• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.7 no.4
• /
• pp.97-106
• /
• 2008

This proposed system is a part of internal control system that national highway need to support their ITS information audit. This paper explains the design and implementation of a packet interceptor and a DB query analyzer. The packet interceptor sniffs users' query packets, and then the DB query analyzer parses the SQL queries and stores the users' DB access information such as SQL queries, access data and changing data. The information may be used as the evidences on internal control of users and users' accesses.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.1
• /
• pp.55-60
• /
• 2020

In this paper, we propose an access control system using cryptography as a method to protect personal data in public blockchain. The proposed system is designed to encrypt data according to the access policy, store it in the blockchain, and decrypt only the person who satisfy the access policy. In order to improve performance and scalability, an encryption mechanism is implemented outside the blockchain. Therefore, data access performance could be preserved while cryptographic operations executed Furthermore it can also improve the scalability by adding new access control modules while preserving the current configuration of blockchain network. The encryption scheme is based on the attribute-based encryption (ABE). However, unlike the traditional ABE, the "retention period", is incorporated into the access structure to ensure the right to be forgotten. In addition, symmetric key cryptograpic algorithms are used for the performance of ABE. We implemented the proposed system in a public blockchain and conducted the performance evaluation.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.443-444
• /
• 2021

Security threats to information services are increasingly being developed, and the frequency and damage caused by security threats are also increasing. In particular, security threats occurring inside the organization are increasing significantly, and the size of the damage is also large. A zero trust model has been proposed as a way to improve such a security environment. In the zero trust model, a subject who has access to information resources is regarded as a malicious attacker. Subjects can access information resources after verification through identification and authentication processes. However, the initially proposed zero trust model basically focuses on the network and does not consider the security environment for systems or data. In this study, we proposed a zero trust-based access control mechanism that extends the existing zero trust model to the file system. As a result of the study, it was confirmed that the proposed file access control mechanism can be applied to implement the zero trust model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.129-138
• /
• 2003

Role-Based Access Control(RBAC) model is becoming a promising model for enterprise environments with various organization structures. In terms of role hierarchy, each senior role inherits all the permissions of its junior roles in the role hierarchy, and a user who is a member of senior role is authorized to carry out the inherited permissions as well as his/her own ones. But there is a possibility for senior role members to abuse permissions. Since senior role members need not have all the authority of junior roles in the real world, enterprise environments require a restricted inheritance rather than a unconditional or blocked inheritance. In this paper, we propose a new role-based delegation model using the role hierarchy model with restricted inheritance functionality, in which security administrator can easily control permission inheritance behavior using sub-roles. Also, we describe how role-based user-to-user, role-to-role delegations are accomplished in the model and the characteristics of the proposed role-based delegation model.

• 한국IT서비스학회:학술대회논문집
• /
• 2005.05a
• /
• pp.580-590
• /
• 2005

최근 금융기관이 직면한 내외부적 요구로 인해 금융기관은 운영리스크 관리의 선진화를 위한 내부통제체제의 조속한 정립을 요구 받고 있다. 이를 위해서는 내부통제에 대한 정확한 정의와 표준적 구성요소에 대한 파악과 더불어 현재 내부통제체제의 문제점과 개선방안을 도출할 필요성이 있다. 본 연구는 이러한 문제점 및 이에 대한 개선방안을 조직적 측면과 시스템적인 측면으로 분리하여 살펴봄으로써 효과적인 내부통제체제를 바탕으로 선진 운영리스크 관리 시스템 확립에 대한 다각적인 접근을 시도하고자 한다.

• The Korean Journal of Archival Studies
• /
• no.38
• /
• pp.3-35
• /
• 2013

The physical access or control of records with material entities is relatively easy. However, in the case of electronic records, due to its heightened applicative aspect that allows anyone with the authority to have access over the data, it requires an appropriate standard and stability to ensure the authenticity and integrity of electronic records. This study performed functional evaluation by extracting the minimum critical items from the national functional requirements documents and standards to explore the access control function that play an important role for the standard records management system to maintain quality requirements of electronic records. Based on this checklist, it evaluates whether the standard records management system properly carries out the access control function and investigates the current condition of application to practical records management work. Records managers generally do not use access control function, which may be because they do not feel the necessity, since the application of records management system is not yet actively promoted. In order for the standard records management system to be developed to become a more active system, it requires system improvement as well as considerations for below factors: First, although the necessity of establishing access control conditions is already recognized, it requires a clear stipulation of the regulation. Second, measures must be taken to implement access control in the records management system through document security solution. Third, it requires self-reflection of records manager, who utilizes the records management system. Instead of placing all responsibility on the National Archives, which established the system, professionals must further develop the system through continuous evaluation and improvement. Finally, a general discussion is required to publicize the issue of functional improvement of records management system. Although there is a bulletin board already created for this purpose, its users are extremely limited and it only deals with current problems. A space in online as well as in offline is required to solve the fundamental problems and exchange opinions.

• Korean Security Journal
• /
• no.22
• /
• pp.231-258
• /
• 2010

A study apartment house inhabitants of to, crime prevention effort is done satisfaction analysis and that deduce design plan of CPTED that can overcome safe life space embodiment and criminal fear from crime in Juminin viewpoint through atomize group's interaction by background fantast. Is positive because factor analysis wave and satisfaction index of deduce universe (Total group) 8 factor are presented more than all 0, and quite was expose by level that is worth accommodating. Satisfaction index of The secondary design group (Group1) 8 factor is positive because is presented more than all 0, and mechanical access control, mechanical surveillance is level that is worth accommodating quite, and level that is proper in remainder 6 dimension appear. Can know that 1 The secondary design group(Group2) is expose by level that satisfaction characteristic of 8 factor can be presented more than all 0 and appeared positively, and accommodate quite in all dimensions. Result that analyze Two-way ANOVA satisfaction difference of environment design of group by satisfaction of the primary and the secondary design group is high in 8 all dimensions of CPTED, and satisfaction by appeared satisfaction high in group less than natural access control, 2 years of natural surveillance, and reciprocal action effect that go with group is high satisfaction in 2 years low in The secondary design group more than the primary and the secondary design group of systematic access control and natural access control, and the primary and the secondary design group appeared high in subgroup of 2 remainders. Satisfaction difference by group by crime prevention effort satisfaction of the primary and the secondary design group is high in 8 all dimensions of CPTED, and satisfaction difference by crime prevention effort appeared satisfaction high in 'A prize' group to The secondary design group, and reciprocal action efficiency is high in 'A prize' group in The secondary design group more than the primary and the secondary design group in mechanical access control, systematic access control, natural access control, territoriality reinforcement, and satisfaction of 'Between' and 'Very' group appeared high in the primary and the secondary design group.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.10
• /
• pp.1355-1364
• /
• 2001

Internal control comprises the plan of Organization and all of the coordinate methods and measure adopted within a business to safeguard its assets. check the accuracy and reliability of its accounting data, promote operation efficiency, and encourage adherence to prescribed managerial policies. Internal accounting control is classified into General Control and Application Control. Essential elements of internal accounting control as follows : 1. General Control $\circled1$ Organization and operation controls. $\circled2$ System development and Documentation controls. $\circled3$ Hardware controls. $\circled4$ Software and hardware Accessibility controls. $\circled5$ General systems security and protection 2. Application control $\circled1$Input control. $\circled2$ Processing control. $\circled3$ Output control. Internal accounting control can establish a total management information system by connecting with mana-gement control of a company, and enable decision makers to establish decision support system(DSS), is so vital today.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.303-306
• /
• 2011

System solutions for access control to the user's personal when you want to authenticate to the system is used. The valid user is really just a part of authorized users, the suitability of a valid user has been authenticated are not sure whether the problem is the fact. For example, one developer in the Unix operating system can be valid, but do not have permission to access the system should be limited for. In this paper, a single account for multiple users to use the system operational issues to improve the fine-grained delegation of authority, the session audit, the administrator account's policy-based management, with full rights the administrator account of distribution management and auditing the system overall is the study of access control measures.

• Korean Journal of Heritage: History & Science
• /
• v.55 no.4
• /
• pp.196-209
• /
• 2022

This study compared and analyzed the spatial division function and role of partitions by comparing the entire space and the spatial changes before and after the installation of partitions in <Donggwoldo>, which was manufactured in the late Joseon Dynasty. As a research method, a set standard was prepared to decompose the space of <Donggwoldo> into a unit space, and the standard was set according to the role and height of the space by classifying it into a main space, sub space, and transition space. Two convex maps were prepared according to before and after the installation of the Panjang, and the values of connectivity, control, and integration, which are spatial syntax variables, were calculated and analyzed. The results of the study are as follows. First, the partition in <Donggwoldo(東闕圖)> did not affect the overall spatial arrangement and control or connection of Donggwol, but the movement and access of space is limited to specific areas. Second, the partition was a facility intensively distributed in Naejeon(內殿) and Donggung(東宮) to be used actively in the way of space utilization. It shows that the unit space increased rapidly due to the installation of the partition. Since the partition was installed in the spaces that were open and under high control in the case of Naejeon(內殿), it helped to secure private spaces as closed ones under low control. On the other hand, for Donggung(東宮), the spaces were compartmented and divided with the partition to guide the movement path through narrow gates of the partition and increase the depth of the space. This helped to create spaces that are free and can be hidden as it increased the number of spaces coming through. Third, In addition to the functions of "eye blocking, space division, and movement path control" revealed in prior research, the partition has created a "space that is easy to control" within a specific area. The installation of the partition reduced the scale through the separation of spaces, but it occurred the expansion of the movement path and space. Also, the partition functioned to strengthen hiding and closure or increase openness as well through space division. This study is significant in that it revealed the value of the spatial control function of panjang through the analysis of spatial control and depth by analyzing the function of the partition with a mathematical model in addition to the analysis and study of the function and role of panjang. In addition, it is valuable in that it has prepared a framework for analysis tools that can be applied to traditional residential complexes similar to palaces by applying space syntax to <Donggungdo> to create convex spaces according to unit space division and connection types of palace architecture and landscape elements.