• Title/Summary/Keyword: Rule Protection Mechanism

Search Result 6, Processing Time 0.025 seconds

A Rule Protecting Scheme with Symmetric Cryptosystem for Intrusion Detection System (암호화 기법을 적용한 침입 탐지 시스템의 룰 보호 기법)

  • Son Hyung-Seo;Kim Hyun-Sung;Bu Ki-Dong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.6
    • /
    • pp.3-13
    • /
    • 2004
  • Kvarnstrom et al. ${in}^{[10]}$ proposed a rule protection scheme by using one-way hash function to protect rules in security systems over ubiquitous environment. Son et at. ${in}^{[5-6]}$ also prooposed a rule protection scheme for Snort, which is one of the most common IDS. These schemes provide security only for the header information but not for its contents. To solve this problem, this paper presents a scheme based on the symmetric cryptosystem over Snort not only for the header information but also contents. This paper uses the key management based on PCMCIA security module proposed ${by}^{[12]}$ for the symmetric cryptosystem. Our scheme could be adjusted to other security systems, which use the rule based detection.

A DRM Framework for Distributing Digital Contents through the Internet

  • Lee, Jun-Seok;Hwang, Seong-Oun;Jeong, Sang-Won;Yoon, Ki-Song;Park, Chang-Soon;Ryou, Jae-Cheol
    • ETRI Journal
    • /
    • v.25 no.6
    • /
    • pp.423-436
    • /
    • 2003
  • This paper describes our design of a contents distribution framework that supports transparent distribution of digital contents on the Internet as well as copyright protection of participants in the contents distribution value chain. Copyright protection must ensure that participants in the distribution channel get the royalties due to them and that purchasers use the contents according to usage rules. It must also prevent illegal draining of digital contents. To design a contents distribution framework satisfying the above requirements, we first present four digital contents distribution models. On the basis of the suggested distribution models, we designed a contract system for distribution of royalties among participants in the contents distribution channel, a license mechanism for enforcement of contents usage to purchasers, and both a packaging mechanism and a secure client system for prevention of illegal draining of digital contents.

  • PDF

Massive Surveillance by US-UK intelligence services : Crisis of the Internet and the Rule of Law (미국/영국 정보기관의 무차별 정보수집행위: 인터넷과 법치주의의 위기)

  • Kim, Keechang
    • Review of Korean Society for Internet Information
    • /
    • v.14 no.3
    • /
    • pp.78-85
    • /
    • 2013
  • The revelations made possible by Edward Snowden, a contractor of the US intelligence service NSA, are a sobering reminder that the Internet is not an 'anonymous' means of communication. In fact, the Internet has never been conceived with anonymity in mind. If anything, the Internet and networking technologies provide far more detailed and traceable information about where, when, with whom we communicate. The content of the communication can also be made available to third parties who obtain encryption keys or have the means of exploiting vulnerabilities (either by design or by oversight) of encryption software. Irrebuttable evidence has emerged that the US and the UK intelligence services have had an indiscriminate access to the meta-data of communications and, in some cases, the content of the communications in the name of security and protection of the public. The conventional means of judicial scrutiny of such an access turned out to be ineffectual. The most alarming attitude of the public and some politicians is "If you have nothing to hide, you need not be concerned." Where individuals have nothing to hide, intelligence services have no business in the first place to have a peek. If the public espouses the groundless assumption that State organs are benevolent "( they will have a look only to find out whether there are probable grounds to form a reasonable suspicion"), then the achievements of several hundred years of struggle to have the constitutional guarantees against invasion into privacy and liberty will quickly evaporate. This is an opportune moment to review some of the basic points about the protection of privacy and freedom of individuals. First, if one should hold a view that security can override liberty, one is most likely to lose both liberty and security. Civilized societies have developed the rule of law as the least damaging and most practicable arrangement to strike a balance between security and liberty. Whether we wish to give up the rule of law in the name of security requires a thorough scrutiny and an informed decision of the body politic. It is not a decision which can secretly be made in a closed chamber. Second, protection of privacy has always depended on human being's compliance with the rules rather than technical guarantees or robustness of technical means. It is easy to tear apart an envelope and have a look inside. It was, and still is, the normative prohibition (and our compliance) which provided us with protection of privacy. The same applies to electronic communications. With sufficient resources, surreptitiously undermining technical means of protecting privacy (such as encryption) is certainly 'possible'. But that does not mean that it is permissible. Third, although the Internet is clearly not an 'anonymous' means of communication, many users have a 'false sense of anonymity' which make them more vulnerable to prying eyes. More effort should be made to educate the general public about the technical nature of the Internet and encourage them to adopt user behaviour which is mindful of the possibilities of unwanted surveillance. Fourth, the US and the UK intelligence services have demonstrated that an international cooperation is possible and worked well in running the mechanism of massive surveillance and infiltration into data which travels globally. If that is possible, it should equally be possible to put in place a global mechanism of judicial scrutiny over a global attempt at surveillance.

  • PDF

Access Control as a Service for Information Protection in Semantic Web based Smart Environment

  • Siddiqui, Isma Farah;Lee, Scott Uk-Jin
    • Journal of Internet Computing and Services
    • /
    • v.17 no.5
    • /
    • pp.9-16
    • /
    • 2016
  • Pervasive computing and Internet of Things (IoT) have recently received considerable interest to deploy solutions for the future Internet. Smart environments are integrated with Semantic Web to provide context-awareness to the processed information. Self-learning techniques have been adopted within smart solutions for efficient retrieval of data but do not process data with privacy parameters for in-place authorization. To overcome this issue, we present a novel approach of deploying access control as a service mechanism within Semantic Web based smart environment by using eXtensible Access Control Markup Language (XACML). The proposed XACML as a Service (XACMLaaS) approach offers fine-grained access control for protecting information within smart environment. In this paper, we have defined mathematical rules for each components of proposed access control service layer. These rules are for implementation of access control using XACML. The proposed approach allows the adaptation of authorization of information at component level and provides scalable solution for authorization policies and rule enforcement within smart environment.

The Value of the Good Faith of the Occupier for Acquiring the Right of Ownership by Limitation of Possession

  • Guyvan, Petro
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.7
    • /
    • pp.57-64
    • /
    • 2022
  • This scientific article is devoted to the study of the legal significance of such a category of legal status of the purchaser of another's thing, as its good faith. The essence of this phenomenon has been studied, it has been established that the criterion of good faith attaches significant importance to the claims of the participants of these relations for the acquisition or preservation of private property rights. The paper emphasizes that, in addition to the importance of good conscience at the time of possession of another's thing, which gives legal certainty the possibility of registration of the title and is part of the actual composition for the acquisition of property or the right of ancient possession, bona fides also characterizes the behavior of the occupier. In this case, good conscience only has some legal consequences when it is opposed to subjective law. Under such conditions, it acquires direct legal significance, including as a condition for the acquisition and protection of rights. Good faith possession of another's property is an internal indicator of the subject's awareness of a certain property status. This sense, the article assesses this status from the standpoint of the scientific concept of the visibility of law. According to this theory, prescription is also considered as a consequence of the appearance of law, however, because it arises and lasts against the will of the parties and despite their awareness of this fact. Therefore, bona fide continuous and open possession of property as one's own, during the acquisition period, was most significantly associated with the appearance of property. Therefore, the concept of good faith, in the sense of personal perception of real values, is closely related to the principle of protection of the appearance of law, as it is aimed at understanding it by third parties. The paper notes certain differences in the application of the theory of the appearance of the right in the acquisition of property by a bona fide purchaser from an unauthorized alienator and the acquisitive prescription. It is emphasized that such a mechanism must be used in presuming the attitude to the thing as its own, by the holder of movable property. But there should be exceptions to the rule, in particular, if the owner has grounds for vindication of the thing.

An Overview of the Rationale of Monetary and Banking Intervention: The Role of the Central Bank in Money and Banking Revisited (화폐(貨幣)·금융개입(金融介入)의 이론적(理論的) 근거(根據)에 대한 고찰(考察) : 중앙은행(中央銀行)의 존립근거(存立根據)에 대한 개관(槪觀))

  • Jwa, Sung-hee
    • KDI Journal of Economic Policy
    • /
    • v.12 no.3
    • /
    • pp.71-94
    • /
    • 1990
  • This paper reviews the rationale of monetary and banking intervention by an outside authority, either the government or the central bank, and seeks to delineate clearly the optimal limits to the monetary and banking deregulation currently underway in Korea as well as on a global scale. Furthermore, this paper seeks to establish an objective and balanced view on the role of the central bank, especially in light of the current discussion on the restructuring of Korea's central bank, which has been severely contaminated by interest-group politics. The discussion begins with the recognition that the modern free banking school and the new monetary economics are becoming formidable challenges to the traditional role of the government or the central bank in the monetary and banking sector. The paper reviews six arguments that have traditionally been presented to support intervention: (1) the possibility of an over-issue of bank notes under free banking instead of central banking; (2) externalities in and the public good nature of the use of money; (3) economies of scale and natural monopoly in producing money; (4) the need for macro stabilization policy due to the instability of the real sector; (5) the external effects of bank failure due to the inherent instability of the existing banking system; and (6) protection for small banknote users and depositors. Based on an analysis of the above arguments, the paper speculates on the optimal role of the government or central bank in the monetary and banking system and the optimal degree of monetary and banking deregulation. By contrast to the arguments for free banking or laissez-faire monetary systems, which become fashionable in recent years, monopoly and intervention by the government or central bank in the outside money system can be both necessary and optimal. In this case, of course, an over-issue of fiat money may be possible due to political considerations, but this issue is beyond the scope of this paper. On the other hand, the issue of inside monies based on outside money could indeed be provided for optimally under market competition by private institutions. A competitive system in issuing inside monies would help realize, to the maxim urn extent possible, external economies generated by using a single outside money. According to this reasoning, free banking activities will prevail in the inside money system, while a government monopoly will prevail in the outside money system. This speculation, then, also implies that the monetary and banking deregulation currently underway should and most likely will be limited to the inside money system, which could be liberalized to the fullest degree. It is also implied that it will be impractical to deregulate the outside money system and to allow market competition to provide outside money, in accordance with the arguments of the free banking school and the new monetary economics. Furthermore, the role of the government or central bank in this new environment will not be significantly different from their current roles. As far as the supply of fiat money continues to be monopolized by the government, the control of the supply of base money and such related responsibilities as monetary policy (argument(4)) and the lender of the last resort (argument (5)) will naturally be assigned to the outside money supplier. However, a mechanism for controlling an over-issue of fiat money by a monopolistic supplier will definitely be called for (argument(1)). A monetary policy based on a certain policy rule could be one possibility. More importantly, the deregulation of the inside money system would further increase the systemic risk inherent in the current fractional banking system, while enhancing the efficiency of the system (argument (5)). In this context, the role of the lender of the last resort would again become an instrument of paramount importance in alleviating liquidity crises in the early stages, thereby disallowing the possibility of a widespread bank run. Similarly, prudential banking supervision would also help maintain the safety and soundness of the fully deregulated banking system. These functions would also help protect depositors from losses due to bank failures (argument (6)). Finally, these speculations suggest that government or central bank authorities have probably been too conservative on the issue of the deregulation of the financial system, beyond the caution necessary to preserve system safety. Rather, only the fullest deregulation of the inside money system seems to guarantee the maximum enjoyment of external economies in the single outside money system.

  • PDF