• Journal of Internet Computing and Services
• /
• v.8 no.1
• /
• pp.99-113
• /
• 2007

In the rapidly changing e-business environment, organizations need to share information, process business transactions, and enhance collaborations with relevant entities by taking advantage of the various technologies. However, there are always the security issues that need to be handled in order for the e-business operations to be run efficiently. In this research, we suggest the new security authorization model for safety flexible supporting the needs of e-business (e-marketplace) in an organization. This proposed model provides the scalable of access control policy among multi-domains, and preservation of flexible authorization management in distributed system environments. For servers to take the access control policy and enforcement decisions, we also describe the feasible authorization architecture is concerned with how they might seek advice and guideline from formal access control model.

• Journal of Arbitration Studies
• /
• v.18 no.1
• /
• pp.3-30
• /
• 2008

This paper is to research the current status of ADR in Korea, the qualifications of mediator (or conciliator) and arbitrator, the ADR education program of major foreign arbitration-related institutions and the efficient management device of ADR education program for the activation of the ADR system. In 2007, arbitration applications received at the Korean Commercial Arbitration Board numbered 320 and the amount involved those cases was US$ 216 millions. Mediation applications received at the KCAB numbered 552 and the amount involved those cases US$ 29millions. As of December 2007, the total numbers of arbitrators on the KCAB Panel of Arbitrators was 978. There are no provisions for the qualification of arbitrator in the UNCITRAL Model Law on International Commercial Arbitration and Arbitration Act of Korea. The KCAB has the consolidation regulation of the Panel of Arbitrator of which purpose is to regulate the criteria and procedure regarding the drawing up and maintenance of the panel of arbitrators. The UK Chartered Institute of Arbitrators has the criteria and qualifications for membership of which three grades are associate, member and fellow. The American Arbitration Association has the qualification criteria for admittance to the AAA National Roster of Arbitrators and Mediators. The Japan Association of Arbitrators has the official authorization regulation for membership of which three grades are special associate, ordinary associate and fellow. The UK Chartered Institute of Arbitrators has the ADR education programs which are composed of the mediation courses and arbitration courses. The American arbitrators Association has the ADR education programs which are composed of in-person training and online training. The Japan Association of Arbitrators has the ADR education programs which are composed of the cultivation courses of conciliator and the practical training courses of arbitrator. The efficient management devices of ADR education program are as follows: the execution of official authorization system of arbitrator, the establishment of specialized division for training and official authorization, the establishment of ADR regular training courses, the publication of ADR training texts and obtaining of instructors, and the consolidation of regulations related to the official authorization of arbitrator and ADR training. In conclusion, for the activation of ADR system, the KCAB and Korean Association of Arbitrators should make further effort to provide the ADR regular education and training programs for potential and practicing conciliators and arbitrators.

• The Journal of the Korea Contents Association
• /
• v.7 no.11
• /
• pp.43-51
• /
• 2007

Access control techniques should be flexible enough to support all protection granularity levels. Since access control policies are very likely to be specified in relation to document types, it is necessary to properly manage a situation in which documents fail to be dealt with by the existing access control policies. The existing access control has not taken information structures and semantics into full account due to the fundamental limitations of HTML. In addition, access control for XML documents allows only read operations, and there exists the problem of slowing down system performance due to the complex authorization evaluation process. In order to resolve this problem, this paper designs a XML Access Control Management System which is capable of making fined-grained access control. And then, in developing an access control system, it describes the subject and object policies of authorization for XML document on which authorization levels should be specified and which access control should be performed.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.634-637
• /
• 2010

This paper suggests the design of MVC model for an authorization tool of UML class diagram. In the design of MVC model, it is designed to define view, controller and model and perform the individual role of each component. The View represents GUI and the Controller is responsible for data input and output and the Model is to handle the business logic. The MVC model design for an authorization tool of class diagram gives the role independently and tries to be flexible with system by dividing into the suitable features of each component.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.1
• /
• pp.145-149
• /
• 2019

Various supplementary authentication methods are used to supplement user authentication and authorization provided by existing password verification online1. In recent years, authentication and authorization methods using user attribute information have been studied and utilized in various services. User attribute information can be divided into static information and dynamic information. The existing methods focus on research to identify users using dynamic information or to generate challenge questions for user reauthentication. Static information such as a user's home address, school, company, etc. is associated with dynamic information such as location information. We propose a method to verify user attribute information by using the association between two attribute information. For this purpose, the static information of the user is verified by using the user's location record which is dynamic information. The experiment of this paper collects the dynamic information of the actual user and extracts the static information to verify the user attributes. And we implemented the user attribute information authentication system using the proposal verification method and evaluated the utility based on applicability, convenience, and security.

• Journal of the Architectural Institute of Korea Planning & Design
• /
• v.34 no.6
• /
• pp.85-92
• /
• 2018

This study was to confirm the effectiveness of crime prevention in an apartment complex environmentally designed for domestic crime prevention. The researchers surveyed 267 residents on the community, fear of crime, and crime victimization. They arrived at the following conclusions. The authorization complex received higher security satisfaction results than the unauthorized complex; residents were less afraid of crime and more active in the apartment complex community. These results differ from previous studies in that the fear of crime is not related to a crime victim experience and that the fear of crime is low when there are less households in the apartment complex. Therefore, effectiveness of crime prevention abroad should not be accepted in a domestic residential environment.

• East Asian mathematical journal
• /
• v.38 no.4
• /
• pp.439-461
• /
• 2022

Since 2022, textbooks in elementary school mathematics have been converted from national textbook system to authorization system, but it is pointed out that the composition of these new textbooks is almost the same as the existing national textbooks and the advantages of the authorization system cannot be utilized. Therefore a need has been raised to find out the composition of foreign textbooks. In order to compare the internal system of elementary mathematics textbook composition in Korea and Japan, Wakuwaku Sansu, one of Japan's elementary mathematical textbooks was analyzed and compared with Korean textbooks. As a result of the analysis, it was found that Japanese textbooks have more flexibility in the composition of the unit, the number of hours of the unit, the introduction of special lessons, and emphasis. This analysis will promote the diversity and creativity of the composition of elementary mathematics textbooks in Korea, providing implications for more efficient textbook compilation.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.10B
• /
• pp.648-659
• /
• 2005

One's identity on the Internet has been disclosed and abused without his consent. Personal information must be protected by appropriate security safeguard. An Individual should have the right to know whether his personal details have been collected and stored. This paper proposes various conceptual models for designing privacy enabling service architecture in the Internet identity management system. For the restriction of access to personal information, we introduce the owner's policy and the management policy The owner's policy should provide the user with enough information to manage easily and securely his data. To control precisely and effectively all personal information in the Identity provider, we propose the privacy management policy and the privacy authorization model.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.5
• /
• pp.1246-1256
• /
• 1998

MIB(Management Information Base), one of the key components of network management system, is a conceptual repository for the information of the various managed objects. MIB stores and manages all the structural and operational data of each managed resources. Therefore, MIB should be protected properly from inadvertant user access or malicious attacks. International standard ISO/IEC 10164-9 describes several managed object classes for the enforcement of MIB security. Those managed object classes described access control rules for security policy. But the exact authorization procedures using those newly added managed object classes are not presented. In this paper, we divide managed object classes into two groups, explicit and implicit ones, and describe the access authorization procedure in Z specification language. Using Z as a description method for both authorization procedure and GDMO's action part, the behaviour of each managed object class and access authorization procedure is more precisely and formally defined than those of natural language form.

• Journal of KIISE
• /
• v.42 no.8
• /
• pp.979-989
• /
• 2015

Machine to Machine (M2M) technology has gained attention due to the fast diffusion of Internet of Things (IoT) technologies and smart devices. Most wireless network experts believe that Bluetooth Low Energy (BLE) Communications technology in an iBeacon network has amazing advantages in terms of providing communication services at a low cost in smartphone applications. Specifically, BLE does not require any pairing process during its communication phases, so it is possible to send a message to any node without incurring additional transmissions costs if they are within the BLE communication range. However, BLE does not require any security verification during communication, so it has weak security. Therefore, a security authorization process would be necessary to obtain customer confidence. To provide security functions for iBeacon, we think that the iBeacon Message Encryption process and a Decryption (Authorization) process should be designed and implemented. We therefore propose the BLE message Authorization Mechanism based on a One Time Password Algorithm (BLE-OTP). The effectiveness of our mechanism is evaluated by conducting a performance test on an attendance system based on BLE-OTP.