• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.165-168
• /
• 2012

In this paper, to remind ourselves that exist in the world what kind of security system is also difficult to defend a system with computerized access system representative of infringement that, Computerized personnel act of infringement cases, and thus the extent of the damage and the severity Revisited, Furthermore, technical measures beyond the limits of the technical security measures in line computerized rights management representative and for infringement prevention measures in Human Resource Management through its own alternative to find.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.39 no.4
• /
• pp.97-105
• /
• 2016

As information system is getting higher and amount of information assets is increasing, skills of threatening subjects are more advanced, so that it threatens precious information assets of ours. The purpose of this study is to present a strategic direction for the types of companies seeking access to information security. The framework classifies companies into eight types so company can receive help in making decisions for the development of information security strategy depending on the type of company it belongs to. Paired comparison method survey conducted by a group of information security experts to determine the priority and the relative importance of information security management elements. The factors used in the security response strategy are the combination of the information security international certification standard ISO 27001, domestic information protection management system certification K-ISMS, and personal information security management system certification PIMS. Paired comparison method was then used to determine strategy alternative priorities for each type. Paired comparisons were conducted to select the most applicable factors among the 12 strategic factors. Paired comparison method questionnaire was conducted through e-mail and direct questionnaire survey of 18 experts who were engaged in security related tasks such as security control, architect, security consulting. This study is based on the idea that it is important not to use a consistent approach for effective implementation of information security but to change security strategy alternatives according to the type of company. The results of this study are expected to help the decision makers to produce results that will serve as the basis for companies seeking access to information security first or companies seeking to establish new information security strategies.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.8B
• /
• pp.719-726
• /
• 2008

In this thesis investigate the security gateway that manage authorization for user access dynamically by recognizing automatically and comparison & distinction between database and User-information while a terminal unit(PC) trying to access to the network of subnet. Also, it present User-interfaced authorization allowance role model, so administrator can assign united access control between network level(L2) and application level(L7) in relation to system construction.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.47 no.6
• /
• pp.19-27
• /
• 2010

Many security issues occur in cloud computing service environment such as authentication, access control, and so on. In this paper, we propose an effective authentication and access control model which provide integrated management and control when we access various resources in cloud computing environment. To address these problems, we suggest a context-aware single sign-on and access control system using context-awareness, integrated authentication, access control, and OSGi service platform in cloud computing environment. And we show design and implementation of context-aware single sign-on and access control system. Also we verified the flexibility and convenience of the proposed system through multi fact based integrated authentication in cloud computing environment. We could provide flexible and secure seamless security service by user context in cloud computing environment.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.2
• /
• pp.219-224
• /
• 2011

Recently increasing importance of information security, personal security is researched. Among them, biometrics research is very good at recognition and security particularly in terms of iris recognition. Recent hospital physicians and employees for access control is emphasized. But most of them, easy-employee card access control systems are used. It has difficulties of iris recognition on the issue of accurate iris recognition algorithm to eliminate noise and inaccuracy of pretreatment methods for recognition from existing research. Therefore, this paper complements existing encryption methods to the disadvantages of biometric iris recognition using high-access records in the hospital management system is applied. In addition to conventional pretreatment process to increase recognition eyebrows when mask line component added to the extraction mask, the correct preparation method, and accordingly proposed to improve the recognition of records management systems offer access to the hospital.

• Journal of Internet Computing and Services
• /
• v.18 no.6
• /
• pp.75-84
• /
• 2017

As there has been growing interests in PHR-based personalized health management project, various institutions recently explore safe methods of recording personal medical and health information. In particular, innovative medical solution can be realized when medical researchers and medical service institutes can generally get access to patient data. As EMR data is extremely sensitive, there has been no progress in clinical information exchange. Moreover, patients cannot get access to their own health data and exchange it with researchers or service institutions. It can be operated in terms of technology, yet policy environment are affected by state laws as well as Privacy and Security Policy. Blockchain technology-independent, in transaction, and under test-is introduced in the medical industry in order to settle these problems. In other words, medical organizations can grant preliminary approval on patient information exchange by using the safely encrypted and distributed Blockchain ledger and can be managed independently and completely by individuals. More apparently, medical researchers can gain access to information, thereby contributing to the scientific advance in rare diseases or minor groups in the world. In this paper, we focused on how to manage personal medical information and its protective use and proposes medical treatment exchange system for patients based on a permissioned Blockchain network for the safe PHR operation. Trusted Model for Sharing Medical Data (TMSMD), that is proposed model, is based on exchanging information as patients rely on hospitals as well as among hospitals. And introduce medical treatment exchange system for patients based on a permissioned Blockchain network. This system is a model that encrypts and records patients' medical information by using this permissioned Blockchain and further enhances the security due to its restricted counterfeit. This provides service to share medical information uploaded on the permissioned Blockchain to approved users through role-based access control. In addition, this paper presents methods with smart contracts if medical institutions request patient information complying with domestic laws by using the distributed Blockchain ledger and eventually granting preliminary approval for sharing information. This service will provide an independent information transaction and the Blockchain technology under test will be adopted in the medical industry.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.10
• /
• pp.2708-2730
• /
• 2012

The growing concern for the protection of personal information has made it critical to implement effective technologies for privacy and data management. By observing the limitations of existing approaches, we found that there is an urgent need for a flexible, privacy-aware system that is able to meet the privacy preservation needs at both the role levels and the personal levels. We proposed a conceptual system that considered these two requirements: a graph-based, access control model to safeguard patient privacy. We present a case study of the healthcare field in this paper. While our model was tested in the field of healthcare, it is generic and can be adapted to use in other fields. The proof-of-concept demos were also provided with the aim of valuating the efficacy of our system. In the end, based on the hospital scenarios, we present the experimental results to demonstrate the performance of our system, and we also compared those results to existing privacy-aware systems. As a result, we ensured a high quality of medical care service by preserving patient privacy.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.7
• /
• pp.49-56
• /
• 2015

In this paper, we introduce recent cloud system security technologies categorizing them according to Reliability, Availability, Serviceability, Integrity, and Security (RASIS), terms that evaluate robustness of the computer system. Then we describe examples of security attacks and corresponding security technologies for each of them. We introduce security technologies based on Software Defined Network (SDN) for Reliability, security technologies based on hypervisor and virtualization for Availability, disaster restoration systems for Serviceability, authorization and access control technologies for Integrity, and encryption algorithms for Security. We believe that this paper provide wise view and necessary information for recent cloud system security technologies.

• Journal of the Korean Society for Industrial and Applied Mathematics
• /
• v.8 no.1
• /
• pp.11-30
• /
• 2004

Access Control is one of essential branches to provide system's security. Depending on what standards we apply, in general, there are Role-based access control, History-based access control. The first is based on subject's role, The later is based on subject's history. In fact, RBAC has been implemented, we are using it by purchasing some orders through the internet. But, HBAC is so complex that there will occur some errors on the system. This is more and more when HBAC is used with other access controls. So HBAC's formalization and model which are general enough to encompass a range of policies in using more than one access control model within a given system are important. To simplify these, we design the mathematical model called non-access structure. This Non-access structure contains to historical access list. If it is given subjects and objects, we look into subject grouping and object relation, and then we design Non-access structure. Then we can determine the permission based on history without conflict.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.5
• /
• pp.1125-1130
• /
• 2015

In this paper, a method to identify components per unit task system is expressed with node, module, and interface. We define security subject per unit task system and explain node, module, and interface per component. According to the defined security standard in design phase, we also perform to design and elaborate security attributes for node and module as identified security subjects in their defined tables. And then we describe the composition standard for security attribute design with some examples, after classifying it into security subject, access subject, access control area, identification or verification area, and encryption.