• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.7 s.349
• /
• pp.122-131
• /
• 2006

This paper introduces the security standardization trend and related technology in ITU-T SG 13 Q.15. Q.15 deals with the security requirements and guidelines over NGN(Next Generation Network) release 1. Korea proposes draft recommendation on 'AAA(Authentication, Authorization and Accounting) Service for network access control over NGN' and the procedure of the user authentication for the NGN convergence service terminals.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.910-913
• /
• 2013

현재 스마트 혁명으로 인하여 많은 사용자들이 사용하는 스마트 기기를 기업에서 업무에 활용할 수 있는 환경을 제공하고 있다. 그러나 PC 환경의 문서 보안 솔루션은 사용되고 있는 반면 스마트 기기에 대한 문서 보안 솔루션은 제공되고 있지 않은 상태이다. PC 환경에서 발생하던 내부 문서 유출이 스마트 혁명으로 인해 모바일 환경에서도 발생하게 되었고, 이를 방지하기 위한 보안 솔루션이 필요하게 되었다. 본 논문에서는 안드로이드 환경에서 사용자의 권한에 따라 문서별 접근을 제어하고 사용자의 필요에 따라 프린터서버에 등록되어있는 프린터로 출력을 할 수 있는 모바일 프린팅 보안 솔루션을 구현하였다.

• International Journal of Advanced Culture Technology
• /
• v.9 no.4
• /
• pp.213-218
• /
• 2021

In order to improve the quality of social services, developed countries overseas have introduced authorization or permit system to primary filtering when entering the market that provides social services. However, in Korea, a quality evaluation system for social service quality management has been introduced and implemented, but no significant effect has been achieved so far. Therefore, the purpose of this study is to investigate the relationship between service quality, service satisfaction, and repurchase intention, which are important variables to measure social service quality improvement, and to use it for service quality management. As a result of this study, service quality, service satisfaction, and repurchase intention are important factors for service quality improvement. It is necessary to secure a service provider of and continuous user selection and service quality management are also important.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.9
• /
• pp.2529-2549
• /
• 2023

For effectively lowering down the risk of cyber threating, the zero-trust architecture (ZTA) has been gradually deployed to the fields of smart city, Internet of Things, and cloud computing. The main concept of ZTA is to maintain a distrustful attitude towards all devices, identities, and communication requests, which only offering the minimum access and validity. Unfortunately, adopting the most secure and complex multifactor authentication has brought enterprise and employee a troublesome and unfriendly burden. Thus, authors aim to incorporate machine learning technology to build an employee behavior analysis ZTA. The new framework is characterized by the ability of adjusting the difficulty of identity verification through the user behavioral patterns and the risk degree of the resource. In particular, three key factors, including one-time password, face feature, and authorization code, have been applied to design the adaptive multifactor continuous authentication system. Simulations have demonstrated that the new work can eliminate the necessity of maintaining a heavy authentication and ensure an employee-friendly experience.

• Journal of KIISE:Information Networking
• /
• v.34 no.5
• /
• pp.405-422
• /
• 2007

Recently, according to the network environment, there are many researches for home network. Nowadays, in home network, the method that access control policy is managed for each home device by using ACL is popular, and EAM (Extranet access management) is applied as a solution. In addition, the research about secure OS is ongoing based on open operating system and the research of user authentication mechanisms for home network using home server is also in progress. However, these researches have some problems as follows; First, the transmission scope of expected access technology in home network is wide, so unauthenticated outside terminal can access the home network. Second, user is inconvenient because user need to set the necessary information for each device. Third, user privacy and convenience are not considered. OSGi provides a service platform for heterogeneous technologies in home network environment. Here, user access control is one of the core parts which should have no problems such as above items, but there are no concrete researches yet. Thus in this paper, we propose an access control policy management framework and access control operation based on RBAC for user access control in home network environment in which OSGi service platform is operated. First, we list the consideration which is not clearly mentioned in OSGi standard, and then we solve these above problems through new framework. In addition, we propose the effective and economical operation method which reduces the policy change frequency for user access control by using RBAC concept though limited resource of home gateway. Besides, in this paper, these proposed policies are defined separately as user-role assignment policy and permission-role assignment policy, and user decide their own policies. In conclusion, we provide the scheme to enhance the user convenience and to solve the privacy problem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.261-273
• /
• 2019

Recently, with the development of IT technology, there is an increasing interest in cloud services as the number of users using mobile devices such as mobile phones and tablets is increasing. However, there is a need for techniques to control or control various methods of accessing data as the user's service demands increase. In this paper, we propose a dual key based user authentication model that improves the user 's authentication efficiency by using two keys (secret key and access control key) to access the users accessing various services provided in the cloud environment. In the proposed model, the operation process and the function are divided through the sequence diagram of the algorithms (key generation, user authentication, permission class permission, etc.) for controlling the access right of the user with dual keys. In the proposed model, two keys are used for user authentication and service authorization class to solve various security problems in the cloud service. In particular, the proposed model is one of the most important features in that the algorithm responsible for access control of the user determines the service class of the user according to the authority, thereby shortening the management process so that the cloud administrator can manage the service access permission information of the user.

• Journal of KIISE:Computer Systems and Theory
• /
• v.34 no.1
• /
• pp.1-9
• /
• 2007

At present various methods relating resource access control in grid environment are being studied. Most of the access authorization to grid resource is designed fit to the attributes and the role of user. But resource access control is to be made in the respect of business model to activate grid. Therefore this study suggests a model that can operate resource access control driven by grid accounting information. On the base of collection of accounting information about grid job, processing cost is yielded. If the user's available fund is less than processing cost, it gets to control grid job by the resource access control policy. Finally when grid job is completed, user is assigned to pay the charges for using resource of supplier. Then resource provider gets to supply stable resource in grid by participating it voluntarily to use idle resource. This study is esteemed to realize utility computing environment correspondent to economic principle by ensuring resource access policy of organizations which participate in grid.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2000.10a
• /
• pp.324-327
• /
• 2000

There are developing the World Wide Web systems for their information sharing among certain closed user group. These systems are required five common functions as follows. First, they have to support the web service for Internet users to access easily. Second, Hey have to support the authorization service to confirm the allowed users. Third, they have to support the database service to manage the sharing information among users. Fourth, they have to support the bulletin board service for closed users to discuss. Fifth, they have to support the e-mail service to send e-mail to the certain user subset and mail archive service to save and manage the previous mail information. In this paper, we described the detail function and processing procedure of our implemente system under LINUX operating system. In addition, we described problems occurring in implementation and their solutions.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.224-226
• /
• 2015

Recently, Android-based mobile devices has increased. Thus increasing market share of the Android operating system. However, in the case of the Android operating system, it has the relatively large number of security vulnerabilities Unlike other closed operating systems. Most Android application requires the identity of the mobile device or over-authorization approval. This information can be a security threat. In addition, in the event of a security problem because obtaining the user's consent during the installation of the application is the user responsible. If these problems persist, loss of reliability of the user operating system, as well as to feel a resistance when using an Android application. In this paper, we investigate a security vulnerability in the Android operating system, and proposed countermeasures.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.3C
• /
• pp.426-435
• /
• 2004

The DIAMETER protocol provides Authentication, Authorization, and Accounting (AAA) transactions across the Internet. SIP(Session Initiation Protocol) will be used for new types of signaling, such as instant messaging and application level mobility across networks. And SIP will be a major signaling protocol for next generation wireless networks. But the Digest authentication scheme is not using a secure method of user authentication in SIP, and it is vulnerable to man-in-the-middle attacks or dictionary attacks. This study focused on designing a SIP proxy for interworking with AAA server with respect to user authentication and security analysis. We compared and analyzed the security aspects of the scenarios and propose two proposals that a response which include the user address and password-based mutual authentication and key agreement protocol. It is claimed to be more secure against common attacks than current scenarios.