• Journal of the Korea Society of Computer and Information
• /
• v.10 no.3 s.35
• /
• pp.119-132
• /
• 2005

The health care system revolutionized by the use of information and communication technologies. Computer information processing and electronic communication technologies play an increasingly important role in the area of health care. We propose a new role based access control model for pervasive health care systems, which changed location, time, environment information. Also our model can be solved the occurrence of an reduction authority problem to pervasive health care system at emergency environment. We propose a new role based access control model for pervasive health care systems, which combines role-to-role delegations, negative permission, context concept and dynamic context aware access control. With out approach we aim to preserver the advantages of RBAC and offer groat flexibility and fine-grained access control in pervasive healthcare information systems.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2009.01a
• /
• pp.245-248
• /
• 2009

무선네트워크 환경에서 인증과 암호화를 함으로서 보안이 강화되는 효과가 있으나 무선네트워크를 이용하는 이용자들에 대한 권한이 동일하게 부여되면 접근성에 문제점이 대두됨에 따라 이용자 그룹별로 인터넷 이용에 대한 접근권한을 제어함으로서 다양한 학내 구성원, 계약직, 방문자, 시민 등 에게 보안측면과 운영성에 편리성을 가져올 수 있다. 관리자기 정책을 만들어 각각의 액세스포인트에 정책을 적용하고 사용자가 인증을 받을 때 인증서버에서 사용자에 대한 필터아이디를 액세스포인트에 전달해줌으로서 사용자에 대한 정책규칙이 적용된다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.679-681
• /
• 2003

최근 인터넷과 무선통신의 발전으로 많은 외부 클라이언트들이 학교나 공공기관 같은 내부 네트워크를 사용하게 되었다. 이러한 클라이언트들은 내부 네트워크를 사용하게 되면서 여러 가지 서비스를 받기 위해 다양한 서비스의 위치정보를 검색하는데 사용되는 프로토콜인 SLP(Service Location Protocol)를 사용한다. 이 때 악의를 가진 클라이언트가 SLP(Service Location Protocol)를 이용해 서비스 리스트를 얻어 자신이 내부 네트워크의 모든 자원을 사용할 수 있게 만드는 것과 같은 악의적인 행동을 할 수 있는 문제점이 있다. 본 논문은 이러한 문제점을 해결하기 위해 PMI(Privilege Management Infrastructure)를 이용하여 내부 네트워크에 들어온 외부 클라이언트에 관해 내부 서비스에 대한 권한을 설정하고자 하는 방안을 제안하고자 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.953-955
• /
• 2011

본 제품은 RFC(Recursive Flow Classification) 알고리듬의 네트워크 접근제어를 구현한 방화벽 기반의 정보유출방지 솔루션이다. 네트워크 단에서의 정보유출은 대부분 이메일, 메신저, 웹하드, P2P 등을 통해 이루어진다. 따라서 본 제품은 업로드 트래픽의 크기를 제한하고 사용자가 송수신하는 모든 메일을 필터링 하여 저장한다. 웹상에서는 정보유출 가능성이 있는 URL을 등록, 사용을 제한하는 기능을 통하여 네트워크를 통한 정보유출의 가능성을 원천적으로 차단한다. 동시에 사용자 중심의 인터페이스와 성능이 뛰어나면서도 저렴한 통합 플랫폼을 제공함으로써 중소기업환경에 최적화된 네트워크 정보보안의 대안을 제시한다.

• The KIPS Transactions:PartC
• /
• v.13C no.5 s.108
• /
• pp.567-574
• /
• 2006

VG-AnyLAN is a local area network standard developed by the IEEE 802.12 project. While preserving the frame format of IEEE 802.3, VG-AnyLAN adopts a new medium access control called Demand Priority where transmission requests of stations are arbitrated by a control hub in a round-robin manner. Unlike CSMA/CD which is the medium access control of IEEE 802.3, the Demand Priority, while providing the maximum bound on the packet delay, does not put the limit on the network segment size. In this paper, we analyze the delay and the channel utilization performances of the medium access control of IEEE 802.12 VG-AnyLAN. We develope an analytic model of the system under assumptions that each station generates traffic of the equal priority and that the packets are of fixed length. Using the analytic model, we obtain the recursive expression of the average channel utilization and the average access delay The numerical results obtained via analysis are compared to the simulation results of the system for a partial validation of our analysis.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2012.07a
• /
• pp.413-414
• /
• 2012

우리 주변에서 인터넷에 접근할 수 있는 기반시설이 풍부하게 제공 되어 최근 출시되는 많은 가전제품과 전기전자 제품들은 인터넷에 접속하여 웹브라우저나 휴대폰을 이용하여 원격으로 감시하고 제어할 수 있다. 그러나 기존의 제품들은 대부분 인터넷 인터페이스가 없기 때문에 네트워크에 접속할 수 없어 불편함이 많았다. 따라서 본문에서는 주변의 가전제품 및 전기용품들을 인터넷 환경에서 감시하고 제어할 수 있는 인터넷 전원 콘센트를 위한 임베디드 WEB 제어환경을 설계하고 구현하였다. 본 논문에서 사용한 인터넷 전원 콘센트 제어기는 위즈넷사에서 개발한 하드웨어 TCP/IP 프로세서인 W5300을 사용하여 AVR 마이크로프로세서로 운영 가능한 인터넷 인터페이스를 설계하고 임베디드 WEB 서버를 구현하였다. 하드웨어 TCP/IP 프로세서를 사용하여 이더넷 인터페이스를 구현함으로서 소형의 8비트 마이크로프로세서로 완전한 TCP/IP 스택의 구현이 가능하여 개발제품의 가격 경쟁력과 소형화에 기여할 수 있다.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.12
• /
• pp.716-725
• /
• 2004

It is extremely important to minimize network access time in constructing a high-performance PC cluster system. For PC cluster systems, it is possible to reduce network access time by maintaining network cache in each cluster node. This paper presents a Network Cache Coherent NUMA (NCC-NUMA) system to utilize network cache by locating shared memory on the PCI bus, and the NCC-NUMA card which is core module of the NCC-NUMA system is developed. The NCC-NUMA card is directly plugged into the PCI slot of each node, and contains shared memory, network cache, shared memory control module and network control module. The network cache is maintained for the shared memory on the PCI bus of cluster nodes. The coherency mechanism between the network cache and the shared memory is based on the IEEE SCI standard. According to the SPLASH-2 benchmark experiments, the NCC-NUMA system showed improvements of 56% compared with an SCI-based cluster without network cache.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.7 no.2
• /
• pp.287-293
• /
• 2012

It has been only few years that various contents information subject for information processing system has been remarkably increased in online. If we say the year 2000 is the technology based year when deluge of information and data such as real time sharing, the time since after 2000 until 2011 has been a period plentiful of application based functions and solutions. Also, as the applicable range of these information process systems extends, individual information effluence has been social issues twice in 2009 and 2010. Thus now there are continuous efforts made to develop technologies to secure and protect information. However, the range problem has been extended from the illegal access from outside to the legal access from internal user and damages by agents hidden in internal information process system and client system. Therefore, this study discusses the necessity for the studies on efficiency based information security by control of access to internal information and authority setting for administrator and internal users. Based on the result of this study, it provides data that can be used from SOHO class network to large scale for information security method.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.05a
• /
• pp.733-736
• /
• 2009

Power Line Communication(PLC) is need not additional communication line. So establishment expense is inexpensive and application is simple. Therefore, lower part network of various application field is possible. However, there are high subordinate interference and noise problem on limited transmission data and communication interference element. Wireless Sensor Network(WSN) is need not infrastructure, Self-regulating network architecture of sensor nodes is possible. So at short time, network construction is available. But, power consumption is increased by active sensing for QoS elevation and unnecessary information transmission, low electric power design and necessity of improve protocol are refered to life shortening problem and is studied. In this paper, supplement problem of power line communication and wireless sensor network mutually and because advantage becomes linkage integration control system using synergy effect of two technologies as more restriction be and tries to approach structurally control network that is improved for smooth network environment construction. Honeywell's hybrid sensor network does comparative analysis(benchmarking). Confirm performance elevation proposing teaming of power line communication and wireless sensor network. Through simulation, service delay decreases and confirms that performance elevation.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.2
• /
• pp.265-270
• /
• 2022

With the advent of the Fourth Industrial Revolution, the paradigm of finance is also changing. As remote work becomes more active due to cloud computing and coronavirus, the work environment changes and attack techniques are becoming intelligent and advanced, companies should accept new security models to further strengthen their current security systems. Zero trust security increases security by monitoring all networks and allowing strict authentication and minimal access rights for access requesters with the core concept of doubting and not trusting everything. In addition, the use of NAC and EDR for identification subjects and data to strengthen access control of the zero trust-based security system, and strict identity authentication through MFA will be explained. Therefore, this paper introduces a zero-trust security solution that strengthens existing security systems and presents the direction and validity to be introduced in the financial sector.