HyungHyo Lee
Wonkwang University
Network
Latest external collaboration on country level. Dive into details by clicking on the dots.
Publication
Featured researches published by HyungHyo Lee.
sensor networks ubiquitous and trustworthy computing | 2006
InSu Kim; HeeMan Park; Bong-Nam Noh; YoungLok Lee; SeungYong Lee; HyungHyo Lee
The study deals with the most important elements of ubiquitous computing, that is, the toolkit to acquire, express and safely use the context information. To do so, we introduce CAST (context-awareness simulation toolkit) and show how it works. CAST generates users and devices in a virtual home domain, designates their relation and creates virtual context information. The created context information is reused by the request of application and put into use for context learning. Particularly, we have given a consideration to security in the process of context creation and its consumption. That is, we applied SPKI/SDSI to test if the created context information was valid information and if the application that called for the context had legitimate authority to do so. CAST not only captures virtual context information, but it also guarantees the safe sharing of the context information requested by the application
international conference on intelligent computing | 2006
InSu Kim; YoungLok Lee; HyungHyo Lee
The study deals with the most important elements of ubiquitous computing, that is, the toolkit to acquire, express and safely use the context information. To do so, we introduce security middleware of CAST(Context-Awareness Simulation Toolkit) and show how it works. CAST generates users and devices in a virtual home domain, designates their relation and acquires virtual context information. The created context information is reused by the request of application and put into use for context learning. Particularly, we have given a consideration to security in the process of context acquisition and its consumption. That is, we applied SPKI/SDSI to test if the created context information was valid information and if the application that called for the context had legitimate authority to do so. CASTmiddleware not only captures virtual context information, but it also guarantees the safe sharing of the context information requested by the application.
international symposium on computer and information sciences | 2003
HyungHyo Lee; YoungRok Lee; Bong-Nam Noh
Delegation in computer systems plays an important role in relieving security officer’s management efforts, especially in a large-scale, highly decentralized environment. By distributing management authorities to a number of delegatees, scalable and manageable security management functionality can be achieved. Recently, a number of researches are proposed to incorporate delegation concept into Role-Based Access Control(RBAC) model, which is becoming a promising model for enterprise environment with various organization structures. In this paper, we propose a new role-based delegation model using sub-role hierarchies supporting restricted inheritance functionality, in which security administrator can easily control permission inheritance behavior using sub-roles. Also, we describe how role-based user-to-user, role-to-role delegations are accomplished in the proposed model and analyze our delegation model against various delegation characteristics.
embedded and ubiquitous computing | 2005
YoungLok Lee; HyungHyo Lee; SeungYong Lee; HeeMan Park; Bong-Nam Noh
In the ubiquitous computing environment new service components should be able to connect to networks at any time, and clients also should be able to use them immediately even without extra settings. Jini is one of the widely used middlewares today. Although event management is an essential component of ubiquitous middlewares, Jini is distributed without event management service. Accordingly, we design and implement the event manager based on Jini and suggest three methods in which only right event consumer can listen to the event using Access-Control Lists and SPKI/SDSI certificates. In the proposed method, our event manager controls the access of events by putting trust checking engine on Jini.
ubiquitous intelligence and computing | 2006
SeungYong Lee; YoungLok Lee; HyungHyo Lee
The key feature of ubiquitous computing services or applications is that they should be highly adaptive to events and context information. These factors are essential in ubiquitous computing environments. The services and applications must communicate with each other through fixed or ad-hoc networks. In ubiquitous computing, the event and context managers must be provided at the middleware level, for convenient development of associated applications. In this paper, ubiquitous computing middleware supporting event and context management services are proposed. The JavaSpaces service in Jini network technology is proposed to modify and develop the event manager, because JavaSpaces contains various interfaces that can be used to implement event management services, such as write, read and notify. Due to excellent GUI support, Macromedia Flash was used to represent the virtual ubiquitous computing environment, with communications through XMLSocket. It is demonstrated that the developed event and context managers can make it straightforward to efficiently develop ubiquitous computing applications.
international conference on computational science and its applications | 2005
Hyangchang Choi; Yonghoon Yi; Jae-Hyun Seo; Bong-Nam Noh; HyungHyo Lee
The problem of privacy of the Identity Management System (IMS) is the most pressing concern of ordinary users. Uncertainty about privacy keeps many users away from utilizing IMS. Most privacy-enhancing technologies such P3P, E-P3P and EPAL use purposes or policies to ensure privacy that is set by users. Access control is arguably the most fundamental and pervasive security mechanism in use. This paper proposes a privacy protection model using access control for IMS. The proposed model protects privacy using access control techniques with privacy policies in a single circle of trust. We address characteristics of components for the proposed model and describe access control procedures. After that, we show protection architecture and XML-based schema for privacy policies.
embedded and ubiquitous computing | 2005
YoungLok Lee; HyungHyo Lee; SeungYong Lee; InSu Kim; Bong-Nam Noh
Ubiquitous computing services have to adapt to the context information. These services have to communicate with each other through fixed network or ad-hoc, it is the ubiquitous middleware to be able to help those services. With regard to the adaptation of middleware’s components, context manager and event manager are required. Recently there is a widely used middleware, Jini, but it is distributed without the event manager services. Therefore we implement the event manages which can manage events in Jini environments, and describe ubiquitous computing applications running environment using our event management system. Our event manager is implemented by modifying Javaspaces.
asia pacific web conference | 2003
Yonghoon Yi; MyongJae Kim; YoungLok Lee; HyungHyo Lee; Bong-Nam Noh
A successful marriage ofWeb and RBAC technology can support effective enterprise-wide security in large-scale systems. But RBAC has a role hierarchy concept that senior role inherits all permissions of junior roles. In the corporate environments, senior role need not have all authority of junior roles, and unconditional inheritance in role hierarchy causes undesirable side effects(permission abuse) and violates the principle of least privilege. In this paper, we re-explore role and permission inheritance and propose a new model providing restricted permission inheritance. To do this, we divide a single role into sub-roles(Corporate/Department Common role, Restricted Inheritance role, Private Role) based on the degree of inheritance and business characteristics and make role hierarchy with sub-roles. It is very useful to solve unconditional inheritance problem in a corporate environment. And we describe formal description of proposed model. Lastly, we show a system architecture applying RBAC with proposed model within a corporate web environment.
parallel computing | 2004
HyungHyo Lee; YoungLok Lee; Bong-Nam Noh
RBAC model is renowned as a security model for corporate environment, since its components, especially role hierarchy, are suitable for modeling an organization structure. But the functional role hierarchy constructed through the existing role engineering approaches does not reflect an organization structure, because they do not take the structural characteristics of the organization into account. Also, it has been observed that the unconditional permission inheritance property in functional role hierarchy may breach a least privilege security principle and make it impossible to define separation of duty requirements on roles that have a common senior role. In this paper, we propose a role engineering methodology considering organizational roles as well as functional roles to provide a practical RBAC model for corporate environment. We also elaborate the characteristics of organizational roles relatively neglected in the previous work, and compare them with those of functional roles. And models for associating organizational and functional roles and those role hierarchies (unified vs. separate) are proposed and the advantages and shortcomings of those models are given.
international conference on information networking | 2002
HyungHyo Lee; Bong-Nam Noh
Policy-Based Network Management(PBNM) architecture is to meet various needs of network users, and to provide effective management facilities in distributed and large-scaled networks to network administrators. In PBNM, network administrators perform network management operations by stipulating a set of rules rather than control each network component. On the other hand, by providing security services such as authentication, privacy of messages as well as a new flexible and extensible administration framework, SNMPv3 enables network administrators to monitor and control the operation of network components more secure than its predecessors. Despite of its enhanced security services, SNMPv3 has deficiencies in managing distributed, large-scaled network because it does not provide centralized and policy-based security management facilities. In this paper, we propose a new security model, named Role-based Security Model(RSM) with security management policy, to support scalable and centralized security management for SNMP-based networks. Also, the analysis of the SNMPv3 security system extended by RSM is also described.