• Title/Summary/Keyword: Extranet Access Management

Search Result 3, Processing Time 0.018 seconds

A RBAC-based Access Control Framework in OSGi Service Platform (OSGi 서비스 플랫폼에서 RBAC 기반의 사용자 접근제어 프레임워크)

  • Cho, Eun-Ae;Moon, Chang-Joo;Baik, Doo-Kwon
    • Journal of KIISE:Information Networking
    • /
    • v.34 no.5
    • /
    • pp.405-422
    • /
    • 2007
  • Recently, according to the network environment, there are many researches for home network. Nowadays, in home network, the method that access control policy is managed for each home device by using ACL is popular, and EAM (Extranet access management) is applied as a solution. In addition, the research about secure OS is ongoing based on open operating system and the research of user authentication mechanisms for home network using home server is also in progress. However, these researches have some problems as follows; First, the transmission scope of expected access technology in home network is wide, so unauthenticated outside terminal can access the home network. Second, user is inconvenient because user need to set the necessary information for each device. Third, user privacy and convenience are not considered. OSGi provides a service platform for heterogeneous technologies in home network environment. Here, user access control is one of the core parts which should have no problems such as above items, but there are no concrete researches yet. Thus in this paper, we propose an access control policy management framework and access control operation based on RBAC for user access control in home network environment in which OSGi service platform is operated. First, we list the consideration which is not clearly mentioned in OSGi standard, and then we solve these above problems through new framework. In addition, we propose the effective and economical operation method which reduces the policy change frequency for user access control by using RBAC concept though limited resource of home gateway. Besides, in this paper, these proposed policies are defined separately as user-role assignment policy and permission-role assignment policy, and user decide their own policies. In conclusion, we provide the scheme to enhance the user convenience and to solve the privacy problem.

An integrated approach for identity and access management for efficient administrative work (행정업무 능률향상을 위한 통합 계정 및 접근 관리 방안)

  • Park, Byung-Eon;Yang, Jaesoo;Cho, Seong-Je
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.1
    • /
    • pp.165-172
    • /
    • 2015
  • Recently large amounts of customer information has leaked ranging from public institutions to the large-scale of portals, and similar information leakage incidents owing to the absence of personal information management have subsequently occurred. Therefore, the security infrastructure in which leakage of internal data can be blocked fundamentally is emerging as a key issue. An integrated identity and access management architecture which performs user access and its rights management, authentication and audit of the business systems is more important to improve the efficiency of business. In addition, this approach is emerging as a safe and effective ways for identity and access rights management. In this paper, we analyze how an integrated approach for identity and access management to improve the efficiency of the computational work and to strengthen the security in local government administration should be constructed, and proposed the preferred solution.

A Mechanism for Controlling Accesses Dynamically in Smartwork Environment (스마트워크 환경에서 동적으로 접근 권한을 제어하기 위한 메커니즘)

  • Yoon, Kwansik;Kim, Kangseok;Kim, Ki-Hyung;Yeh, Hongjin
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2012.11a
    • /
    • pp.877-880
    • /
    • 2012
  • 정보통신기술의 발전으로 기업의 내에서만 업무를 하던 시대에서 벗어나 언제 어디서나 손쉽게 업무를 수행할 수 있는 스마트워크 환경이 가능하게 되었다. 특히 모바일 디바이스의 성능 발전과 급속한 보급은 스마트워크를 이용하는 환경이 다양해지는 계기가 되었고 이로 인해 동일한 사용자라 할지라도 스마트워크에 접근하는 방법이나 환경이 동적으로 변경 될 수 있다. 이러한 특성은 보안 위협의 유형도 다양하게 하여 기업 내부의 정보를 보호하기 어렵게 만들었다. 이로 인해 기존의 사용자 정보 중심의 통합 인증 관리시스템인 EAM(Extranet Access Management)만으로 다양한 위협에 대응하기에는 부족하게 되었다. 이에 본 논문에서는 기존 EAM 시스템의 한계를 알아보고 스마트워크 환경에서 사용자 정보 외에 디바이스, 네트워크, 위치 정보를 활용하여 접근 시의 환경에 따라 사용자의 권한도 동적으로 생성하는 방식을 제안한다.