• 한국컴퓨터정보학회논문지
• /
• 제9권4호
• /
• pp.49-54
• /
• 2004

규칙 기반 접근 제어가 신분 기반 접근 제어의 완전한 대체 방법이 아니듯이 직무 기반 접근 제어도 신분 기반 접근 제어와 규칙 기반 접근 제어의 병합이 아닌 상호 보완적인 방법이다. 본 논문에서는 기존의 접근 제어 메커니즘을 통합하여 보안성 무결성 및 흐름 제어 보안 기능을 제공하며 직무 중심 조직의 접근 제어 요구를 용이하게 수용할 수 있는 새로운 방식의 통합 접근 제어를 위한 시뮬레이션 모델을 설계하여 이를 실제의 응용 시스템에 적용할 수 있도록 한다.

• 한국정보전자통신기술학회논문지
• /
• 제1권3호
• /
• pp.17-20
• /
• 2008

본 논문에서는 컴퓨터 협동 지원 작업의 세션 초기 프로토콜 환경에서 실행되는 접근 제어에 대해서 기술한다. 세션 관리에는 세션의 셍성, 종료 및 지각자 처리, 접근 제어 등의 기능이 있다. 그러나, 기존의 프레임워크는 컴퓨터 협동 지원 작업의 세션 초기 프로토콜 환경에서 접근 제어에 대한 기능은 거의 없는 실정이다. 따라서, 본 논문에서는 세션을 잘 유지할 수 있게 하기 위하여 컴퓨터 협동 지원 작업의 세션 초기 프로토콜 환경에서의 접근 제어를 제안한다.

• Journal of Communications and Networks
• /
• 제11권6호
• /
• pp.599-606
• /
• 2009

For many mission-critical related wireless sensor network applications such as military and homeland security, user's access restriction is necessary to be enforced by access control mechanisms for different access rights. Public key-based access control schemes are more attractive than symmetric-key based approaches due to high scalability, low memory requirement, easy key-addition/revocation for a new node, and no key predistribution requirement. Although Wang et al. recently introduced a promising access control scheme based on elliptic curve cryptography (ECC), it is still burdensome for sensors and has several security limitations (it does not provide mutual authentication and is strictly vulnerable to denial-of-service (DoS) attacks). This paper presents an energy-efficient access control scheme based on ECC to overcome these problems and more importantly to provide dominant energy-efficiency. Through analysis and simulation based evaluations, we show that the proposed scheme overcomes the security problems and has far better energy-efficiency compared to current scheme proposed byWang et al.

• 디지털콘텐츠학회 논문지
• /
• 제16권1호
• /
• pp.173-177
• /
• 2015

본 논문에서는 셰퍼드와 세션 초기 프로토콜 환경에서 실행되는 컴퓨터 기반의 멀티미디어 통합을 위한 접근 제어에 대해서 제안하였다. 기존의 멀티미디어 프레임워크는 접근제어에 대한 기능은 있지만, 컴퓨터 기반의 멀티미디어 통합을 위한 세션 초기 프로토콜 환경에서 거의 없는 실정이다. 세션 관리에는 세션의 생성, 종료 및 지각자처리, 접근제어 등의 기능이 있다. 본 논문에서는 세션을 잘 유지할 수 있게 하기 위하여 셰퍼드와 세션 초기 프로토콜 환경에서 실행되는 컴퓨터 기반의 멀티미디어 통합을 위한 접근제어를 기술하였다.

• Journal of Communications and Networks
• /
• 제13권2호
• /
• pp.175-186
• /
• 2011

The proliferation of advanced technologies has been altering our lifestyle and social interactions-the next frontier is the digital home. Although the future of smart homes is promising, many technical challenges must be addressed to achieve convenience and security. In this paper, we delineate the unique combination of security challenges specifically for access control and consider the challenges of how to simply and securely assign access control policies to visitors for home devices and resources. We present a set of intuitive access control policies and suggest four access control settings based on our in-person interview results. Furthermore, we propose the automated Clairvoyant access right assignment (CARA) mechanism that utilizes home owners' social relationship to automatically deduce to which class a visitor belongs. The combination of CARA and the suggested mapping provides a promising first step for home policy assignment such that nonexpert home owners can let visitors use their home network with confidence. We anticipate that future research can build on our proposed mechanisms to provide confidence to non-expert home owners for letting visitors use their home network.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권11호
• /
• pp.3892-3912
• /
• 2021

The recent rapid growth of mobile network traffic places multi-access edge computing in an important position to reduce network load and improve network capacity and service quality. Contrasting with traditional mobile cloud computing, multi-access edge computing includes a base station cooperative cache layer and user cooperative cache layer. Selecting the most appropriate cache content according to actual needs and determining the most appropriate location to optimize the cache performance have emerged as serious issues in multi-access edge computing that must be solved urgently. For this reason, a cache placement algorithm based on comprehensive utility in big data multi-access edge computing (CPBCU) is proposed in this work. Firstly, the cache value generated by cache placement is calculated using the cache capacity, data popularity, and node replacement rate. Secondly, the cache placement problem is then modeled according to the cache value, data object acquisition, and replacement cost. The cache placement model is then transformed into a combinatorial optimization problem and the cache objects are placed on the appropriate data nodes using tabu search algorithm. Finally, to verify the feasibility and effectiveness of the algorithm, a multi-access edge computing experimental environment is built. Experimental results show that CPBCU provides a significant improvement in cache service rate, data response time, and replacement number compared with other cache placement algorithms.

• 한국멀티미디어학회논문지
• /
• 제22권8호
• /
• pp.823-831
• /
• 2019

In recent years, there has been developed systems such as a surveillance system and access control using a face recognition function instead of a password or an RFID chip, thereby reducing the risk of falsification. Moreover, deep learning technology has been applied to real-time face recognition technology in video, so it makes possible the development of access control system that improves the accuracy of recognition and efficiency of management. In this paper, we propose a real-time access management system based on face recognition using ResNet. The system is based on web server, which make it possible to manage the access by recognizing the person of the image through the camera and access information stored in the database. It can be accessed by a user application to receive various information. The implemented system identifies a person in real time and allows access control by accurately distinguishing whether they are members or not, and the test results can recognize in 0.2 seconds. The accuracy of recognition rate is up to about 97% depending on the experiment environment. With this system, access can be managed quickly and effectively, even many people rush to it.

• Journal of Information Processing Systems
• /
• 제2권1호
• /
• pp.28-33
• /
• 2006

The initial research of Task Computing in the ubiquitous computing (UbiComp) environment revealed the need for access control of services. Context-awareness of service requests in ubiquitous computing necessitates a well-designed model to enable effective and adaptive invocation. However, nowadays little work is being undertaken on service access control under the UbiComp environment, which makes the exposed service suffer from the problem of ill-use. One of the research focuses is how to handle the access to the resources over the network. Policy-Based Access Control is an access control method. It adopts a security policy to evaluate requests for resources but has a light-weight combination of the resources. Motivated by the problem above, we propose a universal model and an algorithm to enhance service access control in UbiComp. We detail the architecture of the model and present the access control implementation.

• International Journal of Computer Science & Network Security
• /
• 제21권7호
• /
• pp.119-124
• /
• 2021

Today, both sides of modern culture are decisively invaded by digitalization. Authentication is considered to be one of the main components in keeping this process secure. Cyber criminals are working hard in penetrating through the existing network channels to encounter malicious attacks. When it comes to enterprises, the company's information is a major asset. Question here arises is how to protect the vital information. This takes into account various aspects of a society often termed as hyper connected society including online communication, purchases, regulation of access rights and many more. In this research paper, we will discuss about the concepts of MFA and KBA, i.e., Multi-Factor Authentication and Knowledge Based Authentication. The purpose of MFA and KBA its utilization for human.to.everything..interactions, offering easy to be used and secured validation mechanism while having access to the service. In the research, we will also explore the existing yet evolving factor providers (sensors) used for authenticating a user. This is an important tool to protect data from malicious insiders and outsiders. Access Management main goal is to provide authorized users the right to use a service also preventing access to illegal users. Multiple techniques can be implemented to ensure access management. In this paper, we will discuss various techniques to ensure access management suitable for enterprises, primarily focusing/restricting our discussion to multifactor authentication. We will also highlight the role of knowledge-based authentication in multi factor authentication and how it can make enterprises data more secure from Cyber Attack. Lastly, we will also discuss about the future of MFA and KBA.

• JSTS:Journal of Semiconductor Technology and Science
• /
• 제14권4호
• /
• pp.391-406
• /
• 2014

The performance of General-Purpose computation on Graphics Processing Units (GPGPU) is heavily dependent on the memory access behavior. This sensitivity is due to a combination of the underlying Massively Parallel Processing (MPP) execution model present on GPUs and the lack of architectural support to handle irregular memory access patterns. Application performance can be significantly improved by applying memory-access-pattern-aware optimizations that can exploit knowledge of the characteristics of each access pattern. In this paper, we present an algorithmic methodology to semi-automatically find the best mapping of memory accesses present in serial loop nest to underlying data-parallel architectures based on a comprehensive static memory access pattern analysis. To that end we present a simple, yet powerful, mathematical model that captures all memory access pattern information present in serial data-parallel loop nests. We then show how this model is used in practice to select the most appropriate memory space for data and to search for an appropriate thread mapping and work group size from a large design space. To evaluate the effectiveness of our methodology, we report on execution speedup using selected benchmark kernels that cover a wide range of memory access patterns commonly found in GPGPU workloads. Our experimental results are reported using the industry standard heterogeneous programming language, OpenCL, targeting the NVIDIA GT200 architecture.