• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2001.11a
• /
• pp.111-112
• /
• 2001

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.725-730
• /
• 2004

Separation of Duty(SOD), with delegation, is one of important security principles in access control area. The role-based access control model adopts SOD principle, but it has some problems; SOD concept is inconsistent with role hierarchy, permissions that have no relation with SOD may be restricted, and delegation may violate SOD. We propose permission-based SOD model on role-based access control. We establishes SOD as a set of permissions instead of role level SOD. Furthermore we propose a principle of role activation. It solves SOD problems of RBAC and supports easy implementation of SOD policy.

• The Journal of the Korea Contents Association
• /
• v.9 no.9
• /
• pp.325-334
• /
• 2009

The object of this study is to examine the relations between leisure activity and duty stress and separation intention in private guards. The subject of this study is set up the private guards who are working at private guard company in a capital sphere. This study applyed the way of judgement abstraction and abstracted the total of 360 persons. However, the number used in the final analysis is 333 persons. The last conclusion in this study is as follows. Firstly, the relation between duty stress and separation intention has a matual effect meaningfully. Secondly, the physical stress hasn't an effect on the term of leisure activity, and separation intention. affects meaningfully the physical stress. Thirdly, the relation beween leisure activity and separation intention exerts a meaningful influence mutually in all sphere. Duty stress is a important parameter between leisure activity and separation intention.

• 제어로봇시스템학회:학술대회논문집
• /
• 2004.08a
• /
• pp.1350-1354
• /
• 2004

This paper proposes a simple but practically useful model for preventing fraud of users called "ERBAC03". The new model consists of qualified mandatory and discretionary features for roles and locations, including the assignment of permissions for the appropriate roles and the assignment of roles for the appropriate locations. Moreover, a static separation of duty (SSoD) principle is applied to the new model for integrity requirements of security systems. The paper also explores some extensions of ERBAC03 including the new model using the SSoD concept from some experiments. The experimental results prove the efficiency improvement of the proposed model that can make benefits for large enterprises.

• 제어로봇시스템학회:학술대회논문집
• /
• 2004.08a
• /
• pp.1360-1364
• /
• 2004

This paper propose an extended model for role-permission assignment based on locations called "Enhanced Role-Based Access Control (ERBAC03)". The proposed model is built upon the well-known RBAC model. Assigning permissions to role is considered too complex activity to accomplish directly. Instead we advocate breaking down this process into a number of steps. The concept of jobs and tasks is specifically introduced to facilitate role-permission assignment into a series of smaller steps. This model is suitable for any large organization that has many branches. Each branch consists of many users who work in difference roles. An administration tool has been developed to assist administrators with the administration of separation of duty requirements. It demonstrates how the specification of static requirements can be done based on "conflicting entities" paradigm. Static separation of duty requirements must be enforced in the administration environment. Finally, we illustrate how the ERBAC03 prototype is used to administer the separation of duty requirements.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.1
• /
• pp.167-175
• /
• 2010

Like most large organizations, there are business rules such as 'separation of duty' and 'delegation' which should be considered in access control. From a SOD point of view, previous SOD models built on the (Administrative) Role-Based Access Control model cannot present the best solution to security problems such as information integrity by the limited constituent units such as role hierarchy and role inheritance. Thus, we propose a new integrated management model of administration role-based access control model and SOD policy, which is called the OS-SoDAM. The OS-SoDAM defines the authority range in an organizational structure that is separated from role hierarchy and supports a decentralized security officer-level SOD policy in which a local security officer can freely perform SOD policies within a security officer's authority range without the security officer's intervention.

• Journal of the Institute of Electronics Engineers of Korea TE
• /
• v.39 no.4
• /
• pp.431-436
• /
• 2002

This paper implements an improved model for access control enforcement in enterprise environments. The integration of the task role-based access control model and the "conflicting entities" administration paradigm supply a specification of static and dynamic separation of duty requirements in the workflow environment. The implemented Extended Task Role-Based Access Control model can deal with the conflicting entities for workflow oriented tasks. It will support elaborate separation of duty policy to tasks in enterprise environment through the classification of enterprise sessions according to their characteristics.

• 한국정보통신설비학회:학술대회논문집
• /
• 2009.08a
• /
• pp.242-247
• /
• 2009

In this paper, we investigate interference between short-range radiocommunication devices (SRDs) with frequency hopping spread spectrum (FHSS) and direct sequence spread spectrum (DSSS) methods when they are in the same frequency bands. In order to analyze interference from unwanted emission of SRD with DSSS to that of FHSS, Monte-Carlo (MC) simulation method is employed and interference probabilities are calculated. We simulate interference scenarios in accordance with several duty cycles and bandwidths. It is also assumed that the propagation model is free space The effect of distance between interfering transmitter and victim receiver is analyzed and bit error rate (BER) is simulated. From the interference analysis results, it is shown that duty cycle affects compatibility more than bandwidth does. Also, we can make sure of the separation distance which satisfies BER criterion when there are only one interfering transmitter and multiple interfering transmitters.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.12
• /
• pp.3755-3760
• /
• 2009

In this study, we have completed the simulation and optimization work for the deethanizer column which was used for natural gas processing plant or saturated gas plant in a petrochemical process. An optimal feed stage location which minimizes the reboiler heat duty was determined. For the modeling of deethanizer, PRO/II with PROVISION was used and Soave modified Redlich-Kwong equation of state model was selected. Through this study, we have found that the minimum number of stage and minimum reflux ratio for separation were 9.03 and 0.62437, respectively and the theoretical stage number was 12, optimal feed stage location was 9 and minimum reboiler heat duty was $12.7470{\times}10^6\;KJ/hr$.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.11
• /
• pp.3020-3033
• /
• 1999

Role-Based Access Control(RBAC) security policy is being widely accepted not only as an access control policy for information security but as both a natural modeling tool for management structure of organizations and flexible permission management framework in various commercial environments. Important functions provided by the current RBAC model are to administrate the information on the components of RBAC model and determine whether user's access request to information is granted or not, and most researches on RBAC are for defining the model itself, describing it in formal method and other important properties such as separation of duty. As the current RBAC model which does not define the definition, design and operation for applications is not suitable for automated information systems that consist of various applications, it is needed that how applications should be designed and then executed based on RBAC security model. In this paper, we describe dynamic properties of session which is taken for a passive entity only activated by users, as a vehicle for building and executing applications in an automated information systems. And, a framework for session-oriented separation of duty property, application design and operation is also presented.