• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.1
• /
• pp.1-14
• /
• 2015

To conform to new emerging computing paradigm, various researches and challenges are being done. New information technologies make easy to access and acquire information in various ways. In other side, however, it also makes illegal access more powerful and various threat to system security. In this paper, we suggest a new extended access control method that make it possible to conform to security policies enforcement even with discrepancy between policy based constraints rules and query based constraints rules, based on their semantic information. New method is to derive security policy rules using context tree structure and to control the exceed granting of privileges through the degree of the semantic discrepancy. In addition, we illustrate prototype system architecture and make performance comparison with existing access control methods.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.6
• /
• pp.173-186
• /
• 2013

New information technologies make it easy to access and acquire information in various ways. However, It also enable powerful and various threat to system security. To challenge these threats, various extended access control methods are being studied. We suggest a new extended access control method that make it possible to conform to security policies enforcement even with discrepancy between policy based constraints rules and query based constraints rules via their semantic relationship. New our approach derives semantic implications using tree hierarchy structure and coordinates the exceed privileges using semantic gap factor calculating the degree of the discrepancy. In addition, we illustrate prototype system architecture and make performance comparison with existing access control methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.13-29
• /
• 2005

An important characteristic of role-based access control model(RBAC) is that by itself it is policy neutral. This means RBAC articulates security policy without embodying particular security policy. Because of this reason, there are several researches to configure RBAC to enforce traditional mandatory access control(MAC) policy and discretionary access control(DAC) policy. Specifically, to simulate MAC using RBAC several researches configure a few RBAC components(user, role, role-hierarchy, user-role assignment and session) for keeping no-read-up rule and no-write-down rule ensuring one-direction information flow from low security level to high security level. We show these researches does not ensure confidentiality. In addition, we show the fact that these researches overlook violation of integrity due to some constraints of keeping confidentiality. In this paper we propose a RBAC model satisfying both confidentiality and integrity. We reexamine a few RBAC components and constructs additional constraints.

• International journal of advanced smart convergence
• /
• v.7 no.4
• /
• pp.66-74
• /
• 2018

While new information technology advances have made information access and acquisition methods much more diverse and easier, there are side effects that allow illegal access using diverse and high-performance tools. In order to cope with such threats, there are access control methods in database technology, and various studies are being conducted to extend traditional access control to cope with new computing environments. In this paper, we propose an extended access control with uncertain context-awareness. It enables appropriate security policy enforcement even if the contextual constraints specified by the security policy does not match those accompanied by access request query. We extract semantic implications from context tree, and define the argument that can quantitatively measure the semantic difference between two nodes in the context tree. It is used to semantically enforce the security policy, and to prevent the excessive authorization caused by the implication.

• Journal of National Security and Military Science
• /
• s.2
• /
• pp.201-235
• /
• 2004

This paper provides a simple microeconomic model of terrorist attcks and anti-terrorism policies. The terrorists can be characterised as rational actors, choosing between legal activities and terrorist activities to promote their political goals. Since their resources are limited, one can think of anti-terrorist policies by examining how such policies affect the objectives and constraints of terrorists. Deterrence policy seeks to reduce terrorist attacks by raising the cost of undertaking terrorist acts. Proactive policy aims at preventing attacks by destroying terrorists' resources (fund, personnel, leadership). This paper suggests another type of anti-terrorist policy which is to reduce the benefits of (or in other words, raising the opportunity costs of) terrorist acts. Such a policy is based on decentralisation in political decision-making and economic power.

• Review of KIISC
• /
• v.7 no.2
• /
• pp.85-94
• /
• 1997

This paper describes the notion of a Multilevel Secure Knowledge Base Management System(MLS/KBMS). It states a security policy and security constraints. A design for query operation introduced cover story in a MLS/KBMS is discussed. Query processing approach is to provide cover stories that lead to alternative explanations for readily available information. Therefore such cover stories prevent an unauthorized user from inferring high-level information from low-level data.

• Convergence Security Journal
• /
• v.14 no.1
• /
• pp.3-10
• /
• 2014

Private security organizations are complementary to the national safety of life and property of individuals as a social role to play in maintaining peace and order. Pursuit of profit is to the public practice according to the logic of capitalist markets and customers seeking to protect the lives and property. However, the legal and institutional constraints of private security is being requirements inhibited by the development. Crime prevention as a private security role that the private companies, which will pursue the public interest. After all, the expansion of the private security crime is results in an increase in unit. The current level of private security in the 1970s remain, and the constraints is being under goodwill and expertise outside of the training system on the market. Variety of crimes, including cyber crime increases and considering the reality of the constraints on private security requirements are able to improve or supplement shall be realistic. In particular, the legal, regulatory and institutional factors must be improved, with goodwill, and for the creation of new industrial policy as a complement to the public interest should be also provided. The private security law interests through integration of private security guards should be guaranteed, and the term of the theorem, sales activities, ensuring the training of professional staff with professional qualifications system is to be settled. As a private security guard industry growth and development can be based on this composition.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.3
• /
• pp.1315-1329
• /
• 2018

Ciphertext-policy attribute-based encryption (CP-ABE) associates ciphertext with access policies. Only when the user's attributes satisfy the ciphertext's policy, they can be capable to decrypt the ciphertext. Expressivity and security are the two directions for the research of CP-ABE. Most of the existing schemes only consider monotonic access structures are selectively secure, resulting in lower expressivity and lower security. Therefore, fully secure CP-ABE schemes with non-monotonic access structure are desired. In the existing fully secure non-monotonic access structure CP-ABE schemes, the attributes that are set is bounded and a one-use constraint is required by these projects on attributes, and efficiency will be lost. In this paper, to overcome the flaw referred to above, we propose a new fully secure non-monotonic access structure CP-ABE. Our proposition enforces no constraints on the scale of the attributes that are set and permits attributes' unrestricted utilization. Furthermore, the scheme's public parameters are composed of a constant number of group elements. We further compare the performance of our scheme with former non-monotonic access structure ABE schemes. It is shown that our scheme has relatively lower computation cost and stronger security.

• Asian-Australasian Journal of Animal Sciences
• /
• v.26 no.1
• /
• pp.1-18
• /
• 2013

The elements that determine the success of development projects on goats and the prerequisites for ensuring this are discussed in the context of the bewildering diversity of goat genetic resources, production systems, multifunctionality, and opportunities for responding to constraints for productivity enhancement. Key determinants for the success of pro-poor projects are the imperatives of realistic project design, resolution of priorities and positive impacts to increase investments and spur agricultural growth, and appropriate policy. Throughout the developing world, there exist 97% of the total world population of 921 million goats across all agroecological zones (AEZs), including 570 breeds and 64% share of the breeds. They occupy a very important biological and socioeconomic niche in farming systems making significant multifunctional contributions especially to food, nutrition and financial security, stability of farm households, and survival of the poor in the rural areas. Definitions are given of successful and failed projects. The analyses highlighted in successful projects the value of strong participatory efforts with farmers and climate change. Climate change effects on goats are inevitable and are mediated through heat stress, type of AEZ, water availability, quantity and quality of the available feed resources and type of production system. Within the prevailing production systems, improved integrated tree crops - ruminant systems are underestimated and are an important pathway to enhance C sequestration. Key development strategies and opportunities for research and development (R and D) are enormous, and include inter alia defining a policy framework, resolution of priority constraints using systems perspectives and community-based participatory activities, application of yield-enhancing technologies, intensification, scaling up, and impacts. The priority for development concerns the rainfed areas with large concentrations of ruminants in which goats, with a capacity to cope with heat tolerance, can be the entry point for development. Networks and networking are very important for the diffusion of information and can add value to R and D. Well formulated projects with clear priority setting and participatory R and D ensure success and the realisation of food security, improved livelihoods and self-reliance in the future.

• Industrial Engineering and Management Systems
• /
• v.15 no.1
• /
• pp.63-76
• /
• 2016

Multiperiod portfolio selection problem attracts more and more attentions because it is in accordance with the practical investment decision-making problem. However, the existing literature on this field is almost undertaken by regarding security returns as random variables in the framework of probability theory. Different from these works, we assume that security returns are uncertain variables which may be given by the experts, and take absolute deviation as a risk measure in the framework of uncertainty theory. In this paper, a new multiperiod mean absolute deviation uncertain portfolio selection models is presented by taking transaction costs, borrowing constraints and threshold constraints into account, which an optimal investment policy can be generated to help investors not only achieve an optimal return, but also have a good risk control. Threshold constraints limit the amount of capital to be invested in each stock and prevent very small investments in any stock. Based on uncertain theories, the model is converted to a dynamic optimization problem. Because of the transaction costs, the model is a dynamic optimization problem with path dependence. To solve the new model in general cases, the forward dynamic programming method is presented. In addition, a numerical example is also presented to illustrate the modeling idea and the effectiveness of the designed algorithm.