• Journal of Korea Multimedia Society
• /
• v.8 no.2
• /
• pp.211-224
• /
• 2005

With the wide acceptance of the Internet and the Web, volumes of information and related users have increased and companies have become to need security mechanisms to effectively protect important information for business activities and security problems have become increasingly difficult. This paper proposes a improved access control model for access control enforcement in enterprise environments through the integration of the temporal constraint character of the GT-RBAC model and sub-role hierarchies concept. The proposed model, called Extended GT-RBAC(Extended Generalized Temporal Role Based Access Control) Model, supports characteristics of GTRBAC model such as of temporal constraint, various time-constrained cardinality, control now dependency and separation of duty constraints(SoDs). Also it supports unconditional inheritance based on the degree of inheritance and business characteristics by using sub-roles hierarchies in order to allow expressing access control policies at a finer granularity in corporate enterprise environments.

• Macromolecular Research
• /
• v.14 no.2
• /
• pp.140-145
• /
• 2006

E-science refers to the large-scale science that will increasingly be carried out through distributed global collaborations enabled by the Internet. The Grid is a service-oriented architecture proposed to provide access to very large data collections, very large scale computing resources and remote facilities. Web services, which are server applications, enable online access to service providers. Web portal interfaces can further hide the complexity of accessing facility's services. The main use of synchrotron radiation (SR) facilities by protein crystallographers is to collect the best possible diffraction data for reasonably well defined problems. Significant effort is therefore being made throughout the world to automate SR protein crystallography facilities so scientists can achieve high throughput, even if they are not expert in all the techniques. By applying the above technologies, the e-HTPX project, a distributed computing infrastructure, was designed to help scientists remotely plan, initiate and monitor experiments for protein crystallographic structure determination. A description of both the hardware and control software is given together in this paper.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.4
• /
• pp.1751-1767
• /
• 2016

Home security has become the prime concern for everyone in present scenario. In this work an attempt has been made to develop a home security system which is accessible, affordable and yet effective.The proposed system is based on 'Remote Embedded Control System' (RECS) which works both on the web and gsm platform for authentication and monitoring. This system is therefore cost effective as it relies on existing network infrastructure. As PCA is most popular and efficient algorithm for face recognition, it has been usedin this work. Next to it an interface has been developed for communication purpose in the embedded security system through the ZigBee module. Based on this embedded system, automated control of door movement has been implemented through electromagnetic door lock technology. This helps the users to monitor the real-time activities through web services/SMS. The web service consists of either web browser command or e-mail provision. The system establishes the communication between the system and authenticated user. The e-mail received by the system from the authorized person will monitor and control the real-time operation and door lock. The entire control system is reinforced using ARM1176JZF-S microcontroller and tested for actual use in the home environment. The result shows the experimental verification of the proposed system.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.41 no.1
• /
• pp.45-52
• /
• 2004

With the development of Information Communication Technique, electronic commerce is widely used in Internet using public key certificates. And the study on access control for web server or database server is also progressed actively. In this paper, we analyze the proposed access control method for server and the binding method between public key certificates and attribute certificates using OCSP server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.661-670
• /
• 2023

With the emergence of serverless computing paradigm and the innovations of cloud technology, the structure of backend server infrastructure has evolved from on-premises to container-based serverless computing. However, an access control on the server still heavily relies on the traditional SSH protocol, which poses limitations in terms of security and scalability. This hampers user convenience and productivity in managing server infrastructure. A web shell is an interface that allows easy access to servers and execution of commands from any device with a web browser. While hackers often use it to exploit vulnerabilities in servers, we pay attention to the high portability of web shell technology for server management. This study proposes a novel proxy-based server management framework utilizing web shell technology. Our evaluation demonstrates that the proposed framework addresses the drawbacks of SSH without additional overhead, and efficiently operates large-scale infrastructures in diverse computing environments.

• International Journal of Computer Science & Network Security
• /
• v.24 no.3
• /
• pp.23-28
• /
• 2024

The multi-tenancy and high scalability of the cloud have inspired businesses and organizations across various sectors to adopt and deploy cloud computing. Cloud computing provides cost-effective, reliable, and convenient access to pooled resources, including storage, servers, and networking. Cloud service models, SaaS, PaaS, and IaaS, enable organizations, developers, and end users to access resources, develop and deploy applications, and provide access to pooled computing infrastructure. Despite the benefits, cloud service models are vulnerable to multiple security and privacy attacks and threats. The SaaS layer is on top of the PaaS, and the IaaS is the bottom layer of the model. The software is hosted by a platform offered as a service through an infrastructure provided by a cloud computing provider. The Hypertext Transfer Protocol (HTTP) delivers cloud-based apps through a web browser. The stateless nature of HTTP facilitates session hijacking and related attacks. The Open Web Applications Security Project identifies web apps' most critical security risks as SQL injections, cross-site scripting, sensitive data leakage, lack of functional access control, and broken authentication. The systematic literature review reveals that data security, application-level security, and authentication are the primary security threats in the SaaS model. The recommended solutions to enhance security in SaaS include Elliptic-curve cryptography and Identity-based encryption. Integration and security challenges in PaaS and IaaS can be effectively addressed using well-defined APIs, implementing Service Level Agreements (SLAs), and standard syntax for cloud provisioning.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.3
• /
• pp.251-258
• /
• 2007

With the increase of a web service technology, a new access control mechanism has developed for XML documents. As a result, as legacy access control systems, access control systems has become an active research topic. In this paper, we propose a methodology to translate access control policies for XML documents into formal specification language CSP. To do this, first, we introduce a method to translate a hierarchical access to XML documents using XPath language into CSP process algebra. Second, we explain a method to represent a XML schema as a formal model like automata. Third, we present a method for representing the semantics of access control policies such as the scope of rules and confliction resolution into a process algebra language. Finally, a CSP specification example of an XML schema and path expressions aye shown to illustrate the validity of our approach.

• Journal of Internet Computing and Services
• /
• v.7 no.1
• /
• pp.17-30
• /
• 2006

With the wide acceptance of the Internet and the Web, volumes of information and related users have increased and companies have become to need security mechanisms to effectively protect important information for business activities and security problems have become increasingly difficult. This paper proposes a improved access control model for access control enforcement in enterprise environments through the integration of the temporal constraint character of the GT-RBAC model. sub-role hierarchies concept and PBDM(Permission Based Delegation Model). The proposed model. called Extended GT-RBAC(Extended Generalized Temporal Role Based Access Control) delegation Model. supports characteristics of GTRBAC model such as of temporal constraint, various time-constrained cardinality, control flow dependency and separation of duty constraints (SoDs). Also it supports conditional inheritance based on the degree of inheritance and business characteristics by using sub-roles hierarchies and supports permission based delegation, user to user delegation, role to role delegation, multi-step delegation and temporal delegation by using PBDM.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10c
• /
• pp.562-564
• /
• 2004

WebDAV(Web-based Distributed Authoring and Versioning)는 웹 통신 프로토콜로서 인터넷을 통하여 다양한 콘텐츠의 비동기적인 협업 저작을 지원한다. 따라서 WebDAV를 지원하는 다양한 종류의 서버들은 상호간의 협업 작업이 가능하다. 특히 WebDAV의 접근 제어 프로토콜은 특정 자원에 대한 접근 제어 권한을 정의하기 위하여 표준 Privilege들을 정의하고 있다. 본 논문에서는 웹기반 협업시스템의 핵심 기능인 팀 작업장과 공개 작업장의 자원에 접근할 때, 사용자의 권한과 작업장의 특성 그리고 자원의 특징에 따라 접근 제어 관리를 할 수 있도록 접근 제어 기법을 설계하였다. 특히 공개 작업장은 파일 올리기만 가능한 작업장, 내려받기만 가능한 작업장, 올리기/내려받기 가능한 작업장과 같이 성격이 다양하다. 이를 지원하기 위하여 작업장내 파일에 대한 접근 권한을 구체적으로 설계함으로써 협업작업을 체계적이고 안정적으로 지원할 수 있다.

• Proceedings of the KIEE Conference
• /
• summer
• /
• pp.85-87
• /
• 2004

Supervisory control and data acquisition (SCADA) systems are essential parts of power system which employ a wide range of computers and communication technologies. The traditional SCADA system is mainly for information exchange in only one company, and the information is provided only to the operator or administrator. But in the deregulated environment, we need much more information, which can be exchanged among different companies. With the rapid development of internet, we can use it to access information easily. This paper proposes web technologies to be applied in power system in order to display some important information through accessing data from database, and to realize the real time control of the substation. The functions of SCADA system will be implemented by a set of Web-based components. The monitoring and control of standard 154[kV] substation model is already realized in the laboratory test. The Web-based SCADA system is able to provide sufficient information and control for pow or system through an efficient and economical way.