• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권1호
• /
• pp.437-454
• /
• 2020

According to the privacy regulations of the health insurance portability and accountability act (HIPAA), patients' control over electronic health data is one of the major concern issues. Currently, remote access authorization is considered as the best solution to guarantee the patients' control over their health data. In this paper, a new biometric-based key management scheme is proposed to facilitate remote access authorization anytime and anywhere. First, patients and doctors can use their biometric information to verify the authenticity of communication partners through real-time video communication technology. Second, a safety channel is provided in delivering their access authorization and secret data between patient and doctor. In the designed scheme, the user's public key is authenticated by the corresponding biometric information without the help of public key infrastructure (PKI). Therefore, our proposed scheme does not have the costs of certificate storage, certificate delivery, and certificate revocation. In addition, the implementation time of our proposed system can be significantly reduced.

• 정보보호학회논문지
• /
• 제6권3호
• /
• pp.41-56
• /
• 1996

WWW 환경에서 멀티미디어 정보 서비스를 제공하기 위해 사용되는 데이터베이스 서버는 데이터 베이스에 구축된 정보 서비스를 인가된 사용자가 안전하게 사용하도록 해주는 접근 통제 기법을 제공해야 한다. 본 논문에서는 바다-III 시스템의 객체지향 데이터베이스 서버에서 데이터의 적절한 접근통제를 시행하는 권한부여 모델과 권한부여 정책들을 정의하고, 사용자의 접근 권한을 평가하기 위한 알고리즘을 제안한다. 제안된 모델은 WWW 정보 서비스 환경을 고려하여, 데이터베이스 서비스 제공자가 구축한 데이터베이스를 쉽고 효율적으로 보호할 수 있는 구조를 제공한다.

• 대한한의학회지
• /
• 제33권3호
• /
• pp.147-159
• /
• 2012

Objectives: Systems related to the production, authorization, and listing for insurance of herbal medicine products were compared between South Korea and Taiwan to illuminate herbal medicine products system issues in South Korea. Methods: Papers, and laws and policies related to the production, authorization, and listing for insurance of herbal medicine products in South Korea and Taiwan are analyzed to create the primary documents. The documents from South Korea were screened with the advice of a specialist, while those from Taiwan have been verified through local investigation and with the help of a related specialist. The screened documents were then compared and analyzed in the order of the systems related to the production, authorization, and listing for insurance of herbal medicine products. Results: The systems related to the production of herbal medicine products satisfy GMP requirements in both countries, while Taiwan has more specialized systems related to the production of herbal medicine products and a more strict authorization program as compared to South Korea. While South Korea has most of the herbal medicine products classified as non-prescription drugs, Taiwan has them as prescription drugs. And while South Korea does not allow new herbal medicine products to be listed for insurance, Taiwan allows for once-a-year application toward listing for insurance. Conclusions: In order to ensure the safe and effective use of herbal medicine products, systems related to the production, authorization, and listing for insurance of herbal medicine products are to be established, while the categorization of medicine products principally used by Korean medicine doctors should be prepared. Furthermore, prescription by a Korean medicine doctor for new drugs made with natural products and their listing for insurance need to be encouraged.

• 한국콘텐츠학회:학술대회논문집
• /
• 한국콘텐츠학회 2014년도 춘계 종합학술대회 논문집
• /
• pp.221-222
• /
• 2014

• 전자공학회논문지CI
• /
• 제42권4호
• /
• pp.25-32
• /
• 2005

모바일 디바이스, PDA 센서들의 확산은 실생활 공간이 지능적이고 향상된 서비스를 제공하는 스마트 공간으로 전환되는 유비쿼터스 컴퓨팅 환경이 구축될 수 있도록 하였다. 그러나 보안문제 특히 적절한 인증 및 접근 제어 기술의 부재로 말미암아, 실생활에서의 이러한 컴퓨팅 패러다임의 변화에 있어, 방해 요소가 되고 있으며, 또한 유비쿼터스 컴퓨팅 환경에서는 보안 대책을 마련하고, 사용자의 프라이버시 보장 또한 매우 중요하다 본 논문에서는 유비쿼터스 컴퓨팅 환경을 위한 사용자 프라이버시를 위한 익명성이 보장되는 효율적인 사용자 인증 및 접근 제어 모델을 제안한다. 본 논문의 제안 모델은 공개키 암호 기술이 아닌 MAC 기반의 익명 인증서와 보안 연계 토큰을 이용하여, 사용자 인증 및 접근 제어를 수행함으로써, 컴퓨팅 연산 능력이 컴퓨팅 연산 능력이 비교적 떨어지는 디바이스들에 적합한 모델이다. 또한 암호 연산 처리 측면에서, Kerberos 시스템과 비교하였을 때, 전반적으로 우수함을 알 수 있었다.

• 한국콘텐츠학회논문지
• /
• 제8권11호
• /
• pp.25-32
• /
• 2008

접근 제어 기법은 모든 보호 입도 수준을 지원할 만큼 충분히 유연해야 한다. 또한 접근 제어 정책은 문서 타입과 관련하여 명세 될 가능성이 매우 높으므로, 문서가 기존의 접근 제어 정책에 의해 다루어지지 않는 상황을 적절하게 관리해야 한다. XML 문서에 관해서도 단순한 권한부여를 넘어서 좀 더 유연하게 정책을 기술하고, 선택할 수 있는 접근 제어 방법을 고려해야 한다. 본 논문은 XML 문서 접근을 위한 권한부여와 효율적인 관리를 위한 접근 제어 정책 시스템을 기술하고 설계하여 XML 자체의 능력을 활용하는 방법을 제안한다. 본 논문 시스템의 주요 특징은 특정 XML 문서에서 누가 어떤 접근 특권을 행사할 것인가를 고려하면서 조직 전반에 걸친 정책 관리자와 단일 문서 작성자의 요구를 원만하게 조정하는 것이다.

• 한국수학교육학회지시리즈A:수학교육
• /
• 제24권2호
• /
• pp.27-34
• /
• 1986

At present, Japanese textbooks of mathematics for elementary and secondary schools are thorized by the Ministry of Education. In former days, this system was also in effect for mentary schools until 1905 and for secondary schools until 1944. this article we discuss the start and the change of this system until 1905 and its influences the textbooks of mathematics. The main interest of the system was originally to prevent the textbooks from having the pressions which have the fear of breaking laws, disturbing the public morals or mistaking real facts. The interest changed to assure that the textbooks might comply with the ional standards of teaching syllabuses. And the standards such as the ones of the sizes of ers in the textbooks were made public one after another. The comments attached to the textbooks which applied for the authorization often pointed out use of unsuitable concrete numbers. The comments were often concerned with the difficulty words or sentenses for elementary schools and with the incorrectness of mathematical contents secondary schools. We conclude that the system encouraged the rapid modernization and regularization of Japanese tbooks during this period. We may note that there was a tendency not to adopt an extremely usual trial into the textbooks.

• 한국IT서비스학회지
• /
• 제13권4호
• /
• pp.245-254
• /
• 2014

Payment system is defined as the various contracts and operating facilities for the transfer of monetary value to clear the relationship between credit and debt. Payment systems essentially require the efficient and reliable operations. Card-based payment systems are developed practically and creatively in accordance with the progress of ICT. Especially in mobile environment with intelligent mobile devices such as smart-phones and tablets, a variety of payment services are provided. Existing card-based payment services are configured by the payment transaction initiated by the merchants card acceptance and then swiping into the CAT (Card Authorization Terminal) to begin the transaction. The merchant initiated payment services are now applied to the Wireless CAT (W-CAT) for mobile environment. That kind of payment services cause many problems such the illegal card information leaks and the lingering threat of W-CAT theft. Also, the use of many W-CATs increased cost to the merchant. In this paper, we propose the card holder initiated card payment system using the intelligent mobile devices in mobile environment for solving problems of the existing merchant initiated card payment system and coping effectively with the activation of a wireless data network and changes of information technology.

• 무역상무연구
• /
• 제58권
• /
• pp.287-311
• /
• 2013

In this study, the scope of previous logistics security were focused only on port and ship. Because of it now extends to the overall (export and import) supply chain areas and in regards with supply security programs in the international level, it reviewed supply chain security programs categorized them into 'ships and port security system', 'container screening system', 'logistics chain authorization system' which are expanded to be adopted in the international level. The major features of those programs are summarized as in building risk management system, providing information ahead, selectivity test and benefits to AEO authorized companies in the customs administration level. The government and companies which are to ensure supply chain security and trade facilitation in order to cope actively with international customs administrative atmosphere need to do the followings : First, they need to build an intra-government integrated supply chain security and make efforts to conclude AEO MRA in order to increase trade competitiveness among major trading countries. Second, they need to build supply chain risk management system in order to enhance management performance through overseas market and company level strategy to obtain and maintain AEO authorization in the company level.

• 정보과학회 논문지
• /
• 제43권10호
• /
• pp.1094-1103
• /
• 2016

Physical Web과 Eddystone은 하나의 통합된 어플리케이션에서 URL을 통해 각각의 서버에서 서비스를 구현하는 방식으로 단 하나의 어플리케이션으로 작동할 수 있다. 하지만, 각 BLE 디바이스의 역할을 위해서는 BLE 디바이스에 맞는 어플리케이션이 따로 존재해야만 한다. 이를 극복하기 위해 BLE 디바이스 컨트롤 서버를 통해 각 제조사와 Beacon을 연동하고 통합된 어플리케이션을 지원하기 위한 새로운 플랫폼이 필요하다. 이는 Beacon의 서비스를 위한 Push(Broadcasting)와 관리를 위한 Pull(Connection)을 모두 담당하게 해야 되며, 특히 Pull과 같은 경우에는 권한을 통해서 관리가 가능해야 한다. 이를 위해 BLE 통신에서 새롭고 안전한 통신 프로토콜이 필요하다. 이에 본 논문은 Physical Web 및 Eddystone 기반의 BLE 디바이스 컨트롤 서버에서 보안이 적용된 기기 제어를 위한 BLE 통합 인증 시스템을 제안한다.