• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.83-91
• /
• 2008

IISO/IEC 9594-8 defines the public key framework and attribute certificate framework. Attribute certificate framework deals with privilege management infrastructure(PMI). In PMI, for privilege management using attribute certificates, role assignment certificates and role specification certificates are used to assign and specify privileges independently. Role specification certificates includes privilege specifications and the details far privilege management of network environments. Privilege management of unreliable network environment tries to enhance the reliability and efficiency of privilege information transmission forwarding over unreliable routes in the presence of potentially faulty nodes and edges. Each node forms a role specification tree based on role specification relationship data collected from the network. In this paper privilege management cost with the role specification certificates tree structure is evaluated trying to reduce the overhead incurred by role creation and modification of privileges. The multicasting of packets are used for scalability. We establish management cost model taking into account the packet loss and node reliability which continuously join and leave for network. We present quantitative results which demonstrate the effectiveness of the proposed privilege management scheme.

• Journal of Korea Multimedia Society
• /
• v.7 no.11
• /
• pp.1620-1629
• /
• 2004

The objectives of access control are to protect computing and communication resources from illegal use, alteration, disclosure and destruction by unauthorized users. Although Biba security model is well suited for protecting the integrity of information, it is considered too restrictive to be an access control model for commercial environments. And, Role-Based Access Control(RBAC) model, a flexible and policy-neutral security model that is being widely accepted in commercial areas, has a possibility for compromising integrity of information. In this paper, We present the role graph model which enhanced flexibility and integrity to management of many access permission. Also, In order to represent those rule and constraints clearly, formal descriptions of role assignment rule and constraints in Z language are also given.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.13-29
• /
• 2005

An important characteristic of role-based access control model(RBAC) is that by itself it is policy neutral. This means RBAC articulates security policy without embodying particular security policy. Because of this reason, there are several researches to configure RBAC to enforce traditional mandatory access control(MAC) policy and discretionary access control(DAC) policy. Specifically, to simulate MAC using RBAC several researches configure a few RBAC components(user, role, role-hierarchy, user-role assignment and session) for keeping no-read-up rule and no-write-down rule ensuring one-direction information flow from low security level to high security level. We show these researches does not ensure confidentiality. In addition, we show the fact that these researches overlook violation of integrity due to some constraints of keeping confidentiality. In this paper we propose a RBAC model satisfying both confidentiality and integrity. We reexamine a few RBAC components and constructs additional constraints.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.149-160
• /
• 2008

As individual users have to provide more information than the minimum for using information communication service, the invasion of privacy of Individual users is increasing. That is why client/server based personal information security platform technologies are being developed such as P3P, EPAL and XACML. By the way enterprises and organizations using primarily role based access control can not use these technologies. because those technologies apply access control policies to individual subjects. In this paper, we suggest an expression language for privacy enhancing role-based access control policy. Suggested privacy enhancing role-based access control policy language model is a variation of XACML which uses matching method and condition, and separately contains elements of role, purpose, and obligation. We suggest policy language model for permission assignment in this paper, shows not only privacy policy scenario with policy document instance, but also request context and response context for helping understanding.

• The Journal of Asian Finance, Economics and Business
• /
• v.6 no.4
• /
• pp.201-212
• /
• 2019

The study aims to identify the role of transformational leadership toward work performance through intrinsic motivation in pharmaceutical field by a survey of 220 pharmacists in Vietnam. The pharmaceutical industry in Vietnam is experiencing rapid growth, accompanied by the need for a change in leadership for managers. The transformational leadership creates a proactive, positive attitude, passion, interest or an increase in intrinsic motivation of employees, thereby affecting work performance. This study performed reliable verification by Cronbach's Alpha coefficient, then the factors are analyzed by EFA before conducting multivariate regression analysis. The results showed that the transformational leadership style includes such factors as: idealized influence (attributed and behavior), inspirational motivation, intellectual stimulation, individualized consideration have a positive impact on intrinsic motivation and thereby positively affecting work performance. It confirms that employees will have a higher intrinsic motivation level when working under transformational leadership from their leaders. It makes employees work more efficiently. According to the research results, the pharmacist has an intrinsic motivation to work hard on tasks that contribute to the group overall goal of. That requires managers to have a task assignment strategy to connect the goals of the members together as well as of the members to the group.

• Women's Health Nursing
• /
• v.4 no.2
• /
• pp.245-257
• /
• 1998

The characteristics of health behavior related pregnancy and childbirth have reflected on the cultural belief and value in the society. The efforts for women's health promotion through the current illumination of the traditional health care are the prompting assignment to be in nursing. The process of motherhood already progress before the motherhood actually. The functional state as the expectant mother can be the important predicting factor of the postpartum state, the quality of a married life. Motherhood was analyzed by Walker and Avant's method to clarify the concept 'to be a mother' using the various concepts like Koreans' Taekyo, transition to motherhood, maternal identity, maternal role attainment, maternal fetal attachment, and maternal fetal interaction. Upon the concept analysis, naturalness, responsibility, attachment, readiness, controllability were identified as the defining characteristics of motherhood. The antecedents of motherhood were consist of maternal affection, positive self esteem, pregnancy acceptance, fetus recognition and the consequences of motherhood were consist of positive maternal identity, maternal fetal attachment, confidence about the maternal role, the healthy mother and the healthy baby. The empirical referents of motherhood were consists of recognition of motherhood, expectation about motherhood, fetal recognition with ultrasonography and fetal movement, experience of unification between mother and fetus, expression of affection to the fetus, concern about fetal health, concern and practice about Taekyo, adaptation behavior about physical change and discomfort due to pregnancy. Therefore it is necessary to develop the instruction program of motherhood including the defining attributes identified in this study.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.1
• /
• pp.126-134
• /
• 2000

Version control is an application to maintain consistency between different instances of the same document allowing operations such as navigation, differencing, and merging. Most version control systems, however, lack the support of functionality for cooperative writing environment, such as to represent and store the history of the actions of different individuals, to effectively differentiate and merge the individual actions including the text object, and to manage different access privileges for different granularity and individuals. With the help of Activity IDentification (AID) tag and its unique addressing scheme proposed in this paper, differencing and merging become simple and effective. Access and role control is improved by associating the access right table and role assignment in AID scheme also eliminates the requirements for large storage capacity for version information maintenance.

• Journal of Korean Society of Archives and Records Management
• /
• v.8 no.1
• /
• pp.235-255
• /
• 2008

Present study conducted surveys and interviews to identify a solution to the issues concerning the work conditions, job satisfaction, and operational systems of archivists working in the Korean government agencies. Job characteristics were measured using the five-factor structures of Hackman and Oldham's(1976) Job Characteristic Models, professionalism, role conflict, stress, and turnover intentions. Job environment was measured in terms of communication, participation, social relations with coworkers and superiors, and job training. Job satisfaction was measured by general level of satisfaction, job meaningfulness, and commitment. Operational systems was analyzed in terms of organizational arrangement, role assignment, personnel management, and collaboration between the national archives and record centers. These analyses produced further implications and suggestions on personnel management of archivists and records managers.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.5
• /
• pp.565-573
• /
• 2016

Wi-Fi Direct standard technology(Wi-Fi Peer to Peer Technical Specifications v1.2, 2010) was designed for allowing peer to peer communication between two or more devices and various products which have been currently manufactured such as smart phone and smart TV have already provided this technical function. In this technology the role of Coordinator in Wi-Fi infrastructure would be matched to GO(Group Owner) which needs relatively high energy resource and computation power due to the high probability for allowing 3rd-party connection, however, the current standard specification would be limited in terms of energy distribution because it has not included a process to determine the role of GO. To address above problem, this paper classified considerable parameters into the general parameters for the physicality of devices and the specific parameters for considering the role position depending on use-case scenario, and proposed a new method called DIVA to help efficiently determining GO role from the member devices of Wi-Fi Direct network. Furthermore the effect of this mechanism was proved via simulation-based experiments.

• Journal of Korea Multimedia Society
• /
• v.8 no.11
• /
• pp.1520-1530
• /
• 2005

As XML is recognized as a prevalent standard for document representation and exchange in the Internet, the need for security of XML becomes very important issue. Until now researches on XML security have been focused on confidentiality or integrity like encryption and digital signature technology. But, as XML data becomes more massive and complicated, it requires managerial security that decided access permit or deny by the authority oi user who is using the XML data. Thus it requires models and mechanisms enabling the specification and enforcement of access control policies for XML documents. In this paper, we suggest the new access control model and mechanism that separate XML documents by access level, assign roles to each user by applying Role Based Access Control (RBAC) and perform access control to specific documents by encrypting each section with roles. The method, we suggested, has an advantage that it does not need to update the whole keys used in encryption process by updating only the relations between appropriate secure layers.