• Journal of Korea Multimedia Society
• /
• v.13 no.1
• /
• pp.133-142
• /
• 2010

As the ubiquitous technology has penetrated into almost every aspect of modern life, the research of the security technology to solve the weakness of security in the ubiquitous environment is received much attention. Because, however, today's security systems are usually based on the fixed rules, many security systems can not handle diverse situations in the ubiquitous environment appropriately. Although many existing researches on context aware security service are based on ACL (Access Control List) or RBAC (Role Based Access Control), they have an overhead in the management of security policy and can not manipulate unexpected situations. Therefore, in this paper, we propose a context-aware security service providing multiple authentications and authorization from a security level which is decided dynamically in a context-aware environment using FCM (Fuzzy C-Means) clustering algorithm and Fuzzy Decision Tree. We show proposed model can solve typical conflict problems of RBAC system due to the fixed rules and improve overhead problem in the security policy management. We expect to apply the proposed model to the various applications using contextual information of the user such as healthcare system, rescue systems, and so on.

• Knowledge Management Research
• /
• v.21 no.3
• /
• pp.161-176
• /
• 2020

Numerous products have been created in a digital format in the era of digitization. At an early stage, such products were provided in the format of individual digital file, requiring the individuals to own products by downloading them on the personal devices. With the development of Internet network, people began to consume digital goods in a new mode called 'streaming.' Streaming is a service provided through access-based consumption mode based on Internet network. Rather than downloading each file, individuals can utilize such product and services by connecting the network to their own devices. Access-based digital goods are distinguished from traditional ownership-based digital goods such as downloaded contents, in that permanent ownership is not allowed. Taken this into account, this study attempts to investigate how individuals' perception toward digital goods, the psychological ownership, differs according to the consumption mode. The results show that individuals feel less psychological ownership toward access-based digital goods than ownership-based digital goods. Our study provides several avenues to both theory and practice.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.7B
• /
• pp.760-770
• /
• 2011

The existing mobility management schemes do not fully support the next generation network, which is composed of IP-based core network and various access networks. Currently, ETRI has been developing the AIMS (Access Independent Mobility Service) system which satisfies the ITU-T requirements of mobility management in the next generation network. The AIMS system is designed to provide a mobile host with a fast and reliable mobility service among heterogeneous access networks. Recently, many user devices have multiple communication interfaces, e.g., 3G and WLAN, and thus they can make two or more network connections at the same time. In this paper, we design a scheme of flow mobility, i.e., the movement of selected data flows from one access technology to another, to be applied in the AIMS system, and verify the proposed scheme through the NS-3 simulation study. From the simulation results, we can know that the proposed flow mobility scheme can utilize the network resource efficiently in the heterogeneous mobile networks.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.1
• /
• pp.167-175
• /
• 2010

Like most large organizations, there are business rules such as 'separation of duty' and 'delegation' which should be considered in access control. From a SOD point of view, previous SOD models built on the (Administrative) Role-Based Access Control model cannot present the best solution to security problems such as information integrity by the limited constituent units such as role hierarchy and role inheritance. Thus, we propose a new integrated management model of administration role-based access control model and SOD policy, which is called the OS-SoDAM. The OS-SoDAM defines the authority range in an organizational structure that is separated from role hierarchy and supports a decentralized security officer-level SOD policy in which a local security officer can freely perform SOD policies within a security officer's authority range without the security officer's intervention.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.6
• /
• pp.2964-2985
• /
• 2019

Global data center IP traffic is expected to reach 20.6 zettabytes (ZB) by the end of 2021. Intra-data center networks (Intra-DCN) will account for 71.5% of the data center traffic flow and will be the largest portion of the traffic. The understanding of traffic distribution in IntraDCN is still sketchy. It causes significant amount of bandwidth to go unutilized, and creates avoidable choke points. Conventional transport protocols such as Optical Packet Switching (OPS) and Optical Burst Switching (OBS) allow a one-sided view of the traffic flow in the network. This therefore causes disjointed and uncoordinated decision-making at each node. For effective resource planning, there is the need to consider joining the distributed with centralized management which anticipates the system's needs and regulates the entire network. Methods derived from Kalman filters have proved effective in planning road networks. Considering the network available bandwidth as data transport highways, we propose an intelligent enhanced SDN concept applied to OBS architecture. A management plane (MP) is added to conventional control (CP) and data planes (DP). The MP assembles the traffic spatio-temporal parameters from ingress nodes, uses Kalman filtering prediction-based algorithm to estimate traffic demand. Prior to packets arrival at edges nodes, it regularly forwards updates of resources allocation to CPs. Simulations were done on a hybrid scheme (1+1) and on the centralized OBS. The results demonstrated that the proposition decreases the packet loss ratio. It also improves network latency and throughput-up to 84 and 51%, respectively, versus the traditional scheme.

• Journal of IKEEE
• /
• v.27 no.4
• /
• pp.548-555
• /
• 2023

With the advancement of the internet, the use of personal information in online interactions has increased, underscoring the significance of data protection. Breaches of personal data due to unauthorized access can result in psychological and financial damage to individuals, and may even enable wide-ranging societal attacks aimed at those associated with the victims. In response to such threats, there is active research into security measures using blockchain to safeguard personal information. This study proposes a system that uses middleware and IAM (Identity and Access Management) services to protect personal information in a BaaS (Blockchain as a Service) environment where blockchain is provided via the Internet. The middleware operates on servers where IAM roles and policies are applied, authenticates users, and performs access control to allow only legitimate users to access blockchain data existing in the cloud. Additionally, to understand the impact of the proposed personal information protection method on the system, we measure the response time according to the time taken and the number of users under three assumed scenarios, and compare the proposed method and research related to personal information protection using blockchain in terms of security characteristics such as idea, type of blockchain, authentication, and confidentiality.

• Journal of the Korean Society for information Management
• /
• v.40 no.4
• /
• pp.73-94
• /
• 2023

This study empirically analyzed the proportion and method of Open Access (OA) in Korea, China, Japan, the United States, United Kingdom based on the Web of Science (WoS) papers. In addition, through the verification of the moderating effect, it was verified whether there is a difference in the effect of the amount of citation depending on the maturity of OA according to the countries or academic fields. As a result of the analysis, the proportion of OA was the highest in the UK at 62.7%, and the lowest in China at 38.0%. Second, the UK and US had a high proportion of indicators through self-archiving and APC-based Gold Hybrid, while only the Gold indicators were found to be prominent in China and Korea. Third, in the UK, US and Japan, the higher the proportion of OA, the greater the effect of inducing the citations. However, Korea (B=-0.00003, p<0.01) and China (B=-0.00001, p<0.01) showed the opposite direction. In addition, in most academic fields, the OA proportion had an effect of inducing citation, but a negative effect was found in the engineering field (B=-0.00002, p<0.01).

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.9
• /
• pp.2550-2572
• /
• 2023

Epidemiological survey is an important means for the prevention and control of infectious diseases. Due to the particularity of the epidemic survey, 1) epidemiological survey in epidemic prevention and control has a wide range of people involved, a large number of data collected, strong requirements for information disclosure and high timeliness of data processing; 2) the epidemiological survey data need to be disclosed at different institutions and the use of data has different permission requirements. As a result, it easily causes personal privacy disclosure. Therefore, traditional access control technologies are unsuitable for the privacy protection of epidemiological survey data. In view of these situations, we propose a black box-assisted fine-grained hierarchical access control scheme for epidemiological survey data. Firstly, a black box-assisted multi-attribute authority management mechanism without a trusted center is established to avoid authority deception. Meanwhile, the establishment of a master key-free system not only reduces the storage load but also prevents the risk of master key disclosure. Secondly, a sensitivity classification method is proposed according to the confidentiality degree of the institution to which the data belong and the importance of the data properties to set fine-grained access permission. Thirdly, a hierarchical authorization algorithm combined with data sensitivity and hierarchical attribute-based encryption (ABE) technology is proposed to achieve hierarchical access control of epidemiological survey data. Efficiency analysis and experiments show that the scheme meets the security requirements of privacy protection and key management in epidemiological survey.

• 한국가스학회:학술대회논문집
• /
• 2003.10a
• /
• pp.219-224
• /
• 2003

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.3
• /
• pp.75-80
• /
• 2015

Vulnerability management is in compliance with security policies, and then, this is to ensure the continuity and availability of the business. In this paper, the application vulnerability management and IT infrastructure of the system is that it must be identified. And a viable vulnerability management plan should be drawn from the development phase. There are many that are not defined vulnerability in the area of identification and authentication, encryption, access control in identification and classification of vulnerabilities. They define the area without missing much in technical, managerial, and operational point of view. Determining whether the response of the identified vulnerability, and to select a countermeasure for eliminating the vulnerability.