고려대학교

초록/요약

With the development of networks, the field of home network becoming significant research area. The ACL (Access Control List) is used to implement the access control policy, EAM (Extranet Access Management) is used for access control setup and SecureOS is used for access control. These systems have some problems. Firstly, unauthenticated external terminals can penetrate the home network. Secondly, it is not convenient for users to set the necessary access information for each device in the home network. Lastly, user privacy is not protected. However, the implementation of user access control on OSGi cannot solve the aforementioned problems, though the OSGi (Open Service Gateway initiative) is known to be a standard service platform for heterogeneous technologies on a home network. In addition, user comfort and privacy are key prerequisites for customer satisfaction and data security in home network environments. Although there are existing methods including ACLs and others control user-access for home network devices, most do not satisfactorily address the issues related to a user’s comfort level and his/her privacy protection. Therefore, the objective of this dissertation is to propose the RBAC-based authorization framework for the home gateway using the reference monitor in an OSGi service platform in order to enhance the operations required to efficiently meet a user’s access, convenience, and privacy concerns. The approach presented in this dissertation resolves the above mentioned problems in the home networks. First, the alternatives, which are not clearly mentioned in OSGi Standardization, are listed. Then the approaches of the proposed framework to these problems are explained. The dissertation can also demonstrate an effective and economical operation method, which reduces the policy change frequency for user access control via RBAC, and the reference monitor concept of limited resources of the home gateway. The reference monitor is a collection of access controls for objects, and can provide the facilities for access control. Furthermore, it includes the comfort of user access control, because it is intended as a core part of how subjects interact with objects. The proposed framework is based on an RBAC model to effectively manage access control. Its policy is classified into two types (e.g., user-role assignment policy and permission-role assignment policy) in an attempt to not only better protect user privacy, but also to improve the performance of the policy operation. The effectiveness of this is verified via simulation based on a “Poisson distribution”. It is argued that the new home gateway model provides sufficient and effective guidelines to future access control policies.