• KIPS Transactions on Software and Data Engineering
• /
• v.9 no.11
• /
• pp.351-356
• /
• 2020

With the spread of COVID-19 infections, the need for next-generation learning management system for undact education is rapidly increasing, and the Ministry of Education is planning future education through the establishment of fourth-generation NEIS. If the fourth-generation NEIS System is well utilized, there are advantages such as providing personalized education services and activating the use of educational data, but a solution to the illegal access problem in an access control environment where strict authorization is difficult due to various user rights. In this paper, we propose a blockchain-based access control audit system for next-generation learning management. Sensitive personal information is encrypted and stored using the proposed system, and when the auditor performs an audit later, a secret key for decryption is issued to ensure auditing. In addition, in order to prevent modification and deletion of stored log information, log information was stored in the blockchain to ensure stability. In this paper, a hierarchical ID-based encryption and a private blockchain are used so that higher-level institutions such as the Ministry of Education can hierarchically manage the access rights of each institution.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.1
• /
• pp.45-52
• /
• 2009

Currently broadcasting and telecommunication has integrated, And IPTV Service has appeared who called TPS(Triple Play Service) which integrated with broadcasting, telecommunication and Phone Service. IPTV provide broadcasting service and VOD(Video on Demand) service, and it must be satisfied digital content security. For this condition, IPTV Forum working on standardization of interface for digital content security. The Security solution for broadcasting and VOD are CAS (Conditional Access System) and DRM(Digital Rights Management). But these solutions manufactured by many vendors, so there is no inter-operability. And after finished standardization of interface for CAS and DRM system, the problem of inter-operability with them will be issued. For this reason, Rights management system which possible to operate independently with platform is necessary. In this paper, To protect multimedia digital content, we designed and implemented Conditional Access Management System.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.516-519
• /
• 2008

Currently broadcasting and telecommunication has integrated, And IPTV Service has appeared who called TPS(Triple Play Service) which integrated with broadcasting, telecommunication and Phone Service. IPTV provide broadcasting service and VOD(Video on Demand) service, and it must be satisfied digital content security. For this condition, IPTV Forum working on standardization of interface for digital content security. The Security solution for broadcasting and VOD are CAS(Conditional Access System) and DRM(Digital Rights Management). But these solutions manufactured by many vendors, so there is no inter-operablity. And after finished standardization of interface for CAS and DRM system, the problem of inter-operability with them will be issued. For this reason, Rights management system which possible to operate independently with platform is necessary. In this paper, To protect multimedia digital content, we designed and implemented Conditional Access Management System.

• The KIPS Transactions:PartC
• /
• v.11C no.1
• /
• pp.55-62
• /
• 2004

The web-based technology allows anybody who has access to the Internet to get all kinds of information from the World Wide Web. It brings about issues regarding intellectual property and copyright threats. After content is downloaded, no further protection is provided on the content that has been accessed. DRM (Digital Right Management) technologies came out to ensure the protection of copyrighted content and information. In this paper, we propose architecture of license-based digital rights management system for protection of contents and principles' rights such as contents creators, providers, distributors, and uses in contents distribution value-chain over Internet. This system makes on-line processing of all value-chain from creator to purchaser possible, compared with existing DRM products only supporting only limited distribution between distributor and purchaser.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.11S
• /
• pp.3623-3632
• /
• 2000

Until now the XML document is allowed users to access the whole content of it However, for some applications such as those in the field of electronic commerce, there are cases that the whole content should not be delivered. Therefore, access authorization is required for XML documents in order to protect illegal accesses to some critical parts of them. In this paper. we design and implement a system which authorizes users to XML documents and controls access to them based on the access rights. We set the user group as a basic unit of the authorization subject and the element of an XML document as a basic unit of authorization object The owner of a document authorize; user groups to access the elements of it When an XML document is accessed, the access rights of the requester are checked using an access control list and only the authorized parts are delivered_ As the result, we can authorize XML documents, which has been previously impossible.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.11
• /
• pp.1-11
• /
• 2022

In this paper, we propose an NFT(Non-Fungible Token)-based access control method for safely sharing data between users in blockchain environment. Since all data stored in the blockchain can be accessed by anyone due to the nature of the technology, it is necessary to control access except for authorized users when sharing sensitive data. For that, we generate each data as NFT and controls access to the data through the smart contract. In addition, in order to overcome the limitations of single ownership of the existing NFT, we separated the NFT into ownership and use rights, so that data can be safely shared between users. Ownership is represented as an original NFT, use rights is represented as a copied NFT, and all data generated as NFT is encrypted and uploaded, so data can be shared only through the smart contract with access control. To verify this approach, we set up a hypothetical scenario called Building Information Modeling (BIM) data trade, and deployed a smart contract that satisfies 32 function call scenarios that require access control. Also, we evaluated the stability in consideration of the possibility of decryption through brute-force attack. Through our approach, we confirmed that the data can be safely shared between users in blockchain environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.8 no.1
• /
• pp.23-29
• /
• 1983

This paper describes object-based operating system to suppeor relability and abstract data type. For reliability, all objects should be accessed through access rights in capability, and the protection domain is provided for all program modules such that efficient domain switching can be achieved. For abstract data type, type manager is provided.

• Safety and Health at Work
• /
• v.14 no.4
• /
• pp.368-374
• /
• 2023

Background: Recognizing that access to safe and healthy working conditions is a human right, the World Health Organization (WHO) calls for specific occupational safety and health (OSH) programs for health workers (HWs). The WHO health systems' building blocks, and the International Labour Organization (ILO), highlight the importance of information as part of effective systems. This study examined how OSH stakeholders access, use, and value an occupational health information system (OHIS). Methods: A cross-sectional survey of OSH stakeholders was conducted as part of a larger quasi experimental study in four teaching hospitals. The study hospitals and participants were purposefully selected and data collected using a modified questionnaire with both closed and open-ended questions. Quantitative analysis was conducted and themes identified for qualitative analysis. Ethics approval was provided by the University of Pretoria and University of British Columbia. Results: There were 71 participants comprised of hospital managers, health and safety representatives, trade unions representatives and OSH professionals. At least 42% reported poor accessibility and poor timeliness of OHIS for decision-making. Only 50% had access to computers and 27% reported poor computer skills. When existing, OHIS was poorly organized and needed upgrades, with 85% reporting the need for significant reforms. Only 45% reported use of OHIS for decision-making in their OSH role. Conclusion: Given the gap in access and utilization of information needed to protect worker's rights to a safe and healthy workplace, more attention is warranted to OHIS development and use as well as education and training in South Africa and beyond.

• Journal of Korean Library and Information Science Society
• /
• v.38 no.1
• /
• pp.257-276
• /
• 2007

The major concern of scholarly communication system that consists of libraries, researchers, and publishers is scholarly journals. But there is a huge chasm between the groups that have their own respects and strategies, compensations, and rights about scholarly journals. This difference makes open access movement which has two strategies: Open Access Journal(OAJ) and Open Access Archives (OAA). This paper describes the current status and analyses serious limitations of OAJ and OAA, especially, including the present address in the field of library and information science.

• The Journal of the Korea Contents Association
• /
• v.15 no.5
• /
• pp.27-35
• /
• 2015

Depending on the smart device user growth and development of communication technology, the area about working environment was extended without constraints of time and places. It is introducing to work using user's devices and this environment is called 'BYOD(Bring Your On Device)'. But it is vulnerable to security threat that happened in existing wireless environment and its security threat issue which is caused by inside information leak by an inside job and lost or stolen terminal which is caused by careless user is getting heated. So we studied about access control protocol by user rights under the BYOD situation make a session key based on the user information. We make a session key based on the user information and user device information, after that we design an access control protocol. The protocol we suggest can protect from attack under the BYOD situation and wireless communication situation and also safety and security requirement from inside information leak because it controls user rights.