단계 위임을 구현하였다. 위임 시에 생길 수 있는 보안 문제를 해결하기 위해서 역할단위가 아닌 과업단위의 위임으로 제안하고, 과업단위의 의무분리를 적용하였으며, 위임 할 수 있는 과업을 규정하고 최하위 역할을 지정하였다. 기존의 다단계 모델에서 제안된 기법과의 비교를 통해서 본 논문에서 제안된 기법이 실제 기업에서 이루어지는 다단계 위임을 타당하게 구현할 수 있음을 보인다. 또한 T-RBCA을 기반으로 ARBAC97을 적용해서 제안된 기법을 모델링하고 Prototype을 구현하였다.