• The Journal of the Korea Contents Association
• /
• v.15 no.5
• /
• pp.27-35
• /
• 2015

Depending on the smart device user growth and development of communication technology, the area about working environment was extended without constraints of time and places. It is introducing to work using user's devices and this environment is called 'BYOD(Bring Your On Device)'. But it is vulnerable to security threat that happened in existing wireless environment and its security threat issue which is caused by inside information leak by an inside job and lost or stolen terminal which is caused by careless user is getting heated. So we studied about access control protocol by user rights under the BYOD situation make a session key based on the user information. We make a session key based on the user information and user device information, after that we design an access control protocol. The protocol we suggest can protect from attack under the BYOD situation and wireless communication situation and also safety and security requirement from inside information leak because it controls user rights.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.303-306
• /
• 2011

System solutions for access control to the user's personal when you want to authenticate to the system is used. The valid user is really just a part of authorized users, the suitability of a valid user has been authenticated are not sure whether the problem is the fact. For example, one developer in the Unix operating system can be valid, but do not have permission to access the system should be limited for. In this paper, a single account for multiple users to use the system operational issues to improve the fine-grained delegation of authority, the session audit, the administrator account's policy-based management, with full rights the administrator account of distribution management and auditing the system overall is the study of access control measures.

• The KIPS Transactions:PartC
• /
• v.12C no.5 s.101
• /
• pp.643-648
• /
• 2005

Intranet system for use within an organization, usually a corporation, is to basically pass through user authentication, but information can be leaked, modified, and deleted by malevolent users who disguise an authorized user or due to user's mistakes in using various functions of web browser. Thus, there is a need for measures to protect the information from illegal use, transformation through partial modification, and illegal leakage such as fraudulent use. This paper presents a flexible Web Security Access Control system based ACM which Provide efficient suity Policy to Protect information in intranet. This Web Security Access Control system not only enhances security by Performing encryption/decryption of information in intranet but also, for sharing confidential information among departments, performs effective and useful access control by assigning different authority to the secured web page. And, by controlling the functions of client PC in various ways, information leakage on malicious purpose or by mistake can be prevented.

• The KIPS Transactions:PartC
• /
• v.10C no.4
• /
• pp.387-396
• /
• 2003

Many studies have been done on secure kernel and encryption filesystem for system security. Secure kernel can protect user or system data from unauthorized and/or illegal accesses by applying various access control policy like ACL, MAC, RBAC and so on, but cannot protect user or system data from stealing backup media or disk itself. In addition to access control policy, there are many studies on encryption filesystem that encrypt file data within system level. However few studies have been done on combining access control policy and encryption filesystem. In this paper we proposed a new encryption filesystem that provides a transparency to the user by integrating encryption service into virtual filesystem layer within secure kernel that has various access control policies. Proposed encryption filesystem can provide a simple encryption key management architecture by using encryption keys based on classes of MAC policy and overcome a limit of physical data security of access control policy for stealing.

• International journal of advanced smart convergence
• /
• v.5 no.3
• /
• pp.66-71
• /
• 2016

Smart building gate security control system using smartphone integrated with near field communication (NFC) has become part of daily life usage these days. The technology change in replacing RF NFC device using visible light communication technology based approach growing faster in recent days. This paper propose a design and development of gate security control system using color code based user authentication ID generation as part of an intelligent access control system to control automatic door open and close. In this approach gate security access control use the recent visible light communication technology trends to transfer the user specific authentication code to door access control system using color code on smartphone screen. Using a camera in the door access control system (ACS), color codes on smartphone screens are detected and matched to the database of authenticated user to open the door automatically in gate security system. We measure the visual light communication technology efficiency as a part of the research and the experiments have revealed that more than 95% users authenticated correctly at the suggested experiment environment on gate security control system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.11
• /
• pp.4331-4346
• /
• 2015

The femtocell network, which is designed for low power transmission and consists of consumer installed small base stations, coexists with macrocells to exploit spatial reuse gain. For its realization, cross-tier interference mitigation is an important issue. To solve this problem, we propose a joint access and power control scheme that requires limited information exchange between the femto and macro networks. Our objective is to maximize the network throughput while satisfying each user's quality of service (QoS) requirement. To accomplish this, we first introduce two distributed interference detection schemes, i.e., the femto base station and macro user equipment based schemes. Then, the proposed scheme dynamically adjusts the transmission power and makes a decision on the access mode of each femto base station. Through extensive simulations, we show that the proposed scheme outperforms earlier works in terms of the throughput and outage probability.

• 한국정보통신설비학회:학술대회논문집
• /
• 2009.08a
• /
• pp.208-210
• /
• 2009

Currently, Wireless LAN(WLAN) service is widely deployed to provide high speed wireless Internet access through the mobile stations such as notebook and PDA. To provide enhanced security and user access control in the public WLAN area, WLAN access points should have the capability of IEEE 802.1x-based user authentication and authorization functionality. In this paper, we provide a brief understanding of IEEE 802.1x standards and related protocols like EAPOL(Extended Authentication Protocol Over LAN), EAP, RADIUS and describe how the IEEE 802.1x is designed and implemented in our embedded linux-based WLAN AP which is named i-WiNG. (Intelligent Wireless Internet Gateway). For the network security and user authenti -cation purposes, a supplicant who wants to access Internet should be authorized to access the AP port using the EAPOL.

• KIPS Transactions on Software and Data Engineering
• /
• v.4 no.9
• /
• pp.409-418
• /
• 2015

In order to delivery of the correct information in IoT environment, it is important to deduce collected information according to a user's situation and to create a new information. In this paper, we propose a control access scheme of information through context-aware to protect sensitive information in IoT environment. It focuses on the access rights management to grant access in consideration of the user's situation, and constrains(access control policy) the access of the data stored in network of unauthorized users. To this end, after analysis of the existing research 'CP-ABE-based on context information access control scheme', then include dynamic conditions in the range of status information, finally we propose a access control policy reflecting the extended multi-dimensional context attribute. Proposed in this paper, access control policy considering the dynamic conditions is designed to suit for IoT sensor fusion environment. Therefore, comparing the existing studies, there are advantages it make a possible to ensure the variety and accuracy of data, and to extend the existing context properties.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.8
• /
• pp.67-76
• /
• 2019

Along with the diversification of digital content services using wired/wireless networks, the market for the construction of base systems is growing rapidly. Cloud computing services are recognized for a reasonable cost of service and superior system operations. Cloud computing is convenient as far as system construction and maintenance are concerned; however, owing to the security risks associated with the system construction of actual cloud computing service, the ICT(Information and Communications Technologies) market is lacking regardless of its many advantages. In this paper, we conducted an experiment on a cloud computing security enhancement model to strengthen the security aspect of cloud computing and provide convenient services to the users. The objective of this study is to provide secure services for system operation and management while providing convenient services to the users. For secure and convenient cloud computing, a single sign-on (SSO) technique and a system access control technique are proposed. For user authentication using SSO, a security level is established for each user to facilitate the access to the system, thereby designing the system in such a manner that the rights to access resources of the accessed system are not abused. Furthermore, using a user authentication ticket, various systems can be accessed without a reauthorization process. Applying the security technique to protect the entire process of requesting, issuing, and using a ticket against external security threats, the proposed technique facilitates secure cloud computing service.

• Journal of the Semiconductor & Display Technology
• /
• v.17 no.1
• /
• pp.12-20
• /
• 2018

Recently, web-based service software has been used as to combine various information or to share information according to the needs of users and the convergence of specialized fields and individual dependent systems. According to the necessity of the user, the proper service environment and the selective service environment according to the purpose and the needs of the user have been studied in a variety of specialized and combined professional research fields and industries. Software based on cloud systems and web services is being used as a tool for appropriate group and user groups and roles. A service system combined dynamically needs a module to manage a user through internal logic and grant a service access authentication. Therefore, it has been considered various approaches that a user who accesses the system is given a service access authority for a certain period of time. Also, when the deadline is over, the authority that you are given to access system will go through the process of expire the right. In this paper, we define the roles of users who access web services, manage user rights according to each role, and provide appropriate service resources to users according to their rights and session information. We analyzed the procedure of constructing the algorithm for the service according to the procedure of each user accessing the web service, granting the service resource and constructing a new role.