• The KIPS Transactions:PartC
• /
• v.17C no.2
• /
• pp.173-180
• /
• 2010

Information technology is being applied to the development of ubiquitous healthcare system, which provides both efficient patient care and convenient treatment regardless of patient's location. However, the increasing number of users and medical information give rise to the problem of user management and the infringement of privacy. In order to address this problem we propose a user access scheme based on the RBAC (Role Based Access Control) model. The preceding trust management model for Grid security, FAS(Federation Agent Server), was analyzed and extended to provide supplementary functions for role-based access control in u-Healthcare system. The RBAC model provides efficient user management and access control, but very vulnerable in case when one with valid role tries to leak confidential inner medical information. In order to resolve this problem, a RBAC-WS (Work Status with RBAC) model has been additionally developed which allows only qualified staffs to access the system while on duty. Th proposed RBAC and RBAC-WS model have been merged together and applied to the PACS (Picture Archiving and Communication System).

• The Journal of the Korea institute of electronic communication sciences
• /
• v.18 no.5
• /
• pp.971-980
• /
• 2023

Safety accidents and industrial accidents are constantly occurring in existing industrial sites. In addition, the probability of accidents occurring due to physical and mental fatigue of workers is increasing. Accordingly, it is required to introduce systematic management and various systems for the safety of workers. In this paper, by developing an access control system using bio-metric information at industrial sites, we develop efficient health management and access control management functions for workers. Workers are identified through face recognition for access control, and health status is determined through iris recognition. It aims to improve accuracy and develop a more efficient management system by diagnosing signs of health abnormalities through the congestion of the iris and eyes of workers. Finally, the contents of the development consist of an on-site access control system, an access control program for administrators, and a main server system that diagnoses signs of abnormal health of users.

• Journal of Korea Entertainment Industry Association
• /
• v.15 no.7
• /
• pp.249-257
• /
• 2021

Recently, interest and demand for facial information processing technology that can provide non-face-to-face identity authentication and access management service using smart devices, which is an essential environmental improvement for multi-use facilities, is increasing as a way to prevent the spread of infectious diseases worldwide and to cope with social measures. This study defines a multi-use facility classification system and applied service field to establish a continuous access control system, and measures to improve the usability of the service platform considering scalability through a dual access control system and personal/measurement information type analysis, and accordingly We would like to propose a service roadmap. In addition, it aims to improve the physical access management system service platform, which is a multi-use facility application service that requires one-time and multiple-use authentication according to usage. It is expected that the methodology of this study can be applied as a service platform of a logical access control system type in the future.

• Journal of Electrical Engineering and information Science
• /
• v.2 no.6
• /
• pp.162-166
• /
• 1997

A message server have two basic functionalities, a server role for processing the processing the user environment as well as an entity role for transferring message to other entity in message system environment. The user who is going to send and receive his important information really wants to keep his own security requests. To satisfy this requirement, message server must be enforced by two seperated security policies- one for message processing security policy under department's computer working environment, the other for send/receive security policy under message system's communication path environment. Proposed access control model gurantees the user's security request by combining constrained server access control and message system access control with multi upper bound properties which come from inheritance attributes of originating user security contexts.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.4
• /
• pp.57-66
• /
• 2011

We implemented the document DRM applying role based access control(RBAC) mechanism for preventing the information leakage of a document which is transmitted in network environment. It must prevent to access document not related to user role and duty, and must allow operation to document for improving security, considering user role and security level according to a document importance. We improved the security of document DRM by adding to the access control module applying RBAC for satisfying security requirements. Though the user access document, our system allows operation authorizations to document by the user's role & security level and the security attribute of RBAC. Our system prevents indiscriminate access to the documents by user who is not associated with the role, and prevents damage the confidentiality and integrity.

• Journal of information and communication convergence engineering
• /
• v.15 no.1
• /
• pp.28-36
• /
• 2017

The medium access control (MAC) protocol based on dynamic time division multiple access/time division duplex (TDMA/TDD) is responsible for random access control and radio resource allocation in dynamic traffic environments. These functions of random access and resource allocation are very important to prevent wastage of resources and improve MAC performance according to various network conditions. In this paper, we propose new random access and resource allocation schemes to guarantee quality of service (QoS) and provide priority services in a dynamic TDMA/TDD system. First, for the QoS guarantee, we propose an adaptive random access and resource allocation scheme by introducing an access probability. Second, for providing priority service, we propose a priority-based random access and resource allocation scheme by extending the first adaptive scheme in both a centralized and a distributed manner. The analysis and simulation results show that the proposed MAC protocol outperforms the legacy MAC protocol using a simple binary exponential backoff algorithm, and provides good differential performance according to priorities with respect to the throughput and delay.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.2
• /
• pp.171-179
• /
• 2008

RBAC(Role based Access Control) is effective way of managing user's access to information object in enterprise level and e-government system. The concept of RBAC is that the access right to object in a system is not directly assigned o users but assigned by being a member of a role which is defined in a organization. RBAC is utilized for controling access range of privacy but it does not support the personal legal right of control over information and right of limited access to the self. Nor it contains the way of observation of privacy flow that is guided in a legal level. In this paper, extended RBAC model for protecting privacy will be suggested and discussed. Two components of Data Right and Assigning Data Right are added to existed RBAC and the definition of each component is redefined in aspect of privacy preservation. Data Right in extended RBAC represents the access right to privacy data. This component provides the way of control over who can access which privacy and ensures limitation of access quantity of privacy. Based on this extended RBAC, implemented examples are presented and the evaluation is discussed by comparing existed RBAC with extended RBAC.

• Journal of KIISE:Databases
• /
• v.36 no.5
• /
• pp.352-365
• /
• 2009

Recently, data access control policies have not been applied for authorized or unauthorized persons properly and information leakage incidents have occurred due to database security vulnerabilities. In the traditional database access control methods, administrators grant permissions for accessing database objects to users. However, these methods couldn't be applied for diverse access control policies to the database. In addition, another database security method which uses data encryption is difficult to utilize data indexing. Thus, this paper proposes an enhanced database access control system via a packet analysis method between client and database server in network to apply diverse security policies. The proposed security system can be applied the applications with access control policies related to specific factors such as date, time, SQL string, the number of result data and etc. And it also assures integrity via a public key certificate and MAC (Message Authentication Code) to prevent modification of user information and query sentences.

• Journal of the Korean Society of Safety
• /
• v.26 no.3
• /
• pp.63-68
• /
• 2011

Access-control of hazard zone in a steel manufacturing industry is studied in terms of safety management. Based on the results of risk evaluation for hazard zone, three risk zones with low, middle and high level are categorized. These zones have different color door and locking shape depending on their risk levels. At the high level, red door and key-based locking system are employed to accessed-controled path. Furthermore, tagout, lockout, interlock system for emergency stop, warning and flashing are also introduced. New standardized procedure of access-control for various hazard zones, which could help to greatly contribute to the prevention of accidents in advance, is proposed considering the risk level and the condition of given hazard zones. The standardized procedure of access-management suggested in this study will take an effective role as one of safety guide lines for hazardous workshop of manufacturing industries.

• Journal of the Korean Operations Research and Management Science Society
• /
• v.28 no.3
• /
• pp.169-184
• /
• 2003

In the IS-95 packet service system, the radio channels are generally classified into the dedicated and the common traffic channels. In this paper, a common traffic channel access method is proposed for the COMA packet service system to enhance the radio resource utilization while guaranteeing QoS to the users. The proposed method is based on the permission probability for the common traffic channel user. To derive permission probability, optimization models are developed for two different QoS constraints. Approximation methods are also developed.