• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.147-155
• /
• 2003

The diffusion of internet infrastructure and a fast increase of Population to use it is becoming a base of the service that can use various information, data and digital contents which were provided through off-line physically and used. Recently, the. techniques for copy deterrence and copyright protection have been important in e-commerce because various contents in digital form can be duplicated easily. The Access Control(AC) technique that only a user having the qualifications can access and use contents normally has been studied. The Conditional Access System(CAS) used in a satellite broadcasting md Digital Right Management System(DRMS) used for contents service are representative models of current commercialized access control. The CAS and DRM can be considered as an access control technique based on the payment based type(PBT). This paper describe the access control method of payment free type(PFT) suggested in ［5］ which are independent on the payment structure. And then we suggest a new access control method of payment free type which is more efficient than the previous one.

• Journal of Platform Technology
• /
• v.9 no.1
• /
• pp.46-57
• /
• 2021

Recently, research has been actively conducted to utilize blockchain technology in various fields. In particular, blockchain-based smart contracts are applied to various automation systems that require reliability as they have the characteristics of recording data in a distributed ledger environment to verify the integrity and validity of data. However, blockchain does not provide data access control and information security because data is shared among network participants. In this paper, we propose a user dynamic access control mechanism utilizing smart contracts in blockchain environments. The proposed mechanism identifies the user's contextual information when accessing data, allocating the user's role and dynamically controlling the data access range. This can increase the security of the system and the efficiency of data management by granting data access dynamically at the time of user authentication, rather than providing the same services in roles assigned to each user group of the network system. The proposed mechanism is expected to provide flexible authentication capabilities through dynamic data access control by users to enhance the security of data stored within blockchain networks.

• Journal of Information Processing Systems
• /
• v.16 no.4
• /
• pp.784-794
• /
• 2020

In order to effectively evaluate the urban water security, the study investigates a novel system to assess factors that impact urban water security and builds an urban water poverty evaluation index system. Based on the contribution rates of Resource, Access, Capacity, Use, and Environment, the study adopts the Water Poverty Index (WPI) model to evaluate the water poverty levels of 14 cities in Gansu during 2011-2018 and uses the least variance method to evaluate water poverty space drive types. The case study results show that the water poverty space drive types of 14 cites fall into four categories. The first category is the dual factor dominant type driven by environment and resources, which includes Lanzhou, Qingyang, Jiuquan, and Jiayuguan. The second category is the three-factor dominant type driven by Access, Use, and Capability, which includes Longnan, Linxia, and Gannan. The third category is the four-factor dominant type driven by Resource, Access, Capability, and Environment, which includes Jinchang, Pingliang, Wuwei, Baiyin, and Zhangye. The fourth category is the five-factor dominant type, which includes Tianshui and Dingxi. The driven types impacting the urban water security factors reflected by the WPI and its model are clear and accurate. The divisions of the urban water security level supply a reliable theoretical and numerical basis for an urban water security early warning mechanism.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.5
• /
• pp.2754-2767
• /
• 2019

Cloud computing is widely used in information spreading and processing, which has provided a easy and quick way for users to access data and retrieve service. Generally, in order to prevent the leakage of the information, the data in cloud is transferred in the encrypted form. As one of the traditional security technologies, access control is an important part for cloud security. However, the current access control schemes are not suitable for cloud, thus, it is a vital problem to design an access control scheme which should take account of complex factors to satisfy the various requirements for cipher text protection. We present a novel access control scheme based on proxy re-encryption(PRE) technology (PreBAC) for cipher text. It will suitable for the protection of data confidently and information privacy. At first, We will give the motivations and related works, and then specify system model for our scheme. Secondly, the algorithms are given and security of our scheme is proved. Finally, the comparisons between other schemes are made to show the advantages of PreBAC.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.34 no.4
• /
• pp.72-81
• /
• 2011

In this paper, we propose adaptive convergence security policies and management technologies to improve security assurance in the home networking environment. Many security issues may arise in the home networking environment. Examples of such security issues include the user privacy, the service security, the integrated networking security, the middleware security and the device failure. All these security issues, however, should be fulfilled in phase due to many difficulties including deployment cost and technical complexity. For instance, fundamental security requirements such as authentication, access control and prevention of crime and disaster should be addressed first. Then, supplementary security policies and diverse security management technologies should be fulfilled. In this paper, we classify these requirements into three categories, a service authentication, a user authentication and a device authentication, and propose security policies and management technologies for each requirement. Since the home gateway is responsible for interconnection of many home devices and external network access, a variety of context information could be collected from such devices.

• The Journal of the Korea Contents Association
• /
• v.6 no.12
• /
• pp.29-39
• /
• 2006

With the increasing popularity of the wireless network, the vulnerability issue on IEEE 802.1x Wireless Local Area Network (WLAN) are more serious than we expected. Security issues range from mis-configured wireless Access Point(AP) such as session hijacking to Denial of Service(DoS) attack. We propose a new system based on intrusion detection or prevention mechanism to protect the wireless network against these attacks. The proposed system has a security solution on AP that includes an intrusion detection and protection system(IDS/IPS) as an embedded module. In this paper, we suggest integrated wireless IDS/IPS module on AP with wireless traffic monitoring, analysis and packet filtering module against malicious wireless attacks. We also present that the system provides both enhanced security and performance such as on the university wireless campus network.

• The Journal of Information Technology
• /
• v.7 no.4
• /
• pp.21-30
• /
• 2004

A VPN(Virtual Private Network) is constructed using public wires to connect nodes. It can be used like the dedicated line and maintain the security of the data on the VPN. And It uses encryption and other security mechanisms to ensure that only authorized users can access the network. In this paper we summarize IPsec and VPN technology and construct pilot VPN system for analyzing the performance of remote access VPN. Then we analyze the performance of remote VPN system using VPN concentrator in case of single user and in case of multi users.

• Journal of Service Research and Studies
• /
• v.5 no.2
• /
• pp.93-101
• /
• 2015

Today, various access security technology appeared in this society as a result of the informatization and automation. Most building, floor, or door security certification system for the office units are installed, but there are many inconvenient matters. In order to minimises this, we used the face recognition function via the camera, and various sensors. In this paper, I designed the access security system through physical computing which Arduino offered, facial recognition program, and Twitter. Check that the personal information stored in the individual RFID tag is matched to the personal information stored on the existing server. Face recognition program input the face using a camera, and allow to confirm the identity. The system's abnormal or when the unauthenticated person is to penetrate, the system transmits the Twitter status message to the manager. It was designed continuously to monitor the status in real time in this way.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.553-564
• /
• 2012

Today's security initiatives tend to integrate the physical and information securities which have been run by completely separate departments. That is, the converged security management becomes the core in the security market trend. However, to the best of our knowledge, we cannot find any solutions how to combine these two security events for the converged security. In this paper, we propose an information security object-driven approach which utilizes the physical security events to enhance and improve the information security. For scalability, we also present a systematic method using the analytic hierarchy process finding the meaningful event combinations among the large number of physical security events. In particular, we show the whole implementation processes in detail where we consider the information security object 'illegal computing system access' combined with two physical security devices - access controller and CCTV+video analyzer system.

• Convergence Security Journal
• /
• v.12 no.3
• /
• pp.85-92
• /
• 2012

Today, the typical web hacking attacks are cross-site scripting(XSS) attacks, injection vulnerabilities, malicious file execution and insecure direct object reference included. Web hacking security systems, access control solutions, access only to the web service and flow inside but do not control the packet. So you have been illegally modified to pass the packet even if the packet is considered as a unnormal packet. The defense system is to fail to appropriate controls. Therefore, in order to ensure a successful web services diagnostic system development is necessary. Web application diagnostic system is real and urgent need and alternative. The diagnostic system development process mu st be carried out step of established diagnostic systems, diagnostic scoping web system vulnerabilities, web application, analysis, security vulnerability assessment and selecting items. And diagnostic system as required by the web system environment using tools, programming languages, interfaces, parameters must be set.