• The Journal of the Korea Contents Association
• /
• v.9 no.1
• /
• pp.53-60
• /
• 2009

In home network environments, the user authentication and authorization associated user's information and usability may be important security issue. The OSGi service platform, a well-known home network gateway already specifies the mechanism of that. The traditional authority method provided OSGi implements simple RBAC(Role Based Access Control) model. This is difficult to support efficient access control. In this paper, we propose the dynamic RBAC model based on OSGi. The proposed method describes the extended framework that manage two roles named as absolute role and relative role, extend existed framework with relative role and propose programming model to enable dynamic access control. Finally, we implement the proposed framework using AspectJ and Java annotation.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.10
• /
• pp.512-519
• /
• 2005

E-BLP security model considers the reliability of the processes that are real subjects in systems. This paper deals with the implementation of the E-BLP model for secure embedded systems. Implemented EBSM(E-BLP Based Security Module) consists of three components: identification and authentication, access control and BRC(Dynamic Reliability Check) that checks the process behavior dynamically. Access Control of EBSM ensures unreliable processes not to access the sensitive objects and the DRC detects the buffer overflow attack by normal user. Besides, the performance overhead of the embedded system applying the EBSM is introduced.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.19 no.7
• /
• pp.1256-1271
• /
• 1994

In this paper a GFC protocol based on HMR(High-speed Multimedia Ring) with a dynamic quota allocation is proposed and the performance of proposed protocol is evaluated by simulation. The HMR a medium access protocol proposed for Gbit ATM-LAN, can be applied to the GFC protocol without any modification because it uses only 4 bits for medium access of several topologies such as bus, ring and stared-bus, and priority control for satisfaction of different QoS(Quality of Service) requirements. The quota allocation method of HMR called static quota allocation has a problem of excessive access delay for the traffic with high burstness. In this paper a dynamic quota allocation method which allocates quota to the nodes according to the queue length is proposed and the performance of HMR with dynamic quota allocation is evaluated by seven simulation scenarios of CCITT. The HMR with proposed method shows better shows better access delay characteristics than the HMR with static quota allocation. Also the simulation results show that access delay performance of HMR is better than that of ATMR proposed by Japan and is similar to that of DQDB proposed by Australia.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.3 s.35
• /
• pp.119-132
• /
• 2005

The health care system revolutionized by the use of information and communication technologies. Computer information processing and electronic communication technologies play an increasingly important role in the area of health care. We propose a new role based access control model for pervasive health care systems, which changed location, time, environment information. Also our model can be solved the occurrence of an reduction authority problem to pervasive health care system at emergency environment. We propose a new role based access control model for pervasive health care systems, which combines role-to-role delegations, negative permission, context concept and dynamic context aware access control. With out approach we aim to preserver the advantages of RBAC and offer groat flexibility and fine-grained access control in pervasive healthcare information systems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.11
• /
• pp.4331-4346
• /
• 2015

The femtocell network, which is designed for low power transmission and consists of consumer installed small base stations, coexists with macrocells to exploit spatial reuse gain. For its realization, cross-tier interference mitigation is an important issue. To solve this problem, we propose a joint access and power control scheme that requires limited information exchange between the femto and macro networks. Our objective is to maximize the network throughput while satisfying each user's quality of service (QoS) requirement. To accomplish this, we first introduce two distributed interference detection schemes, i.e., the femto base station and macro user equipment based schemes. Then, the proposed scheme dynamically adjusts the transmission power and makes a decision on the access mode of each femto base station. Through extensive simulations, we show that the proposed scheme outperforms earlier works in terms of the throughput and outage probability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.4
• /
• pp.1286-1306
• /
• 2022

Searchable symmetric encryption (SSE) provides a safe and effective solution for retrieving encrypted data on cloud servers. However, the existing SSE schemes mainly focus on single keyword search in single client, which is inefficient for multiple keywords and cannot meet the needs for multiple clients. Considering the above drawbacks, we propose a scheme enabling dynamic multi-client and Boolean query in searchable symmetric encryption for cloud storage system (DMC-SSE). DMC-SSE realizes the fine-grained access control of multi-client in SSE by attribute-based encryption (ABE) and novel access control list (ACL), and supports Boolean query of multiple keywords. In addition, DMC-SSE realizes the full dynamic update of client and file. Compared with the existing multi-client schemes, our scheme has the following advantages: 1) Dynamic. DMC-SSE not only supports the dynamic addition or deletion of multiple clients, but also realizes the dynamic update of files. 2) Non-interactivity. After being authorized, the client can query keywords without the help of the data owner and the data owner can dynamically update client's permissions without requiring the client to stay online. At last, the security analysis and experiments results demonstrate that our scheme is safe and efficient.

• Journal of KIISE:Information Networking
• /
• v.32 no.2
• /
• pp.156-166
• /
• 2005

Ethernet passive optical network is an economical and efficient access network that has received significant research attention in recent years. A MAC(Media Access Control) protocol of PON, the next generation access network, is based on TDMA(Time Division Multiple Access) basically. In this thesis, we addressed the problem of dynamic bandwidth allocation in QoS based Ethernet PONs. We augmented the bandwidth allocation to support QoS in a differentiated services framework. Our differentiated bandwidth guarantee allocation(DBGA) allocates effectively and fairly bandwidths among end users. Moreover, we showed that DBGA that perform weighted bandwidth allocation for high priority packets result in better performance in terms of average and maximum packet delay, as well as network throughput compared with existing dynamic bandwidth allocations. We used simulation experiments to study the performance and validate the effectiveness of the proposed bandwidth allocations.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.9
• /
• pp.131-138
• /
• 2022

In this paper, we propose an FA-RBAC (FA-RBAC) model based on flexible properties. This model is assigned attribute-role-centric, making it easy to manage objects, as efficient as access control, and as the network environment changes, it can provide flexible access control. In addition, fine-grained permissions and simple access control can be achieved while balancing the advantages and disadvantages of the RBAC and ABAC models, reducing the number of access control rules by combining static attribute-based roles and dynamic attribute-based rules, and verifying the validity and performance benefits of the proposed model through comparison analysis and simulation.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.51-54
• /
• 2008

PON(Passive Optical Network) is the promising technology applicable to TPS(Triple Play Service). To improve process the packet, MAC(Multiple Access Control) is the most important technology in the PON. The core of MAC is DBA(Dynamic Bandwidth Assignment), it classifies SR-DBA(Status Report DBA) and NSR-DBA(Non Status Report DBA). But GPON DBA is using BPON's DBA, so it's bad in network efficiency. This study develop BR(Borrow-Refund)-DBA for improve network efficiency and prompt process. For take the gauge of performance evaluation, estimate about throughput, fairness and queue delay in SR-DBA and NSR-DBA environment

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.37 no.1
• /
• pp.32-43
• /
• 2000

In this paper, we investigate the existing medium access control (MAC) protocols to integrate the voice and data services in packet-based CDMA networks and furthermore, propose a new approach to circumvent the operational limits inherent in them. We propose the $P^2R$-CDMA (Prioritized Packet Reservation Code Division Multiple Access) protocol for the uplink in the synchronous multi-code CDMA system, which employs the centralized frame-based slot reservation along with the dynamic slot assignment in the base station using the QoS-oriented dynamic priority of individual terminal. The simulation results show that, as compared with the existing scheme based on the adaptive permission probability control (APC), the proposed approach can significantly improve the system capacity while guaranteeing the real-time requirement of voice service.