• Journal of Internet Computing and Services
• /
• v.17 no.1
• /
• pp.91-99
• /
• 2016

A security system in Android OS adopts sandbox and an permission model. In particular, the permission model operates the confirmation of installation time and all-or-nothing policy. Accordingly, the Android OS requires a user agreement for permission when installing an application, however there is very low level of user awareness for the permission. In this paper, the current status of permission requirement within mobile apps will be discovered, and the key inspection list with an appropriate method, when a mobile service provider autonomously inspects the violation of least privilege around financial companies, and its usefulness will be explored.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.1
• /
• pp.87-93
• /
• 2016

In this paper, we propose a new method to enhance an android security by exploiting a selective management of application permission. To that purpose, we analyze behavior of the current android security, via which we draw out possible vulnerabilities. After that, we develop a tool to implement the selective management of the application permission, witch has a function to give a permission selectively for the application when we install a new application. Via experiment we show validity of the developed tool in solving the drawn vulnerability in the current android security.

• Journal of the Korean Operations Research and Management Science Society
• /
• v.28 no.3
• /
• pp.169-184
• /
• 2003

In the IS-95 packet service system, the radio channels are generally classified into the dedicated and the common traffic channels. In this paper, a common traffic channel access method is proposed for the COMA packet service system to enhance the radio resource utilization while guaranteeing QoS to the users. The proposed method is based on the permission probability for the common traffic channel user. To derive permission probability, optimization models are developed for two different QoS constraints. Approximation methods are also developed.

• The Journal of Society for e-Business Studies
• /
• v.4 no.3
• /
• pp.43-62
• /
• 1999

This paper is to analyze business activities of approval/permission (A/P) and to describe its problems. To conduct the A/P business activities currently, there are many problems such as complex business process and different business policies among the each organization. In order to solve the problems, this paper suggests the A/P system of highway construction CALS (Commerce at Light Speed). CALS, a top down vision of complete computing integration, promises to support electronic data exchange. The A/P system is designed to classified documents based on CALS standard and store them to database. The data register to the A/P system by the Internet, and each construction company can use the A/P system by Internet also. Benefits of the A/P system is reduction in junk documents for approval/permission actives, improvement in conduct and services life cycle support.

• Journal of the Korea Computer Industry Society
• /
• v.10 no.1
• /
• pp.21-28
• /
• 2009

Role-Based Access Control Policy has a role hierarchies in which a higher case role can perform permissions of a lower case role. However, it is necessary for a lower case role to perform a higher case role's permission, which is not allowed to a lower case role, basically. In this paper propose a temporary permission delegation method. As the result of a temporary permission delegation, junior roles can perform senior roles' permissions in a dedicated interval.

• Journal of Digital Convergence
• /
• v.13 no.12
• /
• pp.413-422
• /
• 2015

This study is to grasp fundamental data to prepare the policy about death with dignity(DwD) by grasping perception type of the middle-aged about DwD. 32 middle-ages test Q-sort with 30 statements which is related to DwD. The result of analysis shows that subjective perception types are permission type, opposition type, and limited permission type. First, 'permission type' indicates that DwD by self-determination of patients should be accepted; it is necessary to patients with extreme pain. Second, 'opposition type' insists that there will be more people dying unfairly; a trend to make light of human life could be in everywhere if DwD is permitted. Third, 'limited permission type' agrees with permitting DwD but insists on preparing specific legal system before that. The subject, DwD, itself seems not to be able to draw a complete agreement from people, but national opinions should be reflected during the process of DwD system.

• Convergence Security Journal
• /
• v.3 no.2
• /
• pp.1-10
• /
• 2003

In the distributed-computing environment, applications or users have to share resources and communicate with each other in order to perform their jobs more efficiently. In this case, it is important to keep resources and information integrity from the unexpected use by the unauthorized user. Therefore, there is a steady increase in need for a reasonable way to authentication and access control of distributed-shared resources. In RBAC, there are role hierarchies in which a higher case role can perform permissions of a lower case role. No vise versa. Actually, however, it is necessary for a lower case role to perform a higher case role's permission, which is not allowed to a lower case role basically. In this paper, we will propose a permission delegation method, which is a permission delegation server, and a permission delegation protocols with the secret key system. As the result of a permission delegation, junior roles can perform senior role's permissions or senior role itself on the exceptional condition in a dedicated interval.

• The KIPS Transactions:PartC
• /
• v.18C no.3
• /
• pp.151-156
• /
• 2011

Google Android, which is one of the popular smart phone platforms, employs a security model based on application permissions. This model intends to reduce security threats by protecting inappropriate accesses to system resources from applications, but this model has a few problems. First, permission requested by an application cannot be granted selectively. Second, once the permission has been granted it is maintained until the application is uninstalled. Third, applications may acquire powerful permissions through user ID sharing without any notice to users. In order to overcome these limitations, we designed and implemented a flexible application permission management scheme. The goal of our scheme is to enhance security and user convenience while keeping compatibility to original platform. We also verified the operation of our scheme with real applications on Android emulator.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.37-45
• /
• 2003

Role-based Access Control(RBAC) model has advantage of easy management of access control with constraints such as permission inheritance and separation of duty in role hierarchy. However, previous RBAC studies could not properly reflect the real-world organization structure with its role hierarchy. User who is a member of senior role can perform all permissions because senior role inherits all permissions of junior roles in the role hierarchy. Therefore there is a possibility for senior role members to abuse permissions due to violation of the least privilege principle. In this paper, we present a new model of role hierarchy, which restricts the unconditional permission inheritance. In the proposed model, a role is divided into sub roles(unconditional inheritance. restricted inheritance, private role), keeping organization structure in corporate environment. With restricted inheritance, the proposed model prevents permission abuse by specifying the degree of inheritance in role hierarchy.

• Journal of Korean Society of Occupational and Environmental Hygiene
• /
• v.32 no.3
• /
• pp.253-267
• /
• 2022

Objectives: This study was performed to check whether the CRS (Chemical Ranking and Scoring) system is appropriate as a method to determine substances as candidates for substances subject to permission and to apply this system to the selection of candidates for substances subject to permission. Methods: A risk score was obtained by multiplying the hazard score and the exposure score and then ranking them. The hazard sub-indicators are carcinogenicity, germ cell mutagenicity, reproductive toxicity, specific target organ toxicity-repeated exposure, respiratory sensitization and endocrine disrupting chemicals. Exposure sub-indicators are persistence, bioaccumulation and emission volume. Sensitivity analysis was performed for missing values. Correlation analysis and multivariable linear regression analysis were performed among hazard, exposure and risk in order to confirm that CRS was an appropriate method. Results: As a result of the sensitivity analysis on missing values, it was confirmed that the effect on the risk ranking was not sensitive. Correlation and regression analysis confirmed that exposure had a greater effect on risk than hazard. Conclusions: The CRS system, which derives a risk score using a hazard and exposure score, is judged to be appropriate as a method for the selection of preliminary of candidates for substances subject to permission. Benzene, cadmium, nickel, and cobalt were selected as priority candidates for substances subject to permission.