Chang-Joo Moon

Visual modeling and formal specification of constraints of RBAC using semantic web technology

The role-based access control (RBAC) model has garnered great interest in the security community due to the flexible and secure nature of its applicability to the complex and sophisticated information system. One import aspect of RBAC is the enforcing of security policy, called constraint, which controls the behavior of components in RBAC. Much research has been conducted to specify constraints. However, more work is needed on the aspect of sharing information resources for providing better interoperability in the widely dispersed ubiquitous information system environment. This paper provides visual modeling of RBAC policy and specifies constraints of RBAC by employing a semantic web ontology language (OWL) to enhance understanding of constraints for machines and people in a ubiquitous computing environment. Using OWL, constraints were precisely formalized according to the constraint patterns and the effectiveness of OWL specification was demonstrated by showing the reasoning process.

Measuring semantic similarity based on weighting attributes of edge counting

Semantic similarity measurement can be applied in many different fields and has variety of ways to measure it. As a foundation paper for semantic similarity, we explored the edge counting method for measuring semantic similarity by considering the weighting attributes from where they affect an edges strength. We considered the attributes of scaling depth effect and semantic relation type extensively. Further, we showed how the existing edge counting method could be improved by considering virtual connection. Finally, we compared the performance of the proposed method with a benchmark set of human judgment of similarity. The results of proposed measure were encouraging compared with other combined approaches.

Deriving similarity for Semantic Web using similarity graph

One important research challenge of current Semantic Web is resolving the interoperability issue across ontologies. The issue is directly related to identifying semantics of resources residing in different domain ontologies. That is, the semantics of a concept in an ontology differs from others according to the modeling style and intuition of the knowledge expert even though they are the same forms of a concept in each respective ontology. In this paper, we propose a similarity measure to resolve the interoperability issue by using a similarity graph. The strong point of this paper is that we provide a precise mapping technique and similarity properties to derive the similarity. The novel contribution of this paper is that we provide a core technique of computing similarity across ontologies of Semantic Web.

The conflict detection between permission assignment constraints in role-based access control

Assuring integrity of permission assignment (PA) constraints is a difficult task in role-based access control (RBAC) because of the large number of constraints, users, roles and permissions in a large enterprise environment. We provide solutions to this problem using the conflict concept. This paper introduces the conflict model in order to understand the conflicts easily and to detect conflicts effectively. The conflict model is classified as a permission-permission model and a role-permission model. This paper defines two type conflicts using the conflict model. The first type is an inter-PA-constraints (IPAC) conflict that takes place between PA constraints. The other type is a PA–PAC conflict that takes place between a PA and a PA constraint (PAC). Also, the conditions of conflict occurrence are formally specified and proved. We can assure integrity on permission assignment by checking conflicts before PA and PA constraints are applied.

Bridging real world semantics to model world semantics for taxonomy based knowledge representation system

As a mean to map ontology concepts, a similarity technique is employed. Especially a context dependent concept mapping is tackled, which needs contextual information from knowledge taxonomy. Context-based semantic similarity differs from the real world similarity in that it requires contextual information to calculate similarity. The notion of semantic coupling is introduced to derive similarity for a taxonomy-based system. The semantic coupling shows the degree of semantic cohesiveness for a group of concepts toward a given context. In order to calculate the semantic coupling effectively, the edge counting methods is revisited for measuring basic semantic similarity by considering the weighting attributes from where they affect an edge’s strength. The attributes of scaling depth effect, semantic relation type, and virtual connection for the edge counting are considered. Furthermore, how the proposed edge counting method could be well adapted for calculating context-based similarity is showed. Through experimental results are provided for both edge counting and context-based similarity. The results of proposed edge counting were encouraging compared with other combined approaches, and the context-based similarity also showed understandable results. The novel contributions of this paper come from two aspects. First, the similarity is increased to the viable level for edge counting. Second, a mechanism is proviede to derive a context-based similarity in taxonomy-based system, which has emerged as a hot issue in the literature such as Semantic Web, MDR, and other ontology-mapping environments.

FORMAL VERIFICATION OF BUNDLE AUTHENTICATION MECHANISM IN OSGi SERVICE PLATFORM: BAN LOGIC

Security is critical in a home gateway environment. Robust secure mechanisms must be put in place for protecting information transferred through a central location. In considering characteristics for the home gateway environment, this paper proposes a bundle authentication mechanism. We designed the exchange mechanism for transferring a shared secret key. This transports a service bundle safely in the bootstrapping step, by recognizing and initializing various components. In this paper, we propose a bundle authentication mechanism based on a MAC that uses a shared secret key created in the bootstrapping step. In addition, we verify the safety of the key exchange mechanism and bundle authentication mechanism using BAN Logic. From the verified result, we achieved goals of authentication. That is, the operator can trust the bundle provided by the service provider. The user who uses the service gateway can also express trust and use the bundle provided by the operator.

SQL Extension for Multidatabase System

The most important feature of a multidatabase system (MDBS) is to provide the global schema with integrating various models of local database systems (LDBS). However, it is difficult to integrate local schemas into the global schema due to the difference of the syntactical and semantic expressions of LDBSs. In this paper, we propose the standard SQL extension for MDBS called by Multidatabase Query Language (MQL). In addition, we analyze semantic conflicts using case studies and provide solutions to the semantic conflicts using MQL.

Design and Implementation of A Distributed Information Integration System based on Metadata Registry

The mediator-based system integrates heterogeneous information systems with the flexible manner. But it does not give much attention on the query optimization issues, especially for the query reusing. The other thing is that it does not use standardized metadata for schema matching. To improve this two issues, we propose mediator-based Distributed Information Integration System (DIIS) which uses query caching regarding performance and uses ISO/IEC 11179 metadata registry in terms of standardization. The DIIS is designed to provide decision-making support, which logically integrates the distributed heterogeneous business information systems based on the Web environment. We designed the system in the aspect of three-layer expression formula architecture using the layered pattern to improve the system reusability and to facilitate the system maintenance. The functionality and flow of core components of three-layer architecture are expressed in terms of process line diagrams and assembly line diagrams of Eriksson Penker Extension Model (EPEM), a methodology of an extension of UML. For the implementation, Supply Chain Management (SCM) domain is used. And we used the Web-based environment for user interface. The DIIS supports functions of query caching and query reusability through Query Function Manager (QFM) and Query Function Repository (QFR) such that it enhances the query processing speed and query reusability by caching the frequently used queries and optimizing the query cost. The DIIS solves the diverse heterogeneity problems by mapping MetaData Registry (MDR) based on ISO/IEC 11179 and Schema Repository (SCR).

Performance enhancement of real‐time computing for small unmanned helicopter autopilot

Purpose – The purpose of this paper is to make performance improvements and timely critical execution enhancements for operational flight program (OFP). The OFP is core software of autonomous control system of small unmanned helicopter.Design/methodology/approach – In order to meet the time constraints and enhance control application performance, two major improvements were done at real‐time operating system (RTOS) kernel. They are thread scheduling algorithm and lock‐free thread message communication mechanism. Both of them have a direct relationship with system efficiency and indirect relationship with helicopter control application execution stability through improved deadline keeping characteristics.Findings – In this paper, the suitability of earliest deadline first (EDF) scheduling algorithm and non‐blocking buffer (NBB) mechanism are illustrated with experimental and practical applications. Results of this work show that EDF contributes around 15 per cent finer‐timely execution and NBB enhances ker...