• Proceedings of the Korean Society of Computer Information Conference
• /
• 2024.01a
• /
• pp.445-447
• /
• 2024

스마트 디바이스 등 디지털 환경의 변화가 가속화되며 온라인을 통한 개인정보 관리에 대한 관심이 높아지고 있다. 개인정보를 다루는 플랫폼마다 다양한 개인정보 접속 가능자가 존재하며 블록체인 기반 스마트 컨트랙트를 이용하여 개인정보의 관리권한에 대한 유연한 관리 및 개인정보 관리 이력을 투명하게 관리할 수 있다. 본 논문을 통하여 블록체인 기술의 스마트 컨트랙트 기반 데이터 사용 및 관리권한에 대한 규칙을 설정하고 유연하게 수정하여 개인정보를 안전하고 투명하게 관리할 수 있다.

• The KIPS Transactions:PartC
• /
• v.18C no.3
• /
• pp.151-156
• /
• 2011

Google Android, which is one of the popular smart phone platforms, employs a security model based on application permissions. This model intends to reduce security threats by protecting inappropriate accesses to system resources from applications, but this model has a few problems. First, permission requested by an application cannot be granted selectively. Second, once the permission has been granted it is maintained until the application is uninstalled. Third, applications may acquire powerful permissions through user ID sharing without any notice to users. In order to overcome these limitations, we designed and implemented a flexible application permission management scheme. The goal of our scheme is to enhance security and user convenience while keeping compatibility to original platform. We also verified the operation of our scheme with real applications on Android emulator.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10c
• /
• pp.535-537
• /
• 2004

최근 논의되고 있는 디지털 홈 네트워크는 유무선 통신 프레임워크를 기반으로 사용자 디바이스간 다양한 정보 공유 및 멀티미디어 컨텐츠 교환의 활성화가 예상되며, 대부분의 사용자는 자신이 구입한 권한 정보를 가족 또는 친구 등과 공유 가능하게 할 수 있는 형태의 유연한 서비스를 요구하고 있다. 본 연구에서는 이러한 홈 네트워크 환경에 대해 사용자 소유의 디바이스로 구성된 도메인에서의 권한 정보 관리 기법을 제안한다. 제안한 기법은 정당한 사용자 도메인의 디바이스에 대해 보유하고 있는 권한 정보 한도 내에서 DRM 포맷에 독립적으로 해당 디바이스를 위한 권한 정보를 생성 및 기존 권한 정보의 상태 정보에 대한 업데이트를 수행하며, 이때, 사용자 디바이스의 성능을 고려하도록 하였다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.1
• /
• pp.45-52
• /
• 2009

Currently broadcasting and telecommunication has integrated, And IPTV Service has appeared who called TPS(Triple Play Service) which integrated with broadcasting, telecommunication and Phone Service. IPTV provide broadcasting service and VOD(Video on Demand) service, and it must be satisfied digital content security. For this condition, IPTV Forum working on standardization of interface for digital content security. The Security solution for broadcasting and VOD are CAS (Conditional Access System) and DRM(Digital Rights Management). But these solutions manufactured by many vendors, so there is no inter-operability. And after finished standardization of interface for CAS and DRM system, the problem of inter-operability with them will be issued. For this reason, Rights management system which possible to operate independently with platform is necessary. In this paper, To protect multimedia digital content, we designed and implemented Conditional Access Management System.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.516-519
• /
• 2008

Currently broadcasting and telecommunication has integrated, And IPTV Service has appeared who called TPS(Triple Play Service) which integrated with broadcasting, telecommunication and Phone Service. IPTV provide broadcasting service and VOD(Video on Demand) service, and it must be satisfied digital content security. For this condition, IPTV Forum working on standardization of interface for digital content security. The Security solution for broadcasting and VOD are CAS(Conditional Access System) and DRM(Digital Rights Management). But these solutions manufactured by many vendors, so there is no inter-operablity. And after finished standardization of interface for CAS and DRM system, the problem of inter-operability with them will be issued. For this reason, Rights management system which possible to operate independently with platform is necessary. In this paper, To protect multimedia digital content, we designed and implemented Conditional Access Management System.

• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.369-378
• /
• 2011

To ensure data confidentiality and fine-grained access control in business environment, system model using KP-ABE(Key Policy-Attribute Based Encryption) and PRE(Proxy Re-Encryption) has been proposed recently. However, in previous study, data confidentiality has been effected by decryption right concentrated on cloud server. Also, Yu's work does not consider a access privilege management, so existing work become dangerous to collusion attack between malicious user and cloud server. To resolve this problem, we propose secure system model against collusion attack through dividing data file into header which is sent to privilege manager group and body which is sent to cloud server. And we construct the model of access privilege management using AONT based XOR threshold Secret Sharing, In addition, our scheme enable to grant weight for access privilege using XOR Share. In chapter 4, we differentiate existing scheme and proposed scheme.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.9
• /
• pp.131-138
• /
• 2022

In this paper, we propose an FA-RBAC (FA-RBAC) model based on flexible properties. This model is assigned attribute-role-centric, making it easy to manage objects, as efficient as access control, and as the network environment changes, it can provide flexible access control. In addition, fine-grained permissions and simple access control can be achieved while balancing the advantages and disadvantages of the RBAC and ABAC models, reducing the number of access control rules by combining static attribute-based roles and dynamic attribute-based rules, and verifying the validity and performance benefits of the proposed model through comparison analysis and simulation.

• Journal of Convergence for Information Technology
• /
• v.8 no.5
• /
• pp.69-75
• /
• 2018

The purpose of access control is to prevent computing resources from illegal behavior such as leakage, modification, and destruction by unauthorized users. As the cloud computing environment is expanded to resource sharing services using virtualization technology, a new security model and access control technique are required to provide dynamic and secure cloud-based computing services. The virtualization management convergence access control model provides a flexible user authorization function by applying the dynamic privilege assignment function to the role based access control mechanism. In addition, by applying access control mechanism based on security level and rules, we solve the conflict problem in virtual machine system and guarantee the safeness of physical resources. This model will help to build a secure and efficient cloud-based virtualization management system and will be expanded to a mechanism that reflects the multi-level characteristics.

• The Journal of the Korea Contents Association
• /
• v.8 no.11
• /
• pp.25-32
• /
• 2008

Access control techniques should be flexible enough to support all protection granularity levels. Since access control policies are very likely to be specified in relation to document types, it is necessary to properly manage a situation in which documents fail to be dealt with by the existing access control policies. In terms of XML documents, it is necessary to describe policies more flexibly beyond simple authorization and to consider access control methods which can be selected. This paper describes and designs the access control policy system for authorization for XML document access and for efficient management to suggest a way to use the capacity of XML itself. The system in this paper is primarily characterized by consideration of who would exercise what access privileges on a specific XML document and by good adjustment of organization-wide demands from a policy manager and a single document writer.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.260-262
• /
• 2003

최근 인터넷 및 이동 통신이 발달하면서 많은 사용자를 동시에 서비스할 수 있는 고성능 메인 메모리 데이타베이스 관리 시스템에 대한 연구가 활발히 진행되고 있지만, 특정 응용에 한정되도록 개발됨으로써(ad-hoc designed system) 시스템의 범용성이 떨어질 뿐만 아니라, 고객 지향적 요구 사항을 적시에 반영할 수 있는 유연한 구조 및 다른 응용 분야로의 적용(customizing)이 어렵다. 특히, 정보 보안에 대한 문제를 해결하지 못하기 때문에 적용 영역의 확대에 걸림돌이 되고 있다. 본 논문은 접근제어에 초점을 두고 저장된 데이타에 대한 권한 없는 접근, 고의적인 파괴 및 변경으로부터 데이타베이스를 보호하여 고신뢰성을 추구하고, 다중 사용자들의 이질성을 해결하며 다양한 보안 정책을 유연하게 지원하는 고성능 메인 메모리 데이타베이스 관리 시스템을 위한 접근제어 미들웨어 시스템에 대한 프로토타입을 제시한다.