• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.05a
• /
• pp.781-784
• /
• 2009

IPTV, which is convergence of Communication and Broadcasting, has improved quickly recently. This service can provide high quality and various services to their customers, such as choosing channels freely, VOD and many kinds of Interactive service. As the technology of IPTV rapid development, more and more people worry about its disadvantages during the spread and apply, for instance, the illegal application, illegal copy, access authority abuse and the danger of the IPTV contents. This paper will provide the solution to solve these problems, through the Public Key Certificate of PKI(Public Key Infrastructure) and the Attribute Certificate of PMI(Privilege Management Infrastructure).

• Journal of Internet Computing and Services
• /
• v.6 no.5
• /
• pp.1-9
• /
• 2005

In a role based access control through attribute certificate, the use of role assignment certificates and role specification certificates can reduce management cost and the overhead incurred by changing roles, Highly distributed computing environments such as ubiquitous computing environments not having global or broad control. need another attribute certificate management technique, Actually just having role specification certificate separately reduce management cost, But for better performance we structure role specification, We group roles and make the role group relation tree, It results secure and efficient role renewing and distribution, For scalable role specification certificate distribution, the multicasting of packets is used, We take into account the packet lass and quantify performance enhancements of structuring role specification certificates.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.679-681
• /
• 2003

최근 인터넷과 무선통신의 발전으로 많은 외부 클라이언트들이 학교나 공공기관 같은 내부 네트워크를 사용하게 되었다. 이러한 클라이언트들은 내부 네트워크를 사용하게 되면서 여러 가지 서비스를 받기 위해 다양한 서비스의 위치정보를 검색하는데 사용되는 프로토콜인 SLP(Service Location Protocol)를 사용한다. 이 때 악의를 가진 클라이언트가 SLP(Service Location Protocol)를 이용해 서비스 리스트를 얻어 자신이 내부 네트워크의 모든 자원을 사용할 수 있게 만드는 것과 같은 악의적인 행동을 할 수 있는 문제점이 있다. 본 논문은 이러한 문제점을 해결하기 위해 PMI(Privilege Management Infrastructure)를 이용하여 내부 네트워크에 들어온 외부 클라이언트에 관해 내부 서비스에 대한 권한을 설정하고자 하는 방안을 제안하고자 한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.607-609
• /
• 2002

권한관리 기반구조(PMI)는 사용자의 권한 속성을 관리하기 위한 인프라로서 인가서비스를 제공한다. 전자상거래의 활성화와 더불어 인증, 기밀성, 무결성, 부인 방지 둥의 보안 서비스의 필요성은 이미 중요하게 부각되어 왔다. 공개키 암호 기술은 이러한 보안 서비스의 제공에 핵심이 되었고, 이를 지원하기 위한 공개키 기반구조(PKI)가 주요 인프라로 제시되었다. 특히, 응용들에게 있어서 PKI는 인중서비스를 위한 필수 요소가 되었다. 그러나, 보안 서비스로서 사용자들의 권한인가에 대한 인가서비스의 중요성이 증가함에 따라 권한 관리에 대한 연구가 활발해져 오고 있다. 이에 대한 해결방안으로 제시되고 있는 PMI 솔루션은 이미 네트웍상의 보안서비스를 위한 필수 요소로 인식되고 있다. 본 논문은 이러한 PMI 구축의 실례로서 ETRI에서 개발하고 있는 I-PMI를 소개한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.59-67
• /
• 2003

PMI(Privilege Management Infrastructure) certificates as well as Public-Key certificates must be validated before being used. Validation for a PMI certificate requires PMI certificate path validation, and PKC(Public-Key Certificate) path validations for each entity in the PMI certificate path. This validation work is quite complex and burdened to PMI certificate verifiers. Therefore, this paper suggests a delegated PMI certificate validation that uses specialized validation server, and defines a validation protocol which is used between validation server and client.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.31-45
• /
• 2004

Public Key Infrastructure(PKI) provides a strong authentication. Privilege Management Infrastructure(PMI) as a new technology can provide user's attribute information. The main function of PMI is to give more specified authority and role to user. To authenticate net and role, we have used digital signature. Role Based Access Control(RBAC) is implemented by digital signature. RBAC provides some flexibility for security management. NEIS(National Education Information System) can not always provide satisfied quality of security management. The main idea of the proposed RNEIS(Roll Based NEIS) is that user's role is stored in AC, access control decisions are driven by authentication policy and role. Security manager enables user to refer to the role stored in user's AC, admits access control and suggests DB encryption by digital signature.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.15-24
• /
• 2004

Electronic commerce is widely used with the development of information communication technologies in internet using public key certificates. And the study for access control in Web application and DB system is also progressed actively. There are many verification method for PKC(Public Key Certificates), which are CRL, OCSP, SCVP and others. But their certificates verification methods for PKC cannot to be applied to PMI(Privilege Management Infrastructure) which is using AC(Attribute certificates) because of synchronization of PKC and AC. It is because AC has no public key, AC Verifier must get the PKC and verify the validity on PKC and AC. So in this paper we proposed the new AC-based certificate verification model. which provide the synchronization in two certificates(AC and PKC).

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.4
• /
• pp.975-983
• /
• 1998

In these days, information communication systems are based on both open distributed computing technologies and object-oriented techniques like inheritance, encapsulation and object reuse to support various system configuration and application. As information systems are interconnected through unsecure networks, the need for the secure information exchange is more critical than before. In this paper, we have designed and implemented a transparent CORBA-basce Security infrastructure with authentication, security context association, access control and security information management to support a secure applications in distributed object environment. SESAME Ver. 4 was adopted as an external security service to manage user privilege attributes and to distribute keys for data encryption, decryption and integrity. Using filter and transformer with an interface to Object Request Broker, it provides a transparent security service to applications. The filter objects are special classes that allow additional parameters to be inserted into messages before they are sent and removed just after they are received. The transformer objects are special classes that allow direct access to the byte stream of every messages for encryption and decryption before it is sent and just after it is received. This study is to implement the access control interceptor(ACI) and the secure invocation interceptor(SII) of secure ORB defined in CORBA using filter and transformer.

• Asia-Pacific Journal of Business Venturing and Entrepreneurship
• /
• v.7 no.2
• /
• pp.177-187
• /
• 2012

Franchising has long been an effective form of distribution that is used primarily by manufacturers whose product lines are especially suited exclusive or highly selective distribution. By IFA(International Franchise Association), franchising is defined as a continuing relationship in which the franchisor provides a licensed privilege to do business, plus assistance in organizing, training, merchandising, and management in return for a consideration from the franchisee. Thus franchising is a method for the owner(franchisor) of product, service, or method to obtain retail or wholesale distribution through licensed, affiliated dealers(franchisees). With rapid increase of franchising industry globally, franchising industry is very rapidly increasing especially in the sector of outdoor restaurant industry in Korea. But there are many problems to be settled for promoting this industry. For example, the industry is too much lean outdoor restaurant industry. With franchisors' short history and lack of management capacity, shortage of distribution infrastructure, smaller size of franchising system, and low trust between franchisor and franchisee, and so on, the industry has many barriers to overcome for promoting it. Here we are suggesting that taxation benefaction, monetary support for the starting franchisee, establishment of fair trade principle, promoting information system and professional human resource should be needed.