• 제목/요약/키워드: access to information

검색결과 8,975건 처리시간 0.036초

안전한 접근 경로를 보장하기 위한 접근 제어 (Access Control for Secure Access Path)

  • 김현배
    • 정보교육학회논문지
    • /
    • 제1권2호
    • /
    • pp.57-66
    • /
    • 1997
  • The primary purpose of security mechanisms in a computer systems is to control the access to information. There are two types of access control mechanisms to be used typically. One is discretionary access control(DAC) and another is mandatory access control(MAC). In this study an access control mechanism is introduced for secure access path in security system. The security policy of this access control is that no disclosure of information and no unauthorized modification of information. To make this access control correspond to security policy, we introduce three properties; read, write and create.

  • PDF

Evaluating the Information Access Skills of Students of a College of Education in Ghana

  • Yebowaah, Franklina Adjoa;Owusu-Ansah, Christopher M.
    • Journal of Information Science Theory and Practice
    • /
    • 제8권2호
    • /
    • pp.45-54
    • /
    • 2020
  • Access to relevant information determines the quality of life of an individual in society and the academe. Academic institutions have established information literacy programmes to enhance students' access to information. With the elevation of colleges of education to tertiary status in Ghana, pre-service teachers are now required to conduct research to improve their reflective thinking in order to be certified. However, the information access skills of students in colleges of education in Ghana are uncertain. This study draws empirical evidence from students in the Nusrat Jahan Ahmadiyya College of Education, Wa, Ghana on their information access skills. Primary data were collected from 303 respondents from the college using a stratified sampling procedure. The data were collected using a questionnaire and analysed using descriptive statistics. The results indicate that information is available to students through different sources such as the Internet, libraries, and contact with friends and authorities. However, students were limited in respect to access to relevant online resources for their academic activities due to inadequate information access skills. Potential solutions are discussed.

Trust and Risk based Access Control and Access Control Constraints

  • Helil, Nurmamat;Kim, Mu-Cheol;Han, Sang-Yong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제5권11호
    • /
    • pp.2254-2271
    • /
    • 2011
  • Access control in dynamic environments needs the ability to provide more access opportunities of information to users, while also ensuring protection information from malicious users. Trust and risk are essential factors and can be combined together in access control decision-making to meet the above requirement. In this paper, we propose the combination of the trust and risk in access control to balance information accessibility and protection. Access control decision is made on the basis of trustworthiness of users and risk value of permissions. We use potential relations between users and relations between permissions in access control. Our approach not only provides more access opportunities for trustworthy users in accessing permissions, but also enforces traditional access control constraints such as Chinese Wall policy and Separation of Duty (SoD) of Role-Based Access Control (RBAC) model in an effective way.

iBeacon을 이용한 AP 자동접속 방안 (An Automatic AP Connections Scheme using iBeacon)

  • 남춘성;신동렬
    • 인터넷정보학회논문지
    • /
    • 제18권2호
    • /
    • pp.1-11
    • /
    • 2017
  • 스마트 디바이스를 이용하여 특정 공간에서 미리 설정된 무선랜에 접속하는 방법은 개방형 방식과 사용자 인증 방식으로 나뉠 수 있다. 개방형 방식은 무선랜 접속을 위한 인증이 없이 접속하는 방법이다. 스마트 디바이스 사용자가 자신이 사용하려는 무선랜에 대한 정보를 SSID(Service Set IDentifier)를 통해 공공 무선랜 표기 형식에 따라 제공받아야 하지만, 모든 개방형 무선랜이 이러한 방식을 수동으로 입력하는 방식에는 무리가 있다. 반면에 사용자 인증 방식은 SSID와 PW(PassWord) 설정을 통해 사용자에게 무선랜 접속을 제공하는 방식이다. 따라서 SSID를 통해 공공 무선랜 표기 형식을 따를 수는 있지만, AP 접속을 위해서는 일일이 사용자가 수동으로 패스워드 입력을 통해 AP에 접속해야만 한다. 따라서 본 논문에서는 사용자 인증방식과 공공 무선랜 표기형식을 iBeacon 메시지 수신을 통해 자동적으로 AP에 접속할 수 있는 방안을 제안한다.

The Features of Restricted Access to Information at European and East Asian Libraries

  • Makhotina, Natalya;Pshenichnaya, Evgeniya
    • Journal of Information Science Theory and Practice
    • /
    • 제9권3호
    • /
    • pp.31-41
    • /
    • 2021
  • The growing number of threats to society through the uncontrolled distribution of information is forcing library communities in many countries to reconsider their views on free access to collections. Based on the content of numerous documents of international importance, it can be concluded that in any democratic country access to information is one of the most important human rights, along with the right to life, liberty, and security of person. However, the state has the right to restrict citizens' access to information within the framework of existing legislation. Constantly, restrictions on access to information are established in order to protect the ethical foundations of the constitutional order, morality, health, rights, and legitimate interests of others, to ensure the country's defense and state security. It goes without saying that each country has the right to independently decide where the boundaries lie between permitted and prohibited information, including printed information, contained in library collections. This article describes three levels of access restriction: foreign, state, and regional. The authors have analyzed the legal and regulatory documents that govern libraries, as well as the reasons and methods of limitation. A comparative analysis of the restriction of access to information in the countries of Europe and Asia is presented.

A Secure Cloud Computing System by Using Encryption and Access Control Model

  • Mahmood, Ghassan Sabeeh;Huang, Dong Jun;Jaleel, Baidaa Abdulrahman
    • Journal of Information Processing Systems
    • /
    • 제15권3호
    • /
    • pp.538-549
    • /
    • 2019
  • Cloud computing is the concept of providing information technology services on the Internet, such as software, hardware, networking, and storage. These services can be accessed anywhere at any time on a pay-per-use basis. However, storing data on servers is a challenging aspect of cloud computing. This paper utilizes cryptography and access control to ensure the confidentiality, integrity, and proper control of access to sensitive data. We propose a model that can protect data in cloud computing. Our model is designed by using an enhanced RSA encryption algorithm and a combination of role-based access control model with extensible access control markup language (XACML) to facilitate security and allow data access. This paper proposes a model that uses cryptography concepts to store data in cloud computing and allows data access through the access control model with minimum time and cost for encryption and decryption.

암호기법을 이용한 정책기반 프라이버시보호시스템설계 (Design of a Policy based Privacy Protection System using Encryption Techniques)

  • 문형진;이영진;이동희;이상호;이건명
    • 정보보호학회논문지
    • /
    • 제16권2호
    • /
    • pp.33-43
    • /
    • 2006
  • 기관이나 기업은 효율적인 개인별 서비스를 위해 정보주체의 동의하에 개인정보를 수집 관리하고 있다. 그러나 데이터 베이스 관리자를 비롯한 정보사용자들은 저장된 개인정보를 무분별하게 접근하여 개인정보 오남용과 유출가능성을 높아지고 있다. 개인정보 보호를 위해 기관이나 기업이 자체 정책에 따라 개인정보에 대한 접근제어를 하는 시스템이라 할지라도 정보주체 자신의 정보에 대한 접근제어가 의도를 충분히 반영하기가 어렵다. 이 논문에서는 암호기법을 이용하여 정보사용자의 불법적인 접근을 차단하고 정보별로 접근제한을 할 수 있는 프라이버시 정책 기반의 접근제어 기법을 제안한다. 제안 기법에서 개인정보는 각기 다른 키로 암호화하여 데이터베이스에 저장된다. 정보주체는 자신의 정보 접근권한에 대한 정책을 세우며, 그 정책에 따라 정보사용자에게 키를 부여하므로써 정보 접근의 통제가 가능하다.

A Distributed Fog-based Access Control Architecture for IoT

  • Alnefaie, Seham;Cherif, Asma;Alshehri, Suhair
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제15권12호
    • /
    • pp.4545-4566
    • /
    • 2021
  • The evolution of IoT technology is having a significant impact on people's lives. Almost all areas of people's lives are benefiting from increased productivity and simplification made possible by this trending technology. On the downside, however, the application of IoT technology is posing some security challenges, among them, unauthorized access to IoT devices. This paper presents an Attribute-based Access Control Fog architecture that aims to achieve effective distribution, increase availability and decrease latency. In the proposed architecture, the main functional points of the Attribute-based Access Control are distributed to provide policy decision and policy information mechanisms in fog nodes, locating these functions near end nodes. To evaluate the proposed architecture, an access control engine based on the Attribute-based Access Control was built using the Balana library and simulated using EdgeCloudSim to compare it to the traditional cloud-based architecture. The experiments show that the fog-based architecture provides robust results in terms of reducing latency in making access decisions.

Adaptive and Prioritized Random Access and Resource Allocation Schemes for Dynamic TDMA/TDD Protocols

  • Choi, Hyun-Ho
    • Journal of information and communication convergence engineering
    • /
    • 제15권1호
    • /
    • pp.28-36
    • /
    • 2017
  • The medium access control (MAC) protocol based on dynamic time division multiple access/time division duplex (TDMA/TDD) is responsible for random access control and radio resource allocation in dynamic traffic environments. These functions of random access and resource allocation are very important to prevent wastage of resources and improve MAC performance according to various network conditions. In this paper, we propose new random access and resource allocation schemes to guarantee quality of service (QoS) and provide priority services in a dynamic TDMA/TDD system. First, for the QoS guarantee, we propose an adaptive random access and resource allocation scheme by introducing an access probability. Second, for providing priority service, we propose a priority-based random access and resource allocation scheme by extending the first adaptive scheme in both a centralized and a distributed manner. The analysis and simulation results show that the proposed MAC protocol outperforms the legacy MAC protocol using a simple binary exponential backoff algorithm, and provides good differential performance according to priorities with respect to the throughput and delay.

A cross-domain access control mechanism based on model migration and semantic reasoning

  • Ming Tan;Aodi Liu;Xiaohan Wang;Siyuan Shang;Na Wang;Xuehui Du
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제18권6호
    • /
    • pp.1599-1618
    • /
    • 2024
  • Access control has always been one of the effective methods to protect data security. However, in new computing environments such as big data, data resources have the characteristics of distributed cross-domain sharing, massive and dynamic. Traditional access control mechanisms are difficult to meet the security needs. This paper proposes CACM-MMSR to solve distributed cross-domain access control problem for massive resources. The method uses blockchain and smart contracts as a link between different security domains. A permission decision model migration method based on access control logs is designed. It can realize the migration of historical policy to solve the problems of access control heterogeneity among different security domains and the updating of the old and new policies in the same security domain. Meanwhile, a semantic reasoning-based permission decision method for unstructured text data is designed. It can achieve a flexible permission decision by similarity thresholding. Experimental results show that the proposed method can reduce the decision time cost of distributed access control to less than 28.7% of a single node. The permission decision model migration method has a high decision accuracy of 97.4%. The semantic reasoning-based permission decision method is optimal to other reference methods in vectorization and index time cost.