• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.37-45
• /
• 2003

Role-based Access Control(RBAC) model has advantage of easy management of access control with constraints such as permission inheritance and separation of duty in role hierarchy. However, previous RBAC studies could not properly reflect the real-world organization structure with its role hierarchy. User who is a member of senior role can perform all permissions because senior role inherits all permissions of junior roles in the role hierarchy. Therefore there is a possibility for senior role members to abuse permissions due to violation of the least privilege principle. In this paper, we present a new model of role hierarchy, which restricts the unconditional permission inheritance. In the proposed model, a role is divided into sub roles(unconditional inheritance. restricted inheritance, private role), keeping organization structure in corporate environment. With restricted inheritance, the proposed model prevents permission abuse by specifying the degree of inheritance in role hierarchy.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.12 no.4
• /
• pp.328-333
• /
• 2002

The deeper the hierarchy of a inheritance structure is, the better the reusability of the structure is, but the more difficult the understandability and the maintainability of it is. On the contrary, the shallower the hierarchy is, the worse the abstraction of the inheritance structure is, but the better the understandability and modifiability of it is. Therefore, it is to be desired that a deep hierarchy of a inheritance structure should be split to be shallow for the maintainability of a system. This paper proposed a complexity metric that is based on DIT and NOC of Chidamber and Kemerer, and solved the ambiguity of the metrics of them, which was pointed out by Li. The metric is a simple and heuristic one for measuring the complexity of class inheritance structures by considering the number of ancestor classes and descendant classes and the depth of inheritance hierarchy. This provides a quantitative information for assessing the complexity of a inheritance structure in splitting it.

• Journal of Internet Computing and Services
• /
• v.19 no.5
• /
• pp.107-113
• /
• 2018

Object-oriented databases (OODBs) canbe used for many non-traditional database application areas such as computer-aided design, etc. Usually those application areas require advanced modeling power for expressing complicated relationships among data sets. OODBs have more distinguished features than the traditional relational database systems. One of the distinguished characteristics of OODBs is class hierarchy (also called inheritance hierarchy). A class hierarchy in an OODB means that a class can hand down the definitions of the class to the subclass of the class. In other words, a class is allowed to inherit the definitions of the class from the superclass. In this paper, we present performance evaluation metrics for class hierarchy in OODBs from a concurrency control perspective. The proposed performance metrics are developed to determine which concurrency control scheme in OODBs can be used for a given class hierarchy. In this study, in order to develop performance metrics, we use class hierarchy structure (both of single inheritance and multiple inheritance), and data access frequency for each class. The proposed performance metrics will be also used to compare performance evaluation for various concurrency control techniques.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.129-138
• /
• 2003

Role-Based Access Control(RBAC) model is becoming a promising model for enterprise environments with various organization structures. In terms of role hierarchy, each senior role inherits all the permissions of its junior roles in the role hierarchy, and a user who is a member of senior role is authorized to carry out the inherited permissions as well as his/her own ones. But there is a possibility for senior role members to abuse permissions. Since senior role members need not have all the authority of junior roles in the real world, enterprise environments require a restricted inheritance rather than a unconditional or blocked inheritance. In this paper, we propose a new role-based delegation model using the role hierarchy model with restricted inheritance functionality, in which security administrator can easily control permission inheritance behavior using sub-roles. Also, we describe how role-based user-to-user, role-to-role delegations are accomplished in the model and the characteristics of the proposed role-based delegation model.

• Journal of Korea Multimedia Society
• /
• v.9 no.6
• /
• pp.693-699
• /
• 2006

Object-oriented databases (OODBs) have been adopted for managing non-standard applications such as computer-aided design (CAD), office document management and many multimedia applications. One of the major characteristics of OODBs is class hierarchy where a subclass is allowed to inherit the definitions defined on its superclasses. In this paper, I present the evaluation metrics for class hierarchy quality in OODBs. These metrics are developed to determine if a concurrency control scheme can achieve good performance or not on a given class hierarchy. I first discuss the existing concurrency control schemes for OODBs. Then I provide evaluation metrics based on structural information and access frequency information in class hierarchies. In order to discuss significance of the proposed performance metrics, an analytical model is developed. Analysis results show that the performance metrics are important factor in concurrency control performance. I consider both single inheritance and multiple inheritance. The proposed metrics can be used to provide guidelines on how to design class hierarchy of an OODB for maximizing the performance of concurrency control technique.

• Journal of the Korean association of regional geographers
• /
• v.3 no.2
• /
• pp.105-120
• /
• 1997

One of the most important issues of object-oriented geographical database system is to develop an indexing technique which enables more efficient I/O processing within aggregation hierarchy or inheritance hierarchy. Up to present, several indexing schemes have been developed for this purpose. However, they have separately focused on aggregation hierarchy or inheritance hierarchy of object-oriented data model. A recent research is proposing a nested-inherited index which combines these two hierarchies simultaneously. However, this new index has some weak points. It has high storage costs related to its use of auxiliary index. Also, it cannot clearly represent the inheritance relationship among classes within its index structure. To solve these problems, this thesis proposes a pointer-chain index. Using pointer chain directory, this index composes a hierarchy-typed chain to show the hierarchical relationship among classes within inheritance hierarchy. By doing these, it could fetch the OID list of objects to be retrieved more easily than before. In addition, the pointer chain directory structure could accurately recognize target cases and subclasses and deal with "select-all" typed query without collection of schema semantic information. Also, it could avoid the redundant data storing, which usually happens in the process of using auxiliary index. This study evaluates the performance of pointer chain indexing technique by way of simulation method to compare nested-inherited index. According to this simulation, the pointer chain index is proved to be more efficient with regard to storage cost than nested-inherited index. Especially in terms of retrieval operation, it shows efficient performance to that of nested-inherited index.

• Language and Information
• /
• v.6 no.1
• /
• pp.41-69
• /
• 2002

This paper addresses the issue of constraints on the conversion of the participle II in German, proposing a constraint-based lexical semantic approach. I argue against the widely accepted syntactic view which is based on the dichotomous distinction of intransitive verbs, which has been advanced by the Unaccusative Hypothesis [Perlmutter (1978)]. Several arguments are also given against the semantic view which is based on some aspectual notions such as 'telicity', 'transformativity' or 'terminativity'. The crucial constraints on the conversion of the participle II in German, it is argued, is instead two lexical semantic entailments, movement with a definite change of location and affectedness. These and other lexical semantic entailments in the sense of Dowty (1991) are encoded into the multiple inheritance type hierarchy of qfpsoa. The proposal made in this paper is based on the multiple inheritance hierarchy which is envisaged in a recent framework of head-driven Phrase Structure Grammar.

• Journal of Korea Multimedia Society
• /
• v.9 no.3
• /
• pp.265-278
• /
• 2006

This paper presents a two-dimensional type inheritance hierarchy index(2D-THI) for XML databases. XML Schema is one of schema models for the XML documents supporting. The type inheritance. The conventional indexing techniques for XML databases can not support XML queries on type inheritance hierarchies. We construct a two-dimensional index structure using multidimensional file organizations for supporting type inheritance hierarchy in XML queries. This indexing technique deals with the problem of clustering index entries in the two-dimensional domain space that consists of a key element domain and a type identifier domain based on the user query pattern. This index enhances query performance by adjusting the degree of clustering between the two domains. For performance evaluation, we have compared our proposed 2D-THI with the conventional class hierarchy indexing techniques in object-oriented databases such as CH-index and CG-tree through the cost model. As the result of the performance evaluations, we have verified that our proposed two-dimensional type inheritance indexing technique can efficiently support the query Processing in XML databases according to the query types.

• Journal of KIISE:Software and Applications
• /
• v.29 no.5
• /
• pp.336-344
• /
• 2002

In concurrent object-oriented languages, inheritance and concurrence are the primary features. But concurrent objects and inheritance have conflicting characteristics thereby simultaneously use of them causes the problem, so called inheritance anomaly, which requires code redefinition of inherited methods to maintain integrity of objects. In this paper, to solve this inheritance anomaly without broken of encapsulation, we introduce the state abstraction concept and map internal states of the encapsulated object into abstract slates. And also, we design the inheritance interface for efficient inheritance. Through the inheritance interface containing abstract state set, though redefinition of the method is incurred, we can remove the influence of other classes in inheritance hierarchy. And also, we can solve the inheritance anomaly problems.

• Journal of Korea Multimedia Society
• /
• v.10 no.9
• /
• pp.1093-1105
• /
• 2007

This paper presents a multidimensional type inheritance indexing technique (MD-TIX) for XML databases. We use a multidimensional file organization as the index structure. In conventional XML database indexing techniques using one-dimensional index structures, they do not efficiently handle complex queries involving both nested elements and type inheritance hierarchies. We extend a two-dimensional type hierarchy indexing technique(2D-THI) for indexing the nested elements of XML databases. 2D-THI is an indexing scheme that deals with the problem of clustering elements in a two-dimensional domain space consisting of the key value domain and the type identifier domain for indexing a simple element in a type hierarchy. In our extended scheme, we handle the clustering of the index entries in a multidimensional domain space consisting of a key value domain and multiple type identifier domains that include one type identifier domain per type hierarchy on a path expression. This scheme efficiently supports queries that involve search conditions on the nested element represented by an extended path expression. An extended path expression is a path expression in which every type hierarchy on a path can be substituted by an individual type or a subtype hierarchy.