• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.493-506
• /
• 2008

In this paper we suggest dynamic access control model based on context satisfied with requirement of u-healthcare environment through researching the role based access control model. For the dynamic security domain management, we used a distributed object group framework and context information for dynamic access control used the constructed database. We defined decision rule by knowledge reduction in decision making table, and applied this rule in our model as a rough set theory. We showed the executed results of context based dynamic security service through u-healthcare application which is based on distributed object group framework. As a result, our dynamic access control model provides an appropriate security service according to security domain, more flexible access control in u-healthcare environment.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.81-89
• /
• 2008

This paper introduces u-learning service model based on context awareness. Also, it concentrates on agent-based WPAN technology, OSGi based middleware design, and the application mechanism such as context manager/profile manager provided by agents/server. Especially, we'll introduce the meta structure and its management algorithm, which can be updated with learning experience dynamically. So, we can provide learner with personalized profile and dynamic context for seamless learning service. The OSGi middleware is applied to our meta structure as a conceptual infrastructure.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.8 no.5
• /
• pp.211-219
• /
• 2008

This paper is proposed context-aware based access control, model by extending original access control model. In this paper, we survey the recent researches about security model based context-aware such as xoRBAC and CAAC. For exactly policy evaluation, we make an addition Context Broker and Finder in existing CAAC security model. By this security model, Context information and context decision information is able to be collected easily for more correct policy decision. This paper controlled access of possible every resources that is able to access by user's event and constraint from primitive access resources. In this paper proposed security model can be offer dynamically various security level and access authority method alone with specified policy and constraint adjustment at user's role.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.4
• /
• pp.205-211
• /
• 2008

Conventional context-aware service models permit the access of resources only by user authentication, but the ubiquitous environments where the context information around users is changing frequently require the resource access control according to the rapid changes. This paper proposes a scheme to control access permission of resource dynamically as context information of user changes. Our access control model is based on traditional CASA (Context-Aware Security Architecture), but can restrict the access of the user already has been authorized. With the real-time checking of context information, our scheme gives different access controls according to changes in environmental information, and provides more secure services than conventional context-aware models.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.05a
• /
• pp.714-717
• /
• 2008

유비쿼터스 컴퓨팅(Ubiquitous Computing) 시대에 기업의 사무 환경은 다양한 정보들과 많은 사용자들이 유기적인 관계를 형성한다. 이러한 관계에서 접근 제어는 다양한 정보 객체에 허가된 사용자만이 접근할 수 있는 권한을 갖는 기능을 제공하는 것이고, 사무 환경에서 보안상 필수적이며 중요한 역할을 한다. 하지만 기존의 접근 제어 모델들은 상황 정보를 고려하지 않아 동적인 접근 제어를 하지 못하는 문제점을 가지고 있다. 본 논문은 워크플로우 기반의 오피스 환경에서 동적이고 능동적인 접근제어 관리를 제공하기 위한 상황 정보와 역할 기반의 워크플로우 데이터 접근제어 모델을 제안한다. 이 모델은 수많은 상황 정보 및 사무 정보와 사용자가 동적으로 변화하는 사무환경에서 사용자에게 접근을 제어하기 적합하다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.10b
• /
• pp.895-898
• /
• 2001

이기종 보안제품을 통합관리하기위한 통합보안관리시스템은 보안관리를 위한 불필요한 중복을 피하고 제품들을 효율적으로 상호운용하기위해 제안된 보안관리 구조이다. 본 논문은 다양한 보안제품으로 구성된 보호대상 네트워크의 보호 상황을 모니터링하고, 보안제품들이 상호 유동적으로 결합하여 작동할 수 있는 통합보안관리시스템을 위한 웹 기반 인터페이스 구조를 소개한다. 보안제품들에 대한 통합보안관리를 인터넷상에서 이미 친숙한 웹 기반 관리 기술을 이용함으로써 보안관리자들에게 편의성과 일관성을 제공하였으며, 보안정책에 대한 지식이 부족한 일반 사용자도 쉽게 보안관리를 수행할 수 있도록 설계되었다. 또한, 자바 애플릿을 이용하여 구현된 보안관리 인터페이스는 통합보안관리를 위해 요구되는 정보들을 동적으로 원격지의 보안관리자에게 제공함으로써 보안관리의 공간적 제약을 제거하였다.

• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.11
• /
• pp.861-865
• /
• 2009

As the hospital environment has been increasingly changed into a ubiquitous environment, the application services for the hospital environment are also faced with new requirements. In particular, the emergence of various mobile devices and the introduction of a wireless sensor network technology have accelerated the realization of the u-healthcare. The multi-agent paradigm has been introduced for satisfying both the integration of information and the various application scenarios established from various environments. This paper describes the software structure and u-applications for u-hospital information system based on ubiquitous environments. And it suggested the construction of a multi agent based distributed framework for supporting u-hospital information system. The suggested framework includes the JADE and distributed object group framework. And it implemented u-application services for supporting doctors and nurses, which provides the patient's health information and ward environment information. Especially, it is using a dynamic security mechanism on the security situation, which has not been emphasized in existing researches, and this paper shows the results for each user through the GUI.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.6B
• /
• pp.977-983
• /
• 2010

In mobile and secure military networks, full-meshed IPSec tunnels, which do correspond to not physical links but logical links between each IPSec device and its peer, are required to provide multicast communications. All IPSec devices need support in changing IPSec tunnels by a way of using a multicast group key which is updated dynamically. Tactical terminals, which often constitute a group, need also secure multicast communications in the same group members. Then, the multicast group key is required to be updated dynamically in order to support group members' mobility. This paper presents challenging issues of designing a secure and dynamic group key management of which concept is based on the Diffie-Hellman (DH) key exchange algorithm and key trees. The advantage of our dynamic tree based key management is that it enables the dynamic group members to periodically receive status information from every peer members and effectively update a group key based on dynamically changing environments.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.4C
• /
• pp.454-461
• /
• 2007

The next-generation computer is the ultra-lightweight mobile computer that communicates with peripheral handhold devices and provides dynamically the services appropriate to user. To provide the dynamic services on the ultra-lightweight mobile computer, security problem for user or computer system information should be solved and security mechanism is necessary for the ultra-lightweight mobile computing environment that has battery limit and low performance. In this paper, the security mechanism on the component based middleware for the ultra-lightweight mobile computer was implemented using RC-5 cipher algorithm and SHA-1 authentication algorithm. The security components are dynamically loaded and executed into the component based middleware on the ultra-lightweight mobile computer.

• Journal of Internet Computing and Services
• /
• v.16 no.1
• /
• pp.47-55
• /
• 2015

Recently, the environment of a hospital information system is a trend to combine various SMART technologies. Accordingly, various smart devices, such as a smart phone, Tablet PC is utilized in the medical information system. Also, these environments consist of various applications executing on heterogeneous sensors, devices, systems and networks. In these hospital information system environment, applying a security service by traditional access control method cause a problems. Most of the existing security system uses the access control list structure. It is only permitted access defined by an access control matrix such as client name, service object method name. The major problem with the static approach cannot quickly adapt to changed situations. Hence, we needs to new security mechanisms which provides more flexible and can be easily adapted to various environments with very different security requirements. In addition, for addressing the changing of service medical treatment of the patient, the researching is needed. In this paper, we suggest a dynamic approach to medical information systems in smart mobile environments. We focus on how to access medical information systems according to dynamic access control methods based on the existence of the hospital's information system environments. The physical environments consist of a mobile x-ray imaging devices, dedicated mobile/general smart devices, PACS, EMR server and authorization server. The software environment was developed based on the .Net Framework for synchronization and monitoring services based on mobile X-ray imaging equipment Windows7 OS. And dedicated a smart device application, we implemented a dynamic access services through JSP and Java SDK is based on the Android OS. PACS and mobile X-ray image devices in hospital, medical information between the dedicated smart devices are based on the DICOM medical image standard information. In addition, EMR information is based on H7. In order to providing dynamic access control service, we classify the context of the patients according to conditions of bio-information such as oxygen saturation, heart rate, BP and body temperature etc. It shows event trace diagrams which divided into two parts like general situation, emergency situation. And, we designed the dynamic approach of the medical care information by authentication method. The authentication Information are contained ID/PWD, the roles, position and working hours, emergency certification codes for emergency patients. General situations of dynamic access control method may have access to medical information by the value of the authentication information. In the case of an emergency, was to have access to medical information by an emergency code, without the authentication information. And, we constructed the medical information integration database scheme that is consist medical information, patient, medical staff and medical image information according to medical information standards.y Finally, we show the usefulness of the dynamic access application service based on the smart devices for execution results of the proposed system according to patient contexts such as general and emergency situation. Especially, the proposed systems are providing effective medical information services with smart devices in emergency situation by dynamic access control methods. As results, we expect the proposed systems to be useful for u-hospital information systems and services.