• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.9 no.5
• /
• pp.233-242
• /
• 2009

The security of medical information need continued research about steady and flexible security model because of privacy of patient's as well as directly relation in the patient's life. In particular, u-healthcare environment is need flexible and detailed access control by variety changes of context. Control model analyzed relation of resource and authority, and analyzed authority about all accessible resource from access point using K2BASE. The context-based access control model can change flexibly authority change and role, and can obtain resource of authority granted and meaningly connected resource. As a result, this thesis can apply flexible and adaptive access control model at u-healthcare domain which context change various.

• The KIPS Transactions:PartC
• /
• v.18C no.3
• /
• pp.151-156
• /
• 2011

Google Android, which is one of the popular smart phone platforms, employs a security model based on application permissions. This model intends to reduce security threats by protecting inappropriate accesses to system resources from applications, but this model has a few problems. First, permission requested by an application cannot be granted selectively. Second, once the permission has been granted it is maintained until the application is uninstalled. Third, applications may acquire powerful permissions through user ID sharing without any notice to users. In order to overcome these limitations, we designed and implemented a flexible application permission management scheme. The goal of our scheme is to enhance security and user convenience while keeping compatibility to original platform. We also verified the operation of our scheme with real applications on Android emulator.

• The KIPS Transactions:PartC
• /
• v.18C no.3
• /
• pp.135-142
• /
• 2011

Recently, the strategy for N-screen service is in the spotlight along with the consumer's need to use contents regardless of time and place due to the rapid development of communication technology, which is meshing with the desire of service providers seeking a new business model. N-screen, as a screen-extension-concept service which enables consumers to continuously share and use contents in various equipments such as TV, computer and portable terminals, is an advanced type of 3-screen service strategy initially proposed by AT&T, an American telecommunication company. In the N-screen service for pay-contents, in order to support continuous screen changes to and from various equipments, temporary watching right should be given to the equipment intended for screen change. However, it is impossible to give the temporary watching right in the present broadcasting environment, adopting an access-control system. In this paper, the access-control technology being used for pay-contents in the present broadcasting environment and the reason for not being able to give temporary watching right, will be examined. After the examination, the solution for delegation of watching right by using an additional key on the basis of currently used access-control technology, will be proposed.

• 한국사회복지학회:학술대회논문집
• /
• 2006.04a
• /
• pp.333-337
• /
• 2006

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.10C
• /
• pp.749-757
• /
• 2008

In this paper, we propose an authentication scheme for EVPT (Emergency Vehicle Priority Transit) service in Vehiclar Ad-hoc Networks (VANET) enable a variety of vehicle comfort services, traffic management applications, and infotainment services. These are the basis for a new generation of preventive and active safety functions. By intelligently controlling signalling at intersections, providing additional information to the driver and warning the driver in critical situations. we therefore focus on vehicle-to-infrastructure communication for the authentication between emergency vehicles and traffic lights system. This authentication process should identify the vehicle, and provide privacy protection.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.111-117
• /
• 2004

In distributed-computing environments, there is a strong demand for the authentication and the access control of distributed-shared resources. I have presented role-based access control (RBAC) concept that is in the spotlight recently. RBAC model shows the standardized access control of complicated organization's resources. In RBAC, senior role has junior role's permission by virtue of role hierarchy. But, junior role cannot perform the permission, which is granted to the senior or other role groups. Inheritances of permissions in role hierarchies are static. In order to tackle this problem, I propose a dynamic role assignment, which classified into passive role assignment and active role assignment, and design dynamic role assignment protocol and implement role assignment server.

• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.369-378
• /
• 2011

To ensure data confidentiality and fine-grained access control in business environment, system model using KP-ABE(Key Policy-Attribute Based Encryption) and PRE(Proxy Re-Encryption) has been proposed recently. However, in previous study, data confidentiality has been effected by decryption right concentrated on cloud server. Also, Yu's work does not consider a access privilege management, so existing work become dangerous to collusion attack between malicious user and cloud server. To resolve this problem, we propose secure system model against collusion attack through dividing data file into header which is sent to privilege manager group and body which is sent to cloud server. And we construct the model of access privilege management using AONT based XOR threshold Secret Sharing, In addition, our scheme enable to grant weight for access privilege using XOR Share. In chapter 4, we differentiate existing scheme and proposed scheme.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.239-241
• /
• 2003

무선 인터넷의 활성화와 더불어, 사용자 인중(Authentication), 권한 부여(Accounting) 그리고 자원사용(Accounting)의 세가지 AAA 서비스를 효율적으로 제공하기 위해 RADIUS와 같은 AAA프로토콜들이 사용되고 있다. 본 논문에서는 Casper와 CSP를 이용하여 RADIUS 프로토콜을 수행동작을 명세하고, 모델 체킹 도구인 FDR을 사용하여 RADIUS 프로토콜의 안전성을 분석하고자 하였다.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.11-19
• /
• 2006

Web service is giving an equal privilege to all user for sharing their resources. Under this situation, a lot of vulnerability against the various attacks through the Internet is possible, more sophisticated security services are necessary. In this paper, we propose an access control scheme using SPKI (Simple Public Infrastructure). The scheme designates an access control by providing the certificate to users who request a connection for resource sharing and limits the resource usage of information provider according to the access right that is given to their own rights.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.1139-1142
• /
• 2013

SNS(Social Network Service)를 사용하는 인구가 급증함으로 인해 개인의 생각이나 많은 자료들을 SNS 공간을 통해 공유함으로써 많은 문제들도 같이 발생하고 있는 추세이다. 대부분의 SNS는 자신의 공간에 게재된 정보에 대한 접근권한 만을 설정할 수 있고 자신이 타인의 공간에 게재한 게시물에 대해서는 접근 권한 설정에 대한 자격을 부여하지 않는다. 이를 통해 원치 않은 사용자들에게까지 자신의 개인 정보가 노출되는데, 이는 SNS 안에서의 문제만이 아니라 2차적인 문제도 만들어 낼 수 있다. 따라서 본 논문에서는 SNS 환경에서의 프라이버시 보호를 위한 태그 정보 접근 방법을 제안한다. 본 제안사항은 사용자의 태그정보에 대한 접근권한 설정을 통해 원치 않는 사용자가 2차적인 문제를 발생하지 않도록 제어할 수 있다.