• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.6 no.3
• /
• pp.41-56
• /
• 1996

Database servers that are used to provide multimedia information services in World Wide Web(WWW) environment have to support the access control mechanism that allows authorized users to access the constructed databases. In this paper, we define an authorization model as well as authorization policies to enforce the proper access control on databases in the BADA-III object-oriented database server and propose an access evaluation algorithm. Also we implement this model and the algorithm in the BADA-III database server. Considering the service environment of the WWW, we expect that database service providers can simply and effectively protect their data using the proposed model.

• Journal of KIISE:Databases
• /
• v.36 no.6
• /
• pp.422-433
• /
• 2009

As an effort to secure Semantic Web, in this paper, we introduce an RDF access authorization model based on an ontology hierarchy and an RDF triple pattern. In addition, we apply the authorization model to RDF query validation for approved access authorizations. A subscribed SPARQL or RQL query, which has RDF triple patterns, can be denied or granted according to the corresponding access authorizations which have an RDF triple pattern. In order to efficiently perform the query validation process, we first analyze some primary authorization conflict conditions under RDF subsumption inference, and then we introduce an efficient query validation algorithm using the conflict conditions and Dewey graph labeling technique. Through experiments, we also show that the proposed validation algorithm provides a reasonable validation time and when data and authorizations increase it has scalability.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.4 s.304
• /
• pp.25-32
• /
• 2005

The spread of mobile devices, PDAs and sensors has enabled the construction of ubiquitous computing environments, transforming regular physical spaces into 'Smart space' augmented with intelligence and enhanced with services. However, the deployment of this computing paradigm in real-life is disturbed by poor security, particularly, the lack of proper authentication and authorization techniques. Also, it is very important not only to find security measures but also to preserve user privacy in ubiquitous computing environments. In this Paper, we propose efficient user authentication and authorization model with anonymity for the privacy-preserving for ubiquitous computing environments. Our model is suitable for distributed environments with the computational constrained devices by using MAC-based anonymous certificate and security association token instead of using Public key encryption technique. And our Proposed Protocol is better than Kerberos system in sense of cryptographic computation processing.

• Journal of KIISE:Databases
• /
• v.35 no.2
• /
• pp.112-124
• /
• 2008

RDF and OWL are the primary base technologies for implementing Semantic Web. Recently, many researches related with them, or applying them into the other application domains, have been introduced. However, relatively little work has been done for securing the RDF and OWL data. In this article, we briefly introduce an RDF triple based model for specifying RDF access authorization related with RDF security. Next, to efficiently find the authorization conflict by RDF inference, we introduce a method using prime number graph labeling in detail. The problem of authorization conflict by RDF inference is that although the lower concept is permitted to be accessed, it can be inaccessible due to the disapproval for the upper concept. Because by the RDF inference, the lower concept can be interpreted into the upper concept. Some experimental results show that the proposed method using the prime number graph labeling has better performance than the existing simple method for the detection of the authorization conflict.

• Convergence Security Journal
• /
• v.5 no.1
• /
• pp.1-9
• /
• 2005

XML is the most common tool for data processing and data transmission in web applications. Policies are extensively used in all online business solutions and it is recognized that abinary decision such as 'yes/no' for access requests is not enough. In this paper, a method is developed to convert policy rules with provisions and obligations in logic formula formats into XML formats. The primary purpose is to enable security policy programmers to write flexible authorization policies in XML and to implement them easily. General syntaxes are defined to specify information for users, objects and actions in XML formats and an XML DTD is developed to specify authorization rules with these three components. To support various security features such as data transcoding and non-repudiation depending on data in addition to access control based on authorization policies, studies for specifying them in XML policy rules will be performed in the future.

• Journal of Arbitration Studies
• /
• v.22 no.3
• /
• pp.25-46
• /
• 2012

China instituted arbitration law on September 1, 1995, after having legislated the law under the UNCITRAL Model Law. However, Chinese arbitration law has some problems related to the effectiveness of its arbitration agreement, unlike the UNCITRAL Model Law. Thus, parties in dispute who want to settle a dispute based on Chinese arbitration law as governing law have more to take into consideration because there could be serious problems related to the effectiveness of the arbitration agreement. Therefore, this paper attempted to analyze the classification of jurisdiction related to the authorization of effectiveness in arbitration agreement of arbitral organization and Chinese, verify the problems, and suggest the solutions. Moreover, the author tried to verify the problems in applying the law related to the authorization of effectiveness in Chinese arbitration agreements and suggest some improvements. This paper also suggests improvements and problems related to the selection of arbitral organizations among several conditions for effective arbitration agreement in Chinese arbitration law. Finally, the author suggests some cautions and countermeasures related to arbitrations agreement for domestic investors and traders dealing with the Chinese.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.923-926
• /
• 2005

We explain the Presence Model defined in IETF IMPP WG. We also roughly explain the standards defined methods and behaviors among components for services according to presence model. We especially explain the XCAP technology which is defined authorization rules related subscription and notification of presence information and describe the design considerations of PA server for presence service.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.10B
• /
• pp.648-659
• /
• 2005

One's identity on the Internet has been disclosed and abused without his consent. Personal information must be protected by appropriate security safeguard. An Individual should have the right to know whether his personal details have been collected and stored. This paper proposes various conceptual models for designing privacy enabling service architecture in the Internet identity management system. For the restriction of access to personal information, we introduce the owner's policy and the management policy The owner's policy should provide the user with enough information to manage easily and securely his data. To control precisely and effectively all personal information in the Identity provider, we propose the privacy management policy and the privacy authorization model.

• The Journal of Society for e-Business Studies
• /
• v.1 no.1
• /
• pp.117-140
• /
• 1996

CALS is recognized as a national response to the new chapter of information society. It is essential that the standardization in Korea should be constructed compatible with not only domestic but also international standardization trend. This study aims to propose a proper direction of CALS standardization in Korea, based on the international CALS standardization movement. This paper classifies standard into five types and provides a proper direction and guidance far each standard. As a trend of CALS standard, all ten data files are converted using SGML standard far the interchangeability of data among heterogenous systems. CAD and Graphic data arc also moving toward to the STEP as their standard. In this regard, this paper discusses how to implement SGML and STEP Model. Finally, this paper proposes a method how to construct an EDI system with CALS standard and how to establish a standard authorization institute which will be responsible far the standard authorization. Furthermore, this paper also proposes the CALS Test Network (CTN) as its experimental method.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.8B
• /
• pp.719-726
• /
• 2008

In this thesis investigate the security gateway that manage authorization for user access dynamically by recognizing automatically and comparison & distinction between database and User-information while a terminal unit(PC) trying to access to the network of subnet. Also, it present User-interfaced authorization allowance role model, so administrator can assign united access control between network level(L2) and application level(L7) in relation to system construction.