• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.261-273
• /
• 2019

Recently, with the development of IT technology, there is an increasing interest in cloud services as the number of users using mobile devices such as mobile phones and tablets is increasing. However, there is a need for techniques to control or control various methods of accessing data as the user's service demands increase. In this paper, we propose a dual key based user authentication model that improves the user 's authentication efficiency by using two keys (secret key and access control key) to access the users accessing various services provided in the cloud environment. In the proposed model, the operation process and the function are divided through the sequence diagram of the algorithms (key generation, user authentication, permission class permission, etc.) for controlling the access right of the user with dual keys. In the proposed model, two keys are used for user authentication and service authorization class to solve various security problems in the cloud service. In particular, the proposed model is one of the most important features in that the algorithm responsible for access control of the user determines the service class of the user according to the authority, thereby shortening the management process so that the cloud administrator can manage the service access permission information of the user.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.4C
• /
• pp.296-304
• /
• 2005

ATCoP(Abnormal traffic controller based on prediction) is presented to securely support reliable Internet service and to guarantee network survivability, which is deployed in Internet access point. ATCoP is a method to control abnormal traffic that is entering into the network When unknown attack generates excessive traffic, service survivability is guaranteed by giving the priority to normal traffic than abnormal traffic, that is reserving some channels for normal traffic. If the reserved channel number increases, abnormal traffic has lower quality service by ATCoP system and then its service survivability becomes worse. As an analytic result, the proposed scheme maintains the blocking probability of normal traffic on the predefined level in the specific interval of input traffic.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.10A
• /
• pp.941-949
• /
• 2007

By the newly emerging Network access technology, we face the new heterogeneous network environment. The required level of service quality and diversity are now multiplied by the increment of wireless service subscribers. Focusing on the co-existence of multiple access network technology and the complex service needs of users, the wireless service operators should present the stable service quality for every user. The service operators should build the new operation framework which combines the pre-established networks and newly adopted ones. Our problem is finding the optimal heterogeneous network operation framework. We suggest a market-based marginal cost function for evaluating the relative value of resource of each network and develop the whole new heterogeneous network operation framework.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.1
• /
• pp.13-22
• /
• 2010

In this paper, we propose a management system for positioning and indicating the surveyed control point using RFID and UMPC. This system is composed of digital control point, management system and application. The digital control point transmits information of the surveyed control point and the management system receives the data from the digital control points and manages the scattered digital control points. The system offers three services for managing the surveyed control point. The first service is control point monitoring service for identifying the change of location, locating the missing control point and the second service is control point search service notifying selected control point to user, and the third service is control point land management service for editing the control point information in the land. Therefore, this system makes it easy for administrators to access the control point information of the scattered surveyed control point through the country and enhances the managing efficiency.

• 한국정보통신설비학회:학술대회논문집
• /
• 2009.08a
• /
• pp.208-210
• /
• 2009

Currently, Wireless LAN(WLAN) service is widely deployed to provide high speed wireless Internet access through the mobile stations such as notebook and PDA. To provide enhanced security and user access control in the public WLAN area, WLAN access points should have the capability of IEEE 802.1x-based user authentication and authorization functionality. In this paper, we provide a brief understanding of IEEE 802.1x standards and related protocols like EAPOL(Extended Authentication Protocol Over LAN), EAP, RADIUS and describe how the IEEE 802.1x is designed and implemented in our embedded linux-based WLAN AP which is named i-WiNG. (Intelligent Wireless Internet Gateway). For the network security and user authenti -cation purposes, a supplicant who wants to access Internet should be authorized to access the AP port using the EAPOL.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.3
• /
• pp.9-18
• /
• 2008

Mobile devices do not need the fixed network infrastructure in ad-hoc network, these devices communicate each other through the distributed control. Accordingly, mobile devices can discover several services using dynamic searching method and provide safely public ownership of these services. Ad-hoc network needs the distributed control and topology of dynamic network because the limited power for processing and network communication. This paper is devoted to provide the secure protocol that provides efficient services discovery using SDP(Service Discovery Protocol) and considers the security requirements. Proposed protocol provides the distributed control based on PKI without central server, the discovery of trusted service, secure telecommunication, the identification among mobile devices, and service access control by user authority.

• Speech Sciences
• /
• v.14 no.4
• /
• pp.169-178
• /
• 2007

This thesis describes the development of a service system for small-sized shops which support not only music broadcasting, but editing and generating voice announcement using the TTS(Text-To-Speech) technology. The system has been developed based on web environments with an easy access whenever and wherever it is needed. The system is able to control the sound using silverlight media player based on the ASP .NET 2.0 technology without any additional application software. Use of the Ajax control allows for multiple users to get the maximum load when needed. TTS is built in the server side so that the service can be provided without user's computer. Due to convenience and usefulness of the system, the business sector can provide better service to many shops. Further additional functions such as statistical analysis will undoubtedly help shop management provide desirable services.

• Convergence Security Journal
• /
• v.21 no.2
• /
• pp.3-10
• /
• 2021

Nowadays, data-based scientific research is a trend, and the transmission of large amounts of data has a great influence on research productivity. To solve this problem, a separate network structure for transmitting large-scale scientific big data is required. ScienceDMZ is a network structure designed to transmit such scientific big data. In such a network configuration, it is essential to establish an access control list(ACL) for users and resources. In this paper, we describe the R&E Together project and the network structure implemented in the actual ScienceDMZ network structure, and define users and services to which access control policies are applied for safe data transmission and service provision. In addition, it presents a method for the network administrator to apply the access control policy to all network resources and users collectively, and through this, it was possible to achieve automation of the application of the access control policy.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.56 no.11
• /
• pp.1903-1909
• /
• 2007

As the electric power industry has been revolutionarily transformed such that the distributed energy resources have been interconnected with power systems and a variety of energy service providers have been appeared, the need of Consumer Energy Portal as a core of two-way communication and service infrastructure between power suppliers and consumers has been gradually increased. Consumer Energy Portal can be thought of as a combination of hardware and software enabling two-way communication between energy service providers and equipment within the consumers' premises or a physical and logical link between consumers' in-building networks and wide-area access networks. In other words, Consumer Energy Portal can make the way the power industry has been traditionally operated the web-based way, enabling two-way interactions between energy service providers and consumers and mutual networking between end users' equipment. Thus, Consumer Energy Portal can be a kind of Service portal that provides new value-added services and efficient power operations that in the past. In this paper, for ESPs' integrated resources management, demand side management and value-added service provision, we have established the two-way access network that can gather real-time metering data using ZigBee technology and control physically networked equipment.

• International Journal of Computer Science & Network Security
• /
• v.24 no.7
• /
• pp.123-127
• /
• 2024

Cloud computing services has gained increasing popularity in recent years for supporting various on demand and scalable services for IT consumers where there is a need of less investment towards infrastructure. While storage architecture of cloud enjoys a more robust and fault-tolerant cloud computing network, such architecture also poses a number of security challenges especially when applied in applications related to social networks, Financial transactions, etc. First, as data are stored and maintained by individual virtual machines so Cloud resources are prone to hijacked. Such attacks allow attackers to create, modify and delete machine images, and change administrative passwords and settings successfully. hence, it is significantly harder to ensure data security. Second, Due to dynamic and shared nature of the Cloud, data may be compromised in many ways. Last but not least, Service hijacking may lead to redirect client to an illegitimate website. User accounts and service instances could in turn make a new base for attackers. To address the above challenges, we propose in this paper a distributed data access control scheme that is able to fulfil fine-grained access control over cloud data and is resilient against strong attacks such as compromise and user colluding. The proposed framework exploits a novel cryptographic primitive called attribute-based encryption (ABE), tailors, and adapts it for cloud computing with respect to security requirements