• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.129-138
• /
• 2003

Role-Based Access Control(RBAC) model is becoming a promising model for enterprise environments with various organization structures. In terms of role hierarchy, each senior role inherits all the permissions of its junior roles in the role hierarchy, and a user who is a member of senior role is authorized to carry out the inherited permissions as well as his/her own ones. But there is a possibility for senior role members to abuse permissions. Since senior role members need not have all the authority of junior roles in the real world, enterprise environments require a restricted inheritance rather than a unconditional or blocked inheritance. In this paper, we propose a new role-based delegation model using the role hierarchy model with restricted inheritance functionality, in which security administrator can easily control permission inheritance behavior using sub-roles. Also, we describe how role-based user-to-user, role-to-role delegations are accomplished in the model and the characteristics of the proposed role-based delegation model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1103-1113
• /
• 2020

Hospitals store and manage personal and health information through the electronic medical record (EMR). However, vulnerabilities and threats are increasing with the provision of various services for information sharing in hospitals. Therefore, in this paper, we propose a model to prevent personal information leakage due to the transmission of patient information in EMR. A method for granting permission to securely receive and transmit patient information from hospitals where patient medical records are stored is proposed using OAuth authorization tokens. A protocol was proposed to enable secure information delivery by applying and delivering the record access restrictions desired by the patient to the OAuth Token. OAuth Delegation Token can be delivered by writing the authority, scope, and time of destruction to view patient information.This prevents the illegal collection of patient information and prevents the leakage of personal information that may occur during the delivery process.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.12
• /
• pp.267-279
• /
• 2023

The objective of this paper is to examine the legal framework governing the import and export of grain in China, a pivotal factor in shaping policies aimed at stabilizing South Korea's foreign trade and grain imports. Through this analysis, it is observed that China's foreign trade system, governed by the Foreign Trade Act, exhibits a notable absence of clear delineation regarding the scope and responsibility for the delegation of authority to foreign trade management agencies. In contrast, Korea's Foreign Trade Law, along with its enforcement decree and management regulations, explicitly outlines the scope and responsibilities pertaining to the delegation of authority to foreign trade management. However, in the case of China's revised Foreign Trade Law, there exists a lack of precision in specifying the delegation of authority to foreign trade management. This creates a potential for discretionary intervention by local governments or other administrative bodies. While China's legal system concerning grain imports and exports aligns with WTO regulations in its institutional framework, attention is warranted due to the vagueness in laws or regulations, as well as the presence of irrational and non-transparent procedures during system operation. As conclusion remarks, while China's legal structure related to grain imports and exports conforms to WTO guidelines overall, the identified issues such as legal ambiguity and non-transparent procedures underscore the need for caution. To safeguard against potential challenges in future trade interactions with China, proactive measures are crucial to address these concerns.

• The Journal of the Korea Contents Association
• /
• v.20 no.5
• /
• pp.476-499
• /
• 2020

The impacts of internal marketing in the security firms have not been studied much. This study analyzes the impact of internal marketing on job satisfaction, job commitment, customer orientation, and job performance for the security firm's branches using multiple mediation model which differs from simple mediation model. The data were collected from 263 employees of securities firm's branches in Seoul, Busan and other Korean metropolitan cities. The research hypothesis was validated by the tools of SPSS 22.0 and AMOS 22.0. The results are as follows. First, among the internal marketing factors, delegation of authority, reward systems and education training had a significant effect on job satisfaction. And internal communications were shown to have a significant effect on job commitment and customer orientation. Second, job satisfaction have a significant direct impact on the job commitment, customer orientation. And customer orientation have direct impact on the job performance. Also, delegation of authority and reward systems were found to have a significant indirect effect on the job performance in mediation of job satisfaction and customer orientation. These results imply that internal marketing factors affect job performance mainly through the mediation of job satisfaction, job orientation and that specially delegation of authority and reward system affect on the performance much, which are different from other industry cases.

• Journal of the Korea Safety Management & Science
• /
• v.9 no.6
• /
• pp.97-103
• /
• 2007

This paper reviewed the relationship among internal marketing, service quality and customer satisfaction, and the mediating effect of service quality. Based on the responses from 163 hotel employees and 489 customers who encountered them, the results of hierarchical regressional analysis showed that all internal marketing factors have positive relationships with service quality, and service quality has positive relationship with customer satisfaction. Also, service quality has mediating effect between four internal marketing factors(education, compensation, delegation of authority, and internal communication) and customer satisfaction.

• The Journal of the Korea Contents Association
• /
• v.16 no.3
• /
• pp.617-629
• /
• 2016

The purpose of this study was to evaluate effects of the confirmed of boss and the organizational effectiveness. For this, The mediating effect of psychological empowerment was verified. on the Influence of Organizational Effectiveness. the confirmed of boss (+)effected of the organizational effectivenes and verified the parameter part of psychological empowerment. Also The confirmed of boss (+)effected of a Junior staff's the job satisfaction and the organizational commitment. This results suggest that for maximization the organizational effectiveness need the confirmed of boss and the delegation of authority. The delegation of authority from boss provide autonomy and creativeity to Junior staffs. This ways suggest that make them the job satisfaction and the organizational commitment.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.1
• /
• pp.167-175
• /
• 2010

Like most large organizations, there are business rules such as 'separation of duty' and 'delegation' which should be considered in access control. From a SOD point of view, previous SOD models built on the (Administrative) Role-Based Access Control model cannot present the best solution to security problems such as information integrity by the limited constituent units such as role hierarchy and role inheritance. Thus, we propose a new integrated management model of administration role-based access control model and SOD policy, which is called the OS-SoDAM. The OS-SoDAM defines the authority range in an organizational structure that is separated from role hierarchy and supports a decentralized security officer-level SOD policy in which a local security officer can freely perform SOD policies within a security officer's authority range without the security officer's intervention.

• The Journal of the Korea Contents Association
• /
• v.13 no.2
• /
• pp.263-276
• /
• 2013

The research analyzed to verify that self-support center employee's internal marketing, social exchange relation and personal characteristic effect on self-support program which is essential to provide job and to progress self-support ability for workable low-income group. The research used questionnaires of 156 substances to analyze in self-support center employee within Gwang-Ju area. The questionnaire was analyzed using statistical package for the social sciences(SPSS) program and it used factor analysis, reliability analysis and especially hierarchical regression multiple analysis for hypothesis test. The result of research that self-support center employee's education, training, delegation of authority and job efficacy effect on maximize business result through mediated effect of emotional immersion. Therefore, the research proposes improvement of self-support center employee's education, training, delegation of authority and job efficacy.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.6
• /
• pp.1-8
• /
• 2019

Medical information is an important personal information for patients, and it must be protected. In particular, when medical personnel approach electronic medical records, authentication for enhanced security is essential. However, the existing public certificate-based certification model did not reflect the security characteristics of the electronic medical record(EMR) due to problems such as personal key management and authority delegation. In this study, we propose a fingerprint recognition-based authentication model with enhanced security to solve problems in the approach of the existing electronic medical record system. The proposed authentication model is an EMR system based on fingerprint recognition using PEMS (Private-key Escrow Management Server), which is applied with the private key commission protocol and the private key withdrawal protocol, enabling the problem of personal key management and authority delegation to be resolved at source. The performance experiment of the proposed certification model confirmed that the performance time was improved compared to the existing public certificate-based authentication, and the user's convenience was increased by recognizing fingerprints by replacing the electronic signature password.

• Ocean and Polar Research
• /
• v.25 no.2
• /
• pp.227-235
• /
• 2003

In August 1998, during the resumed fourth session of the Authority, the delegation of the Russian Federation reminded the Assembly that, in addition to polymetallic nodules, other mineral resources existed in the Area, including polymetallic sulphides and cobalt crusts, and requested the Authority to adopt rules, regulations and procedures for exploration for such resources. Pursuant to article 162, para. 2(o)(ii), of the 1982 UNCLOS, such rules, regulations and procedures are to be adopted within three years of the date of such a request. This article reviewed the 'Draft Rules and Regulations for the Exploration and Exploitation of Sea-Floor Massive Sulphides and Cobat-rich Ferromanganese Crusts in the Area' by ISA in 2001, and the 'Madang Guideline for Offshore Mineral Policy' written in 1999 in respect of the international trends of polymetallic sulphides and cobalt crusts. Issues for size of mining area and relinquishment, application of the site-banking system, procedure for dealing with overlapping claims and precautionary approach etc. for the establishment of the norm of polymetallic sulphides and cobalt crusts are reviewed as consideration factors.