• Title/Summary/Keyword: Dynamic access control

Search Result 279, Processing Time 0.031 seconds

A Role-Based Access Control Model of Managed Objects in Distributed System Environments (분산시스템 환경에서 관리 객체에 대한 역할기반 접근제어 모델)

  • Choi Eun-Bok
    • Journal of Internet Computing and Services
    • /
    • v.4 no.1
    • /
    • pp.75-86
    • /
    • 2003
  • In this paper, we extended hierarchial structure of managed object class to support Role-Based Access Control, and described constraint conditions that have support dynamic temporal function as well as statical temporal function established by management process. And we defined about violation notifications should report to manager when rules violate constraint conditions. Also we presented system architecture that support RBAC with MIB(Management Information Base) of ITU-T recommendation. By access control enforcement and decision function, constraint conditions and activated translation procedure of each roles are described, our system presents dynamic temporal property systematically.

  • PDF

Network Traffic-Based Access Control Using Software-Defined Perimeter (소프트웨어 정의 경계를 이용한 네트워크 트래픽 기반 동적 접근 제어)

  • Seo-Yi Kim;Il-Gu Lee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.34 no.4
    • /
    • pp.735-746
    • /
    • 2024
  • The rapid advancement of computer technology has necessitated a safer user environment, prompting the adoption of the zero trust model, which verifies all internal and external network activities. This paper proposes an efficient network traffic data-based dynamic access control method leveraging Software-Defined Perimeter (SDP) capabilities to implement zero trust and address latency issues. According to the performance evaluation results, the detection performance of the proposed scheme is similar to that of conventional schemes, but the dataset size was reduced by 62.47%. Additionally, by proposing an adaptive zero trust verification approach, the dataset size and verification time were reduced by 83.9% and 9.1%, respectively, while maintaining similar detection performance to conventional methods.

A MAC Enhancement Technique for Quality of Service Guarantee in Wireless Local Area Networks (무선 네트워크에서 QoS 보장을 위한 MAC 향상 기법)

  • Lee, Dong-Geon;Kim, Byoung-Hoon;Tak, Sung-Woo
    • Journal of Korea Multimedia Society
    • /
    • v.11 no.10
    • /
    • pp.1446-1459
    • /
    • 2008
  • In an infrastructure-based wireless network, an access point is used for all communications among mobile devices. However, when a mobile device moves into a dead Bone, a connectivity disruption between the mobile device and the access point occurs. Such connectivity disruption consequently leads to another connectivity disruption between the mobile device moving toward the dead zone and other wireless-enabled devices located within the area of the infrastructure-based wireless network. To cope with the connectivity disruption in the infrastructure-based wireless network the ad hoc network that dynamically forms a network without any preexisting communication infrastructure needs to be set up to provide seamless connections among mobile devices. In this paper, we propose the DNSQ-MAC (Dynamic Network State aware QoS-Medium Access Control) technique that meets the deadlines of MAC frames forwarded over hop-by-hop multipaths and guarantees the QoS performance of an ad hoc-based wireless network. Mobile devices incorporating the DNSQ-MAC technique are capable of adjusting to the new dynamic network status in order to enhance the QoS performance in the ad hoc-based wireless network. A case study which exploits the Qualnet simulator shows that the proposed DNSQ-MAC technique can guarantee the deadlines of MAC frames forwarded over hop-by-hop multipaths and enhance the QoS performance of various routing protocols and packet schedulers running on the network layer above the MAC layer.

  • PDF

A fairness control mechanism for access control protocol of B-ISDN ring subscriber network (B-ISDN 링 가입자망을 위한 액세스 제어 프로토콜의 공정성 제공 기법 연구)

  • 남은영;이수경;송주석
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.22 no.3
    • /
    • pp.547-556
    • /
    • 1997
  • In this paper we suggest a dynamic quota allocation mechansim for B-ISDN(Broadband Integrated Services Digital Network) subscriber networks. The quota adaptation decision based on the number of cells in the transmission queue is made distributively by each node in the ring network. This mechanism provides both fairness and efficiency for it enables each node to adapt its quota under asymmetric traffic condition. The simulation results show that substantial improvements in access delay time and throughput can be achieved with this algorithm.

  • PDF

A New Dynamic Bandwidth Assigmnent Algorithm for Ethernet-PON (Ethernet-PON을 위한 새로운 동적 대역 할당 알고리즘)

  • Jang, Seong-Ho;Jang, Jong-Wook
    • The KIPS Transactions:PartC
    • /
    • v.10C no.4
    • /
    • pp.441-446
    • /
    • 2003
  • Earlier efforts on optical access concentrated on the design of PONs for the collection and distribution portion of the access network. The PON architecture is very simple but it requires a MAC protocol for control of upstream traffic. The MAC protocol must support QoS (Quality of Service) administration function by various traffic class, efficient dynamic bandwidth assignment function, CDV (Ceil Delay Variation) minimization function etc. This paper proposes a dynamic bandwidth assignment algorithm of the MAC protocol for a broadband access network using an Ethernet Passive Optical Network supporting various traffic class. We compare our proposed with MDRR algorithm using simulation, and confirmed that our proposed Request-Counter algorithm produces shorter average cell delay.

Performance Evaluation of Dynamic signalling Period Allocation Algorithm for Wireless ATM MAC Protocols under Mixed Traffic Conditions (무선 ATM MAC 프로토콜을 위한 동적 신호 주기 할당 알고리즘의 다양한 트래픽 환경에서의 성능평가)

  • 강상욱;신요안;최승철
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.25 no.5B
    • /
    • pp.820-829
    • /
    • 2000
  • In this paper, DSPA(Dynamic Signalling Period Allocation) algorithm that has been proposed by the authors for MAC(Medium Access Control) protocols in W-ATM(Wireless Asynchronous Transfer Mode) is applied to mixed traffic conditions composed of various service classes. We investigate the bandwidth utilization efficiency and quality of service(QoS) fulfillment by the DSPA algorithm used in W-ATM MAC protocols. Simulation results indicate that the DSPA algorithm significantly increases the throughput of the system with the minimum control overhead. Moreover, QoS of each service class is well satisfied by proper and fair channel allocation to different service classes according to their requirements.

  • PDF

A Channel Access Control algorithm and a Dynamic Slot Allocation algorithm for rt_VBR services and ABR services in Wireless ATM Networks (무선 ATM망에서 rt_VBR 및 ABR 서비스를 위한 채널 접속 제어 알고리즘과 동적 대역 할당 알고리즘)

  • Yang, Seong-Ryoung;Im, In-Taek;Heo, Jeong-Seok
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.28 no.3B
    • /
    • pp.191-199
    • /
    • 2003
  • In this paper, a channel access control algorithm and a dynamic slot allocation algorithm are proposed for rt_VBR services and ABR services in the wireless ATM networks. In the proposed algorithm, rt_VBR terminals that require real-time services transmit a reservation request packet by a RAS minislot. An rt_VBR terminal, which transmitted the reservation request packet, transmits the dynamic parameters by DPS minislot without contention. On the other hand, ABR terminals that have a non-real-time traffic burst transfer a reservation request packet with contention basis. Based on the received dynamic parameters, the base station scheduler allocates uplink data slots as well as DPS minislot into rt_VBR terminals.

Mitigating Threats and Security Metrics in Cloud Computing

  • Kar, Jayaprakash;Mishra, Manoj Ranjan
    • Journal of Information Processing Systems
    • /
    • v.12 no.2
    • /
    • pp.226-233
    • /
    • 2016
  • Cloud computing is a distributed computing model that has lot of drawbacks and faces difficulties. Many new innovative and emerging techniques take advantage of its features. In this paper, we explore the security threats to and Risk Assessments for cloud computing, attack mitigation frameworks, and the risk-based dynamic access control for cloud computing. Common security threats to cloud computing have been explored and these threats are addressed through acceptable measures via governance and effective risk management using a tailored Security Risk Approach. Most existing Threat and Risk Assessment (TRA) schemes for cloud services use a converse thinking approach to develop theoretical solutions for minimizing the risk of security breaches at a minimal cost. In our study, we propose an improved Attack-Defense Tree mechanism designated as iADTree, for solving the TRA problem in cloud computing environments.

A Two-Step Scheduling Algorithm to Support Dual Bandwidth Allocation Policies in an Ethernet Passive Optical Network

  • Lee, Ho-Sook;Yoo, Tae-Whan;Moon, Ji-Hyun;Lee, Hyeong-Ho
    • ETRI Journal
    • /
    • v.26 no.2
    • /
    • pp.185-188
    • /
    • 2004
  • In this paper, we design a two-step scheduling algorithm to support multiple bandwidth allocation policies for upstream channel access in an Ethernet passive optical network. The proposed scheduling algorithm allows us a simultaneous approach for multiple access control policies: static bandwidth allocation for guaranteed bandwidth service and dynamic bandwidth allocation for on-demand, dynamic traffic services. In order to reduce the scheduling complexity, we separate the process of the transmission start- time decision from the process of grant generation. This technique does not require the timing information of other bandwidth allocation modules, so respective modules are free from a heavy amount of timing information or complex processing.

  • PDF

A Study on Dynamic Timeout Over Multiple Access with Collision Avoidance (충돌회피 다중접속을 위한 동적 타임아웃 연구)

  • Khoa, Tran Thi Minh;Oh, Seung-Hyun
    • Annual Conference of KIPS
    • /
    • 2011.11a
    • /
    • pp.97-100
    • /
    • 2011
  • Underwater Wireless Acoustic Sensor Networks have become an important area of research over the recent decades. Designing an underwater network, especially a media access control (MAC) protocol, faces many challenges due to the peculiarities of underwater environment. One of the most important problems is resulted from long and variable propagation delay of the acoustic wave. In this paper, we propose a new method, namely Dynamic Timeout over Multiple Access with Collision Avoidance (DT/MACA), which is designed to handle long and high variable propagation delay in underwater acoustic sensor networks. In this proposed method, the difference timeout intervals are evaluated and applied to each network transmission. Simulation results show that our work not only improves the network throughput, but also decreases the unnecessary retransmission and end-to-end delay.