• Journal of Information Processing Systems
• /
• v.2 no.1
• /
• pp.28-33
• /
• 2006

The initial research of Task Computing in the ubiquitous computing (UbiComp) environment revealed the need for access control of services. Context-awareness of service requests in ubiquitous computing necessitates a well-designed model to enable effective and adaptive invocation. However, nowadays little work is being undertaken on service access control under the UbiComp environment, which makes the exposed service suffer from the problem of ill-use. One of the research focuses is how to handle the access to the resources over the network. Policy-Based Access Control is an access control method. It adopts a security policy to evaluate requests for resources but has a light-weight combination of the resources. Motivated by the problem above, we propose a universal model and an algorithm to enhance service access control in UbiComp. We detail the architecture of the model and present the access control implementation.

• Journal of information and communication convergence engineering
• /
• v.15 no.1
• /
• pp.28-36
• /
• 2017

The medium access control (MAC) protocol based on dynamic time division multiple access/time division duplex (TDMA/TDD) is responsible for random access control and radio resource allocation in dynamic traffic environments. These functions of random access and resource allocation are very important to prevent wastage of resources and improve MAC performance according to various network conditions. In this paper, we propose new random access and resource allocation schemes to guarantee quality of service (QoS) and provide priority services in a dynamic TDMA/TDD system. First, for the QoS guarantee, we propose an adaptive random access and resource allocation scheme by introducing an access probability. Second, for providing priority service, we propose a priority-based random access and resource allocation scheme by extending the first adaptive scheme in both a centralized and a distributed manner. The analysis and simulation results show that the proposed MAC protocol outperforms the legacy MAC protocol using a simple binary exponential backoff algorithm, and provides good differential performance according to priorities with respect to the throughput and delay.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.9A
• /
• pp.762-771
• /
• 2005

In this paper, an efficient Adaptive quality-of-service (QoS) traffic control scheme with priority scheduling is proposed for the multimedia traffic transmission over wireless access networks. The objective of the proposed adaptive QoS control (AQC) scheme is to realize end-to-end QoS, to be scalable without the excess signaling process, and to adapt dynamically to the network traffic state according to traffic flow characteristics. Here, the reservation scheme can be used over the wireless access network in order to get the per-flow guarantees necessary for implementation of some kinds of multimedia applications. The AQC model is based on both differentiated service model with different lier hop behaviors and priority scheduling one. It consists of several various routers, access points, and bandwidth broker and adopts the IEEE 802.1 le wireless radio technique for wireless access interface. The AQC scheme includes queue management and packet scheduler to transmit class-based packets with different per hop behaviors (PHBs). Simulation results demonstrate effectiveness of the proposed AQC scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1523-1545
• /
• 2019

Cloud computing is now a widespread and economical option when data owners need to outsource or share their data. Designing secure and efficient data access control mechanism is one of the most challenging issues in cloud storage service. Anonymous broadcast encryption is a promising solution for its advantages in the respects of computation cost and communication overload. We bring forward an efficient anonymous identity-based broadcast encryption construction combined its application to the data access control mechanism in cloud storage service. The lengths for public parameters, user private key and ciphertext in the proposed scheme are all constant. Compared with the existing schemes, in terms of encrypting and decrypting computation cost, the construction of our scheme is more efficient. Furthermore, the proposed scheme is proved to achieve adaptive security against chosen-ciphertext attack adversaries in the standard model. Therefore, the proposed scheme is feasible for the system of data access control in cloud storage service.

• ETRI Journal
• /
• v.28 no.3
• /
• pp.311-319
• /
• 2006

This paper presents a terminal-assisted frame-based packet reservation multiple access (TAF-PRMA) protocol, which optimizes random access control between heterogeneous traffic aiming at more efficient voice/data integrated services in dynamic reservation TDMA-based broadband access networks. In order to achieve a differentiated quality-of-service (QoS) guarantee for individual service plus maximal system resource utilization, TAF-PRMA independently controls the random access parameters such as the lengths of the access regions dedicated to respective service traffic and the corresponding permission probabilities, on a frame-by-frame basis. In addition, we have adopted a terminal-assisted random access mechanism where the voice terminal readjusts a global permission probability from the central controller in order to handle the 'fair access' issue resulting from distributed queuing problems inherent in the access network. Our extensive simulation results indicate that TAF-PRMA achieves significant improvements in terms of voice capacity, delay, and fairness over most of the existing medium access control (MAC) schemes for integrated services.

• Journal of Internet Computing and Services
• /
• v.17 no.5
• /
• pp.9-16
• /
• 2016

Pervasive computing and Internet of Things (IoT) have recently received considerable interest to deploy solutions for the future Internet. Smart environments are integrated with Semantic Web to provide context-awareness to the processed information. Self-learning techniques have been adopted within smart solutions for efficient retrieval of data but do not process data with privacy parameters for in-place authorization. To overcome this issue, we present a novel approach of deploying access control as a service mechanism within Semantic Web based smart environment by using eXtensible Access Control Markup Language (XACML). The proposed XACML as a Service (XACMLaaS) approach offers fine-grained access control for protecting information within smart environment. In this paper, we have defined mathematical rules for each components of proposed access control service layer. These rules are for implementation of access control using XACML. The proposed approach allows the adaptation of authorization of information at component level and provides scalable solution for authorization policies and rule enforcement within smart environment.

• KSCI Review
• /
• v.14 no.2
• /
• pp.109-115
• /
• 2006

In this paper, we proposed service security model and remote management service on OSGi computing environment. The model is used to make access control decisions like permission-based security inside the java2 platform. In model, policies are defined using a flat text file and include bundles. It method granted flexibility and extendability of access control of bundles and services. Also, we proposed service architecture efficiently for remote management service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.2
• /
• pp.37-52
• /
• 2005

Traditional access control models like role-based access control model are insufficient in security needs in ubiquitous computing environment because they take no thought of access control based on user's context or environment condition. In these days, although researches on context-aware access control using user's context or environment conditions based on role-based access control are emerged, they are on the primary stage. We present context definitions md an access control model to provide more flexible and dynamic context-aware access control based on role-based access control. Specially, we describe the conflict problems occurred in the middle of making an access decision. After classifying the conflict problems, we show some resolutions to solve them. In conclusion, we will lay the foundations of the development of security policy and model assuring right user of right object(or resource) and application service through pre-defined context and context classification in ubiquitous computing environments. Beyond the simplicity of access to objects by authorized users, we assure that user can access to the object, resource, or service anywhere and anytime according to right context.

• Journal of Digital Contents Society
• /
• v.1 no.1
• /
• pp.23-37
• /
• 2000

EDI is basically the concept of computer-to-computer exchange of messages relating to various types of activities or business areas, such as banking, trade, medicine, publishing, etc. Therefore, security, reliability and special functionality will be implicit requirements of EDI systems. We will design access control model to content security of these requirements. Access controls in information systems are responsible for ensuring that all direct access to the entities occur exclusively according to the access modes and rules fixed by security policies. On this paper, security policies for access control model are presented from the viewpoints of identity-based, rule-based, role-based policy. We give a design of access control model for secure EDI service based on the derived access control rules and operations to enforce the defined security policies. The proposed access control model provides integrity, confidentiality and a flow control of EDI messages.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.59-74
• /
• 2014

The social network service is a online service letting users express the personality and enhancing the human network. However, these features result in side effects which diffuse personal information and make users access to treacherous information. Therefore, various access control models have been proposed. However, the access control mechanisms which encrypt data are only able to be applied for controlling access from direct node, and the access control mechanisms without data encryption allow service provider to access all the information. Moreover, both mechanisms do not consider dynamic changes in reliability of the users. In this paper, we propose relationship-based dynamic access control model including encryption of sensitive data, which consider the characteristics of SNS and improves the security of SNS.