• 제목/요약/키워드: Information access

검색결과 10,266건 처리시간 0.045초

Design and Implementation of Applet for Multi-Users File Access based on Java Card (자바카드기반 다중 사용자 파일접근에 대한 애플릿 설계 및 구현)

  • Shin, Sang-Jun;Song, Young-Sang;Shin, In-Chul
    • Proceedings of the IEEK Conference
    • /
    • 대한전자공학회 2005년도 추계종합학술대회
    • /
    • pp.1201-1204
    • /
    • 2005
  • Whereas conveniences deriving from the development of information and telecommunication technology increase, information outflow and illegal data use are also rapidly on the rise. Consequently, many studies to prevent illegal information outflow are currently under way, and the use of Smart Card is in steep jump. Recently, Java Card is diffused fast as an alternative to complement the technical problems of the Smart Card. This paper designed and materialized the system for multi-users authentication and file access control by user through designing a Java Card applet that is used for information protection and in various application fields. For allowing a file access competence, each user's file access competence is processed via drawing up the access condition table in the applet. Therefore, illegal correction, exposure and destruction of information, which become the concerns when multi-users have an access, can be prevented. In addition, its application becomes possible in the system requiring multi-users certifications.

  • PDF

Implementation of Role Based Access Control Model for U-healthcare (유비쿼터스 헬스케어를 위한 역할 기반 접근제어 모델의 구현)

  • Lee, You-Ri;Park, Dong-Gue
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • 제10권6호
    • /
    • pp.1256-1264
    • /
    • 2009
  • When unapproved users access to healthcare system and use medical information for other malicious purposes, it could severely threaten important information related to patients' life, because in ubiquitous environment healthcare service makes patient's various examination results, medical records or most information of a patient into data. Therefore, to solve these problems, we design RBAC(Role Based Access Control) for U-healthcare that can access control with location, time and context-awareness information like status information of user and protect patient's privacy. With implementation of the proposed model, we verify effectiveness of the access control model for healthcare in ubiquitous environment.

New Trend of Scholarly Communication : Open Access (학술 커뮤니케이션의 새로운 동향 : 자유이용을 중심으로)

  • Lee, Too-Young;Hwang, Ok-Gyung
    • Journal of Information Management
    • /
    • 제34권2호
    • /
    • pp.1-23
    • /
    • 2003
  • The serials pricing and licensing crises have caused the problem of limited access to scholarly information and the problem of its preservation. To cope with these crises, various types of scholarly communication models are under study now. Open Access is one of the possible solutions among these new trials. This study has investigated the history of Open Access, articulated the first considerations for the spread of Open Access, and proposed the role of librarians during the progress.

The Definitions of Security Requirements for Control Access on the Step of Analysis (분석단계에서 접근 통제의 보안 요건 정의)

  • Shin, Seong-Yoon
    • Journal of the Korea Society of Computer and Information
    • /
    • 제19권11호
    • /
    • pp.97-103
    • /
    • 2014
  • The access control means the process to record and manage access restrictions and permits for protecting information in records. This paper emphasizes the control of access and authorization based on the roles and the data using activities of users as task performers. Also, it requires to gain the necessary approval in advance for important tasks such as mass inquiry and change on important information to influence the very existence of the whole organization. And then, it suggests that it is necessary to control some session of information with non-activity for certain time. Generally, this paper is to explain security elements of access control through various cases.

BDSS: Blockchain-based Data Sharing Scheme With Fine-grained Access Control And Permission Revocation In Medical Environment

  • Zhang, Lejun;Zou, Yanfei;Yousuf, Muhammad Hassam;Wang, Weizheng;Jin, Zilong;Su, Yansen;Kim, Seokhoon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제16권5호
    • /
    • pp.1634-1652
    • /
    • 2022
  • Due to the increasing need for data sharing in the age of big data, how to achieve data access control and implement user permission revocation in the blockchain environment becomes an urgent problem. To solve the above problems, we propose a novel blockchain-based data sharing scheme (BDSS) with fine-grained access control and permission revocation in this paper, which regards the medical environment as the application scenario. In this scheme, we separate the public part and private part of the electronic medical record (EMR). Then, we use symmetric searchable encryption (SSE) technology to encrypt these two parts separately, and use attribute-based encryption (ABE) technology to encrypt symmetric keys which used in SSE technology separately. This guarantees better fine-grained access control and makes patients to share data at ease. In addition, we design a mechanism for EMR permission grant and revocation so that hospital can verify attribute set to determine whether to grant and revoke access permission through blockchain, so it is no longer necessary for ciphertext re-encryption and key update. Finally, security analysis, security proof and performance evaluation demonstrate that the proposed scheme is safe and effective in practical applications.

Effective Access Control Mechanism for Protection of Sensitive Personal Information (민감한 개인정보 보호를 위한 효율적인 접근제어 기법)

  • Mun, Hyung-Jin;Kim, Ki-Soo;Um, Nam-Kyung;Li, Yong-Zhen;Lee, Sang-Ho
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • 제32권7C호
    • /
    • pp.667-673
    • /
    • 2007
  • In order to provide the efficient personalized services, the organizations and the companies collect and manage the personal information. The stored data have some slight differences among each subject. Even though the same attribute information leaks out, the personal privacy violation is different according to personal sensitivity. However, currently the organizations or the companies protect all the information as the same level. This paper reflects the sensitive attribute information of the information subject to each personal policy by the encrypting techniques. And then we propose a policy-based access control mechanism for the personal information which strictly prevents unauthorized information users from illegally accessing the personal information. In the proposed mechanism, the individuals' personal information which is encrypted with different keys is stored into the database. For the access control, information subjects set up their own access control policy for their sensitive personal information. Then it is possible to control the information access by providing the information to the information users according to personal and organizational privacy policy.

Sensitive Personal Information Protection Model for RBAC System (역할기반 접근제어시스템에 적용가능한 민감한 개인정보 보호모델)

  • Mun, Hyung-Jin;Suh, Jung-Seok
    • Journal of the Korea Society of Computer and Information
    • /
    • 제13권5호
    • /
    • pp.103-110
    • /
    • 2008
  • Due to the development of the e-commerce, the shopping mall such as auction collects and manages the personal information of the customers for efficient service. However, because of the leakage of the Personal information in auction, the image of the companies as well as the information subjects is damaged. Even though the organizations and the companies store the personal information as common sentences and protect using role based access control technique, the personal information can be leaked easily in case of getting the authority of the database administrator. And also the role based access control technique is not appropriate for protecting the sensitive information of the information subject. In this paper, we encrypted the sensitive information assigned by the information subject and then stored them into the database. We propose the personal policy based access control technique which controls the access to the information strictly according to the personal policy of the information subject. Through the proposed method we complemented the problems that the role based access control has and also we constructed the database safe from the database administrator. Finally, we get the control authority about the information of the information subject.

  • PDF

Establishment of a secure networking between Secure OSs

  • Lim, Jae-Deok;Yu, Joon-Suk;Kim, Jeong-Nyeo
    • 제어로봇시스템학회:학술대회논문집
    • /
    • 제어로봇시스템학회 2003년도 ICCAS
    • /
    • pp.2097-2100
    • /
    • 2003
  • Many studies have been done on secure operating system using secure kernel that has various access control policies for system security. Secure kernel can protect user or system data from unauthorized and/or illegal accesses by applying various access control policies like DAC(Discretionary Access Control), MAC(Mandatory Access Control), RBAC(Role Based Access Control), and so on. But, even if secure operating system is running under various access control policies, network traffic among these secure operating systems can be captured and exposed easily by network monitoring tools like packet sniffer if there is no protection policy for network traffic among secure operating systems. For this reason, protection for data within network traffic is as important as protection for data within local system. In this paper, we propose a secure operating system trusted channel, SOSTC, as a prototype of a simple secure network protocol that can protect network traffic among secure operating systems and can transfer security information of the subject. It is significant that SOSTC can be used to extend a security range of secure operating system to the network environment.

  • PDF

A Study on the Design and the Performance Improvement of IP Access Control Protocol for External Mobile terminal (외부 이동단말의 접근제어를 위한 IP 프로토콜 설계 및 성능 개선에 관한 연구)

  • 박대우
    • Journal of the Korea Society of Computer and Information
    • /
    • 제9권2호
    • /
    • pp.41-48
    • /
    • 2004
  • Access control protocol have verified security of external mobile terminal that access to inner information sever at Ubiquitous ages. In this paper, I would design for If Access Control Protocol of considering operation time when make cipher digital signature. Public key are used Individual identification number that issued from certify communication company, and cipher algorithm are used ECDSA definition factor for generation and verification of digital signature and it used Elliptic Curve with over 160 bit Key. Also, Access control operate on If level that designed IPv6 frame architecture. I would conclude that IP Access Control Protocol have verified security and improved performance in operation time more 4 times than before protocols when through the communication of use cipher digital signature for authentication and verification.

  • PDF

A Role-Based Access Control System API Supporting External Authority Interface

  • Ma, Jin;Kim, Hyunah;Park, Minjae
    • Journal of Internet Computing and Services
    • /
    • 제19권2호
    • /
    • pp.27-32
    • /
    • 2018
  • In industries that are operating various enterprise systems, new systems are integrated and operated in accordance with each period. In particular, when a new system is to be integrated, one of the major considerations is the single sign-on part for integrating and operating the authentication. To implement this authority system using role-based access control method, an extension method for access control method is needed. Therefore, in this paper, we design an extended role-based access control model for interworking with legacy authority system and provide its APIs. The extended role-based access control model is a model in which external authority information, which holds authority information in the authority information, is added. And we describe operations that the REST Web APIs are based on these models. In this paper, the method is described in the back-end APIs and can be implemented as an operation of an extended role-based access control system based on the method.