• International Journal of Computer Science & Network Security
• /
• v.23 no.1
• /
• pp.71-77
• /
• 2023

In the current Internet system, there are many problems using anonymity of the network communication such as personal information leaks and crimes using the Internet system. This is why TCP/IP protocol used in Internet system does not have the user identification information on the communication data, and it is difficult to supervise the user performing the above acts immediately. As a study for solving the above problem, there is the study of Policy Based Network Management (PBNM). This is the scheme for managing a whole Local Area Network (LAN) through communication control for every user. In this PBNM, two types of schemes exist. As one scheme, we have studied theoretically about the Destination Addressing Control System (DACS) Scheme with affinity with existing internet. By applying this DACS Scheme to Internet system management, we will realize the policy-based Internet system management. In this paper, to realize it, concept of the Internet PBNM Scheme is proposed as the final step.

• 한국디지털정책학회:학술대회논문집
• /
• 2006.06a
• /
• pp.197-204
• /
• 2006

This paper tried to develop differentiation strategies of policy process in governance. Firstly, we reviewed model of policy making(output-oriented model and process-oriented model, normative or idealistic approach and realistic or empirical approach, rational model and cognitive model etc). Now gumi city is making the policy based on the process-oriented model, realistic or empirical approach, cognitive model. So gumi city was winner the test of provinces innovation in 2005. Therefore, when we make the policy, consider these factor: citizen and public service personnel participate policy making process and control policy quality.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.6
• /
• pp.1364-1370
• /
• 2005

There are many security models for database systems using policy-based access control. RBAC (Role-based Access Control) is used for complementing MAC (Mandatory Access Control) and DAC (Discretionary Access Control) and is for performing flexibly security policies meet applied environment. We implemented the database security system that applies DAC, MAC, and RBAC to meet security requirements of users. However, security policies are constructed redundantly whenever security policies are needed to each user in this system. Even though the proposed security system can flexibly control more complicated 'read' access to various data sizes for individual users, it is obvious that there is a possibility that a new policy can be a duplication of existing policies. In this paper, we introduce the problem of policy duplication and propose the policy management module. With this proposed module, constructed policies are checked for duplication and deleted or merged with existing policies.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.7C
• /
• pp.667-673
• /
• 2007

In order to provide the efficient personalized services, the organizations and the companies collect and manage the personal information. The stored data have some slight differences among each subject. Even though the same attribute information leaks out, the personal privacy violation is different according to personal sensitivity. However, currently the organizations or the companies protect all the information as the same level. This paper reflects the sensitive attribute information of the information subject to each personal policy by the encrypting techniques. And then we propose a policy-based access control mechanism for the personal information which strictly prevents unauthorized information users from illegally accessing the personal information. In the proposed mechanism, the individuals' personal information which is encrypted with different keys is stored into the database. For the access control, information subjects set up their own access control policy for their sensitive personal information. Then it is possible to control the information access by providing the information to the information users according to personal and organizational privacy policy.

• Health Policy and Management
• /
• v.31 no.1
• /
• pp.91-99
• /
• 2021

Background: The Korean government introduced National Cancer Control Program and strengthening national health insurance coverage for cancer patients. Although many positive effects have been observed, there are also many concerns about cancer management such as patient concentration or time-to-treatment. Thus, we investigated the association between the time-to-treatment and survival of cancer patients, and compared regional differences by time trend. Methods: The data used in this study were national health insurance claims data that included patients diagnosed with lung cancer and received surgical treatment between 2005 and 2015. We conducted survival analysis with Cox proportional hazard model for the association between time-to-treatment and survival in lung cancer. Additionally, we compared the regional differences for time-to-treatment by time trend. Results: A total of 842 lung cancer patients were included, and 52.3% of lung cancer patients received surgical treatment within 30 days. Patients who received surgical treatment after 31 days had higher 5-year or 1-year mortality compared to treatment within 30 days (5-year: hazard ratio [HR], 1.566; 1-year: HR, 1.555; p<0.05). There were some regional differences for time-to-treatment, but it was generally reduced after 2010. Conclusion: Delayed surgical treatment after diagnosis can negatively affect patient outcomes in cancer treatment. To improve cancer control strategies, there are needed to analyze the healthcare delivery system for cancer care considering the severity and types of cancer.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.1
• /
• pp.1-14
• /
• 2015

To conform to new emerging computing paradigm, various researches and challenges are being done. New information technologies make easy to access and acquire information in various ways. In other side, however, it also makes illegal access more powerful and various threat to system security. In this paper, we suggest a new extended access control method that make it possible to conform to security policies enforcement even with discrepancy between policy based constraints rules and query based constraints rules, based on their semantic information. New method is to derive security policy rules using context tree structure and to control the exceed granting of privileges through the degree of the semantic discrepancy. In addition, we illustrate prototype system architecture and make performance comparison with existing access control methods.

• The Journal of the Korea Contents Association
• /
• v.19 no.12
• /
• pp.407-415
• /
• 2019

As the IT environment changes with cloud computing and smart work, the existing perimeter security model is showing its limitations and Software Defined Perimeter is being discussed as an alternative. However, SDP Spec 1.0 does not specify the device registration procedure, policy distribution process and authentication key generation and sharing process.In this paper, we propose a method to solve the problem of SDP access control by improving the operation procedure of Single Packet Authentication. This paper suggests that the proposed method can implement a consistent and automated integrated access control policy compared to the existing access control methods.

• IE interfaces
• /
• v.22 no.4
• /
• pp.368-375
• /
• 2009

This paper considers a two-stage supply system consisting of two make-to-stock facilities. The facility in the first stage produces a single type of component in anticipation of future demands from the market and the end item production while the facility in the second stage produces the end item in anticipation of future demands from the OEM customers. The facility in the first stage has the option of to accept or reject each incoming demand from the market. In this paper, we address the problem of how to control the exogenous component demand and how to manage the production of the end item and the component so as to maximize the system's profit subject to the system costs. In this paper, we present a heuristic policy that is the base-stock production policy combined with a linear switching curve for component demand control. Numerical study is implemented under different operating conditions of the system and it shows that the performance of the heuristic is very promising compared to that of the optimal policy for the Markov model.

• Health Policy and Management
• /
• v.30 no.4
• /
• pp.431-432
• /
• 2020

Coronavirus disease 2019 (COVID-19) has been going on for nearly a year. As of December 1, 2020, more than 60 million confirmed cases and 1.4 million deaths have occurred in 220 countries and territories. There is no effective treatment for COVID-19 so far, and vaccines are being developed. However, the vaccine of COVID-19 can be freed from COVID-19 only if there are positive answers to some questions: "Aren't there any major side effects from the vaccine?"; "Is the vaccine effective for enough time?"; "Does the vaccine sufficiently reduce the mortality rate?"; and "Does the vaccine sufficiently reduce the reproduction number?" The fight against COVID-19 will continue for a long time. Therefore, we need to respond by developing the evidence for control of COVID-19, the emerging infectious disease. Extensive quarantine measures in the early stages of COVID-19 need to be elaborated through developing the evidence. Korea Disease Control and Prevention Agency should establish a database for evidence developing COVID-19 control. In this database, based on more than 3 million tested individuals, epidemiological investigation results, health insurance claims data, and government data such as the Ministry of Public Administration and Security, etc. should be linked. It is necessary to disclose this database to academia, etc. to create the evidences of COVID-19 and manage COVID-19 through these. And through the developed evidences, guidelines for physical health and mental health in the era of Corona 19 should be developed.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.6
• /
• pp.173-186
• /
• 2013

New information technologies make it easy to access and acquire information in various ways. However, It also enable powerful and various threat to system security. To challenge these threats, various extended access control methods are being studied. We suggest a new extended access control method that make it possible to conform to security policies enforcement even with discrepancy between policy based constraints rules and query based constraints rules via their semantic relationship. New our approach derives semantic implications using tree hierarchy structure and coordinates the exceed privileges using semantic gap factor calculating the degree of the discrepancy. In addition, we illustrate prototype system architecture and make performance comparison with existing access control methods.