• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.873-875
• /
• 2014

In this paper, we propose the access control system based bluetooth using the MAC address of the smart device. Access control system that propose compares the smart device MAC address entry and exit and MAC address that is registered with the server. Depending on whether the match was compared, access control is performed. Result of the experiment, control of door is possible only by bluetooth pairing of the bluetooth module and smart device. Therefore, it does not require access to another tool.In addition, Action for access approval is omitted. Therefore, the access authorization procedure is simplified compared to existing access control systems, it is possible to improve the convenience.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.6
• /
• pp.951-956
• /
• 2011

CAN communication developed for communication between electric control devices in vehicle, was recently applied to automatic breaking devices, and can also be applied to field bus for production automation. Recently, field bus is introduced in engine control etc., for large ship. In this paper, cabin access control system is implemented, based on CAN communication. The cabin access control system based on CAN communication consists of access control server, embedded system based on ARM9, and micro-controller built-in CAN controller. The access control server can be able to manage overall access control system by accessing with manager. And embedded system adopted ARM9 processor transmits access information of RFID reader controller connected with CAN networks to server, also performs access control. The embedded system carry CAN frames to server, so it is used as gateway.

• Convergence Security Journal
• /
• v.21 no.2
• /
• pp.37-46
• /
• 2021

Decentralized Identifier (DID) technology is a technology that uses blockchain technology to prove an individual's identity through information owned by the individual rather than through a central system. In this paper, we would like to present an access control system using decentralized identifier technology. The access control system using decentralized identifier technology (DID access control system) is a system that allows users to verify their identity from the DID blockchain server through their smartphone (mobile employee ID) and access when they are confirmed to be registered in the access control system. Through this, access control can be managed only by verifying identification with smartphones (mobile employee ID) and DID blockchain servers without having to store information to prove an individual's identity in the access control system.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.199-208
• /
• 2009

Recently,IP-based broadcasting systems,such as Mobile-TV and IP-TV, have been widely deployed. These systems require a security system to allow only authorized subscribers access to broadcasting services. We analyzed the Conditional Access System, which is a security system used in the IP-based Pay-TV systems. A weakness of the system is that it does not scale well when the system experiences frequent membership changes. In this paper, we propose a group key distribution protocol which overcomes the scalability problem by reducing communication and computation overheads without loss of security strength. Our experimental results show that computation delay of the proposed protocol is smaller than one of the Conditional Access System. This is attributed to the fact that the proposed protocol replaces expensive encryption and decryption with relatively inexpensive arithmetic operations. In addition, the proposed protocol can help to set up a secure channel between a server and a client with the minimum additional overhead.

• The KIPS Transactions:PartD
• /
• v.10D no.5
• /
• pp.773-780
• /
• 2003

SecuROS(Secure & Reliable Operating System) prevents and blocks possible system cracking by implementing additional security functions in FreeBSD 4.3 operating system (OS) kernel, including access control, user authentication, audit trail, encryption file system and trusted channel. This paper describes access control technique, which is one of core technologies of SecuROS, introduces the implementations of DAC, MAC and RBAC, all of which are corresponding access control policies, and show security and results of performance measurement on the basis of application of access control policies. Finally, security and performance between conventional OS environment and environment adopting access control policy is described.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.2
• /
• pp.75-82
• /
• 2013

CAS (Conditional Access System) is a content protection solution that restricts access to the system according to user's standing and only authorized users can access the content in a pay-TV system. DCAS (Downloadable Conditional Access System) can download CAS client which is a software implemented via network. In recent years, research and development has been carried out on DCAS to solve the problems of compatibility among heterogeneous devices and internetworking with other services. In this paper, we propose key generation and management scheme for efficient interoperability among different DCASs based on PBC (Pairing Based Cryptography).

• Journal of Information Processing Systems
• /
• v.17 no.4
• /
• pp.834-850
• /
• 2021

IT security companies have been releasing file system filter driver security solutions based on the whitelist, which are being used by several enterprises in the relevant industries. However, in February 2019, a whitelist vulnerability was discovered in Microsoft Edge browser, which allows malicious code to be executed unknown to users. If a hacker had inserted a program that executed malicious code into the whitelist, it would have resulted in considerable damage. File system filter driver security solutions based on the whitelist are discretionary access control (DAC) models. Hence, the whitelist is vulnerable because it only considers the target subject to be accessed, without taking into account the access rights of the file target object. In this study, we propose an industrial device security system for Windows to address this vulnerability, which improves the security of the security policy by determining not only the access rights of the subject but also those of the object through the application of the mandatory access control (MAC) policy in the Windows industrial operating system. The access control method does not base the security policy on the whitelist; instead, by investigating the setting of the security policy not only for the subject but also the object, we propose a method that provides improved stability, compared to the conventional whitelist method.

• The KIPS Transactions:PartC
• /
• v.10C no.1
• /
• pp.11-16
• /
• 2003

This paper implements Multiple User Authentication System to which the system authenticating with password only has been upgraded. The 4-staged authentication including user ID, password, smart card and access control information, etc. is used at the suggested Multiple User Authentication System. The user authentication system that this paper suggests has been developed based on SecuROS/FreeBSD with the function of access control added to FreeBSD kernel. It provides both the function to limit accost range to the system to each user and the function to check that when inputting important information the demand is the one if the system ; thus, the reliability becomes increased. In the SecuROS/FreeBSD system, MAC and RBAC are being used. So, in the case of users accessing to the system, the Information about the policies of MAC and RBAC to which users would access is used in the authentication. At the time, the access to system if permitted only when the access control information that users demanded satisfies all the access control rules which have been defined In the system.

• 한국정보통신설비학회:학술대회논문집
• /
• 2007.08a
• /
• pp.121-124
• /
• 2007

This article describes a function and structure of access network equipment under BcN environment. Access network until now have constructed separately to offer voice, data service. However, simplifies network structure, function that can do traffic concentration, subscriber certification, individual charging, QoS according to service and routing is required in BcN. In this paper, compare method offering by separate system with existing access network and method that offer integrating function inside system for structure of suitable access network to BcN and search structure of access network equipment for desirable access network of hereafter. Composition of this paper is as following. In Chapter 2, establishment history and structure of access network until present. In Chaprte 3, define suitable requirement and functions to BcN. And compare structure for access net work that is new with present. Last Chapter 4, suggests direction of structure of BcN access network and concludes conclusion.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.6
• /
• pp.123-129
• /
• 2013

Android file system is vulnerable to the external access of system resources via its arbitrary access mode and need user's control for SD and UMS medias due to its open architecture. In response to the device control, there is a drawback that its controlability is valid only in the case of embedded linux kernel with VDC function. Hence the solution is to directly implement VDC through system call, with another security module for device storage than system module being added to android system. In this paper the new method of android storage access control for personal information is proposed via VDC for mount system of storage. The access method for SD and UMS were implemented using VDC and mount mechanism. This access control system has been designed to control the granted users in kernel level if files are flowed out by copying. As a result, it was proved through testing that the access control system has exactly detected the write access operation.