• Nuclear Engineering and Technology
• /
• v.27 no.2
• /
• pp.189-202
• /
• 1995

An improved method is presented for the prediction of heat transfer coefficients in turbulent fall-ing liquid films with or without interfacial shear for both heating or condensation. A modified Mudawwar and El-Masri's semi-empirical turbulence model, particularly to extend its use for the turbulent falling film with high interfacial shear, is used to replace the eddy viscosity model incorporated in the unified approach unposed by Yih and Liu. The liquid film thickness and asymptotic heat transfer coefficients against the film Reynolds number for wide range of interfacial shear predicted by both present and existing methods are compared with experimental data. The results show that in general, predictions of the modified model agee more closely with experimental data than that of existing models.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.443-444
• /
• 2021

Security threats to information services are increasingly being developed, and the frequency and damage caused by security threats are also increasing. In particular, security threats occurring inside the organization are increasing significantly, and the size of the damage is also large. A zero trust model has been proposed as a way to improve such a security environment. In the zero trust model, a subject who has access to information resources is regarded as a malicious attacker. Subjects can access information resources after verification through identification and authentication processes. However, the initially proposed zero trust model basically focuses on the network and does not consider the security environment for systems or data. In this study, we proposed a zero trust-based access control mechanism that extends the existing zero trust model to the file system. As a result of the study, it was confirmed that the proposed file access control mechanism can be applied to implement the zero trust model.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.775-777
• /
• 2003

역할기반 접근통제는 많은 조직에서 효과적으로 사용되고 있다. 역할기반 접근통제에서 권한은 역할과 관련이 되어 있고 사용자는 역할과 관련된 권한을 얻기 위해 역할의 일원이 되어진다. 역할기반 접근통제에서의 사용자 권한위임은 한 사용자가 인증 된 다른 사용자에게 자신의 권한을 위임하여 권한을 위임 한자신과 같은 역할의 일원이 되게 하는 것이다. 그러나 기존의 역할기반 접근통제 모델에서는 권한의 일부를 위임하는 것이 어려웠다. 본 논문에서는 역할을 위임을 위한 부분역할로 나누어 권한의 일부를 위임 가능하게 함으로써 권한 전체를 위임했을 때의 문제를 방지하고, 접근통제에서의 최소권한 원칙과 임무분리 원칙을 만족하게 하는 권한위임 방법을 제안하였다.

• Journal of Digital Convergence
• /
• v.15 no.6
• /
• pp.219-227
• /
• 2017

Network access control should be able to effectively block security threats to the IT infrastructure, such as unauthorized access of unauthorized users and terminals, and illegal access of employees to internal servers. From this perspective, it is necessary to build metrics based on relevant standards to ensure that security is being met. Therefore, it is necessary to organize the method for security evaluation of NAC according to the related standards. Therefore, this study builds a model that combines the security evaluation part of ISO / IEC 15408 (CC: Common Criteria) and ISO 25000 series to develop security metric of network access control system. For this purpose, we analyzed the quality requirements of the network access control system and developed the convergence evaluation metric for security of the two international standards. It can be applied to standardization of evaluation method for network access control system in the future by constructing evaluation model of security quality level of network access control system.

• Journal of the Institute of Electronics Engineers of Korea TE
• /
• v.39 no.3
• /
• pp.90-96
• /
• 2002

RBAC(Role-Based Access Control) is an access control method based on the user's role and it provides more flexibility on the various computer and network security fields. But, RBAC models consider only users for roles or permissions, so for the purpose of exact access control within real application systems, it is necessary to consider additional subjects and objects. In this paper, we propose an Extended RBAC model, $ERBAC_3$, for access control of multi-level security system by adding users, subjects, objects and roles level to RBAC, which enables multi-level security control. 

• Transactions of the Korean Society of Mechanical Engineers A
• /
• v.34 no.8
• /
• pp.989-996
• /
• 2010

Statistical regression and/or interpolation models have been used for data analysis and response prediction using the results of the physical experiments and/or computer simulations in structural engineering fields. These models have been employed during the last decade to develop a variety of design methodologies. However, these models only handled responses with respect to space variables such as size and shape of structures and cannot handle time-variant dynamic responses, i.e. response varying with time. In this research, statistical space-time metamodels based on multiple response approach that can handle responses with respect to both space variables and a time variable are proposed. Regression and interpolation models such as the response surface model (RSM) and kriging model were developed for handling time-variant dynamic responses of structural engineering. We evaluate the accuracies of the responses predicted by the two statistical space-time metamodels by comparing them with the responses obtained by the physical experiments and/or computer simulations.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.04b
• /
• pp.963-966
• /
• 2002

웹 기술의 발전으로 기업에서는 인트라넷을 이용해 기업의 시스템을 구축하여 기업내의 업무처리의 효과를 증대시키고 있다. 이러한 인트라넷은 보통 외부 망과 내부 망 사이에 방화벽을 두어 안전성을 제공한다. 하지만 이것만으로는 내부의 적은 막아낼 수 없다. 본 논문에서는 이러한 인트라넷을 기업에 적용할 때 내부의 불법적인 사용자에 대한 접근을 막아내기 위한 안전한 서비스를 제공할 수 있도록 구축하는 방법에 대해 제안한다. 방법은 역할 기반 접근제어모델과 사용자 접근에 대해 사용자 인증서를 포함하여 보내는 기술을 이용하여 시스템을 구축한다.

• Proceedings of the Korean Reliability Society Conference
• /
• 2002.06a
• /
• pp.211-216
• /
• 2002

실제적인 문제에서 신뢰성 기반 최적 설계(RBDO)를 구현하기 위해서는 유한요소 모델을 해석하기 위한 상용 프로그램과 설계한 것에 대한 신뢰성을 산정할 수 있는 프로그램을 통합하고 최적화 알고리듬을 적용하여야 최적화를 수행하여야만 한다. 또한 최적화 과정에서 최적상태에서 제약조건이 비활성 영역에서 놓이게 되는 것을 방지하기 위해서 제약조건 최적화 문제를 비제약 조건 최적화 문제로 바꾸어 주는 장애 함수를 사용하여 최적화를 수행하였다. 그리고 이 방법론을 기존의 신뢰성기반 최적화 방법론, 즉 신뢰도지수 접근방법과 목표성능치 접근방법과의 비교를 하였다.

• The KIPS Transactions:PartD
• /
• v.12D no.4 s.100
• /
• pp.617-626
• /
• 2005

To design a software system many architecture styles have to be combined to construct the overall architecture of the system What to choose among various architecture styles or architectural approaches depends on the fact of what kind of functional or non-functional quality requirements the system should satisfy In this study, we define the method to choose suitable architectural approaches by the satisfaction level of system requirements that is evaluated through estimation about technical parts of architectural approaches, and verify the evaluation method by the case study that apply the evaluation method to choose architectural approaches for message system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.10
• /
• pp.1391-1396
• /
• 2021

The boundary-based security system has the advantage of high operational efficiency and easy management of security solutions, and is suitable for denying external security threats. However, since it is operated on the premise of a trusted user, it is not suitable to deny security threats that occur from within. A zero trust access control model was proposed to solve this problem of the boundary-based security system. In the zero trust access control model, the security requirements for real-time security event monitoring must be satisfied. In this study, we propose a monitoring method for the most basic file access among real-time monitoring functions. The proposed monitoring method operates at the kernel level and has the advantage of fundamentally preventing monitoring evasion due to the user's file bypass access. However, this study focuses on the monitoring method, so additional research to extend it to the access control function should be continued.