• The Korean Journal of Community Living Science
• /
• v.17 no.4
• /
• pp.127-135
• /
• 2006

This study investigated differences of opinion between youth and their parents about having permission to date. Opinions on youth dating permission was gathered from 150 adolescents and their parents. The results were as follows: first, for adolescents there were significant differences of opinion about youth dating permission depending on gender, age, scholastic record, and birth order, but for parents, the difference related to the gender and age of adolescents. Second, the result indicated that adolescents had a greater acceptance of dating permission than their parents, expressing a generational difference. Third, where the scholastic record of subjects was low, where subjects were non-eldest siblings, and where the parents' level of youth dating permission was high, the level of youth dating permission was higher. A main predictor of youth's level of dating permission was the level of the parents about youth dating.

• International conference on construction engineering and project management
• /
• 2009.05a
• /
• pp.593-600
• /
• 2009

In Korea, the government has developed SEUMTER, an administration system for building related public service, to facilitate and promote the electronic submission and permission activities. SEUMTER is progressing legality system based on 2D drawing for building administration permission service. However, there are a lot of problems related to legality system owing to complexity of Korea regulation relation and structure, inefficiency of legality system based on 2D drawing, duplication examination of document (soliciting forms for civil affairs) and drawing. Therefore, the purpose of this study is to develop legality system for building administration permission service based on BIM in Korea. To achieve this purpose, the authors have investigated permission procedure and regulation structure that is used in current building administration permission and suggested permission procedure and regulation structure for legality system based on BIM. In addition, the authors have investigated element technologies (for examples, method of structured regulation, BIM model checker, Viewer, etc) for legality system based on BIM. Finally, the authors have suggested strategy and hereafter direction for application of legality system based on BIM.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.6
• /
• pp.89-96
• /
• 2021

In this paper, we proposed a sniffer to detect permission smells from developer and third-party libraries' code. Moreover, we conducted an empirical study to investigate unnecessary permissions on large real-world Android apps. Our analysis indicates that permission smell extensively exists in Android apps. According to the results, permission smells exist in most Android apps. In particular, third-party libraries request permission for functionalities that are not used by developers, which cause more smells. Moreover, most developers do not properly disable unnecessary permissions that are declared for third-party libraries. We discussed the impacts of permission smells on user experiences. As a result, the existence of permission smell does not impact the number of downloads. However, apps that have more unnecessary permissions have received lower ratings from users.

• Proceedings of the Korea Society for Simulation Conference
• /
• 2005.11a
• /
• pp.51-55
• /
• 2005

Assuring integrity of permission assignment (PA) constraints is a difficult task in role-based access control (RBAC) because of the large number of constraints, users, roles and permissions in a large enterprise environment. We provide solutions for this problem using the conflict concept. This paper introduces the conflict model in order to understand the conflicts easily and to detect conflicts effectively. The conflict model is classified as a permission-permission model and a role-permission model. This paper defines two type conflicts using the conflict model. The first type is an inter-PA-constraints (IPAC) conflict that takes place between PA constraints. The other type is a PA-PAC conflict that takes place between a PA and a PA constraint (PAC) Also, the conditions of conflict occurrence are formally specified and proved. We can assure integrity on permission assignment by checking conflicts before PA and PA constraints are applied.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.6
• /
• pp.107-113
• /
• 2021

In this paper, we conducted an empirical study to investigate whether Android app descriptions provide enough permission usages for measuring app quality in terms of human writing and consistency between code and descriptions. Android app descriptions are analyzed for various purposes such as quality measurement, functionality recommendation, and malware detection. However, many app descriptions do not disclose permission usages, whether accidentally or on purpose. Most importantly, the previous studies could not precisely analyze app descriptions if permission usages cannot be completely introduced in app descriptions. To assess the consistency between permissions and app descriptions, we implemented a state-of-the-art method to predict Android permissions for 29,270 app descriptions. As a result, 25% of app descriptions may not contain any permission semantic, and 57% of app descriptions cannot accurately reflect permission usages.

• Korean Journal of Heritage: History & Science
• /
• v.54 no.3
• /
• pp.24-51
• /
• 2021

Since June 2006, there have been active efforts to systematize the permission system including the amendment of [Cultural Heritage Protection Act]. Cultural Heritage Administration prepared standards on reviewing each type of cultural heritages(CH) in 2015, promoted a project on the modification of permission standards and showed remarkable performances in quantitative aspects. But as there has been little change for the cases applied for permission, additional studies on policy are required to improve the management efficiency and reduce the citizens'inconvenience. In response, this study aims to identify the actual management status on the current state alteration permission system, and establish practically utilizable reference materials at permission review. While historic sites(HS) constitute a relatively small proportion in state-designated CHs, they are subject to the designation of permission standards. Also, with their location in the downtown area, the application rate is high (51.4%) and the results are commonly utilizable to other types of CH. We constructed a DB based on the minutes of Cultural Heritage Committee(CHC) on HS and categorized similar features in permission handling results. The result of the analysis is as follows. Out of a total of 5,243 cases for permission applied for HS, 1,734 cases of cultural heritage areas(CHA) and 3,509 cases of historic and cultural environment preservation areas(HCEPA) have been applied. CHA has a great proportion of the applications for events and festivals, which are highly related to CHs or representing the local area. There is a high permission rate on applications for the purpose of public service by local governments. Meanwhile, HCEPA has a high proportion of applying for the installation and extension of buildings and facilities at the private level. Thus, negative decisions were made for tall buildings, massed facilities, or suspected scattering of similar acts. Our actual condition analysis has identified a total of 78 types of harmful acts which may influence the preservation of CHs. 31 types in CHA and 37 types in HCEPA are categorized. Especially, 10 common types of permission have been confirmed in both sectors. As a result, it is expected to secure consistency in the permission administration, enhance the management efficiency and improve the public's satisfaction over the regulatory administration by providing practically utilizable reference materials for altering the current state of CH and for decision making on the part of CHC.

• The KIPS Transactions:PartC
• /
• v.13C no.6 s.109
• /
• pp.725-732
• /
• 2006

RBAC(Role-Based Access Control) has advantages in managing access controls, because it offers the role inheritance and separation of duty in role hierarchy structures. However, RBAC does not process delegation of permission effectively that occurs frequently in the real world. This paper proposes an Advanced Permission-Based Delegation Model(APBDM) that guarantees permanency of delegated permissions and does not violate security principle of least privilege and separation of duty. APBDM, based on the well-known RBAC96, supports both user-to-user and role-to-role delegation. A delegator can give permission to a specific person, that is delegatee, and the permission can be withdrawn whenever the delegator wants. Our model is analyzed and shown to be effective in the present paper.

• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.389-396
• /
• 2022

Smartphones are growing more susceptible as technology develops because they contain sensitive data that offers a severe security risk if it falls into the wrong hands. The Android OS includes permissions as a crucial component for safeguarding user privacy and confidentiality. On the other hand, mobile malware continues to struggle with permission misuse. Although permission-based detection is frequently utilized, the significant false alarm rates brought on by the permission-based issue are thought to make it inadequate. The present detection method has a high incidence of false alarms, which reduces its ability to identify permission-based attacks. By using permission features with intent, this research attempted to improve permission-based detection. However, it creates an excessive number of features and increases the likelihood of false alarms. In order to generate the optimal number of features created and boost the quality of features chosen, this research developed an intersection feature approach. Performance was assessed using metrics including accuracy, TPR, TNR, and FPR. The most important characteristics were chosen using the Correlation Feature Selection, and the malicious program was categorized using SVM and naive Bayes. The Intersection Feature Technique, according to the findings, reduces characteristics from 486 to 17, has a 97 percent accuracy rate, and produces 0.1 percent false alarms.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.5
• /
• pp.1634-1652
• /
• 2022

Due to the increasing need for data sharing in the age of big data, how to achieve data access control and implement user permission revocation in the blockchain environment becomes an urgent problem. To solve the above problems, we propose a novel blockchain-based data sharing scheme (BDSS) with fine-grained access control and permission revocation in this paper, which regards the medical environment as the application scenario. In this scheme, we separate the public part and private part of the electronic medical record (EMR). Then, we use symmetric searchable encryption (SSE) technology to encrypt these two parts separately, and use attribute-based encryption (ABE) technology to encrypt symmetric keys which used in SSE technology separately. This guarantees better fine-grained access control and makes patients to share data at ease. In addition, we design a mechanism for EMR permission grant and revocation so that hospital can verify attribute set to determine whether to grant and revoke access permission through blockchain, so it is no longer necessary for ciphertext re-encryption and key update. Finally, security analysis, security proof and performance evaluation demonstrate that the proposed scheme is safe and effective in practical applications.

• Journal of KIISE:Computer Systems and Theory
• /
• v.30 no.12
• /
• pp.699-707
• /
• 2003

RBAC is accepted as a more advanced control method than existing DAC and MAC. Studies on the permission-role part of RBAC model are relatively insufficient compared with those on the user-role part, and researches on symmetric RBAC models to overcome this is also in an incipient stage. Therefore there is much difficulty in assigning permissions suitable for roles. This paper proposes an symmetric RBAC model that supplements the constraints on permission assignment set forth by previous studies. The proposed symmetric RBAC model reflects the conflicts of interests between roles and the sharing and integration of permissions on the assignment of permissions by presenting the constraints on permission assignment that take the separation of duties and role hierarchies into consideration. In addition, by expressing constraints prescribing prerequisite relations between dynamic permissions through AND/OR graphs, it is possible to effectively limit the complicated prerequisite relations of permissions. The constraints on permission assignment for the proposed symmetric RBAC model reduce errors in permission assignment by properly detailing rules to observe at the time of permission assignment.