• Journal of Advanced Navigation Technology
• /
• v.12 no.5
• /
• pp.470-482
• /
• 2008

This paper propose role base access control model that use context information for ubiquitous environment. Concept of access control that use context information assigns permission that can approach in some information or object in part. And do so that can assigned user in part to it and acquire permission. So it can approach in information or object. Therefore, user approaches in information or object in assigned role, and the role that is allocated ro own is having. So, do so that can secure information or utilization of object safety. Proposa1 model investigated lacking restriction item in GEO-RBAC model. So, it considered that present new restriction condition and role conflict in various case. Also, to GEO-RBAC model proposed suitable model, analyzed old model's advantage, shortcoming. And it presented proposal model to GEO-RBAC because improving this.

• The KIPS Transactions:PartD
• /
• v.10D no.2
• /
• pp.337-342
• /
• 2003

In this paper, a web based remote control system located at too dangerous field to access for the worker. The system was designed and implemented for three-dimensional stereo camera connected to web server which can be controlled easily by client side person working in the safe monitoring room. The user in the client side can control the vergence/focus control and zoom-in/out and pan/tilt functions through an user interface. The user interface for remote control environment was designed and implemented with Java applet mechanism, and was tested the operation result of the system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.3
• /
• pp.1315-1329
• /
• 2018

Ciphertext-policy attribute-based encryption (CP-ABE) associates ciphertext with access policies. Only when the user's attributes satisfy the ciphertext's policy, they can be capable to decrypt the ciphertext. Expressivity and security are the two directions for the research of CP-ABE. Most of the existing schemes only consider monotonic access structures are selectively secure, resulting in lower expressivity and lower security. Therefore, fully secure CP-ABE schemes with non-monotonic access structure are desired. In the existing fully secure non-monotonic access structure CP-ABE schemes, the attributes that are set is bounded and a one-use constraint is required by these projects on attributes, and efficiency will be lost. In this paper, to overcome the flaw referred to above, we propose a new fully secure non-monotonic access structure CP-ABE. Our proposition enforces no constraints on the scale of the attributes that are set and permits attributes' unrestricted utilization. Furthermore, the scheme's public parameters are composed of a constant number of group elements. We further compare the performance of our scheme with former non-monotonic access structure ABE schemes. It is shown that our scheme has relatively lower computation cost and stronger security.

• KIPS Transactions on Software and Data Engineering
• /
• v.9 no.11
• /
• pp.351-356
• /
• 2020

With the spread of COVID-19 infections, the need for next-generation learning management system for undact education is rapidly increasing, and the Ministry of Education is planning future education through the establishment of fourth-generation NEIS. If the fourth-generation NEIS System is well utilized, there are advantages such as providing personalized education services and activating the use of educational data, but a solution to the illegal access problem in an access control environment where strict authorization is difficult due to various user rights. In this paper, we propose a blockchain-based access control audit system for next-generation learning management. Sensitive personal information is encrypted and stored using the proposed system, and when the auditor performs an audit later, a secret key for decryption is issued to ensure auditing. In addition, in order to prevent modification and deletion of stored log information, log information was stored in the blockchain to ensure stability. In this paper, a hierarchical ID-based encryption and a private blockchain are used so that higher-level institutions such as the Ministry of Education can hierarchically manage the access rights of each institution.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.11
• /
• pp.73-80
• /
• 2023

In this paper, a technology to protect important information from access in order to revitalize the cloud service market. A technology is proposed to solve the risk of leakage of important confidential and personal information stored in cloud systems, which is one of the various obstacles to the cloud service market. To protect important information, access control rights to cloud resources are granted to cloud service providers and general users. The system administrator has superuser authority to maintain and manage the system. Client computing services are managed by an external cloud service provider, and information is also stored in an external system. To protect important in-house information within the company, all users, it was designed to provide access authority with users including cloud service providers, only after they are authenticated. It is expected that the confidentiality of cloud computing resources and service reliability achieved through the proposed access control technology will contribute to revitalizing the cloud service market.

• Journal of KIISE:Databases
• /
• v.34 no.1
• /
• pp.1-17
• /
• 2007

As XML is becoming a de facto standard for distribution and sharing of information, the need for an efficient yet secure access of XML data has become very important. To enforce the fine-level granularity requirement, authorization models for regulating access to XML documents use XPath which is a standard for specifying parts of XML data and a suitable language for both query processing. An access control environment for XML documents and some techniques to deal with authorization priorities and conflict resolution issues are proposed. Despite this, relatively little work has been done to enforce access controls particularly for XML databases in the case of query access. Developing an efficient mechanism for XML databases to control query-based access is therefore the central theme of this paper. This work is a proposal for an efficient yet secure XML access control system. The basic idea utilized is that a user query interaction with only necessary access control rules is modified to an alternative form which is guaranteed to have no access violations using tree-aware metadata of XML schemes and set operators supported by XPath 2.0. The scheme can be applied to any XML database management system and has several advantages over other suggested schemes. These include implementation easiness, small execution time overhead, fine-grained controls, and safe and correct query modification. The experimental results clearly demonstrate the efficiency of the approach.

• Journal of Multimedia Information System
• /
• v.1 no.1
• /
• pp.23-43
• /
• 2014

With the rapidity of the development on electronic technology, various mobile devices are produced to make human life more convenient. The user is always in constant search of middle with ease of deployment. Therefore, the development of infrastructure and application with ubiquitous nature gets a growing keen interest. Recently, the number of pervasive network services is expanding into ubiquitous computing environment. To get desired services, user presents personal details about this identity, location and private information. The information transmitted and the services provided in pervasive computing environments (PCEs) are exposed to eavesdropping and various attacks. Therefore, the need to protect this environment from illegal accesses has become extremely urgent. In this paper, we propose an anonymous authentication and access control scheme to secure the interaction between mobile users and services in PCEs. The proposed scheme integrates a biometric authentication in PKI model. The proposed authentication aims to secure access remote in PCE for guaranteeing reliability and availability. Our authentication concept can offer pervasive network service users convenience and security.

• Journal of Internet Computing and Services
• /
• v.9 no.4
• /
• pp.69-77
• /
• 2008

I propose adding users’Media Access Control (MAC) addresses to standard X.509 certificates to provide more secure authentication. The MAC address can be added by the issuing Certification Authority (CA) to the "extensions" section of the X.509 certificate. I demonstrate that when two users with MAC address information on their digital certificates communicate, the MAC address on the first user’s certificate can be easily verified by the second user. In this way, security can be improved without markedly degrading system performance and the level of initial trust between participants in virtual communities will be improved.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.2
• /
• pp.57-66
• /
• 2008

There have been proposed various copyright protection protocols in network-based digital multimedia distribution framework. However, most of conventional copyright protection protocols are focused on the stability of copyright information embedding/extracting and the access control to data suitable for user's authority but overlooked the privacy of copyright owner and user in authentication process of copyright and access information. In this paper, we propose a solution that builds a privacy-preserving proof of copyright ownership of digital contents in conjunction with keyword search scheme. The appeal of our proposal is three-fold: (1) content providers maintain stable copyright ownership in the distribution of digital contents; (2) the proof process of digital contents ownership is very secure in the view of preserving privacy; (3) the proposed protocol is the copyright protection protocol added by indexing process but is balanced privacy and efficiency concerns for its practical use.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.3-10
• /
• 2004

A Wireless Lan has an importance of access control, because we can use wireless Internet via AP(Access Point). Moreover, to use wireless LAN, we will go through authentication process of EAP. DoS(Denial of Service) attack is one of the fatal attack about these AP access and authentication process. That is, if malicious attacker keeps away access of AP or consumes memory of server and calculation ability of CPU and etc. compulsorily in authentication process, legal user can't get any services. In this paper, we presents the way of protection against the each attack that is classified into access control, allocation of resource, attack on authentication protocol. The first thing, attack to access control, is improved by pre-verification and the parameter of security level. The second, attack of allocation of resource, is done by partial stateless protocol. And the weak of protocol is done by time-stamp and parameter of access limitation.