• Journal of The Korean Association of Information Education
• /
• v.1 no.2
• /
• pp.57-66
• /
• 1997

The primary purpose of security mechanisms in a computer systems is to control the access to information. There are two types of access control mechanisms to be used typically. One is discretionary access control(DAC) and another is mandatory access control(MAC). In this study an access control mechanism is introduced for secure access path in security system. The security policy of this access control is that no disclosure of information and no unauthorized modification of information. To make this access control correspond to security policy, we introduce three properties; read, write and create.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.11
• /
• pp.2254-2271
• /
• 2011

Access control in dynamic environments needs the ability to provide more access opportunities of information to users, while also ensuring protection information from malicious users. Trust and risk are essential factors and can be combined together in access control decision-making to meet the above requirement. In this paper, we propose the combination of the trust and risk in access control to balance information accessibility and protection. Access control decision is made on the basis of trustworthiness of users and risk value of permissions. We use potential relations between users and relations between permissions in access control. Our approach not only provides more access opportunities for trustworthy users in accessing permissions, but also enforces traditional access control constraints such as Chinese Wall policy and Separation of Duty (SoD) of Role-Based Access Control (RBAC) model in an effective way.

• Journal of Internet Computing and Services
• /
• v.18 no.2
• /
• pp.1-11
• /
• 2017

There are two kinds of wireless network access to a certain place by using smart devices - 1) open (anonymous) - access and 2) user-authorized access. The open-access is a non-authorization connection method which does not need to require Smart device's user authorized information. It means open-access use only user's SSID (Service Set Identifier) information to access the wireless AP devices following public wireless network standard. This access mechanism is not suitable to use all of public wireless networks because users have to get all wireless network information around them. As a result, huge data for smart devices should be one of the most critical overload problems for them. Secondly, the user-authorized access method uses wireless network information (SSID and password) chosen by the users. So, the users have to remember and use the network access information data manually whenever accessing the network. Like open-access, this access method also has the operational and inconvenient problem for the users - manually inputting access information whenever connecting to the network. To overcome this problem in both schemes, we propose two improved wireless network access methods: 1) the implementation of automatic AP connection mechanism using user-authorization and iBeacon messages, and 2) SSID registration form for public wireless networks.

• Journal of Information Science Theory and Practice
• /
• v.8 no.2
• /
• pp.45-54
• /
• 2020

Access to relevant information determines the quality of life of an individual in society and the academe. Academic institutions have established information literacy programmes to enhance students' access to information. With the elevation of colleges of education to tertiary status in Ghana, pre-service teachers are now required to conduct research to improve their reflective thinking in order to be certified. However, the information access skills of students in colleges of education in Ghana are uncertain. This study draws empirical evidence from students in the Nusrat Jahan Ahmadiyya College of Education, Wa, Ghana on their information access skills. Primary data were collected from 303 respondents from the college using a stratified sampling procedure. The data were collected using a questionnaire and analysed using descriptive statistics. The results indicate that information is available to students through different sources such as the Internet, libraries, and contact with friends and authorities. However, students were limited in respect to access to relevant online resources for their academic activities due to inadequate information access skills. Potential solutions are discussed.

• Journal of Information Processing Systems
• /
• v.15 no.3
• /
• pp.538-549
• /
• 2019

Cloud computing is the concept of providing information technology services on the Internet, such as software, hardware, networking, and storage. These services can be accessed anywhere at any time on a pay-per-use basis. However, storing data on servers is a challenging aspect of cloud computing. This paper utilizes cryptography and access control to ensure the confidentiality, integrity, and proper control of access to sensitive data. We propose a model that can protect data in cloud computing. Our model is designed by using an enhanced RSA encryption algorithm and a combination of role-based access control model with extensible access control markup language (XACML) to facilitate security and allow data access. This paper proposes a model that uses cryptography concepts to store data in cloud computing and allows data access through the access control model with minimum time and cost for encryption and decryption.

• Journal of Information Science Theory and Practice
• /
• v.9 no.3
• /
• pp.31-41
• /
• 2021

The growing number of threats to society through the uncontrolled distribution of information is forcing library communities in many countries to reconsider their views on free access to collections. Based on the content of numerous documents of international importance, it can be concluded that in any democratic country access to information is one of the most important human rights, along with the right to life, liberty, and security of person. However, the state has the right to restrict citizens' access to information within the framework of existing legislation. Constantly, restrictions on access to information are established in order to protect the ethical foundations of the constitutional order, morality, health, rights, and legitimate interests of others, to ensure the country's defense and state security. It goes without saying that each country has the right to independently decide where the boundaries lie between permitted and prohibited information, including printed information, contained in library collections. This article describes three levels of access restriction: foreign, state, and regional. The authors have analyzed the legal and regulatory documents that govern libraries, as well as the reasons and methods of limitation. A comparative analysis of the restriction of access to information in the countries of Europe and Asia is presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.2
• /
• pp.33-43
• /
• 2006

In order to provide the efficient personalized services, the organizations and the companies collect and manage the personal information. However, there have been increasing privacy concerns since the personal information might be misused and spread over in public by the database administrators or the information users. Even in the systems in which organizations or companies control access to personal information according to their access policy in order to protect personal information, it is not easy to fully reflect the information subjects' intention on the access control to their own Personal information. This paper proposes a policy-based access control mechanism for the personal information which prevents unauthorized information users from illegally accessing the personal information and enables the information subjects to control access over their own information. In the proposed mechanism, the individuals' personal information which is encrypted with different keys is stored into the directory repository. For the access control, information subjects set up their own access control policy for their personal information and the policies are used to provide legal information users with the access keys.

• Journal of Information Science Theory and Practice
• /
• v.12 no.1
• /
• pp.87-101
• /
• 2024

As the academic publishing environment evolves rapidly and the open science paradigm emerges, the demand for efficient and transparent peer review is growing. This study outlines efforts to actively introduce advanced concepts in scholarly communication into the submission and review system. AccessON Peer Review Management System Plus (ACOMS+), developed and operated by the Korea Institute of Science and Technology Information, is an online submission and peer review system that aims for open science. This study provides an overview of ACOMS+ and presents its four main features: open peer review, open access publishing and self-archiving, online quantitative/qualitative evaluation, and peer reviewer invitation. The directions for further developing ACOMS+ to fully support open science are also discussed. ACOMS+ is the first system in Korea to introduce the open peer review process and is distinguished as a system that supports open access publishing and digital transformation of academic journals. Furthermore, ACOMS+ is expected to contribute to the advancement of the academic publishing environment through the increasing shift toward open access publishing, transparent peer review, and open science.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.12
• /
• pp.4545-4566
• /
• 2021

The evolution of IoT technology is having a significant impact on people's lives. Almost all areas of people's lives are benefiting from increased productivity and simplification made possible by this trending technology. On the downside, however, the application of IoT technology is posing some security challenges, among them, unauthorized access to IoT devices. This paper presents an Attribute-based Access Control Fog architecture that aims to achieve effective distribution, increase availability and decrease latency. In the proposed architecture, the main functional points of the Attribute-based Access Control are distributed to provide policy decision and policy information mechanisms in fog nodes, locating these functions near end nodes. To evaluate the proposed architecture, an access control engine based on the Attribute-based Access Control was built using the Balana library and simulated using EdgeCloudSim to compare it to the traditional cloud-based architecture. The experiments show that the fog-based architecture provides robust results in terms of reducing latency in making access decisions.

• Journal of information and communication convergence engineering
• /
• v.15 no.1
• /
• pp.28-36
• /
• 2017

The medium access control (MAC) protocol based on dynamic time division multiple access/time division duplex (TDMA/TDD) is responsible for random access control and radio resource allocation in dynamic traffic environments. These functions of random access and resource allocation are very important to prevent wastage of resources and improve MAC performance according to various network conditions. In this paper, we propose new random access and resource allocation schemes to guarantee quality of service (QoS) and provide priority services in a dynamic TDMA/TDD system. First, for the QoS guarantee, we propose an adaptive random access and resource allocation scheme by introducing an access probability. Second, for providing priority service, we propose a priority-based random access and resource allocation scheme by extending the first adaptive scheme in both a centralized and a distributed manner. The analysis and simulation results show that the proposed MAC protocol outperforms the legacy MAC protocol using a simple binary exponential backoff algorithm, and provides good differential performance according to priorities with respect to the throughput and delay.