• The Journal of the Korea Contents Association
• /
• v.9 no.1
• /
• pp.53-60
• /
• 2009

In home network environments, the user authentication and authorization associated user's information and usability may be important security issue. The OSGi service platform, a well-known home network gateway already specifies the mechanism of that. The traditional authority method provided OSGi implements simple RBAC(Role Based Access Control) model. This is difficult to support efficient access control. In this paper, we propose the dynamic RBAC model based on OSGi. The proposed method describes the extended framework that manage two roles named as absolute role and relative role, extend existed framework with relative role and propose programming model to enable dynamic access control. Finally, we implement the proposed framework using AspectJ and Java annotation.

• Journal of the Korea Computer Industry Society
• /
• v.7 no.5
• /
• pp.481-486
• /
• 2006

Whereas conveniences deriving from the development of information and telecommunication technology increase, information outflow and illegal data use are also rapidly on the rise. Consequently, many studies to prevent illegal information outflow are currently under way, and the use of Smart Card is in steep jump. Recently, Java Card is diffused fast as an alternative to complement the technical problems of the Smart Card. This paper designed and Implementation the system for multi-users authentication and file access control by user through designing a Java Card applet that is used for information protection and in various application fields. For allowing a file access competence, each user's file access competence is processed via drawing up the access condition table in the applet. Therefore, illegal correction exposure and destruction of information, which become the concerns when multi-users have an access, can be prevented. In addition its application becomes possible in the system requiring multi-users certifications.

• Korean Security Journal
• /
• no.26
• /
• pp.59-87
• /
• 2011

Security Business Act of Korea is leaning toward the aspect of regulation, while it provides few provisions about vesting the authority, which causes problems such as legal loopholes to be raised in regard to the rules about authorizing the private security personnel to perform security affairs properly and defining the limit of power. So, it should be done to interpret the law in order to draw the legal basis of empowering as well as to set limits of the authority of security main agent, and Article 7, Section 1, of Security Business Act is the very provision that involves the legal basis. In the scope of 'Management Power', the statutory authority in the first clause of Article 7 of Security Business Act, the security personnel can use force for self-defense, defense of others and property, and prevention of crimes. In addition, the powers of interrogation, access control, and eviction notice are involved in its scope. The private security personnel as the occupation assistant can take precautions and if the infringement on the benefit and protection of the law is imminent or done, he or she can use force within the limits of the passive resistance and the means of defiance on the basis of 'Management Power'. The private security personnel, however, can exercise the force only if the necessary conditions of legal defense, emergency evacuation, and legitimate act of criminal law are fulfilled.

• Proceedings of the KIEE Conference
• /
• 2008.09a
• /
• pp.269-270
• /
• 2008

본 논문에서는 캐나다 중서부에 위치한 BC(British Columbia)주 및 AB(Alberta)주의 수용가 전력설비에 대한 전기안전 시스템에 대해 고찰하였다. 캐나다의 전기안전은 주정부 권한을 위임받은 안전청에서 담당하며, 세부적인 안전관리는 각 주마다 절차 상 약간의 차이는 있었지만, 전체적으로 전기안전이라는 큰 틀 안에서 동일한 맥락으로 통제되고 있었다. 또한, 국내에 비해 전기안전 교육 프로그램 및 홍보가 상당히 강화되어 있음을 알 수 있었다.

• Proceedings of the Korean Association of Geographic Inforamtion Studies Conference
• /
• 2010.06a
• /
• pp.267-269
• /
• 2010

본 논문은 공간정보가 포함된 u-GIS 컨텐츠에 대한 시공간 디지털 저작권 관리 시스템에 대한 것으로, 기존의 저작권 시스템이 디지털 컨텐츠에 대해 시간 및 사용자에 대한 권한을 부여하던 제한적인 방식을 사용했으나, 본 논문에서는 u-GIS 컨텐츠에 대해서 사용자 및 시공간적인 저작권을 부여하는 시공간 디지털 저작권 관리 시스템의 요소기술을 제안한다.

• Review of KIISC
• /
• v.19 no.3
• /
• pp.35-45
• /
• 2009

개인신원검증은 사용자가 자원 및 시스템에 접근할 수 있는 자격을 증명하고, 사용자가 요청한 업무를 수행하기 위해 필요한 권한을 부여 받는 과정이다. 즉 인증 과정이 성공적으로 수행된 후 인가 수준을 결정하는 중요 요소로서 활용된다. 이러한 개인신원검증은 신원 도용, 변조의 위험과 비인가 된 사용자의 접근을 허용할 수 있는 문제점을 가지고 있다. 이에 따라 국 내외적으로 개인신원검증에 대한 다양한 연구가 진행되고 있다. 따라서 본 고에서는 NIST의 FIPS 201-1에서 규정하는 개인신원검증에 대한 주요 인프라, 인증 메커니즘, 암호키에 대한 기술적인 세부 내용을 분석하고자 한다.

• The monthly packaging world
• /
• s.179
• /
• pp.117-129
• /
• 2008

환경부는 2005년 2월 10일 악취방지법 시행 이후 악취배출시설 관리업무 등 현행 제도의 운용상에 나타난 일부 미비점을 합리적으로 개선, 보완하고 악취관리지역 지정 및 지정해제, 미신고대상 악취배출시설 관리강화 등 효율적인 악취관리방안을 마련하여 쾌적한 생활환경을 조성하기 위해 악취방지법 일부개정법률안을 재입법 예고한다. 현행 악취방지법에서 시.도지사의 소관업무로 정하고 잇는 악취사무를 인구 50만 이상 대도시에서 수행할 수 있도록 책임과 권한을 부여함으로써 지역실정에 맞는 악취저감대책을 자체적으로 추진할 수 있도록 하고 있다. 본 고에서는 주요내용과 함께 달라진 법률안을 살펴보도록 한다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.2
• /
• pp.250-256
• /
• 2007

Role-based Access Control (RBAC) model appears to be the most appropriate technique for access control to minimize the errors likely to occur in managing users and network resources. In this paper, we introduced the Work-concept RBAC model that is the result of the Work concept imported to the role based access control model. Using our extended access control model a user could select a work which is more abstract and more inclusive concept than role to do his work. Additionally even if the user has an authority through selecting a work, if a user has no relation to his assigned job, it will be automatically prohibited.

• Journal of Convergence for Information Technology
• /
• v.10 no.10
• /
• pp.32-39
• /
• 2020

In the large-scale infrastructure of cloud environment, illegal access rights are frequently caused by sharing applications and devices, so in order to actively respond to such attacks, a strengthened access control system is required to prepare for each situation. We proposed an entity attribute-based access control(EABAC) model based on security level and relation concept. This model has enhanced access control characteristics that give integrity and confidentiality to subjects and objects, and can provide different services to the same role. It has flexibility in authority management by assigning roles and rights to contexts, which are relations and context related to services. In addition, we have shown application cases of this model in multi service environment such as university.

• Korean Business Review
• /
• v.12
• /
• pp.189-207
• /
• 1999

The recent keen global competition makes cooperative Labor-Management relations as one of the minimum requirements for the business firms in order to survive. Accordingly, this study focused upon the comparative analysis of the traits of some major countries' Labor-Management Joint Consultations for the purpose of explaining the core characteristics of them. The way how to develop and enhance the Labor-Management Joint Consultation in Korea was also suggested. As a result, this study shows that the social background of, the authority of, and the relationship with collective bargaining of the the Labor-Management Joint Consultation differed in great extent among the countries, and that these differences caused the various consultation patterns in each country. For example, the Labor-Management Joint Consultation was introduced and used voluntarily in the U.S.A. and Japan, while it was enforced by law in Korea, Germany, and France. Also, co-determination has been popular in Germany, France, and The U.S.A., but only the advising and consulting have been dominant in Korea and Japan. However, the rapid change of business environment and the increase in employees' need will make the co-determination as a desirable pattern even in Korea.