• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.343-361
• /
• 2015

The financial industry in South Korea has witnessed a paradigm shift from selling traditional loan/deposit products to diversified consumption channels and financial products. Consequently, personification of financial services has accelerated and the value of finance-related personal information has risen rapidly. As seen in the 2014 card company information leakage incident, most of major finance-related information leakage incidents are caused by personnel with authorized access to certain data. Therefore, it is strongly required to confirm whether there are problems in the existing access control policy for personnel who can access a great deal of data, and to complement access control policy by considering risk factors of information security. In this paper, based on information of IT personnel with access to sensitive finance-related data such as job, position, sensitivity of accessible data and on a survey result, we will analyze influence factors for personnel risk measurement and apply data access control policy reflecting the analysis result to an actual case so as to introduce measures to minimize IT personnel risk in financial companies.

• The Transactions of the Korean Institute of Electrical Engineers D
• /
• v.54 no.8
• /
• pp.498-500
• /
• 2005

In a CDMA system, the capacity is variable and mainly depends on multiple access interference. The multiple access interference has a deep relationship with transmitted or received power The capacity of CDMA2000 1x system is considered to be limited by the forward link capacity Different rate data traffic requires different transmitted power and rate controlling enables the system utilize radio resource more efficiently. A very simple rate control algorithm for data calls in CDMA2000 1x system is proposed. In the proposed algorithm, by monitoring the total transmit power, we can simply adjust data rate to channel conditions and efficiently use radio resources. The proposed algorithm is easy to implement in power controlled CDMA systems.

• Proceedings of the KIEE Conference
• /
• 2005.05a
• /
• pp.221-223
• /
• 2005

In a CDMA system, the capacity is variable and mainly depends on multiple access interference. The multiple access interference has a deep relationship with transmitted or received power. The capacity of CDMA2000 1x system is considered to be limited by the forward link capacity. Different rate data traffic requires different transmitted power and rate controlling enables the system utilize radio resource more efficiently. A very simple rate control algorithm fer data calls in CDMA2000 1x system is proposed. In the proposed algorithm, by monitoring the total transmit power, we can simply adjust data rate to channel conditions and efficiently use radio resources. The proposed algorithm is easy to implement in power controlled CDMA systems.

• The Journal of Information Technology
• /
• v.6 no.1
• /
• pp.11-20
• /
• 2003

With the development of Information Communication Technique, electronic commerce using PKIs is widely used over the Internet. The goal of access control is to counter the threat of unauthorized operations involving Web-server or data base systems. The RBAC(Role-Based Access Control) has recently received considerable attention as a promising alternative to traditional discretionary and mandatory access controls. In this paper we propose two methods, the RBAC system using attribute certificates and the RBAC system using SPKI certificates. And we analyze and compare the two methods.

• Journal of the Korean Society for Library and Information Science
• /
• v.25
• /
• pp.233-264
• /
• 1993

The authorized form is called the heading must be unique and consistent. Without both uniqueness and cosistency, retrieval from the bibliographic database will not be optimal and in some cases may even be impossible. But the authority control is extremely expensive, because it is labour-intensive and dependent on professional investigation and judgement. In fact, it is by far the most expensive function in all of bibliographic control. The processes used to determine the form of access points. maintain. use. and evaluate very accurate authority records reduce the efficiency to generate or merge bibliographic items without modification from any national level bibliographic utilities as well as individual library. In this paper non-authority control system was suggested to solve the disadvantages of authority work. The apparent advantages of the non-authority control system are it is easy to determine the heading, input the bibliographic data. integrate the access points into an existing file, and generate and merge bibliographic data without modification. In addition, non-authority control system can be transmitted into online information retrieval system conducted with a mixture of controlled vocabularies and natural language.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.9B
• /
• pp.771-777
• /
• 2004

In a COMA system, the capacity is variable and mainly depends on multiple access interference. The multiple access interference has a deep relationship with transmitted or received power. The capacity of COMA2000 system is considered to be limited by the forward link capacity. In this paper, we show that the forward link cell load can be represented by the total transmitted power of base station and we propose a forward link call admission control (CAC) strategy for COMA2000 system. The proposed call admission scheme adopts the rate control algorithm for data call. This call admission scheme enables the system to utilize radio resource dynamically by controlling data rate according to the cell load status, and enhance the system throughput and grade of service (GoS). quality of service(QoS) such as blocking and outage probability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1899-1911
• /
• 2018

In this work, we propose a concurrency control scheme in object-oriented database (OODB). Since an OODB provides complex modeling power than the conventional relational databases, a concurrency control technique in OODB is also rather complicated and has influence on the overall performance. Thus, it is very important to develop a concurrency control technique with less overhead. The proposed scheme deals with class hierarchy that is a key concept in OODBs. The proposed scheme is developed on implicit locking scheme. Also, the proposed scheme is designed using data access frequency in order to reduce locking overhead than implicit locking. It means that, if access frequency information is not available, the proposed scheme works just like the existing implicit locking, In our work, the correctness of the proposed scheme is proved. The performance is analyzed depending on access types. Also, it is proved that our scheme performs works much better than the implicit locking does.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.192-193
• /
• 2014

Attendant services (user) roles (Role) and act on the data used should be based access control and permissions. Large amounts of important information to view and change the pre-approval must be acquired. Non-constant time for the session must control actions.

• International Journal of Internet, Broadcasting and Communication
• /
• v.12 no.2
• /
• pp.1-7
• /
• 2020

The secure access the lighting, Heating, ventilation, and air conditioning (HVAC), fire safety, and security control boxes of building facilities is the primary objective of future smart buildings. This paper proposes an authorized user access to the electrical, lighting, fire safety, and security control boxes in the smart building, by using color grid coded optical camera communication (OCC) with face recognition Technologies. The existing CCTV subsystem can be used as the face recognition security subsystem for the proposed approach. At the same time a smart device attached camera can used as an OCC receiver of color grid code for user access authentication data sent by the control boxes to proceed authorization. This proposed approach allows increasing an authorization control reliability and highly secured authentication on accessing building facility infrastructure. The result of color grid code sequence received by the unauthorized person and his face identification allows getting good results in security and gaining effectiveness of accessing building facility infrastructure. The proposed concept uses the encoded user access authentication information through control box monitor and the smart device application which detect and decode the color grid coded informations combinations and then send user through the smart building network to building management system for authentication verification in combination with the facial features that gives a high protection level. The proposed concept is implemented on testbed model and experiment results verified for the secured user authentication in real-time.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1832-1853
• /
• 2018

The personal health record (PHR) system is a promising application that provides precise information and customized services for health care. To flexibly protect sensitive data, attribute-based encryption has been widely applied for PHR access control. However, escrow, exposure and abuse of private keys still hinder its practical application in the PHR system. In this paper, we propose a coordinated ciphertext policy attribute-based access control with user accountability (CCP-ABAC-UA) for the PHR system. Its coordinated mechanism not only effectively prevents the escrow and exposure of private keys but also accurately detects whether key abuse is taking place and identifies the traitor. We claim that CCP-ABAC-UA is a user-side lightweight scheme. Especially for PHR receivers, no bilinear pairing computation is needed to access health records, so the practical mobile PHR system can be realized. By introducing a novel provably secure construction, we prove that it is secure against selectively chosen plaintext attacks. The analysis indicates that CCP-ABAC-UA achieves better performance in terms of security and user-side computational efficiency for a PHR system.