• Title/Summary/Keyword: information access

Search Result 10,262, Processing Time 0.032 seconds

Access Control for Secure Access Path (안전한 접근 경로를 보장하기 위한 접근 제어)

  • Kim, Hyun-Bae
    • Journal of The Korean Association of Information Education
    • /
    • v.1 no.2
    • /
    • pp.57-66
    • /
    • 1997
  • The primary purpose of security mechanisms in a computer systems is to control the access to information. There are two types of access control mechanisms to be used typically. One is discretionary access control(DAC) and another is mandatory access control(MAC). In this study an access control mechanism is introduced for secure access path in security system. The security policy of this access control is that no disclosure of information and no unauthorized modification of information. To make this access control correspond to security policy, we introduce three properties; read, write and create.

  • PDF

Trust and Risk based Access Control and Access Control Constraints

  • Helil, Nurmamat;Kim, Mu-Cheol;Han, Sang-Yong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.5 no.11
    • /
    • pp.2254-2271
    • /
    • 2011
  • Access control in dynamic environments needs the ability to provide more access opportunities of information to users, while also ensuring protection information from malicious users. Trust and risk are essential factors and can be combined together in access control decision-making to meet the above requirement. In this paper, we propose the combination of the trust and risk in access control to balance information accessibility and protection. Access control decision is made on the basis of trustworthiness of users and risk value of permissions. We use potential relations between users and relations between permissions in access control. Our approach not only provides more access opportunities for trustworthy users in accessing permissions, but also enforces traditional access control constraints such as Chinese Wall policy and Separation of Duty (SoD) of Role-Based Access Control (RBAC) model in an effective way.

An Automatic AP Connections Scheme using iBeacon (iBeacon을 이용한 AP 자동접속 방안)

  • Nam, ChoonSung;Shin, DongRyeol
    • Journal of Internet Computing and Services
    • /
    • v.18 no.2
    • /
    • pp.1-11
    • /
    • 2017
  • There are two kinds of wireless network access to a certain place by using smart devices - 1) open (anonymous) - access and 2) user-authorized access. The open-access is a non-authorization connection method which does not need to require Smart device's user authorized information. It means open-access use only user's SSID (Service Set Identifier) information to access the wireless AP devices following public wireless network standard. This access mechanism is not suitable to use all of public wireless networks because users have to get all wireless network information around them. As a result, huge data for smart devices should be one of the most critical overload problems for them. Secondly, the user-authorized access method uses wireless network information (SSID and password) chosen by the users. So, the users have to remember and use the network access information data manually whenever accessing the network. Like open-access, this access method also has the operational and inconvenient problem for the users - manually inputting access information whenever connecting to the network. To overcome this problem in both schemes, we propose two improved wireless network access methods: 1) the implementation of automatic AP connection mechanism using user-authorization and iBeacon messages, and 2) SSID registration form for public wireless networks.

Evaluating the Information Access Skills of Students of a College of Education in Ghana

  • Yebowaah, Franklina Adjoa;Owusu-Ansah, Christopher M.
    • Journal of Information Science Theory and Practice
    • /
    • v.8 no.2
    • /
    • pp.45-54
    • /
    • 2020
  • Access to relevant information determines the quality of life of an individual in society and the academe. Academic institutions have established information literacy programmes to enhance students' access to information. With the elevation of colleges of education to tertiary status in Ghana, pre-service teachers are now required to conduct research to improve their reflective thinking in order to be certified. However, the information access skills of students in colleges of education in Ghana are uncertain. This study draws empirical evidence from students in the Nusrat Jahan Ahmadiyya College of Education, Wa, Ghana on their information access skills. Primary data were collected from 303 respondents from the college using a stratified sampling procedure. The data were collected using a questionnaire and analysed using descriptive statistics. The results indicate that information is available to students through different sources such as the Internet, libraries, and contact with friends and authorities. However, students were limited in respect to access to relevant online resources for their academic activities due to inadequate information access skills. Potential solutions are discussed.

A Secure Cloud Computing System by Using Encryption and Access Control Model

  • Mahmood, Ghassan Sabeeh;Huang, Dong Jun;Jaleel, Baidaa Abdulrahman
    • Journal of Information Processing Systems
    • /
    • v.15 no.3
    • /
    • pp.538-549
    • /
    • 2019
  • Cloud computing is the concept of providing information technology services on the Internet, such as software, hardware, networking, and storage. These services can be accessed anywhere at any time on a pay-per-use basis. However, storing data on servers is a challenging aspect of cloud computing. This paper utilizes cryptography and access control to ensure the confidentiality, integrity, and proper control of access to sensitive data. We propose a model that can protect data in cloud computing. Our model is designed by using an enhanced RSA encryption algorithm and a combination of role-based access control model with extensible access control markup language (XACML) to facilitate security and allow data access. This paper proposes a model that uses cryptography concepts to store data in cloud computing and allows data access through the access control model with minimum time and cost for encryption and decryption.

The Features of Restricted Access to Information at European and East Asian Libraries

  • Makhotina, Natalya;Pshenichnaya, Evgeniya
    • Journal of Information Science Theory and Practice
    • /
    • v.9 no.3
    • /
    • pp.31-41
    • /
    • 2021
  • The growing number of threats to society through the uncontrolled distribution of information is forcing library communities in many countries to reconsider their views on free access to collections. Based on the content of numerous documents of international importance, it can be concluded that in any democratic country access to information is one of the most important human rights, along with the right to life, liberty, and security of person. However, the state has the right to restrict citizens' access to information within the framework of existing legislation. Constantly, restrictions on access to information are established in order to protect the ethical foundations of the constitutional order, morality, health, rights, and legitimate interests of others, to ensure the country's defense and state security. It goes without saying that each country has the right to independently decide where the boundaries lie between permitted and prohibited information, including printed information, contained in library collections. This article describes three levels of access restriction: foreign, state, and regional. The authors have analyzed the legal and regulatory documents that govern libraries, as well as the reasons and methods of limitation. A comparative analysis of the restriction of access to information in the countries of Europe and Asia is presented.

Design of a Policy based Privacy Protection System using Encryption Techniques (암호기법을 이용한 정책기반 프라이버시보호시스템설계)

  • Mun Hyung-Jin;Li Yong-Zhen;Lee Dong-Heui;Lee Sang-Ho;Lee Keon-Myung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.16 no.2
    • /
    • pp.33-43
    • /
    • 2006
  • In order to provide the efficient personalized services, the organizations and the companies collect and manage the personal information. However, there have been increasing privacy concerns since the personal information might be misused and spread over in public by the database administrators or the information users. Even in the systems in which organizations or companies control access to personal information according to their access policy in order to protect personal information, it is not easy to fully reflect the information subjects' intention on the access control to their own Personal information. This paper proposes a policy-based access control mechanism for the personal information which prevents unauthorized information users from illegally accessing the personal information and enables the information subjects to control access over their own information. In the proposed mechanism, the individuals' personal information which is encrypted with different keys is stored into the directory repository. For the access control, information subjects set up their own access control policy for their personal information and the policies are used to provide legal information users with the access keys.

Online Submission and Review System for Open Science: A Case of AccessON Peer Review Management System Plus (ACOMS+)

  • Jaemin Chung;Eunkyung Nam;Sung-Nam Cho;Jeong-Mee Lee;Hyunjung Kim;Hye-Sun Kim;Wan Jong Kim
    • Journal of Information Science Theory and Practice
    • /
    • v.12 no.1
    • /
    • pp.87-101
    • /
    • 2024
  • As the academic publishing environment evolves rapidly and the open science paradigm emerges, the demand for efficient and transparent peer review is growing. This study outlines efforts to actively introduce advanced concepts in scholarly communication into the submission and review system. AccessON Peer Review Management System Plus (ACOMS+), developed and operated by the Korea Institute of Science and Technology Information, is an online submission and peer review system that aims for open science. This study provides an overview of ACOMS+ and presents its four main features: open peer review, open access publishing and self-archiving, online quantitative/qualitative evaluation, and peer reviewer invitation. The directions for further developing ACOMS+ to fully support open science are also discussed. ACOMS+ is the first system in Korea to introduce the open peer review process and is distinguished as a system that supports open access publishing and digital transformation of academic journals. Furthermore, ACOMS+ is expected to contribute to the advancement of the academic publishing environment through the increasing shift toward open access publishing, transparent peer review, and open science.

A Distributed Fog-based Access Control Architecture for IoT

  • Alnefaie, Seham;Cherif, Asma;Alshehri, Suhair
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.12
    • /
    • pp.4545-4566
    • /
    • 2021
  • The evolution of IoT technology is having a significant impact on people's lives. Almost all areas of people's lives are benefiting from increased productivity and simplification made possible by this trending technology. On the downside, however, the application of IoT technology is posing some security challenges, among them, unauthorized access to IoT devices. This paper presents an Attribute-based Access Control Fog architecture that aims to achieve effective distribution, increase availability and decrease latency. In the proposed architecture, the main functional points of the Attribute-based Access Control are distributed to provide policy decision and policy information mechanisms in fog nodes, locating these functions near end nodes. To evaluate the proposed architecture, an access control engine based on the Attribute-based Access Control was built using the Balana library and simulated using EdgeCloudSim to compare it to the traditional cloud-based architecture. The experiments show that the fog-based architecture provides robust results in terms of reducing latency in making access decisions.

Adaptive and Prioritized Random Access and Resource Allocation Schemes for Dynamic TDMA/TDD Protocols

  • Choi, Hyun-Ho
    • Journal of information and communication convergence engineering
    • /
    • v.15 no.1
    • /
    • pp.28-36
    • /
    • 2017
  • The medium access control (MAC) protocol based on dynamic time division multiple access/time division duplex (TDMA/TDD) is responsible for random access control and radio resource allocation in dynamic traffic environments. These functions of random access and resource allocation are very important to prevent wastage of resources and improve MAC performance according to various network conditions. In this paper, we propose new random access and resource allocation schemes to guarantee quality of service (QoS) and provide priority services in a dynamic TDMA/TDD system. First, for the QoS guarantee, we propose an adaptive random access and resource allocation scheme by introducing an access probability. Second, for providing priority service, we propose a priority-based random access and resource allocation scheme by extending the first adaptive scheme in both a centralized and a distributed manner. The analysis and simulation results show that the proposed MAC protocol outperforms the legacy MAC protocol using a simple binary exponential backoff algorithm, and provides good differential performance according to priorities with respect to the throughput and delay.