• Proceedings of the Korean Information Science Society Conference
• /
• 2008.06d
• /
• pp.15-18
• /
• 2008

본 연구에서는 커뮤니티와 커뮤니티의 참여자가 동적으로 생성되거나 변화되는 상황에서 개인이 생성하는 정보를 안전하게 공유하는 방법을 제공하기 위하여 ABAC(Attributed Based Access Control) 개념을 도입하였고 정보주체와 자료의 속성 확장에 유연하게 대처할 수 있는 방안을 제시하였다. 대부분의 커뮤니티가 정보를 제공하는 주체와 정보를 참조하는 주체의 관계에 따라 정보를 참조하므로 이에 따라 사회적 관계 속성을 이용하여 권한을 관리하는 ABAC를 제시하였다. 본 논문에서는 사회적 관계 속성을 이용한 ABAC가 사용되는 GIM의 형태와 속성, 보안문제, 기존의 방법들이 분석되었으며 논문에서 제안하는 사회적관계 속성을 이용한 ABAC의 적용방법을 기술하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1832-1853
• /
• 2018

The personal health record (PHR) system is a promising application that provides precise information and customized services for health care. To flexibly protect sensitive data, attribute-based encryption has been widely applied for PHR access control. However, escrow, exposure and abuse of private keys still hinder its practical application in the PHR system. In this paper, we propose a coordinated ciphertext policy attribute-based access control with user accountability (CCP-ABAC-UA) for the PHR system. Its coordinated mechanism not only effectively prevents the escrow and exposure of private keys but also accurately detects whether key abuse is taking place and identifies the traitor. We claim that CCP-ABAC-UA is a user-side lightweight scheme. Especially for PHR receivers, no bilinear pairing computation is needed to access health records, so the practical mobile PHR system can be realized. By introducing a novel provably secure construction, we prove that it is secure against selectively chosen plaintext attacks. The analysis indicates that CCP-ABAC-UA achieves better performance in terms of security and user-side computational efficiency for a PHR system.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.9
• /
• pp.131-138
• /
• 2022

In this paper, we propose an FA-RBAC (FA-RBAC) model based on flexible properties. This model is assigned attribute-role-centric, making it easy to manage objects, as efficient as access control, and as the network environment changes, it can provide flexible access control. In addition, fine-grained permissions and simple access control can be achieved while balancing the advantages and disadvantages of the RBAC and ABAC models, reducing the number of access control rules by combining static attribute-based roles and dynamic attribute-based rules, and verifying the validity and performance benefits of the proposed model through comparison analysis and simulation.

• Composites Research
• /
• v.14 no.6
• /
• pp.24-31
• /
• 2001

Filament wound structures such as pressure tanks, pipes and motor cases of rockets are widely used in the aerospace application. The determination of a proper winding angle and thickness is very important to decrease manufacturing difficulties and to increase structural efficiency. In this study, possible winding angles considering the slippage between a fiber and a mandrel surface are calculated using the semi-geodesic path equation. In addition, finite element analysis using ABAcUS are performed to predict the behavior of filament wound structures considering continuous change of winding angle along the dome part. The water-pressuring tests of 3rd stage motor case are performed to verify the analysis procedure. The strain gages are attached on the surface in the fiber direction. Progressive failure analysis is performed to predict the burst pressure and the weakest region of the motor case. The effect of reinforcement is also studied to increase its performance.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.05a
• /
• pp.648-651
• /
• 2013

클라우드 시스템에서는 데이터 소유자가 아닌 클라우드 서비스 제공자가 각 개인의 데이터에 대한 저장과 관리를 책임진다. 따라서 클라우드 서버 상의 사용자 데이터에 대한 보안을 보장해 주는 것이 가장 중요한 이슈이다. 데이터 보안 문제는 안전하고 효율적인 접근제어 기술을 통해 해결 할 수 있다. 기존 시스템에서 많이 이용되고 있는 RBAC(Role based access control)은 접근제어의 형태가 주로 수직적이고, 데이터 접근가능 여부를 역할이라는 고정적인 값에 따라 결정하기 때문에 동적인 클라우드 환경에 적합하지 않다. 반면 HASBE(Hierarchical attribute set based encryption) 모델은 ABAC(Attribute based access control)를 통해 유연하고 탄력적인 접근제어를 제공한다. 또한 HASBE 는 인가자(Authority)와 사용자의 관계 모델이 계층적인 구조를 갖고 있기 때문에 큰 조직에서 수많은 사용자들의 데이터 관리와 키 분배를 좀더 효율적으로 할 수 있다. 본 논문에서는 위의 계층적인 모델에서 더 나아가서, 실제 클라우드 환경에서 데이터가 가질 수 있는 복잡한 속성과 인가자의 관계를 고려해 다중 인가자의 개념이 더해진 모델을 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.12
• /
• pp.4545-4566
• /
• 2021

The evolution of IoT technology is having a significant impact on people's lives. Almost all areas of people's lives are benefiting from increased productivity and simplification made possible by this trending technology. On the downside, however, the application of IoT technology is posing some security challenges, among them, unauthorized access to IoT devices. This paper presents an Attribute-based Access Control Fog architecture that aims to achieve effective distribution, increase availability and decrease latency. In the proposed architecture, the main functional points of the Attribute-based Access Control are distributed to provide policy decision and policy information mechanisms in fog nodes, locating these functions near end nodes. To evaluate the proposed architecture, an access control engine based on the Attribute-based Access Control was built using the Balana library and simulated using EdgeCloudSim to compare it to the traditional cloud-based architecture. The experiments show that the fog-based architecture provides robust results in terms of reducing latency in making access decisions.