• 한국정보처리학회논문지
• /
• 제7권11S호
• /
• pp.3623-3632
• /
• 2000

지금까지 XML 문서는 사용자에게 문서내의 모든 내용을 공개하였지만, 전자상거래와 같은 특정 분야의 경우에는 사용자에 따라 문서의 일부만을 공개하는 것이 필요하다. 따라서, 본 논문에서는 사용자에게 XML 문서의 권한을 부여하여 접근 권한을 근간으로 XML 문서에 대해서 접근을 관리하는 접근 제어 시스템을 설계하고 구현한다. 이를 위하여 권한 주체의 기본 단위로 사용자 그룹을 설정하고, XML 문서의 엘리먼트를 권한 객체의 기본 단위로 설정한다. 그리고, XML 문서의 생성자는 문서를 생성할 때 사용자 그룹에게 문서 내의 엘리먼트에 대한 접근 권한을 부여한다. 사용자가 XML 문서를 접근할 경우, 사용자가 속한 그룹의 해당 문서에 대한 접근 권한을 접근 제어 리스트를 이용하여 검사하고 접근 권한을 맞는 문서의 특정 부분만을 보여준다. 그 결과 XML 문서에 대한 접근 관리가 가능하다.

• 한국전자거래학회지
• /
• 제1권1호
• /
• pp.117-140
• /
• 1996

CALS is recognized as a national response to the new chapter of information society. It is essential that the standardization in Korea should be constructed compatible with not only domestic but also international standardization trend. This study aims to propose a proper direction of CALS standardization in Korea, based on the international CALS standardization movement. This paper classifies standard into five types and provides a proper direction and guidance far each standard. As a trend of CALS standard, all ten data files are converted using SGML standard far the interchangeability of data among heterogenous systems. CAD and Graphic data arc also moving toward to the STEP as their standard. In this regard, this paper discusses how to implement SGML and STEP Model. Finally, this paper proposes a method how to construct an EDI system with CALS standard and how to establish a standard authorization institute which will be responsible far the standard authorization. Furthermore, this paper also proposes the CALS Test Network (CTN) as its experimental method.

• 한국멀티미디어학회논문지
• /
• 제21권8호
• /
• pp.858-863
• /
• 2018

In this paper, we propose and implement a multi-level convolutional neural network (CNN) algorithm to identify the sexually explicit and lewdness of various image files, and verify its effectiveness by using unauthorized image files generated in the actual military. The proposed algorithm increases the accuracy by applying the convolutional artificial neural network step by step to minimize classification error between similar categories. Experimental data have categorized 20,005 images in the real field into 6 authorization categories and 11 non-authorization categories. Experimental results show that the overall detection rate is 99.51% for the image files. In particular, the excellence of the proposed algorithm is verified through reducing the identification error rate between similar categories by 64.87% compared with the general CNN algorithm.

• 한국통신학회논문지
• /
• 제33권8B호
• /
• pp.719-726
• /
• 2008

본 논문에서는 보안 게이트웨이가 서브넷 상의 단말기의 네트워크 접근 시도 시에 해당 단말기를 자동으로 인식하여 단말기 사용자의 인증 및 접근 제어 보안 룰셋을 기간 데이터베이스와 비교 판별하여 동적으로 조직 내의 역할 기반 접근 권한을 부여, 관리하는 방식에 대해 연구하였다. 덧붙여, 네트워크 관리자가 조직 구조와 관련하여 네트워크 레벨(L2)과 어플리케이션 레벨(L7)의 통합 액세스 제어를 지정할 수 있도록 사용자 중심의 권한 부여 모델을 제시하였다.

• 한국전자거래학회:학술대회논문집
• /
• 한국전자거래학회 2005년도 e-Biz World Conference 2005
• /
• pp.62-67
• /
• 2005

In traditional approach, enterprise-wide consistent security policy enforcement for applications is very difficult task. Therefore, industry is now moving towards new unified enterprise application security concept that consist of centralized authentication and authorization mechanism. The eXtensible Access Control Markup Language (XACML); an XML-based standard defined by OASIS, is most suitable choice which can support centralized, role based, context aware access control mechanism. It is designed to provide universal standard for writing authorization policies and access control request/response language for managing access to the resources. This paper includes a brief overview on XACML and discusses its benefits, limitations and a data flow process. We propose a new generic access control architecture that supports enterprise wide centralized application level access control mechanism using XACML. The other benefits which can be achieved through this architecture are, reduce adnministration cost and complexity, support of heterogeneous computing platforms, centralized monitoring system, automatic fail over, scalability and availability, open standard based solution and secure communication.

• 한국중재학회지:중재연구
• /
• 제22권3호
• /
• pp.25-46
• /
• 2012

China instituted arbitration law on September 1, 1995, after having legislated the law under the UNCITRAL Model Law. However, Chinese arbitration law has some problems related to the effectiveness of its arbitration agreement, unlike the UNCITRAL Model Law. Thus, parties in dispute who want to settle a dispute based on Chinese arbitration law as governing law have more to take into consideration because there could be serious problems related to the effectiveness of the arbitration agreement. Therefore, this paper attempted to analyze the classification of jurisdiction related to the authorization of effectiveness in arbitration agreement of arbitral organization and Chinese, verify the problems, and suggest the solutions. Moreover, the author tried to verify the problems in applying the law related to the authorization of effectiveness in Chinese arbitration agreements and suggest some improvements. This paper also suggests improvements and problems related to the selection of arbitral organizations among several conditions for effective arbitration agreement in Chinese arbitration law. Finally, the author suggests some cautions and countermeasures related to arbitrations agreement for domestic investors and traders dealing with the Chinese.

• 한국식물생명공학회:학술대회논문집
• /
• 한국식물생명공학회 2003년도 추계학술대회 발표논문 초록집
• /
• pp.113-113
• /
• 2003

• 한국정보기술응용학회:학술대회논문집
• /
• 한국정보기술응용학회 2005년도 6th 2005 International Conference on Computers, Communications and System
• /
• pp.281-284
• /
• 2005

Kerberos is system that offer authorization in internet and authentication service. Can speak that put each server between client and user in distributed environment and is security system of symmetry height encryption base that offer authentication base mutually. Kerberos authentication is based entirely on the knowledge of passwords that are stored on the Kerberos Server. A user proves her identity to the Kerberos Server by demonstrating Knowledge of the key. The fact that the Kerberos Server has access to the user's decrypted password is a rwsult of the fact that Kerberos does not use public key cryptogrphy. It is a serious disadvantage of the Kerbercs System. The Server must be physically secure to prevent an attacker from stealing the Kerberos Server and learning all of the user passwords. Kerberos was designend so that the server can be stateless. The Kerberos Server simply answers requests from users and issues tickets. This study focused on designing a SIP procy for interworking with AAA server with respect to user authentication and Kerberos System. Kerberos is security system of encryption base that offer certification function mutually between client application element and server application element in distributed network environment. Kerberos provides service necessary to control whether is going to approve also so that certain client may access to certain server. This paper does Credit-Control Server's function in AAA system of Diameter base so that can include Accounting information that is connected to Rating inside certification information message in Rating process with Kerberos system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권2호
• /
• pp.650-669
• /
• 2017

Coordinated multiple points transmission and reception (CoMP) technology is used to mitigate the inter-cell interference, and increase cell average user normalized throughput and cell edge user normalized throughput. There are two kinds of radio resource schedule strategies in LTE-A/5G CoMP system, and they are called centralized scheduling strategy and distributed scheduling strategy. The regional centralized scheduling cannot solve interference of inter-region, and the distributed scheduling leads to worse efficiency in the utilize of resources. In this paper, a novel distributed scheduling scheme named 9-Cell alternate authorization (9-CAA) is proposed. In our scheme, time-domain resources are divided orthogonally by coloring theory for inter-region cooperation in 9-Cell scenario [6]. Then, we provide a formula based on 0-1 integer programming to get chromatic number in 9-CAA. Moreover, a feasible optimal chromatic number search algorithm named CNS-9CAA is proposed. In addition, this scheme is expanded to 3-Cell scenario, and name it 3-Cell alternate authorization (3-CAA). At last, simulation results indicate that 9/3-CAA scheme exceed All CU CoMP, 9/3C CU CoMP and DLC resource scheduling scheme in cell average user normalized throughput. Especially, compared with the non-CoMP scheme as a benchmark, the 9-CAA and 3-CAA have improved the edge user normalized throughput by 17.2% and 13.0% respectively.

• 정보처리학회논문지C
• /
• 제13C권3호
• /
• pp.359-368
• /
• 2006

AAA(Authentication, Authorization, Accounting)는 인증, 인가 그리고 과금을 제공하는 것으로써 서비스를 이용하는 모바일 단말기는 AAA가 필요하다. 모바일 단말기 인증 과정은 외부 네트워크의 인증 서버를 통해 홈 네트워크의 인증 서버에 접근하여 인증 결과를 외부 인증 서버가 통보 받는다. 이후 홈 인증 서버는 안전한 서비스를 제공하기 위하여 외부 에이전트, 사용자 그리고 홈 인증 서버간의 안전한 통신을 위한 사용될 키가 분배된다. 본 논문은 모바일 단말기가 외부 네트워크의 이동시 외부 인증 서버간의 안전한 통신을 위한 키 분배에 대하여 논의하고 제안한다. 제안한 방식은 외부 인증 서버간의 이동시에 홈 인증 서버로부터 인증을 재발급 받지 않으므로 홈 인증 서버의 과부화를 줄일 수 있고, PIN 기반을 이용하여 키를 분배한다.