• Convergence Security Journal
• /
• v.15 no.3_1
• /
• pp.83-90
• /
• 2015

Current PKI system will confront more dangerous elements in the wireless network. Accordingly, this study suggests a plan to strengthen authentication system plan with using access control and encryption to the location. Locational information collecting devices such as GPS and sensor are utilized to create a new key for authentication and collect locational information. Such a key encodes data and creates an authentication code for are access control. By using the method suggested by this study, it is possible to control access of a military secret from unauthorized place and to protect unauthorized user with unproposed technique. In addition, this technique enables access control by stage with utilizing the existing PKI system more wisely.

• The Journal of Society for e-Business Studies
• /
• v.12 no.4
• /
• pp.127-144
• /
• 2007

This paper describes an Security Manager that integrally manages the Information Service related to RFID middleware, Object Name Service, and Web Service for upper level applications. In order to provide the access control of distributed RFID objects, Single-Sign-On has been implemented by extending existing UCON (Usage Control) model and SAML (Security Assertion Markup Language) assertions. The security technology of distributed RFID systems can be included in middleware and protect RFID information. In the future, it can be also applied to ubiquitous sensor networks.

• The KIPS Transactions:PartC
• /
• v.13C no.5 s.108
• /
• pp.567-574
• /
• 2006

VG-AnyLAN is a local area network standard developed by the IEEE 802.12 project. While preserving the frame format of IEEE 802.3, VG-AnyLAN adopts a new medium access control called Demand Priority where transmission requests of stations are arbitrated by a control hub in a round-robin manner. Unlike CSMA/CD which is the medium access control of IEEE 802.3, the Demand Priority, while providing the maximum bound on the packet delay, does not put the limit on the network segment size. In this paper, we analyze the delay and the channel utilization performances of the medium access control of IEEE 802.12 VG-AnyLAN. We develope an analytic model of the system under assumptions that each station generates traffic of the equal priority and that the packets are of fixed length. Using the analytic model, we obtain the recursive expression of the average channel utilization and the average access delay The numerical results obtained via analysis are compared to the simulation results of the system for a partial validation of our analysis.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.4B
• /
• pp.592-598
• /
• 2010

A home network system is made up of subject of cyber attack from a variety factors of threatening, but also have security weakness in cases of hacking, vicious code, worm virus, DoS attack, tapping of communication network, and more. So, the necessity for a security protocol to protect user asset and personal information within a home network is gradually increasing. Thus, this paper designs and suggests a home network security protocol using user authentication and approach-control technology to prevent the threat by unauthorized users towards personal information and user asset in advance by providing the gradual authority to corresponding devices based on authorized information, after authorizing the users with a Public Key Certificate.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.3 s.35
• /
• pp.119-132
• /
• 2005

The health care system revolutionized by the use of information and communication technologies. Computer information processing and electronic communication technologies play an increasingly important role in the area of health care. We propose a new role based access control model for pervasive health care systems, which changed location, time, environment information. Also our model can be solved the occurrence of an reduction authority problem to pervasive health care system at emergency environment. We propose a new role based access control model for pervasive health care systems, which combines role-to-role delegations, negative permission, context concept and dynamic context aware access control. With out approach we aim to preserver the advantages of RBAC and offer groat flexibility and fine-grained access control in pervasive healthcare information systems.

• Journal of KSNVE
• /
• v.12 no.3
• /
• pp.154-162
• /
• 2002

예를 들어보자. 비행중인 비행기의 날개에 센서들을 연결하고 센서 신호들을 서버에 송신하고, 연구원은 네트워크를 통해 이 데이터에 실시간으로 접근하여 비행기의 상태를 점검한다. 그림 1은 이런 개념을 보여주는 그림이다. 또 다른 예들을 들어보자. 서울 본사의 엔지니어가 중국의 공장에 설치된 액츄에이터에 사용되는 퍼지로직 제어 알고리즘을 자바 애플릿을 이용해 조정한다. 경부고속도로를 주행하고 있는 트레일러 자동차에서 온도와 압력에 관한 문제점이 발생하면 자동차에 설치된 시스템이 이를 본사에 송신해 조치한다. 학생들이 집에서 학교에 설치된 실험 장치에 홈페이지를 통해 접근하여 실험을 수행하고 보고서를 이메일로 처리한다.(중략)

• Convergence Security Journal
• /
• v.11 no.4
• /
• pp.43-49
• /
• 2011

Web-based health information provides a lot of conveniences, however the security vulnerabilities that appear in the network environment without the risk of exposure in the use of information are growing. Web-based medical information security issues when accessing only the technology advances, without attempting to seek a safe methodology are to increase the threat element. So it is required. to take advantage of web-based information security measures as a web-based access control security mechanism-based design. This paper is based on software architecture, design, ideas and health information systems were designed based on access control security mechanism. The methodologies are to derive a new design procedure, to design architecture and algorithms that make the mechanism functio n. To accomplish this goal, web-based access control for multiple patient information architecture infrastructures is needed. For this software framework to derive features that make the mechanism was derived based on the structure. The proposed system utilizes medical information, medical information when designing an application user retrieves data in real time, while ensuring integration of encrypted information under the access control algorithms, ensuring the safety management system design.

• Review of KIISC
• /
• v.32 no.4
• /
• pp.7-17
• /
• 2022

운전자 보조 시스템을 통한 차량의 전자적인 제어를 위하여, 최근 차량에 탑재된 전자 제어 장치 (ECU; Electronic Control Unit)의 개수가 급증하고 있다. ECU는 효율적인 통신을 위해서 차량용 내부 네트워크인 CAN(Controller Area Network)을 이용한다. 하지만 CAN은 기밀성, 무결성, 접근 제어, 인증과 같은 보안 메커니즘이 고려되지 않은 상태로 설계되었기 때문에, 공격자가 네트워크에 쉽게 접근하여 메시지를 도청하거나 주입할 수 있다. 악의적인 메시지 주입은 차량 운전자 및 동승자의 안전에 심각한 피해를 안길 수 있기에, 최근에는 주입된 메시지를 식별하기 위한 침입 탐지 시스템(IDS; Intrusion Detection System)에 대한 연구가 발전해왔다. 특히 최근에는 AI(Artificial Intelligence) 기술을 이용한 IDS가 다수 제안되었다. 그러나 제안되는 기법들은 특정 공격 데이터셋에 한하여 평가되며, 각 기법에 대한 탐지 성능이 공정하게 평가되었는지를 확인하기 위한 평가 프레임워크가 부족한 상황이다. 따라서 본 논문에서는 machine learning/deep learning에 기반하여 제안된 차랑용 IDS 5가지를 선정하고, 기존에 공개된 데이터셋을 이용하여 제안된 기법들에 대한 비교 및 평가를 진행한다. 공격 데이터셋에는 CAN의 대표적인 4가지 공격 유형이 포함되어 있으며, 추가적으로 본 논문에서는 메시지 주기 유형을 활용한 공격 유형을 제안하고 해당 공격에 대한 탐지 성능을 평가한다.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.131-137
• /
• 2004

With the rapid development of information sharing through network, If system is exposed to various threatener and security incident are became a social problem. As a countermeasure, various security systems are been using such as IDS, Firewall, VPN etc.. But, expertise or expert is required to handle security system. In this paper, design and implementation of file access control module for secure operation system. The module, implemented in this paper, is based on Windows and has effect integrity and non-repudiation for a file.

• Journal of KIISE:Computer Systems and Theory
• /
• v.29 no.1
• /
• pp.35-41
• /
• 2002

It is extremely important to minimize network access time in constructing a high-performance PC cluster system For an SCI based PC cluster it is possilbe to reduce the network access time by maintaining network cache in each cluster node, This paper presents a CC-NUMA card that utilizes network cache for SCI based PC clustering The CC-NUMA card is directly plugged into the PCI solot of each node, and contains shared memory network cache, and interconnection modules. The network cache is maintained for the shared memory on the PCI bus of cluster nodes. The coherency mechanism between the network cache and the shared memory is based on the IEEE SCI standard. A CC-NUMA prototype card is developed to evaluate the performance of the system. According to the experiments. the cluster system with the CC-NUMA card showed considerable improvements compared with an SCI based clustser without network cache.