Journal of the Institute of Electronics Engineers of Korea CI (전자공학회논문지CI)

The Institute of Electronics and Information Engineers (대한전자공학회)
권호 표지

Adaptive Security Management Model based on Fuzzy Algorithm and MAUT in the Heterogeneous Networks

이 기종 네트워크에서 퍼지 알고리즘과 MAUT에 기반을 둔 적응적 보안 관리 모델

  • 양석환 (부경대학교 정보보호학 협동과정) ;
  • 정목동 (부경대학교 컴퓨터공학과)
  • Published : 2010.01.25
Download PDF
⟨ Previous Next ⟩

Abstract

Development of the system which provides services using diverse sensors is expanding due to the widespread use of ubiquitous technology, and the research on the security technologies gaining attention to solve the vulnerability of ubiquitous environment's security. However, there are many instances in which flexible security services should be considered instead of strong only security function depending on the context. This paper used Fuzzy algorithm and MAUT to be aware of the diverse contexts and to propose context-aware security service which provides flexible security function according to the context.

유비쿼터스 기술의 보편화에 따라 유비쿼터스 환경의 보안 취약성을 해결하기 위한 보안기술의 연구가 주목받고 있다. 그러나 현재의 대다수 보안 시스템은 고정된 규칙을 기반으로 하는 것으로서, 유비쿼터스 기반 사용자의 다양한 상황에 제대로 대응하지 못하는 문제점이 있다. 또한 기존의 상황인식 보안 연구는 ACL (Access Control List) 혹은 RBAC (Role-Based Access Control) 계열의 연구가 많이 수행되고 있으나 보안정책의 관리에 대한 오버헤드가 크고, 또한 예상하지 못한 상황에 대한 대응이 어렵다는 문제점을 보이고 있다. 이에 본 논문에서는 퍼지 알고리즘과 MAUT를 이용하여 다양한 상황을 인식하고 적절한 보안기능을 제공하는 상황인식 보안 서비스를 제안한다.

Keywords

References

  1. M. J. Convington, et al., "Generalized Role-Based Access Control for Securing Future Applications," Proc of the 23th National Information Systems Security Conference, Baltimore, 2000, pp.115-125.
  2. M. J. Moyer and M. Ahamad, "Generalized Role- Based Access Control," Proc of IEEE International Conference on Distributed Computing Systems, 2001, pp.391-398.
  3. David F. Ferraiolo and D. Richard Kuhn, "Role- Based Access Controls," Proc of the 15th National Computer Security Conf, Baltimore MD, 1992, pp.554-563.
  4. Seung-Jwa Nam and Seog Park, "Context Conflicts of Role-Based Access Control in Ubiquitous Computing Environment," Journal of the Korea Institute of Information Security and Cryptology, 15(2), 2005, pp.37-52.
  5. R. S. Sandhu, et al., "Role-based Access Control Models," IEEE Computer, 29(2), February 1996, pp. 38-47. https://doi.org/10.1109/2.485845
  6. http://csrc.nist.gov/rbac/NIST.
  7. M. J. Convington, et al., "A Context-Aware Security Architecture for Emerging Applications," Proc of the 18th Annual Computer Security Applications Conferences, 2002, pp.249-258.
  8. Hyun-Soo Im et al., "The Model of Conflict Detection between Permission Assignment Constraints inRole-Based Access Control," Proc. of 2005 fall The Korea Society for Simulation Conference, 2005, pp.51-55.
  9. J. Bezdek, "A convergence theorem for the fuzzy ISODATA clustering algorithm," IEEE Trans. Pattern Anal. Machine Intelligence, PAMI2(1), 1980, pp.1-8.
  10. Moonjin Jeon et al., "Hand Gesture Recognition using Multivariate Fuzzy Decision Tree and User Adaptation," J. of Korea Robotics Society, 3(2), 2008, pp.81-90.
  11. Sung-Kwun Oh, Computational Intelligence by Programming focused on Fuzzy, Neural Networks, and Genetic Algorithms, Naeha Publishing Co., 2002.
  12. R.L.P Chang, T. Pavlidis, "Fuzzy Decision Tree Algorithms," Systems, Man and Cybernetics, IEEE Transactions, 7(1), 1977, pp.28-35. https://doi.org/10.1109/TSMC.1977.4309586
  13. Woo-Hang Lee, Keon-Myung Lee, "Fuzzy Decision Tree Induction to Obliquely Partitioning a Feature Space," Journal of KIISE : software and applications, Vol.29, No.3, 2002, pp.156-166.
  14. Teuvo Kohonen, Self-Organizing Maps (3rd), Springer, 2001.
  15. Rhee Hyunsook, "An Adaptive Classification Model Using Incremental Training Fuzzy Neural Networks," Journal of Fuzzy Logic and Intelligent Systems, Vol.16, No.6, 2006, pp.736-741. https://doi.org/10.5391/JKIIS.2006.16.6.736
  16. Keon-Myung Lee, "Classification Rule Mining from Fuzzy Data based on Fuzzy Decision Tree," J. of KIISE : software and applications, 28(1), 2001, pp.64-72.
  17. E. Brickell, et al., "Direct Anonymous Attestation," In Proc of 11th ACM Conference on Computer and Communications Security, ACM Press, 2004 Practical Solutions to Identification and Signature Problems, ACPC 86, LNCS, 1987.
  18. TCG, TCG Specification Architecture Overview Specification Revision 1.3, 2007.
  19. R.L. Keeney and H. Raiffa, Decisions with Multiple Objectives: Preferences and Value Tradeoffs, John Wiley & Sons, New York, NY, 1976.
  20. L. Martignon and U. Hoffrage, Why Does One-Reason Decision Making Work? In Simple Heuristics That Make Us Smart, Oxford University Press, New York, 1999, pp. 119-140.