• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.2C
• /
• pp.140-156
• /
• 2012

Since most of recently launched smart devices support NFC(Near Field Communication), RFID applications are tend to be replaced. For instance, previous RFID application areas such as entrance control, mobile e-ticket, electronic payment and et. al are subject to change using NFC. Due to the limitation of passive communication in RFID, it is impossible to cover all security requirements of authentication and authorization mechanism that wide areas of applications demand. Therefore authentication and authorization mechanism based on NFC is very attractive to such applications because active communication methods make it possible to be highly secure in authentication and authorization. In this paper, authors propose a new approach of secure authentication and authorization mechanism using NFC smart devices based on EAP(Extensible Authentication Protocol) and AAA(Authentication, Authorization and Accounting) protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1355-1362
• /
• 2012

As the utilization of cloud computing service rapidly increases to meet demands for various forms of service recently, the virtualization technology has made a rapid rise, further leading to some issues related to security, such as safety and reliability. As a system to provide environments what multiple virtual operating systems can be loaded, hypervisors may be a target of various attacks, such as control loss and authority seizure, since all the agents fcan be damaged by a malicious access to the virtualization layer. Therefore, this paper was conducted to investigate the access control for agents and suggest a plan to control malicious accesses to the cloud virtualization internal environment. The suggested technique was verified not to have effect on the performance of the system and environment through an analysis of its performance.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.11
• /
• pp.73-80
• /
• 2023

In this paper, a technology to protect important information from access in order to revitalize the cloud service market. A technology is proposed to solve the risk of leakage of important confidential and personal information stored in cloud systems, which is one of the various obstacles to the cloud service market. To protect important information, access control rights to cloud resources are granted to cloud service providers and general users. The system administrator has superuser authority to maintain and manage the system. Client computing services are managed by an external cloud service provider, and information is also stored in an external system. To protect important in-house information within the company, all users, it was designed to provide access authority with users including cloud service providers, only after they are authenticated. It is expected that the confidentiality of cloud computing resources and service reliability achieved through the proposed access control technology will contribute to revitalizing the cloud service market.

• The Korean Journal of Air & Space Law and Policy
• /
• v.33 no.2
• /
• pp.61-114
• /
• 2018

Recently airspace became a hot issue considering today's international relations. However, there was no data that could be fully explained about a legal system of korean airspace, so I looked at law and practice about korean airspace together. The nation's aviation law sector is comletely separate from those related to civil and military aircraft, at least in legal terms. The Minister of Land, Infrastructure and Transport shall carry out his/her duties with various authority granted by the "Aviation Safety Act". The nation's aviation-related content is being regulated too much by the Ministry of Land, Infrastructure and Transport's notice or regulation, and there are many things that are not well known about which clauses of the upper law are associated with. The notice should be clearly described only in detail on delegated matters. As for the airspace system, the airspace system is too complex for the public to understand, and there seems to be a gap between law and practice. Therefore, I think it would be good to reestablish a simple and practical airspace system. Airspace and aviation related tasks in the military need to be clearly understood by distinguishing between those entrusted by the Minister of Land, Infrastructure and Transport and those inherent in the military. Regarding matters entrusted by the Minister of Land, Infrastructure and Transpor, it is necessary to work closely with the Minister of Land, Infrastructure and Transport when preparing related work guidelines, and to clarify who should prepare the guidelines. Regarding airspace control as a military operation, policies or guidelines that are faithful to military doctrine on airspace control are needed.

• 한국경영정보학회:학술대회논문집
• /
• 2008.06a
• /
• pp.816-826
• /
• 2008

IT 거버넌스(Governance)는 IT 관련 의사결정에 있어서 기업 내부 주체들의 권한과 책임, 의사결정 조직체계와 프로세스, 의사소통 방법, 의사결정 실현 체계, 조정과 통제, 그리고 의사결정에 대한 사후 평가 등을 통틀어 일컫는 말이다. IT가 기업 경영의 필수 인프라로 인식되고, 기업의 경쟁력 제고의 핵심 역량으로 자리잡으면서 IT 거버넌스의 중요성은 점차커지고 있다. 본 연구에서는 국내 주요 대기업들의 IT 거버넌스를 분석하였다. 4개의 국내 대기업들에 대한 심층 인터뷰를 바탕으로, 이들 기업들이 어떤 조직 체계와 과정, 의사소통 체계, 그리고 성과 측정 방법 등을 가지고 IT 관련 의사결정을 하는지를 살펴보았다. 국내 대기업들은 IT 서비스를 전문적으로 제공하는 IT 서비스 계열사를 이용하여 IT 기능을 아웃소싱하고 있었으며, IT 관련 최종 의사결정은 IT 전문 조직이 아닌 비즈니스를 담당하고 있는 경영자들이 하는 것으로 나타났다. 국내 대기업들의 IT 서비스에 대한 계약과 성과 측정은 서비스 수준 협약을 통해 이루어지고 있었으며, 국제적으로 인정되고 있는 프로젝트 관리 방법론과 균형성과 기록표 등도 널리 사용하고 있었다. 이러한 연구는 국내 대기업 내의 IT 서비스 전문 기업들의 미래 역할 정립과 정부 기관이나 공기업들의 IT 거버넌스 체계 확립에 있어서 벤치마킹 근거로 활용될 수 있다. 또한 국내 대기업들의 IT 거버넌스 체계의 효율성 등을 측정하기 위한 기초 자료로 이용될 수 있다.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.7
• /
• pp.2125-2134
• /
• 2000

RBAC(Role Based Access Control) has the advantage that reflects the real world because it presents a basic access control model based on user's role in organizations or governments. But in RBAC model, the privileges of the senior roles in these hierarchies are inherited from those of the junior roles, so RBAC model has the privileges problem that he senior are given more privileges than they need. That is, it tends to infringe the Principle of Least Privilege. On the other hand, if we give some excessive constraints on the RBAC model without scrupulous care, it may be meaningless property of role hierarchies. Furthermore, such complicated constraints make it more difficult to mange resources and roles in huge enterprise environments. The purpose of this paper is to solve the problems of role hierarchies such as inefficient role managements and abuse of privileges by using newly presented the backward tag pointer path expression in the inheritance of privileges.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.04a
• /
• pp.238-240
• /
• 2004

본 논문에서는 대규모 네트워크 보안관리를 위한 계층적인 위임 모델을 제시한다. 대규모 네트워크는 라우터, 방화벽, 침입 탐지 시스템, 웹 서버 등의 수많은 구성요소로 이루어진 네트워크들의 집합이며, 각 네트워크마다의 독립적인 지역 정책들로 관리되어 서로간의 협동이 이루어질 수 없기 때문에 이를 효과적으로 통제하고 일괄적으로 관리하기 위해 계층적인 위임 모델이 사용되어야 한다. 제시하는 모델의 중요 구성 요소로는 관리 서버. 정책 설정 고 수준 언어 고 수준 언어 컴파일러, 도메인 서버. 인터프리터, 정책 관리 데이터베이스가 있다. 관리 서버에서 정책 설정 고 수준 언어를 사용하여 세밀하고 정교한 정책을 작성할 수 있고, 이 정책을 고 수준 언어 컴파일러를 통하여 최하위 노드들에게 적절하고 간결한 형태로 만들어낸다. 각 도메인 서버는 이 결과를 하위의 도메인 서버나 인터프리터에게 전달하면서 Keynote 신뢰 관리 시스템을 이용하여 권한을 위임한다. 그리고 인터프리터는 정책을 라우터, 방화벽, 웹 서버 등의 하위 노드에 맞는 실제 룰로 변환하녀 상위 관리 서버에서 전달한 정책을 적용하게 된다. 정책을 적용한 결과를 상위로 전달하여 데이터베이스를 구축한 뒤 후에 작성된 정책이 기존의 정책과 충돌하는지 검사에 이용하고, 충돌한다면 협상 과정을 거쳐 정책에 순응할 수 있는 결과를 도굴하게 된다. 또한 네트워크에서 많은 새로운 형태들의 노드가 추가될 수 있는데, 각각의 인터프리터만 추가함으로서 다양한 하위 노드를 충족시킬 수 있는 확장성을 제공한다.

• Proceedings of the Korea Contents Association Conference
• /
• 2003.05a
• /
• pp.198-201
• /
• 2003

Changes in internet and network environment make it possible to provide high-quality content services in real time. As demand for digital content is increased, problems related to intellectual property rights are getting more important. Streaming service like video-on-demand solved this problem by preventing content from being saved. But, as the advent of several tools able to save streamed content, the streamed content is not free from these problems any more. So, with security countermeasure like access control, new technologies to control and manage rights for content are needed. One of the solutions is DRM In this paper, we describe a DRM-based streaming service that can send the ASF stream which is the multimedia file format of Microsoft.

• Journal of Digital Contents Society
• /
• v.18 no.7
• /
• pp.1267-1280
• /
• 2017

This study examines the changes of the online music market and revenue models by the theory of network society and communications of Manuel Castells for the content platform. As a result of this study, we found that active communications among the members in the network, played a crucial role in the creation of contents and the promotions of profit for platform providers. It is especially important to create an environment in which members can voluntarily communicate rather than an artificial control. The content platform business consists of people, thus it has been proven that providing play elements of culture and society are important, as well as necessary conditions to the generation related to content based platform businesses.

• Convergence Security Journal
• /
• v.15 no.3_1
• /
• pp.83-90
• /
• 2015

Current PKI system will confront more dangerous elements in the wireless network. Accordingly, this study suggests a plan to strengthen authentication system plan with using access control and encryption to the location. Locational information collecting devices such as GPS and sensor are utilized to create a new key for authentication and collect locational information. Such a key encodes data and creates an authentication code for are access control. By using the method suggested by this study, it is possible to control access of a military secret from unauthorized place and to protect unauthorized user with unproposed technique. In addition, this technique enables access control by stage with utilizing the existing PKI system more wisely.