• The Journal of Society for e-Business Studies
• /
• v.12 no.1
• /
• pp.151-166
• /
• 2007

As the number of users who are involved in a business process increases, it becomes imperative to effectively control their privileges of accessing sensitive data and information which are usually easily obtained by BPM system. Traditional RBAC (Role-based Access Control) model was first introduced to provide a logical framework to prevent unauthorized users from obtaining confidential, but in more dynamic environment such as B2B and SCM process, it usually lacks in capability of addressing such issues as configurability, customizability, or scalability of user privileges. In this study, we have proposed a privilege-template based RBAC model that can address such issues effectively. We also provided a design of the RBAC model along with illustrative examples and pseudo codes that can be used for implementing a prototype system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.192-193
• /
• 2014

Attendant services (user) roles (Role) and act on the data used should be based access control and permissions. Large amounts of important information to view and change the pre-approval must be acquired. Non-constant time for the session must control actions.

• Journal of Convergence for Information Technology
• /
• v.10 no.10
• /
• pp.32-39
• /
• 2020

In the large-scale infrastructure of cloud environment, illegal access rights are frequently caused by sharing applications and devices, so in order to actively respond to such attacks, a strengthened access control system is required to prepare for each situation. We proposed an entity attribute-based access control(EABAC) model based on security level and relation concept. This model has enhanced access control characteristics that give integrity and confidentiality to subjects and objects, and can provide different services to the same role. It has flexibility in authority management by assigning roles and rights to contexts, which are relations and context related to services. In addition, we have shown application cases of this model in multi service environment such as university.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.343-361
• /
• 2015

The financial industry in South Korea has witnessed a paradigm shift from selling traditional loan/deposit products to diversified consumption channels and financial products. Consequently, personification of financial services has accelerated and the value of finance-related personal information has risen rapidly. As seen in the 2014 card company information leakage incident, most of major finance-related information leakage incidents are caused by personnel with authorized access to certain data. Therefore, it is strongly required to confirm whether there are problems in the existing access control policy for personnel who can access a great deal of data, and to complement access control policy by considering risk factors of information security. In this paper, based on information of IT personnel with access to sensitive finance-related data such as job, position, sensitivity of accessible data and on a survey result, we will analyze influence factors for personnel risk measurement and apply data access control policy reflecting the analysis result to an actual case so as to introduce measures to minimize IT personnel risk in financial companies.

• Journal of Korea Multimedia Society
• /
• v.14 no.8
• /
• pp.1029-1040
• /
• 2011

Electronic identity (e-ID) card based on smartcard is a representative identity credential for on-line and off-line personal identification. The e-ID card can store the personal identity information securely, so that the information can be accessed fast, automated identity verification and used to determine the cardholder's authorization to access protected resources. Due to such features of an e-ID card, the number of government organizations and corporate enterprises that consider using e-ID card for identity management is increasing. In this paper, we present an authentication framework for access control system using e-ID cards by discussing the threat environment and security requirement against e-ID card. Specifically, to accomplish our purpose, we consider the Personal Identity Verification system as our target model.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.921-923
• /
• 2014

Financial information systems in financial institutions are characterized in providing financial services concatenated with various types of customer information. The leakage of those information could lead to pecuniary loss and non-pecuniary loss such as psychological pains suffered, etc. in terms of customer damages. Therefore, it is imperative for the operational authentication to be confirmed previously in their access to the financial systems and in work operations. The aim of this study is to analyze the methods of authentication and access controls for appropriate system operators.

• Review of KIISC
• /
• v.21 no.5
• /
• pp.37-44
• /
• 2011

최근 들어 클라우드 컴퓨터의 도입에 있어 보안 및 개인정보보호가 핵심적인 요구사항으로 주목받고 있으며, 국내외 여러 조직에서는 클라우드 컴퓨팅 환경에서의 개인정보보호의 중요성을 인식하여 전사적이고 체계적인 접근법에 기초한 연구가 진행되고 있다. 본 논문에서는 클라우드 컴퓨팅의 보안을 다룬 NIST SP 800-144 문서를 기반으로 정보보호관리체제 (ISMS)에 대한 국제표준인 ISO 27002의 통제내용음 분석하고 이를 KISA-PIMS의 통제내용과 연결하여 도출하였다. 더불어, IPC 및 WPF등 해외에서 연구한 클라우도 컴퓨팅 개인정보보호 위험 및 요구사항을 KISA-PIMS의 통제목적과 비교 분석하는 한편, 클라우드 컴퓨팅 개인정보보호의 향후 연구 과제를 제시하고자 한다.

• Journal of Korean Library and Information Science Society
• /
• v.31 no.3
• /
• pp.23-47
• /
• 2000

이 연구는 전거통제를 위한 상호협력시스템으로서 발전을 거듭하고 있는 미국의 NACO의 역사와 발전과정, PCC와의 관계 등에 대해 고찰하고, 한국의 도서관에서의 활용방안에 대해 구체적으로 분석하였다. 광범위한 전거데이터의 활용이라는 면에서 NACO는 유용한 대안이 될 수 있으나, 표목 및 접근점의 선정과 형식에 관한 표준의 문제, 로마자화의 문제, 수록데이터의 유용성, 비용, 정책상의 문제 등도 충분히 고려해야 함을 지적하였다. 아울러 국내의 경우에도 이와 같은 전거통제를 위한 상호협력시스템이 필요하다는 점에서, NACO는 하나의 좋은 모델이 될 수 있을 것이다.

• Defense and Technology
• /
• no.6 s.256
• /
• pp.62-73
• /
• 2000

현대전은 군수면에서의 기술적 우세에 의해 전쟁의 승패가 결정된다는 걸프전의 교훈을 바탕으로, 주요 선진국들은 나름대로의 계획과 형편에 따라 주변기술의 발전과 더불어 주력전차 공격력의 핵심인 사격통제장치를 연구.개발중에 있다. 이러한 주요 선진국들의 사격통제장치 발전추세를 철저하게 분석하여, 우리 군의 현실태와 앞으로의 나아갈 바를 판단할 수 있는 계기를 마련하고, 이에 적극적으로 대처하는 연구.개발 활동과 접근 자세가 내부적으로 더욱 필요하다고 판단된다.

• The KIPS Transactions:PartA
• /
• v.10A no.4
• /
• pp.339-346
• /
• 2003

This paper provides a framework for information assurance within collaborative design, based on a technique we call role-based viewing. Such role-based viewing is achieved through integration of multi-resolution geometry and security models. 3D models are geometrically partitioned, and the partitioning is used to create multi-resolution mesh hierarchies. Extracting a model suitable for access rights for individual designers within a collaborative design environment Is driven by an elaborate access control mechanism.