{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00010329","sets":["581:612:621"]},"path":["621"],"owner":"1","recid":"10329","title":["マルチユーザシステムにおける利用者単位でのネットワークアクセス制御手法"],"pubdate":{"attribute_name":"公開日","attribute_value":"2006-04-15"},"_buckets":{"deposit":"79428b4b-4a6d-4b2e-b190-4bd197302c7c"},"_deposit":{"id":"10329","pid":{"type":"depid","value":"10329","revision_id":0},"owners":[1],"status":"published","created_by":1},"item_title":"マルチユーザシステムにおける利用者単位でのネットワークアクセス制御手法","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"マルチユーザシステムにおける利用者単位でのネットワークアクセス制御手法"},{"subitem_title":"Design and Implementation of User-based Network Access Control Mechanism on Multiuser Systems","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"特集：再考分散システム/インターネットの運用・管理","subitem_subject_scheme":"Other"}]},"item_type_id":"2","publish_date":"2006-04-15","item_2_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"岡山大学総合情報基盤センター"},{"subitem_text_value":"キヤノンシステムソリューションズ株式会社"},{"subitem_text_value":"岡山大学総合情報基盤センター"},{"subitem_text_value":"津山工業高等専門学校"},{"subitem_text_value":"大阪市立大学大学院創造都市研究科"}]},"item_2_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Information Technology Center Okayama University","subitem_text_language":"en"},{"subitem_text_value":"Canon System Solutions Inc.","subitem_text_language":"en"},{"subitem_text_value":"Information Technology Center Okayama University","subitem_text_language":"en"},{"subitem_text_value":"Tsuyama National College of Technology","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Creative Cities  Osaka City University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/10329/files/IPSJ-JNL4704018.pdf"},"date":[{"dateType":"Available","dateValue":"2008-04-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-JNL4704018.pdf","filesize":[{"value":"201.1 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"8"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"7e07cbd5-9ca2-495f-9922-49c58bce1f81","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2006 by the Information Processing Society of Japan"}]},"item_2_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"山井, 成良"},{"creatorName":"眞鍋宏隆"},{"creatorName":"岡山, 聖彦"},{"creatorName":"宮下, 卓也"},{"creatorName":"松浦, 敏雄"}],"nameIdentifiers":[{}]}]},"item_2_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Nariyoshi, Yamai","creatorNameLang":"en"},{"creatorName":"Hirotaka, Manabe","creatorNameLang":"en"},{"creatorName":"Kiyohiko, Okayama","creatorNameLang":"en"},{"creatorName":"Takuya, Miyashita","creatorNameLang":"en"},{"creatorName":"Toshio, Matsuura","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_2_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN00116647","subitem_source_identifier_type":"NCID"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_6501","resourcetype":"journal article"}]},"item_2_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"1882-7764","subitem_source_identifier_type":"ISSN"}]},"item_2_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"教育用計算機環境においては，様々なレベルの利用者が存在するため，ネットワークに対する利用者単位でのアクセス制御機能が重要である．しかし，UNIX，LINUX などのマルチユーザシステムでは，ほとんどが利用者単位でのアクセス制御機能を備えておらず，またこのような機能を備えているマルチユーザシステムであっても膨大な数のアクセス制御ルールを設定する必要があるため，管理コストが高かったり，性能が劣化したりする問題があった．そこで本論文ではこれらの問題を解決するために，アクセス制御ルールを利用者単位に分割して，パケット所有者に関するルールのみを参照する方法を提案する．また，本方法ではTCP 通信だけでなくUDP 通信に対してもフロー単位でアクセス制御を行うようにする．これにより，利用者間でのルールの共有による管理の省力化や動作の高速化が可能となる．提案手法に基づいた試作システムの性能評価の結果，多数の利用者が登録されている場合でも十分高速にアクセス制御を行うことができ，提案手法の有効性が確認された．","subitem_description_type":"Other"}]},"item_2_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"On educational computer environment, a user-based network access control mechanism is important since there exist many kinds of users. However, as for existing multiuser systems such as UNIX and LINUX, most of them have no such a mechanism or otherwise they have some problems on this access control mechanism, such that administrative cost becomes considerably large, and the performance of network degrades, since a huge number of access control rules are required. In this paper, in order to solve these problems, we propose a method that divides the whole rules into individual rule sets and that refers to only the rule set of the packet owner. In addition, access control per flow is performed on both TCP and UDP communications. Accordingly, this proposed method reduces administrative cost by sharing of rule sets among users and improves performance. According to the result of performance evaluation of a prototype system based on the proposed method, the performance of access control is improved significantly even if many users exist on the system, and consequently we confirm that the proposed method works effectively and efficiently.","subitem_description_type":"Other"}]},"item_2_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"1165","bibliographic_titles":[{"bibliographic_title":"情報処理学会論文誌"}],"bibliographicPageStart":"1157","bibliographicIssueDates":{"bibliographicIssueDate":"2006-04-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"4","bibliographicVolumeNumber":"47"}]},"relation_version_is_last":true,"item_2_alternative_title_2":{"attribute_name":"その他タイトル","attribute_value_mlt":[{"subitem_alternative_title":"アクセス制御・認証"}]},"weko_creator_id":"1"},"id":10329,"updated":"2025-01-23T02:54:35.633246+00:00","links":{},"created":"2025-01-18T22:45:16.177158+00:00"}