• Title/Summary/Keyword: IM-ACM

Search Result 2, Processing Time 0.016 seconds

An Architecture of Access Control Model for Preventing Illegal Information Leakage by Insider (내부자의 불법적 정보 유출 차단을 위한 접근통제 모델 설계)

  • Eom, Jung-Ho;Park, Seon-Ho;Chung, Tai-M.
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.5
    • /
    • pp.59-67
    • /
    • 2010

  • In the paper, we proposed an IM-ACM(Insider Misuse-Access Control Model) for preventing illegal information leakage by insider who exploits his legal rights in the ubiquitous computing environment. The IM-ACM can monitor whether insider uses data rightly using misuse monitor add to CA-TRBAC(Context Aware-Task Role Based Access Control) which permits access authorization according to user role, context role, task and entity's security attributes. It is difficult to prevent information leakage by insider because of access to legal rights, a wealth of knowledge about the system. The IM-ACM can prevent the information flow between objects which have the different security levels using context role and security attributes and prevent an insider misuse by misuse monitor which comparing an insider actual processing behavior to an insider possible work process pattern drawing on the current defined profile of insider's process.

  • https://doi.org/10.13089/JKIISC.2010.20.5.59 인용 PDF KSCI HTML

An Architecture of a Dynamic Cyber Attack Tree: Attributes Approach (능동적인 사이버 공격 트리 설계: 애트리뷰트 접근)

  • Eom, Jung-Ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.3
    • /
    • pp.67-74
    • /
    • 2011

  • In this paper, we presented a dynamic cyber attack tree which can describe an attack scenario flexibly for an active cyber attack model could be detected complex and transformed attack method. An attack tree provides a formal and methodical route of describing the security safeguard on varying attacks against network system. The existent attack tree can describe attack scenario as using vertex, edge and composition. But an attack tree has the limitations to express complex and new attack due to the restriction of attack tree's attributes. We solved the limitations of the existent attack tree as adding an threat occurrence probability and 2 components of composition in the attributes. Firstly, we improved the flexibility to describe complex and transformed attack method, and reduced the ambiguity of attack sequence, as reinforcing composition. And we can identify the risk level of attack at each attack phase from child node to parent node as adding an threat occurrence probability.

  • https://doi.org/10.13089/JKIISC.2011.21.3.67 인용 PDF KSCI HTML