• The Transactions of the Korea Information Processing Society
• /
• v.7 no.1
• /
• pp.126-134
• /
• 2000

Version control is an application to maintain consistency between different instances of the same document allowing operations such as navigation, differencing, and merging. Most version control systems, however, lack the support of functionality for cooperative writing environment, such as to represent and store the history of the actions of different individuals, to effectively differentiate and merge the individual actions including the text object, and to manage different access privileges for different granularity and individuals. With the help of Activity IDentification (AID) tag and its unique addressing scheme proposed in this paper, differencing and merging become simple and effective. Access and role control is improved by associating the access right table and role assignment in AID scheme also eliminates the requirements for large storage capacity for version information maintenance.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.65
• /
• pp.95-116
• /
• 2015

So far several attempts have been made to digitalizing sea transport documents. Three notable examples are SeaDocs, Bolero, e-B/L Korea and Ess-Databridge. Ess-Databridge was established in 2003, with the aim of promoting the use of electronic alternative to shipping documents. The ESS-Databridge system was piloted from 2005 and went live in January 2010. The ESS-Databridge operates under a private legal outline, the Databridge Services and Users Agreement (DSUA). In the Ess-Databridge system, only the user who is in control of the original bill of lading will be able to indorse it on to another user. Once the indorsement is effected and unless the indorsee decide store turn the documents, the indorser loses control and retains access only to an electronic document marked 'copy' for its records. A feature that appears to have been crucial to the success of the CargoDocs service is that visually, e-B/Ls produced using ESS-Databridge appear identical to the paper documents. The ESS-Databridge may be even more successful if the legislators take certain steps that will increase uniformity and certainty in electronic transport documentation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.149-160
• /
• 2008

As individual users have to provide more information than the minimum for using information communication service, the invasion of privacy of Individual users is increasing. That is why client/server based personal information security platform technologies are being developed such as P3P, EPAL and XACML. By the way enterprises and organizations using primarily role based access control can not use these technologies. because those technologies apply access control policies to individual subjects. In this paper, we suggest an expression language for privacy enhancing role-based access control policy. Suggested privacy enhancing role-based access control policy language model is a variation of XACML which uses matching method and condition, and separately contains elements of role, purpose, and obligation. We suggest policy language model for permission assignment in this paper, shows not only privacy policy scenario with policy document instance, but also request context and response context for helping understanding.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1319-1328
• /
• 2014

While the recent advance in network system has made it easier to collect and process personal information, the loss of customers, financial companies and even nations is getting bigger due to the leakage of personal information. Therefore, it is required to take a measure to prevent additional damage from the illegal use of leakaged personal information. Currently, financial companies use access control in accordance with job title or position on general documents as well as important documents including personal information. Therefore, even if a documents is confidential, it is possible for a person of the same job title or position to access the document properly. This paper propose setting up security grade of documents to improve current access control system. It will help preventing the leakage of personal information.

• Journal of KIISE:Databases
• /
• v.31 no.6
• /
• pp.567-584
• /
• 2004

As XML becomes popular as the way of presenting information on the web, how to secure XML data becomes an important issue. So far study on XML security has focused on security of data communications by using digital sign or encryption technology. But, it now requires not just to communicate secure XML data on communication but also to manage query process to access XML data since XML data becomes more complicated and bigger. We can manage XML data queries by access control technique. Right now current XML data access control only deals with read operation. This approach has no option to process update XML queries. In this paper, we present XML access control model and technique that can support both read and update operations. In this paper, we will propose the operation for XML document update. Also, We will define action type as a new concept to manage authorization information and process update queries. It results in both minimizing access control steps and reducing memory cost. In addition, we can filter queries that have no access rights at the XML data, which it can reduce unnecessary tasks for processing unauthorized query. As a result of the performance evaluation, we show our access control model is proved to be better than other access control model in update query. But it has a little overhead to decide action type in select query.

• The Korean Journal of Archival Studies
• /
• no.38
• /
• pp.3-35
• /
• 2013

The physical access or control of records with material entities is relatively easy. However, in the case of electronic records, due to its heightened applicative aspect that allows anyone with the authority to have access over the data, it requires an appropriate standard and stability to ensure the authenticity and integrity of electronic records. This study performed functional evaluation by extracting the minimum critical items from the national functional requirements documents and standards to explore the access control function that play an important role for the standard records management system to maintain quality requirements of electronic records. Based on this checklist, it evaluates whether the standard records management system properly carries out the access control function and investigates the current condition of application to practical records management work. Records managers generally do not use access control function, which may be because they do not feel the necessity, since the application of records management system is not yet actively promoted. In order for the standard records management system to be developed to become a more active system, it requires system improvement as well as considerations for below factors: First, although the necessity of establishing access control conditions is already recognized, it requires a clear stipulation of the regulation. Second, measures must be taken to implement access control in the records management system through document security solution. Third, it requires self-reflection of records manager, who utilizes the records management system. Instead of placing all responsibility on the National Archives, which established the system, professionals must further develop the system through continuous evaluation and improvement. Finally, a general discussion is required to publicize the issue of functional improvement of records management system. Although there is a bulletin board already created for this purpose, its users are extremely limited and it only deals with current problems. A space in online as well as in offline is required to solve the fundamental problems and exchange opinions.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.1985-1988
• /
• 2003

인터넷 사용자의 급증으로 인해 인터넷 기반 문서 보안을 위한 기존의 HTML에서의 취약점 및 확장성의 증대를 위해서 XML의 필요성이 증대되었다. 객체 지향 개념을 도입한 클라이언트-서버 기반의 환경하에서 차세대 웹 문서를 위한 표준으로서 XML이 탄생하게 되었고 응용 프로그램과 XML 간의 연동이 차기 객체지향 웹 기술을 위한 중요한 이슈로 부상하게 되었다. 본 논문에서는 차세대 웹 표준 언어인 XML을 사용하여 웹 상에서의 공통문서에 대한 사용자별 접근 제어(Access Control) 방법을 제안한다. 제안하는 방법은 다수 사용자가 접근하는 공통문서에 대하여 사용자별로 문서의 일부만을 접근하도록 한다. 이 접근 방법은 간단한 XML 태그를 적용하므로 시스템의 복잡성을 증가시키지 않으며, 또한 문서의 부분 접근 규칙을 가변적으로 변경시키기가 용이하다.

• Transactions of the Korean Society of Machine Tool Engineers
• /
• v.11 no.4
• /
• pp.19-25
• /
• 2002

As computer-related technologies have been developed, legacy design systems have not been appropriate far new computing environment. It is necessary that most of them are either modified or newly developed. However, these activities require quite much amount of cost and time. This paper presents a method of extending legacy design systems to the internet without any modification using XML and XSLT. We have been extended legacy systems in the two viewpoints. First, an XML document has been defined to present the input information of a legacy system which is executed on the consol environment - MS DOS, for example. Also, an XSLT document has been generated to transform an XML document to the input document of the legacy system An XML document is transformed to the input document by XSLT processor according to the transformation rules defined in the XSLT document. This technique to generate input documents is independent to the platform type and facilitates to link legacy systems to other systems. Second, a legacy system controller has been made to control a legacy system and developed a web service to extend it and its controller. The legacy system controller operates it automatically. The web service provides its functions to other systems via internet. We have applied the developed methodologies to the legacy gear design system 조ich calculates AGMA gear rating md made AGMA gem rating web service.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.12B
• /
• pp.1407-1417
• /
• 2009

We propose a e-document management system that can provide segmented page information on a document according to different levels of authority from access control environment. The proposed system creates hierarchy identifier using a one-way hash chain and therefore does not need to own key information for all users as in existing system. Also by creating group keys by compounding hash chain hierarchy identifier with randomly formed group identifier, the system can flexibly respond to dynamic changes from group member movements while at the same time resolving the problems of key formation and management in document encoding technique using symmetric key for each page. Lastly as a result of comparative analysis through an experiment with existing e-document management systems, the proposed system showed superiority in the efficiency of encoding and decoding document and the speed of encoding and decoding by the pages.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.3
• /
• pp.572-580
• /
• 2010

The Wireless Mesh Network uses a wireless communication technology with transmission rates simular to a cable which is used as a backbone networks. The topology structure is in a Mesh form which resembles an Ad-hoc networks. However, a metric is needed in order to set the channel access control method to operate intentions and interior motions are different. In this document, an efficient channel for delivering datas to improve access controls to a wireless mesh networks. The improved performance of the proposed plan is for a hidden and exposed mesh client through an exclusive channels to perform a proposed and analyzed methods.