• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.39-48
• /
• 2003

AAA(Authentication, Authorization, Accounting) protocol is a framework that propose functions of AAA on multiple networks and platforms. AAA protocol is extending from previous RADIUS protocol to Diameter protocol. There are some Diameter applications for variety purpose. Diameter CMS Application makes Diameter messages more secure by using PKI. Diameter CMS Application establish DSA(Diameter Security Association) for end to end security. However the Application has some problems to establish DSA(Diameter Security Association), which can make Diameter system unstable. If one system lose DSA information for some system error - for example, reboot -, the secure communication between two nodes may not be possible. At the application such as MIP, even user registration can't be done. In this paper, we propose a mechannism for DSA re-establishment, and also show the result of the implementation.

• Journal of Convergence for Information Technology
• /
• v.8 no.5
• /
• pp.69-75
• /
• 2018

The purpose of access control is to prevent computing resources from illegal behavior such as leakage, modification, and destruction by unauthorized users. As the cloud computing environment is expanded to resource sharing services using virtualization technology, a new security model and access control technique are required to provide dynamic and secure cloud-based computing services. The virtualization management convergence access control model provides a flexible user authorization function by applying the dynamic privilege assignment function to the role based access control mechanism. In addition, by applying access control mechanism based on security level and rules, we solve the conflict problem in virtual machine system and guarantee the safeness of physical resources. This model will help to build a secure and efficient cloud-based virtualization management system and will be expanded to a mechanism that reflects the multi-level characteristics.

• Journal of Korea Multimedia Society
• /
• v.13 no.1
• /
• pp.133-142
• /
• 2010

As the ubiquitous technology has penetrated into almost every aspect of modern life, the research of the security technology to solve the weakness of security in the ubiquitous environment is received much attention. Because, however, today's security systems are usually based on the fixed rules, many security systems can not handle diverse situations in the ubiquitous environment appropriately. Although many existing researches on context aware security service are based on ACL (Access Control List) or RBAC (Role Based Access Control), they have an overhead in the management of security policy and can not manipulate unexpected situations. Therefore, in this paper, we propose a context-aware security service providing multiple authentications and authorization from a security level which is decided dynamically in a context-aware environment using FCM (Fuzzy C-Means) clustering algorithm and Fuzzy Decision Tree. We show proposed model can solve typical conflict problems of RBAC system due to the fixed rules and improve overhead problem in the security policy management. We expect to apply the proposed model to the various applications using contextual information of the user such as healthcare system, rescue systems, and so on.

• Journal of Korean Society for Atmospheric Environment
• /
• v.27 no.6
• /
• pp.734-745
• /
• 2011

In this article, we reviewed the monitoring status of hazardous VOC in ambinet air in Korea and some developed countries such as USA, Japan, and UK. In many countries, two types of VOC monitoring stations are being operated, i.e., for hazardous VOC and photochemical VOC. Each country has different target VOC but all includes benzene. Korea, Japan, and UK have a national ambient air quality standard for benzene, but no national standard has been established in the USA. For sampling of the hazardous VOC, the adsorbent method is adopted in Korea and UK, while the canister method is used in the USA. Both of adsorbent and canister methods are used in Japan. USA and UK have only non-automatic method to measure the hazardous VOC, and the individual samples are being sent to their national laboratories for integrated analysis. On the other hand, Korea and Japan have automatic and nonautomatic methods to measure the hazardous VOC. Local governments or regional environmental agencies in Korea and Japan have the authorization for the sampling and analysis of VOC. According to a field study to evaluate the performance of automatic VOC monitoring system, controlling the moisture in the air sample was identified as the most important problem. However, careful attention must be given to using a moisture removing device such as Nafyon dryer, because of unexpected artifacts formation. In order to have reliable data, it is highly recommended not only to use internal standards, but to use appropriate hydrophobic adsorbents as a cold trap in any automatic on-line VOC monitoring system.

• Journal of Digital Convergence
• /
• v.14 no.2
• /
• pp.191-196
• /
• 2016

The organizations and companies establish personal information protection policy under the law and guidelines. They carry out access control without consideration for distinctiveness of the information although the damage degree varies when the information is leaked. Considering the distinctiveness, a policy needs to be made for individuals to protect his personal information. However, he is not able to write the policy because of lack of understanding the system. To write his own policy efficiently, the system that authorizes ones according to service list provided by organizations is necessary. This paper suggests the model and method that write personal policy for his information protection based on the service list provided by organizations. Through this model, fine-grained authorization and policy change are easily made and ultimately the access control customized according to one's own information is possible.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• v.2
• /
• pp.33-37
• /
• 2006

Since 1993, the civil aviation community through RTCA (Radio Technical Commission for Aeronautics) and the ICAO (International Civil Air Navigation Organization) have been working on the definition of GNSS augmentation systems that will provide improved levels of accuracy and integrity. These augmentation systems have been classified into three distinct groups: Aircraft Based Augmentation Systems (ABAS), Space Based Augmentation Systems (SBAS) and Ground Based Augmentation Systems (GBAS). The last one is an implemented system to support Air Navigation in CAT-I approaching operation. It consists of three primary subsystems: the GNSS Satellite subsystem that produces the ranging signals and navigation messages; the GBAS ground subsystem, which uses two or more GNSS receivers. It collects pseudo ranges for all GNSS satellites in view and computes and broadcasts differential corrections and integrity-related information; the Aircraft subsystem. Within the area of coverage of the ground station, aircraft subsystems may use the broadcast corrections to compute their own measurements in line with the differential principle. After selection of the desired FAS for the landing runway, the differentially corrected position is used to generate navigation guidance signals. Those are lateral and vertical deviations as well as distance to the threshold crossing point of the selected FAS and integrity flags. The Department of Applied Science in Naples has create for its study a virtual GBAS Ground station. Starting from three GPS double frequency receivers, we collect data of 24h measures session and in post processing we generate the GC (GBAS Correction). For this goal we use the software Pegasus V4.1 developed from EUROCONTROL. Generating the GC we have the possibility to study and monitor GBAS performance and integrity starting from a virtual functional architecture. The latter allows us to collect data without the necessity to found us authorization for the access to restricted area in airport where there is one GBAS installation.

• Journal of Korean Society of Occupational and Environmental Hygiene
• /
• v.22 no.3
• /
• pp.191-199
• /
• 2012

Objectives: The study aim was to evaluate the application of a chemical exposure assessment tool for the Korean workplace. The Ministry of Employment and Labor in Korea (KMOEL) introduced the need for workplace risk assessments in 2011, requiring the Korean chemical industry to consider both domestic and international chemical regulation policies (e.g., estimations of exposure scenarios). Exposure scenarios are required in the European Union as part of material safety data sheets (MSDS) under the Registration, Evaluation, Authorization, and Restriction of Chemicals (REACH) system. Methods: Although many programs for the estimation of exposure have been developed worldwide, to date there is no standard for the Korean workplace. To develop programs suitable for the Korean workplace, we examined the applicability of the European Center for Ecotoxicology and Toxicology of Chemicals target risk assessment (ECETOC TRA), which is recommended by the European Chemical Agency (ECHA). Results: To investigate the applicability of the ECETOC TRA to Korean industry, this study simulated 15 industrial processes. The predicted respiratory exposures for four processes using origin input parameters were underestimated compared to the measured respiratory exposure. Using calibrated input parameters, results for two processes were underestimated compared to the measured respiratory exposure. This result suggests that the use of calibrated input parameters reduces the differences between predicted and measured respiratory exposure. Conclusions: we developed applicable exposure estimating method by modifying the ECETOC TRA program; one suggested the development of exposure estimating program that explains Korea domestic workplace exposure scenario.This study will support the introduction of exposure scenario in MSDS system and protect health of worker from hazardous chemical.

• Journal of Environmental Health Sciences
• /
• v.50 no.1
• /
• pp.54-65
• /
• 2024

Background: There is growing international recognition of the need for improvements to national chemical management systems for hazardous chemicals. The European Union has recently introduced the concept of 'essential uses' as a new approach to the management hazardous chemicals by limiting their uses. Objectives: This paper examines the concept of essential uses in chemical management and how to apply it through a case study of essential use. This approach is distinct from the current chemical management system, but seeks to improve its potential benefits by effectively restricting or gradually decreasing the use of hazardous substances. Methods: The concept of essential uses was introduced by reviewing the Montreal Protocol on Substances that Deplete the Ozone Layer, Cousins's three essentiality categories applied to PFAS, restriction options assessed in the PFAS restriction proposal under REACH, and the California Safer Consumer Products regulations prioritizing 6PPD in motor vehicle tires. Based on these essential uses concepts for PFAS and 6PPD, uses of benzene were classified in accordance with the essential uses approach for products using benzene in South Korea. Results: The essential use concept is able to manage the restriction and authorization of substances of concern through essential uses and non-essential uses and the feasible substitution of uses and substances. Conclusions: If the concept and methodology of essential uses are clearly established, they can be expected to shift the national chemical management paradigm from regulating substances to limiting uses under the existing substance management system.

• Journal of Internet Computing and Services
• /
• v.22 no.1
• /
• pp.99-107
• /
• 2021

With the recent establishment of a ubiquitous-based medical and healthcare environment, the medical information system for obtaining situation information from various sensors is increasing. In the medical information system environment based on context-awareness, the patient situation can be determined as normal or emergency using situational information. In addition, medical staff can easily access patient information after simple user authentication using ID and Password through applications on smart devices. However, these services of authentication and patient information access are staff-oriented systems and do not fully consider the ubiquitous-based healthcare information system environment. In this paper, we present a authentication service model based context-awareness system for providing situational information-driven authentication services to users who access medical information, and implemented proposed system. The authentication service model based context-awareness system is a service that recognizes patient situations through sensors and the authentication and authorization of medical staff proceed differently according to patient situations. It was implemented using wearables, biometric data measurement modules, camera sensors, etc. to configure various situational information measurement environments. If the patient situation was emergency situation, the medical information server sent an emergency message to the smart device of the medical staff, and the medical staff that received the emergency message tried to authenticate using the application of the smart device to access the patient information. Once all authentication was completed, medical staff will be given access to high-level medical information and can even checked patient medical information that could not be seen under normal situation. The authentication service model based context-awareness system not only fully considered the ubiquitous medical information system environment, but also enhanced patient-centered systematic security and access transparency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.5
• /
• pp.827-846
• /
• 2023

Recently, various information technologies such as network communication and sensors have begun to be integrated into weapon systems that were previously operated in stand-alone. This helps the operators of the weapon system to make quick and accurate decisions, thereby allowing for effective operation of the weapon system. However, as the involvement of the cyber domain in weapon systems increases, it is expected that the potential for damage from cyber attacks will also increase. To develop a secure weapon system, it is necessary to implement built-in security, which helps considering security from the requirement stage of the software development process. The U.S. Department of Defense is implementing the Risk Management Framework Assessment and Authorization (RMF A&A) process, along with the introduction of the concept of cybersecurity, for the evaluation and acquisition of weapon systems. Similarly, South Korea is also continuously making efforts to implement the Korea Risk Management Framework (K-RMF). However, so far, there are no cases where K-RMF has been applied from the development stage, and most of the data and documents related to the U.S. RMF A&A are not disclosed for confidentiality reasons. In this study, we propose the method for inferring the composition of the K-RMF based on systematic threat analysis method and the publicly released documents and data related to RMF. Furthermore, we demonstrate the effectiveness of our inferring method by applying it to the naval battleship system.