• 한국중재학회지:중재연구
• /
• 제18권1호
• /
• pp.3-30
• /
• 2008

This paper is to research the current status of ADR in Korea, the qualifications of mediator (or conciliator) and arbitrator, the ADR education program of major foreign arbitration-related institutions and the efficient management device of ADR education program for the activation of the ADR system. In 2007, arbitration applications received at the Korean Commercial Arbitration Board numbered 320 and the amount involved those cases was US$ 216 millions. Mediation applications received at the KCAB numbered 552 and the amount involved those cases US$ 29millions. As of December 2007, the total numbers of arbitrators on the KCAB Panel of Arbitrators was 978. There are no provisions for the qualification of arbitrator in the UNCITRAL Model Law on International Commercial Arbitration and Arbitration Act of Korea. The KCAB has the consolidation regulation of the Panel of Arbitrator of which purpose is to regulate the criteria and procedure regarding the drawing up and maintenance of the panel of arbitrators. The UK Chartered Institute of Arbitrators has the criteria and qualifications for membership of which three grades are associate, member and fellow. The American Arbitration Association has the qualification criteria for admittance to the AAA National Roster of Arbitrators and Mediators. The Japan Association of Arbitrators has the official authorization regulation for membership of which three grades are special associate, ordinary associate and fellow. The UK Chartered Institute of Arbitrators has the ADR education programs which are composed of the mediation courses and arbitration courses. The American arbitrators Association has the ADR education programs which are composed of in-person training and online training. The Japan Association of Arbitrators has the ADR education programs which are composed of the cultivation courses of conciliator and the practical training courses of arbitrator. The efficient management devices of ADR education program are as follows: the execution of official authorization system of arbitrator, the establishment of specialized division for training and official authorization, the establishment of ADR regular training courses, the publication of ADR training texts and obtaining of instructors, and the consolidation of regulations related to the official authorization of arbitrator and ADR training. In conclusion, for the activation of ADR system, the KCAB and Korean Association of Arbitrators should make further effort to provide the ADR regular education and training programs for potential and practicing conciliators and arbitrators.

• 인터넷정보학회논문지
• /
• 제13권1호
• /
• pp.15-25
• /
• 2012

모바일 IP 환경 내 MN의 이동 과정에서 인증은 초기화되고, 이러한 시작점으로부터 과도한 비용이 발생한다는 전제하에 현재까지 연구는 특정 상황에서의 비용 감소의 요구사항을 명확히 제시하지 못하고 있다. 본 논문에서는 이런 점에 착안한 제안 기법은 계층적 AAA (Authorization, Authentication, Accounting)로부터 발전되어 빠른 인증과 Diameter 프로토콜 기반의 모바일 IP를 지원하며, AAA 서버는 LMA (Local Mobility Anchor)에 배치하여 짧고 간단한 빠른 이동 인증과 계층적 인증을 통해 도메인 내 인증에서의 비용을 줄여준다. 제안하는 Proxy-AAA 기법은 기존 인증기법들과 바인딩 업데이트 기법들을 개선하였으며 도메인 내 이동과 인증뿐만 아니라 도메인 간에서도 적용된다. 이를 수학적 모델링과 성능 평가를 통해 기존의 단점을 보완할 수 있음을 보여준다.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2014년도 추계학술발표대회
• /
• pp.516-519
• /
• 2014

Cloud computing is an up-and-coming paradigm shift transforming computing models from a technology to a utility. However, security concerns related to privacy, confidentiality and trust are among the issues that threaten the wide deployment of cloud computing. With the advancement of ubiquitous mobile-based clients, the ubiquity of the model suggests a higher integration in our day to day life and this leads to a rise in security issues. To strengthen the access control of cloud resources, most organizations are acquiring Identity Management Systems (IDM). This paper presents one of the most popular IDM systems, specifically OAuth, working in the scope of Mobile Cloud Computing which has many weaknesses in its protocol flow. OAuth is a Delegated Authorization protocol, and not an Authentication protocol and this is where the problem lies. This could lead to very poor security decisions around authentication when the basic OAuth flow is adhered to. OAuth provides an access token to a client, so that it can access a protected resource, based on the permission of the resource owner. Many researchers have opted to implement OpenlD alongside OAuth so as to solve this problem. But OpenlD similarly has several security flows. This paper presents scenarios of how insecure implementations of OAuth can be abused maliciously. We incorporate an authentication protocol to verify the identities before authorization is carried out.

• 디지털산업정보학회논문지
• /
• 제10권2호
• /
• pp.83-89
• /
• 2014

An increasing number of children are now using the Internet. They are starting at a younger age, using a variety of devices and spending more time online. It becomes an important problem to protect the children in online environment. The Internet can be a major channel for their education, creativity and self-expression. However, it also carries a spectrum of risks to which children are more vulnerable than adults. In order to solve these problems, we suggested a binding model of user attributes for enhanced user authentication. We also studied the requirements and prerequisites of a binding model of user attributes. In this paper we described the architecture of binding model of user attributes and showed the effectiveness of the suggested model using simulation. This model can be utilized to enhanced user authentication and service authorization.

• Journal of information and communication convergence engineering
• /
• 제5권2호
• /
• pp.144-149
• /
• 2007

Grid technologies make it possible for IT resources to be shared across organizational and security domains. The traditional identity-based access control mechanisms are unscalable and difficult to manage. Thus, we propose the FAS (Federation Agent Server) model which is composed of three modules: Certificate Conversion Module (CCM), Role Decision Module (RDM), and Authorization Decision Module (ADM). The proposed FAS model is an extended Role-Based Access Control (RBAC) model which provides resource access capabilities based on roles assigned to the users. FAS can solve the problem of assigning multiple identities to a shared local name in grid-map file and mapping the remote entity's identity to a local name manually.

• 한국컴퓨터정보학회논문지
• /
• 제14권6호
• /
• pp.91-98
• /
• 2009

본 논문에서는 정보의 중요도나 관련성의 정보에 기반한 퍼지함수를 적용하여 강제적 접근통제정책의 비밀성과 무결성을 보장하였으며, 보안등급을 이용하여 접근권한의 흐름을 통제할 수 있는 흐름정책과 역할그래프 생성 알고리즘을 제시하여 상속특성으로 인한 권한남용문제를 해결하였다. 또한, 상업적인 환경에 적용이 가능하도록 정보특성별로 역할을 그룹핑하여 역할계층을 구성함으로써 새로운 역할을 추가하는 것이 용이하여 다단계 보안시스템에서도 효과적으로 접근통제를 할 수 있을 뿐만 아니라 대규모 보안시스템으로 확장할 수 있는 장점을 갖는다.

• Environmental Analysis Health and Toxicology
• /
• 제30권sup호
• /
• pp.7.1-7.10
• /
• 2015

Objectives For successful adoption of legislation controlling registration and assessment of chemical substances, it is important to obtain sufficient toxicological experimental evidence and other related information. It is also essential to obtain a sufficient number of predicted risk and toxicity results. Particularly, methods used in predicting toxicities of chemical substances during acquisition of required data, ultimately become an economic method for future dealings with new substances. Although the need for such methods is gradually increasing, the-required information about reliability and applicability range has not been systematically provided. Methods There are various representative environmental and human toxicity models based on quantitative structure-activity relationships (QSAR). Here, we secured the 10 representative QSAR-based prediction models and its information that can make predictions about substances that are expected to be regulated. We used models that predict and confirm usability of the information expected to be collected and submitted according to the legislation. After collecting and evaluating each predictive model and relevant data, we prepared methods quantifying the scientific validity and reliability, which are essential conditions for using predictive models. Results We calculated predicted values for the models. Furthermore, we deduced and compared adequacies of the models using the Alternative non-testing method assessed for Registration, Evaluation, Authorization, and Restriction of Chemicals Substances scoring system, and deduced the applicability domains for each model. Additionally, we calculated and compared inclusion rates of substances expected to be regulated, to confirm the applicability. Conclusions We evaluated and compared the data, adequacy, and applicability of our selected QSAR-based toxicity prediction models, and included them in a database. Based on this data, we aimed to construct a system that can be used with predicted toxicity results. Furthermore, by presenting the suitability of individual predicted results, we aimed to provide a foundation that could be used in actual assessments and regulations.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권7호
• /
• pp.2532-2553
• /
• 2014

In Asiacrypt 2003, Al-Riyami and Paterson proposed the notion of certificateless cryptography, a technique to remove key escrow from traditional identity-based cryptography as well as circumvent the certificate management problem of traditional public key cryptography. Subsequently much research has been done in the realm of certificateless encryption and signature schemes, but little to no work has been done for the identification primitive until 2013 when Chin et al. rigorously defined certificateless identification and proposed a concrete scheme. However Chin et al.'s scheme was proven in the random oracle model and Canetti et al. has shown that certain schemes provable secure in the random oracle model can be insecure when random oracles are replaced with actual hash functions. Therefore while having a proof in the random oracle model is better than having no proof at all, a scheme to be proven in the standard model would provide stronger security guarantees. In this paper, we propose the first certificateless identification scheme that is both efficient and show our proof of security in the standard model, that is without having to assume random oracles exist.

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2010년도 추계학술대회
• /
• pp.616-617
• /
• 2010

본 논문에서는 유비쿼터스 컴퓨팅 환경에 기반을 둔 e-라닝 모델을 제안하였다. 제안한 모델은 크게 하드웨어와 소프트웨어 환경, 그리고 각종 서비스에 대하여 제안하였다.

• 산업경영시스템학회지
• /
• 제19권38호
• /
• pp.217-224
• /
• 1996

Recently groupware has been popularly adopted by corperations to gain competitive position. In Korea, one of major function of those systems is the Electronic Authorizing System because korean firms have authorizing system but western firms do not. Thus researches on EAS has never been produced before. The purpose of this research is to build the research framework for productivity measurement of EAS. The research model of EAS has investigated three dimensions including Business process, ease of system use and media richness to meet this end. Based on this model, author conducted case study with mailing questionaires. The result of research shows that the factors of the business process and ease of system use raise the productivity but the factor of electronic media a little decreases it. Also author finds business process affects the productivity in three ways such as changing layout of papers for authorizing, changing business process and removing waiting time for authorization. Finally, based on the result of research, this paper adds some recommendations for EAS builder.