Journal of Industrial Convergence (산업융합연구)

DAEHAN Society of Industrial Management (대한산업경영학회)
권호 표지
DOI QR코드

DOI QR Code

Research on User-Centric Inter-Organizational Collaboration (UCICOIn) framework

사용자 제어 기반 다중 도메인 접근 제어에 대한 연구

  • Sunghyuck Hong (Division of Advanced IT, IoT major, Baekseok University)
  • 홍성혁 (백석대학교 첨단IT학부, IoT 전공)
  • Received : 2023.10.23
  • Accepted : 2023.12.20
  • Published : 2023.12.28
Download PDF
⟨ Previous Next ⟩

Abstract

In today's business landscape, collaboration and interoperability are crucial for organizational success and profitability. However, integrating operations across multiple organizations is challenging due to differing roles and policies in Identity and Access Management (IAM). User-centric identity (UCI) adopts a personalized approach to digital identity management, centering on the end-user for authentication and access control. It provides a decentralized system that ensures secure and customized access for each user. UCI aims to address complex security challenges by aligning access privileges with individual user requirements. This research delves into UCI's ability to streamline resource access amidst conflicting IAM roles and protocols across various organizations. The study presents a UCI-based multi-domain access control (MDAC) framework, which encompasses an ontology, a unified method for articulating access roles and policies across domains, and software services melding with UCI infrastructure. The goal is to enhance organizational resource management and decision-making by offering clear guidelines on access roles and policy management across diverse domains, ultimately boosting companies' return on investment.

현대의 비즈니스 환경에서는 협업과 상호 운용성이 조직의 성공과 수익성에 있어 중요하다. 그러나 다양한 조직 간의 작업 통합은 Identity and Access Management (IAM)의 역할과 정책의 차이로 인해 많은 커스터마이징이 필요하다. 사용자 중심의 신원 (UCI)은 사용자를 중심으로 한 분산 액세스 솔루션을 제공하여 이러한 문제를 해결할 수 있다. 이 연구는 다양한 조직 간의 IAM 역할 및 프로토콜의 충돌 속에서 자원 액세스를 간소화하는 UCI의 능력을 깊게 조사한다. 이 연구는 UCI 기반의 다중 도메인 액세스 제어 (MDAC) 프레임워크를 제시하며, 이는 온톨로지, 도메인 간의 액세스 역할 및 정책을 표현하기 위한 통합된 방법, 그리고 UCI 인프라와 통합되는 소프트웨어 서비스를 포함한다. 목표는 다양한 도메인에서의 액세스 역할 및 정책 관리에 대한 명확한 지침을 제공함으로써 조직의 자원 관리와 의사 결정을 강화하고, 궁극적으로 기업의 투자 수익률을 향상시키는 것이다.

Keywords

Acknowledgement

This research was supported by 2023 Baekseok University Research Fund.

References

  1. Kim, J., Lee, S., & Ryu, S. (2023). A user-controlled identity-based multi-domain access control system using blockchain. Journal of Information Security, 24(1), 1-14. DOI : 10.1016/j.jis.2022.12.001
  2. Li, Q., Zhang, Y., & Yang, Y. (2022). A usercentric identity-based multi-domain access control system using FIDO2. IEEE Access, 10, 114087-114100. DOI : 10.1109/ACCESS.2022.3164595
  3. Zhou, Y., Li, H., & Wang, J. (2021). A user-controlled identity-based multi-domain access control system using attribute-based encryption. Information Sciences, 583, 283-298. DOI : 10.1016/j.ins.2021.07.023
  4. Chen, Y., Liu, Y., & Wang, X. (2020). A usercentric identity-based multi-domain access control system using blockchain and federated learning. Journal of Information Security, 21(4), 245-263. DOI : 10.1016/j.jis.2020.07.001
  5. Hu, Y., Zhang, Y., & Yang, Y. (2021). A usercontrolled identity-based multi-domain access control system using zero-knowledge proof. IEEE Access, 9, 116982-116995. DOI : 10.1109/ACCESS.2021.3088443
  6. Li, S., Wang, B., & Liu, Y. (2022). A usercontrolled identity-based multi-domain access control system using distributed ledger technology. International Journal of Information Security, 21(1), 1-15. DOI : 10.1007/s10207-022-00404-2
  7. Feller, J., Zaytsev, D., & Jones, M. B. (2012, October 27). OAuth 2.0 authorization framework. Internet Engineering Task Force. Retrieved from https://tools.ietf.org/html/rfc6749 DOI : 10.17487/RFC6749
  8. Fang, Y., Li, S., Guo, X., & Liu, Y. (2022). Vaultpoint:A blockchain-based UCI model that complies with OAuth 2.0. In: Lin, Y.-B., Deng, D.-J. (eds.) SGIoT 2020. LNICUCITE 2651. Springer, Cham DOI : 10.1007/978-3-030-83550-9_20.
  9. Kim, S., & Park, J. (2022). A survey on centralized and federated identity management. Journal of Information Science, 48(4), 423-442. DOI : 10.1177/01655515221096131
  10. Barker, R., & Parno, B. (2017). Decentralized Identifiers (DIDs): A technical introduction. RFC 8392. DOI : 10.17487/RFC8392
  11. Kshetri, N. (2021). The rise of decentralized identifiers: A review of the technology, applications, and challenges. Journal of Information Technology, 36(4), 513-525. DOI : 10.1057/s41265-021-00393-2
  12. Barker, R., & Parno, B. (2017). Decentralized Identifiers (DIDs): A technical introduction. RFC 8392. DOI : 10.17487/RFC8392
  13. Kshetri, N. (2021). The rise of decentralized identifiers: A review of the technology, applications, and challenges. Journal of Information Technology, 36(4), 513-525. DOI : 10.1057/s41265-021-00393-2
  14. Yin, Y., & Yu, S. (2021). A survey on RBAC and OAuth: A systematic literature review. Information Systems Frontiers, 23(6), 1525-1542. DOI : 10.1007/s10796-020-09909-5
  15. Zhu, J., & Zhang, X. (2022). A hybrid access control model based on RBAC and OAuth. IEEE Access, 10, 14436-14446. DOI : 10.1109/ACCESS.2022.3195679