• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2019.05a
• /
• pp.564-565
• /
• 2019

The Internet of Things technology is regarded as the next major technology that will be the driving force behind the fourth industrial revolution. The characteristics of entities for Internet of Things application are changing more actively and actively, requiring a more detailed approach, but existing access control technologies are designed around users, requiring access control techniques that maintain efficiency and security with less system load to apply complex and variable content. Therefore, research on role-based access controls that are appropriate for Internet of Things entities is essential. In this study, the relevant research for the study of access control of the Internet of Things entities and the RBAC and AC methods that can define the properties of the various entities within the Internet of Things.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.745-756
• /
• 2020

An ICS(industrial control system) is a complex system that safely and efficiently monitors and controls industrial processes such as electric power, water treatment, transportation, automation plants and chemical plants. Because successful cyber attacks targeting ICS can lead to casualties or serious economic losses, it becomes a prime target of hacker groups sponsored by national state. Cyber campaigns such as Stuxnet, Industroyer and TRITON are real examples of successful ICS attacks, and were developed based on the deep knowledge of the target ICS. Therefore, for incident investigation of ICSs, inspectors also need knowledge of control processes and accident investigation techniques specialized for ICSs. Because there is no applicable technology, it is especially necessary to develop techniques and tools for embedded controllers located at cyber and physical boundaries. As the first step in this research, we reviewed logging capability of 4 PLC(Programmable Logic Controller)s widely used in an ICS area, and checked whether selected PLCs generate logs that can be used for digital investigation in the proposed cyber attack scenario.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.17-32
• /
• 2003

The information drive of the businesses requires new alternatives in that the promotion of business efficiency through information process technologies ends up conflicting with the protection of information human rights on laborers' side. Nevertheless, apathy on information protection has a tendency to be distorted by the efficiency of the businesses. Should the capital and mass media warn economic red lights, political circles with uneasiness would ignore the significance of information protection on the behalf of business efficiency. Therefore, the importance of information protection is considered a smaller interest than that of business efficiency with the infringements of human rights on laborers' side arising. Informatization of the businesses along with the developments of information process technologies has enabled the management to monitor and control the behaviors of laborers. This new problem needs to establish both information protection mechanism and institutional devices to regulate those labor controls. The security of business activity without human rights infringement warrants both basic rights of the public and spirit of the Constitution. The study suggests the establishment and revision of laws suitable to the period of information human rights. On top of that, the establishment of the basic law for information protection of individuals' with the common principle that integrates the related laws and rules on-off line is needed. This will warrant the active participation of labor unions and create specific alternatives for information protection.

• Journal of KIISE:Databases
• /
• v.34 no.1
• /
• pp.1-17
• /
• 2007

As XML is becoming a de facto standard for distribution and sharing of information, the need for an efficient yet secure access of XML data has become very important. To enforce the fine-level granularity requirement, authorization models for regulating access to XML documents use XPath which is a standard for specifying parts of XML data and a suitable language for both query processing. An access control environment for XML documents and some techniques to deal with authorization priorities and conflict resolution issues are proposed. Despite this, relatively little work has been done to enforce access controls particularly for XML databases in the case of query access. Developing an efficient mechanism for XML databases to control query-based access is therefore the central theme of this paper. This work is a proposal for an efficient yet secure XML access control system. The basic idea utilized is that a user query interaction with only necessary access control rules is modified to an alternative form which is guaranteed to have no access violations using tree-aware metadata of XML schemes and set operators supported by XPath 2.0. The scheme can be applied to any XML database management system and has several advantages over other suggested schemes. These include implementation easiness, small execution time overhead, fine-grained controls, and safe and correct query modification. The experimental results clearly demonstrate the efficiency of the approach.

• Pediatric Gastroenterology, Hepatology & Nutrition
• /
• v.23 no.5
• /
• pp.447-456
• /
• 2020

Purpose: Food insecurity, which is the inability to obtain food or inadequate food consumption in terms of quality and quantity, has physical and psychological consequences on children's health. This study aimed to investigate the relationship between children's growth disorders and food insecurity in Qazvin city, Iran. Methods: A case-control study was conducted on 177 cases and 355 controls of children aged 3 to 6 years, who were referred to health centers in Qazvin city. The case group consisted of children with growth disorders. Data were obtained with the 18-item US Department of Agriculture questionnaire, a household socioeconomic questionnaire, a and growth monitoring card. The data were analyzed with using IBM SPSS Version 22.0, by independent sample t-test, chi-square test, and logistic regression. Results: A significant relationship was found between children's growth disorders and household food insecurity with (p<0.05, odds ratio [OR]=17.0, confidence interval [CI]=5.9, 48.8) and without hunger (p<0.05, OR=2.69, CI=1.4, 4.9). There were also significant relationships between children's growth disorders and socioeconomic status (p<0.05, OR=3.4, CI=1.4, 8.5), the duration of breastfeeding (p<0.05, OR=0.94, CI=0.9, 0.98), and children's ages (p<0.05, OR=0.94, CI=0.92, 0.96). Sex and birth order, and the age of the parents was not found to be significantly related with growth disorders. Conclusion: Lower socioeconomic status and household food insecurity were the important predictors of children's growth disorders. Policymakers should focus more on promoting steady employment and income among family members. Nutritional education for mothers is also recommended, in order to better meet the nutritional needs of the children.

• The Journal of the Korea Contents Association
• /
• v.15 no.1
• /
• pp.132-139
• /
• 2015

The tourism police force has been established on 16th October 2013 for foreign tourists' safety and security. The major roles of tourism police officers were provided a crime prevention patrol and maintenance of order in tourist destination, a clampdown on illegal activities for foreign tourists, a controlling for overcharging of restaurants accommodations taxi, an administrative guidance and controls on tourism industry and worker in union relative organ like the Ministry of Culture, Sports and Tourism local government. However, the roles of tourism police officers overlap the work of general police officers and work of tourism police officers need a cooperative business with relative organs. It is caused a role ambiguity conflict between tourism police officers and general police officers. The object of this study is to improve the tourism police system through investigate a perceived gap of role ambiguity conflict between tourism police officers and general police officers and influencing relationship of role ambiguity conflict between job Satisfaction and job Performance.

• Culinary science and hospitality research
• /
• v.7 no.3
• /
• pp.13-34
• /
• 2001

The case which it contracts with the dynamic result measurement system when actual outsourcing evaluation measurement is composed and then one result standard between the service supplier and the user is set, which owns jointly the expense which is reduced from that or the benefit which is created from that is increasing In the conclusion, for outsourcing management strategy of domestic foodservice industry in order to succeed, first it is accurate and examined that for what and how outsourcing should be introduced and as a result, what kind of result can be raised from that result\ulcorner Food service industry should be outsourced if you want to make more many investment in better humane resources, food & beverage-goods-security and education to provide eating-out service out of various business in food industry. When considering the actuality of the domestic foodservice industry that time it is appropriate, it sees. The foreign-brand goods which is introduced in the country are being executing in the 1ink of part management strategy. One of the most influential factor of domestic foodservice industry's management pressure is overspent management expenses, Does the namely expenses preparation effect reach which degree\ulcorner what kind of method can most decrease these expenses\ulcorner Doing grows the success and failure of the Korean foodservice industry controls result with the fact that it will operate with a big variable sees. The background which the domestic foodservice industry should introduce inevitably the outsiurcing system is to develop continuously nation foodservice industry in the way of cost curtailment of food-material, a labor cost curtailment with efficient application and synergic effect like specialty manpower utilization. The kindred competitive enterprises gradually concentrate management resource to the point ability from the present point of view which is increasing and a strategy position they secure, to prepare a competitive power, what sees it is important national industry must prepare a new paradigm. It is important to measure the result based on sales accomplishment in operation system dimension, and it is more important to appropriately apply regard of the evaluation measurement

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.11
• /
• pp.163-171
• /
• 2010

RBAC(Role-Based Access Control) has advantages in managing access controls, because it offers the role inheritance and separation of duty in role hierarchy structures. Delegation is a mechanism of assigning access rights to a user. RBDM0 and RDM2000 models deal with user-to-user delegation. The unit of delegation in them is a role. However, RBAC does not process delegation of Role or Permission effectively that occurs frequently in the real world. This paper proposes a Time Constraints Permission-Based Delegation Model(TCPBDM) that guarantees permanency of delegated permissions and does not violate security principle of least privilege and separation of duty. TCPBDM, based on the well-known RBAC96, supports both user-to-user and role-to-role delegation with time constraints. A delegator can give permission to a specific person, that is delegatee, and the permission can be withdrawn whenever the delegator wants. Our model is analyzed and shown to be effective in the present paper.

• Journal of the Korea Society for Simulation
• /
• v.23 no.4
• /
• pp.181-188
• /
• 2014

Heterogeneous physical systems and computational devices are incorporated on a large-scale in a CPS (cyber-physical system) environment. Simulations can be useful for the reliable behaviors of CPSs. Time synchronization is one of major technical issues for the simulations. In the CPS, distributed systems control themselves by interacting with each other during runtime. When some simulation models have high complexity, wrong control commands as well as incorrect data can be exchanged due to the time error. We propose a time synchronization algorithm for the hybrid model that has characteristics of both continuous time systems and discrete event systems. In addition, we develop a CPS simulator based on our algorithm. For the verification of the algorithm and the execution of the simulator, we develop an example hybrid model and simulate considering user controls as well as interactions among the distributed systems.

• The KIPS Transactions:PartC
• /
• v.16C no.1
• /
• pp.21-26
• /
• 2009

Presently, the demand for IPTV, to satisfy a variety of goals, is exploding. IPTV is coming into the spotlight as a killer application in upcoming IP convergence networks such as triple play which is the delivery of voice, internet, and video service to a subscriber. IPTV utilizes CAS, which controls the subscriber access to content for a profit. Although the current CAS scheme provides access control via subscriber authentication, there is no authentication scheme for the content transmitted from service providers. Thus, there is a vulnerability of security, through which an adversary can forge content between the service provider and subscribers and distribute malicious content to subscribers. In this paper, based on a hash tree scheme, we proposed efficient and strong source authentication protocols which remove the vulnerability of the current IPTV system. We also evaluate our protocol from a view of IPTV requirements.