• Title/Summary/Keyword: Control Policy

Search Result 3,193, Processing Time 0.027 seconds

A Study on Architecture of Access Control System with Enforced Security Control for Ubiquitous Computing Environment (유비쿼터스 컴퓨팅 환경을 위한 보안통제가 강화된 접근제어 시스템 설계에 관한 연구)

  • Eom, Jung-Ho;Park, Seon-Ho;Chung, Tai-Myoung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.5
    • /
    • pp.71-81
    • /
    • 2008
  • In the paper, we designed a context aware task-role based access control system(CAT-RACS) which can control access and prevent illegal access efficiently for various information systems in ubiquitous computing environment. CAT-RACS applied CA-TRBAC, which adds context-role concept for achieve policy composition by context information and security level attribute to be kept confidentiality of information. CA-TRBAC doesn't permit access when context isn't coincident with access control conditions, or role and task's security level aren't accord with object's security level or their level is a lower level, even if user's role and task are coincident with access control conditions. It provides security services of user authentication and access control, etc. by a context-aware security manager, and provides context-aware security services and manages context information needed in security policy configuration by a context information fusion manager. Also, it manages CA-TRBAC policy, user authentication policy, and security domain management policy by a security policy manager.

A Comparative Analysis of Healthcare-Associated Infection Policy in South Korea and Its Implications in Coronavirus Disease 2019

  • Jeong, Yoolwon;Kim, Kinam
    • Health Policy and Management
    • /
    • v.31 no.3
    • /
    • pp.312-327
    • /
    • 2021
  • Background: Infection prevention and control (IPC) to manage healthcare-associated infection (HCAI) has emerged as one of the most significant public health issues in Korea. The purpose of this study is to draw implications in IPC policies by analyzing the context, process, and major actors in policy development and comparatively analyzing IPC policy contents of Korea with three other countries. Additionally, IPC policies were analyzed in the context of coronavirus disease 2019 (COVID-19) to provide implications for future pandemics and HCAI events. Methods: This study incorporates a qualitative approach based on document and content analysis, applying codes and thematic categorization. IPC policy contents are comparatively analyzed by adopting the concept model, developed by the World Health Organization, which consists of core components of IPC structure at the national and facility level. Results: National IPC policies were developed within a complex social and political context, through the involvement of various stakeholders. IPC policies in Korea place a high emphasis on establishing IPC programs and built environments in healthcare facilities, whereas there were potentials for improvement in policies involving patients and promoting a safety culture. IPC policies, which currently focus on general hospitals and certain functions of hospitals, should further be expanded to target all healthcare facilities and functions, to ensure more efficient and sustainable IPC responses in the current and future disease outbreaks. Conclusion: IPC is a complex policy arena and lessons learned from the analysis of existing policies in the context of COVID-19 should provide valuable strategic implications for future policies.

Sharing and Privacy in PHRs: Efficient Policy Hiding and Update Attribute-based Encryption

  • Liu, Zhenhua;Ji, Jiaqi;Yin, Fangfang;Wang, Baocang
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.1
    • /
    • pp.323-342
    • /
    • 2021
  • Personal health records (PHRs) is an electronic medical system that enables patients to acquire, manage and share their health data. Nevertheless, data confidentiality and user privacy in PHRs have not been handled completely. As a fine-grained access control over health data, ciphertext-policy attribute-based encryption (CP-ABE) has an ability to guarantee data confidentiality. However, existing CP-ABE solutions for PHRs are facing some new challenges in access control, such as policy privacy disclosure and dynamic policy update. In terms of addressing these problems, we propose a privacy protection and dynamic share system (PPADS) based on CP-ABE for PHRs, which supports full policy hiding and flexible access control. In the system, attribute information of access policy is fully hidden by attribute bloom filter. Moreover, data user produces a transforming key for the PHRs Cloud to change access policy dynamically. Furthermore, relied on security analysis, PPADS is selectively secure under standard model. Finally, the performance comparisons and simulation results demonstrate that PPADS is suitable for PHRs.

An Access Control System for Ubiquitous Computing based on Context Awareness (상황 인식 기반의 유비쿼터스 컴퓨팅을 위한 접근 제어 시스템)

  • Lee, Ji-Yeon;Ahn, Joon-Seon;Doh, Kyung-Goo;Chang, Byeong-Mo
    • The KIPS Transactions:PartA
    • /
    • v.15A no.1
    • /
    • pp.35-44
    • /
    • 2008
  • It is important to manage access control for secure ubiquitous applications. In this paper, we present an access-control system for executing policy file which includes access control rules. We implemented Context-aware Access Control Manager(CACM) based on Java Context-Awareness Framework(JCAF) which provides infrastructure and API for creating context-aware applications. CACM controls accesses to method call based on the access control rules in the policy file. We also implemented a support tool to help programmers modify incorrect access control rules using static analysis information, and a simulator for simulating ubiquitous applications. We describe simulation results for several ubiquitous applications.

Research of Efficient Environmental Policy Instruments for the Reduction of SO2-Emissions from Stationary Sources (고정오염원에서 발생하는 SO2 배출량 저감을 위한 효율적인 환경정책수단의 연구)

  • Lee, Yeong Jun
    • Journal of Environmental Science International
    • /
    • v.13 no.4
    • /
    • pp.339-347
    • /
    • 2004
  • This paper asks the question: what choice of environmental policy instruments is efficient to reduce sulfur dioxide from stationary sources\ulcorner: In Korea, command and control has been a common way of controlling $SO_2-emissions.$ When compared to the non-incentive environmental policy instrument such as command and control, economic incentive environmental policy instrument has been the advantage of making polluter himself flexibly deals with in marginal abatement cost to develop environmental technology in the long view. Therefore, the application possibility of the incentive environmental policy instrument was studied in this research to realize the countermeasure for controlling of $SO_2-emissions.$ As a result, enforcement of the countermeasure such as flue gas desulfurizer by command and control would be suitable because power generation is performed by the public or for the public in source of air pollution and thus, economic principle is not applied to the polluter. In the source of industrial pollution, enforcement of fuel tax is found to be suitable for the countermeasure for the use of low sulfur oil in terms of the flexibility of demand for the price in the long tenn. For the permissible air pollution standards applicable to all air pollutant emitting facilities, enforcement of incentive environmental policy such as bubble, off-set, banking policy or tradeable emission penn its would be ideal in long terms according to the regional characteristics and the number and scale of air pollutant emitting facilities.

A Universal Model for Policy-Based Access Control-enabled Ubiquitous Computing

  • Jing Yixin;Kim, Jin-Hyung;Jeong, Dong-Won
    • Journal of Information Processing Systems
    • /
    • v.2 no.1
    • /
    • pp.28-33
    • /
    • 2006
  • The initial research of Task Computing in the ubiquitous computing (UbiComp) environment revealed the need for access control of services. Context-awareness of service requests in ubiquitous computing necessitates a well-designed model to enable effective and adaptive invocation. However, nowadays little work is being undertaken on service access control under the UbiComp environment, which makes the exposed service suffer from the problem of ill-use. One of the research focuses is how to handle the access to the resources over the network. Policy-Based Access Control is an access control method. It adopts a security policy to evaluate requests for resources but has a light-weight combination of the resources. Motivated by the problem above, we propose a universal model and an algorithm to enhance service access control in UbiComp. We detail the architecture of the model and present the access control implementation.

Exploring the Causal Structure of Adolescent Media Addiction and Policy Intervention

  • Hwang, In Young;Park, Jeong Hun
    • International Journal of Contents
    • /
    • v.12 no.4
    • /
    • pp.69-75
    • /
    • 2016
  • Adolescent media addiction has emerged as an important social agenda in Korea. However, there has not been enough discussion on the causal structure of media addiction and policy interventions. The objective of this study is to identify and assess the mechanism of the existing and the revised Shutdown policy based on the systems thinking approach. To achieve this purpose, we establish the relationship between media usage, flow, and addiction, and develop a causal loop diagram. Based on the causal loop diagram, we explore the causal structure of two policy scenarios: shutdown policy and deregulation. Our study suggests that policy interventions inducing direct parental control on children's media usage time are ineffective since the time control reduces children's autonomy, which helps alleviate media addiction. Therefore, this study suggests that policy intervention should focus on alleviating addiction itself rather than on controlling media usage time.

A Simulation Study for Inventory Policies in a Multi-Echelon Supply Chain (다단계 공급체인에서 재고정책들에 대한 시뮬레이션 연구)

  • 김흥남;박양병
    • Journal of the Korea Society for Simulation
    • /
    • v.10 no.1
    • /
    • pp.35-50
    • /
    • 2001
  • Managing multi-echelon inventory systems has gained importance over the last decade mainly because integrated control of supply chains consisting of several processing and distribution stages has become feasible through modern information technology. Determination of optimal inventory policy for multi-echelon supply chain is made difficult by the complex interaction between the different levels. In this paper, we investigate performance of five inventory policies (fixed quantity order policy, fixed interval order policy, compromised order policy, lead time-fixed quantity order policy, and mixed order policy) in a multi-echelon supply chain by using a simulation model constructed with AweSim simulation language. The results of the simulation study show that the mixed order policy is the best among five inventory policies in the most test problems except the case when the stockout cost per unit is much higher than the inventory holding and transportation costs per unit.

  • PDF

An Analysis of M/G/1 System with N and T-Policy (N-정책과 T-정책이 적용되는 M/G/1 시스템의 분석)

  • Hur, Sun;Lee, Hun-Gyu;Kim, Jong-Soo
    • Journal of Korean Institute of Industrial Engineers
    • /
    • v.26 no.2
    • /
    • pp.81-87
    • /
    • 2000
  • As for M/G/1 queueing system, we use various control policies, with which we can optimize the system. Up to now the most widely adopted policies are N-Policy, T-Policy, D-Policy, and so on. The existing researches are largely concerned to find an optimal operation condition or to optimize the system under single policy in M/G/1 system. There are, however, few literatures dealing with multiple control policies at once to enhance the flexibility of the model. In this study, we consider M/G/1 system adopting N-Policy and T-Policy simultaneously. If one of two conditions is satisfied, then, the server starts the service. We call this Min(N,T)-Policy. We find the probability distribution of the number of customers and mean waiting time in steady state and derive a cost function. Next, we seek the $N^*$, optimal threshold under various N values. Finally, we reveal the characteristics of cost function.

  • PDF

Access Control for Secure Access Path (안전한 접근 경로를 보장하기 위한 접근 제어)

  • Kim, Hyun-Bae
    • Journal of The Korean Association of Information Education
    • /
    • v.1 no.2
    • /
    • pp.57-66
    • /
    • 1997
  • The primary purpose of security mechanisms in a computer systems is to control the access to information. There are two types of access control mechanisms to be used typically. One is discretionary access control(DAC) and another is mandatory access control(MAC). In this study an access control mechanism is introduced for secure access path in security system. The security policy of this access control is that no disclosure of information and no unauthorized modification of information. To make this access control correspond to security policy, we introduce three properties; read, write and create.

  • PDF