The KIPS Transactions:PartA (정보처리학회논문지A)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

Requirements Analysis for Access Control Model on Ubiquitous Computing Environment

유비쿼터스 컴퓨팅 환경에서의 접근제어 모델을 위한 요구사항 분석

  • 오세종 (단국대학교 컴퓨터과학과) ;
  • 박제호 (단국대학교 컴퓨터과학과)
  • Published : 2004.12.01
Download PDF
⟨ Previous Next ⟩

Abstract

Ubiquitous computing environment requires strong security and privacy. Access control is one of security areas. Access control on Ubiquitous computing is different from it on traditional information systems so that traditional access control models are not suitable for Ubiquitous comput-ing environment. This research defines Ubiquitous computing environment as an access control point of view, and shows requirements to consid-er for developing access control model for Ubiquitous computing environment. It also brings up three implementing types of access control on Ubiquitous computing environment.

유비쿼터스 컴퓨팅 환경은 보안의 강화와 사생활 보호라는 과제를 안고 있다. 접근 제어는 보안 분야의 하나인데, 유비쿼터스 컴퓨팅 환경은 전통적인 정보시스템과는 여러 면에서 특성을 달리하기 때문에 기존의 접근제어 모델을 그대로 적용하기에는 무리가 있다. 본 연구에서는 접근제어 측면에서 유비쿼터스 컴퓨팅 환경을 정의하고 그 환경에서 접근제어의 특성을 분석한 뒤, 그 환경을 위한 접근제어 모델을 개발할 때 필수적으로 고려해야할 요구사항을 제시하였다. 또한 접근제어 모델의 구현시 가능한 세가지 유형에 대해서도 제시하였다.

Keywords

References

  1. Frank Stajano and Ross Anderson, 'The Resurrecting Duckling: Security Issues for Ubiquitous Computing,' Proc. of 7th International Workshop on Security Protocols, 1994
  2. Upkar Varshney, 'Network Access and Security Issues in Ubiquitous Computing,' Proc. of Workshop on Ubiquitous Computing Environment, 2003
  3. Rattapoom Tuchinda, 'Security and Privacy in the Intelligent Environment,' http://www.ai.mit.edu
  4. Colin English, Paddy Nixon, Sotirios Terzis, Andrew McGettrick and Helen Lowe, 'Dynamic Trust Models for Ubiquitous Computing Environments,' Proc. of Workshop on Security in Ubiquitous Computing, 2003
  5. Laurent Bussard and Yves Roudier, 'Authentication in Ubiquitous Computing,' Proc. of Workshop on Security in Ubiquitous Computing, 2003
  6. Frank Stajano, 'Security for Ubiquitous Computing,' Wiley, 2002
  7. Lalana Kagal, Tim Finin and Anupam Joshi, 'Moving from Security to Distributed Trust in Ubiquitous Computing Environments,' IEEE Computer, 2001
  8. Jean Bacon, Michael Looyd, and Ken Moody, 'Translating Role-Based Access Control Poly within Context,' Proc. of International Workshop, Policies for Distributed Systems and Networks, 2001
  9. Michael J. Covington, Wende Long, 'Securing Context-Aware Applications Using Environment Roles,' Proc. of Sixth ACM Symposium on Access Control Models and Technologies, 2001 https://doi.org/10.1145/373256.373258
  10. Arun Kumar, Neeran Karnik, an Girish Chafle, 'Context sensitivity in role-based access control,' ACM SIGOPS Operating Systems Review, 2002 https://doi.org/10.1145/567331.567336
  11. Charles P. Pfleeger and Shari L. Pfleeger, 'Security in Compting,' Prentice Hall, 3rd edition, 2003
  12. Matt Bishop, 'Computer Security,' Addison Wesley, 2003
  13. James B. D. Joshi, Elisa Bertino and Arif Ghafoor, 'Temporal Hierarchies and Inheritance Semantics for GTRBAC,' Proc. of 7th ACM Symposium on access Control Models and Technologies, 2002 https://doi.org/10.1145/507711.507724
  14. Ravi Sandhu, Venkata Bhamidipati and Qamar Munawer, 'The ARBAC97 Model for Role-Based Administration of Roles,' ACM Transactions on Information and System Security, 1999 https://doi.org/10.1145/300830.300839
  15. Sejong Oh, Ravi Sandhu, 'A Model of Role Administration Using Organization Structure,' Proc. of 7th ACM Symposium on Access Control Models and Technologies (SACMAT 2002), 2002
  16. Mark Evered, Serge Bogeholz, 'A case study in access control requirements for a Health Information System,' Proc. of the 2nd workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation, Vol.32, 2004
  17. S. A. Demurjian, T. C. Ting and M. Y. Hu, 'Role-Based Access Control for Object-Oriented/C + + Systems,' Proc. of first ACM Role-Based Access Control Workshop, 1995
  18. Yan Han, Liu Fengyu, and Zhang Hong, 'An Object-Oriented Model of Access Control based on Role,' ACM SIGSOFT Software Engineering Notes, Vol.25, No.2, 2000
  19. Gustaf Neumann and Mark Strembeck, 'Design and Implementation of a Flexible RBAC-Service in an Object-Oriented Scripting Language,' Proc. of the 8th ACM conference on Computer and Communications Security, 2001 https://doi.org/10.1145/501983.501992
  20. Mark Evered, 'Flexible Enterprise Access Control with Object-oriented View Specification,' Proc. of Australasian Information Security Workshop 2003 (AISW2003), 2003
  21. 이성국, 김완석, '세계 각국의 유비쿼터스 컴퓨팅 전략', 전자신문사, 2003
  22. 김완석, 김정국, 박범수, 박태웅, 이성국, '유비쿼터스 컴퓨팅 전략 및 정책', 한국디지털정책학회 창립학술대회 학술논문지, 2003