• 제어로봇시스템학회:학술대회논문집
• /
• 제어로봇시스템학회 2004년도 ICCAS
• /
• pp.1350-1354
• /
• 2004

This paper proposes a simple but practically useful model for preventing fraud of users called "ERBAC03". The new model consists of qualified mandatory and discretionary features for roles and locations, including the assignment of permissions for the appropriate roles and the assignment of roles for the appropriate locations. Moreover, a static separation of duty (SSoD) principle is applied to the new model for integrity requirements of security systems. The paper also explores some extensions of ERBAC03 including the new model using the SSoD concept from some experiments. The experimental results prove the efficiency improvement of the proposed model that can make benefits for large enterprises.

• 제어로봇시스템학회:학술대회논문집
• /
• 제어로봇시스템학회 2004년도 ICCAS
• /
• pp.1360-1364
• /
• 2004

This paper propose an extended model for role-permission assignment based on locations called "Enhanced Role-Based Access Control (ERBAC03)". The proposed model is built upon the well-known RBAC model. Assigning permissions to role is considered too complex activity to accomplish directly. Instead we advocate breaking down this process into a number of steps. The concept of jobs and tasks is specifically introduced to facilitate role-permission assignment into a series of smaller steps. This model is suitable for any large organization that has many branches. Each branch consists of many users who work in difference roles. An administration tool has been developed to assist administrators with the administration of separation of duty requirements. It demonstrates how the specification of static requirements can be done based on "conflicting entities" paradigm. Static separation of duty requirements must be enforced in the administration environment. Finally, we illustrate how the ERBAC03 prototype is used to administer the separation of duty requirements.

• 대한전자공학회논문지TE
• /
• 제39권4호
• /
• pp.431-436
• /
• 2002

본 연구에서는 워크플로우 환경에서 정적 및 동적 의무 분리 요구 사항의 명세에 대한 과업 역할 기반 접근제어 모델과 상충하는 엔티티 관리 패러다임의 통합을 통하여 기업 환경에서 접근제어 시행을 위한 개선된 접근제어 모델을 구현한다. 본 논문에서 구현한 확장된 과업 역할기반 접근제어 모델은 워크플로우 지향 과업에 대하여 상충하는 엔티티들을 다룰 수 있고 기업의 특성에 따라서 기업 세션의 분류를 통하여 기업 환경에서 과업에 정교한 의무 분리 정책을 지원할 수 있다.

• 한국정보과학회:학술대회논문집
• /
• 한국정보과학회 2004년도 가을 학술발표논문집 Vol.31 No.2 (1)
• /
• pp.451-453
• /
• 2004

오래 전부터 많은 컴퓨팅 시스템에서 기분적으로 제공되어지는 원리인 임무분리는 중대한 업무를 둘 이상의 사용자에게 나누어줌으로써 단독 사용자가 시스템을 손상시키는 것을 막도록 하는 것이 목적이다. 역할기반 접근통제에서 임무분리 원리를 제공하는 종류로는 정적 임무분리, 동적 임무분리, 기능적 임무분리, 객체기반 임무분리 등이 있다. 여기서 우리는 정적 임무분리를 만족시키는 모델로서 상호 배제 역할 쌍을 이용한 모델과 역할유형을 이용한 모델 그리고 상호 무관 역할 쌍을 이용한 모델을 제안한다

• Korean Journal of Chemical Engineering
• /
• 제35권12호
• /
• pp.2336-2347
• /
• 2018

The azeotrope of methyl acetate methanol and water was isolated using extractive distillation with water as entrainer. The pressure-swing extractive distillation (PSED) process and vapor side-stream distillation column (VSDC) with the rectifier process were designed to separate the methyl acetate, methanol and water mixture. It was revealed that the VSDC with the rectifier process had a reduction in energy consumption than the PSED process. Four control schemes of the two process were investigated: Double temperature control scheme (CS1), $Q_R/F$ feedforward control of reboiler duty scheme for PESD (CS2), $Q_R/F$ feedback control scheme for VSDC (CS3), the feedback control scheme of sensitive plate temperature of side-drawing distillation column to dominate the compressor shaft speed (CS4). Feed flow and composition disturbance were used to evaluate the dynamic performance. As a result, CS4 is a preferable choice for separation of methyl acetate-methanol-water mixture. A control scheme combining the operating parameters of dynamic equipment with the control indicators of static equipment was proposed in this paper. It means using the sensitive plate temperature of side-drawing column to control the compressor shaft speed. This is a new control scheme for extractive distillation.