• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.59-67
• /
• 2003

PMI(Privilege Management Infrastructure) certificates as well as Public-Key certificates must be validated before being used. Validation for a PMI certificate requires PMI certificate path validation, and PKC(Public-Key Certificate) path validations for each entity in the PMI certificate path. This validation work is quite complex and burdened to PMI certificate verifiers. Therefore, this paper suggests a delegated PMI certificate validation that uses specialized validation server, and defines a validation protocol which is used between validation server and client.

• Journal of the Korea Society of Computer and Information
• /
• v.7 no.2
• /
• pp.9-18
• /
• 2002

SECOS(SoonChunHyang E-Commerce System) is the e-commerce system which was developed by e-commerce software research center in soonchunhyang univ. The system was composed of payment system, retrieving system and framework being used to combine these systems. The modules in the system was composed of components which was developed by CBSE(Component Based Software Engineering) method. In this paper. we implement the Role Based Access Control(RBAC) component for access control of SECOS. We use Attribute Certificates(ACs) in order to implement RBAC in the distributed retrieving system, and implement Attribute Authorities(AAs) which can provide ACs. The Proposed system is implemented by EIB component based JAVA.

• Asia Marketing Journal
• /
• v.17 no.3
• /
• pp.105-127
• /
• 2015

This study compares experienced and inexperienced consumers' patterns in cue utilisation in product evaluations in the arts market. Borrowing the notion of high- and low-scope cues introduced by the cue-diagnosticity framework, we differentiate between the two most readily discernible extrinsic cues in the fine arts market - an art gallery's brand reputation (a high-scope cue) and certificates of authenticity (a low-scope cue). These two cues are different in nature; the former is more abstract, intangible, and rich in content, so is more difficult to interpret than the latter. Given the differences in experienced and inexperienced consumers' information processing styles, we hypothesise that experienced arts consumers form perceived credibility of and purchase intentions towards artworks based on high-scope cues, whereas inexperienced consumers do so based on low-scope cues. To test our hypothesis, we conducted a consumer intercept study at Korea's two most representative art fairs. The survey participants were categorised into either experienced or inexperienced consumers based on their prior purchase experience, and their responses to a set of attribute combinations about two artworks created by the same artist were collected. The results indicate that experienced participants show higher purchase intentions when an art gallery's reputation is very high, whereas inexperienced participants show higher purchase intentions when artworks are accompanied by certificates of authenticity. This congruency effect between prior experience and cue type is mediated by the perceived credibility of the artworks. The findings suggest a correspondence between a consumer's prior experience and the types of extrinsic cues that are important in product evaluations. To the best of our knowledge, this study is the first attempt ever to investigate the role of prior experience in determining when to use high- or low-scope cues. It also provides a useful frame of reference to advise marketers on the effective sales approach based on a client's prior purchase experience.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.4
• /
• pp.228-233
• /
• 2014

In recent general social surveillance systems, secure access control mechanism is needed. ONVIF establishes standards for interoperability between cameras and defines web service framework for it. In this paper we present an efficient attribute based access control mechanism for surveillance system networks which follow the ONVIF standards. It accommodates web service information security techniques and provides efficient secure access control.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.2
• /
• pp.231-239
• /
• 2002

This paper gives a comprehensive overview of the SSO solution design on the intranet. SSO described in this paper is based on LDAP, PKI and CA. We designed the data structure to hold many various application services by changing the attribute and DN of LDAP DB. We built LDAP DB using the employee records stored in our organization database. LDAP DB is routinely updated from the database. CA Server that depends on PKI is used to issue the certificates. SHTTP based on SSL is used to protect the data between certificate server and the intranet users.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.455-468
• /
• 2008

In this paper, we propose FAS model for establishing trust based on digital certificates in Grid security framework. The existing RBAC(Role Based Access Control) model is extended to provide permissions depending on the users‘ roles. The FAS model is designed for a system independent integrated Grid security by detailing and extending the fundamental architecture of user, role, and permission. FAS decides each user’s role, allocates access right, and publishes attribute certificate. FAS is composed of three modules: RDM, PCM, and CCM. The RDM decides roles of the user during trust negotiation process and improves the existing low level Grid security in which every single user maps a single shared local name. Both PCM and CCM confirm the capability of the user based on various policies that can restrict priority of the different user groups and roles. We have analyzed the FAS strategy with the complexity of the policy graph-based strategy. In particular, we focused on the algorithm for constructing the policy graph. As a result, the total running time was significantly reduced.

• Journal of KIISE:Information Networking
• /
• v.32 no.3
• /
• pp.291-300
• /
• 2005

The Ubiquitous computer environment is thing which invisible computer that is not shown linked mutually through network so that user may use computer always is been pervasive. Intend computing environment that can use easily as user wants and it is the smart environment that user provides context awareness that is wanting computing environment. This Ubiquitous computing contains much specially weak side in security. Masquerade attack of that crawl that is quoted to user or server among device that is around user by that discrete various computing devices exist everywhere among them become possible. Hereupon, in this paper, proposed method that have following characteristic. Present authentication model through transfer or device. Suggest two method that realize authentication through device in case of moved to method(MD: Multi Domain) and user ownself space(SD: Single Domain) that realize authentication through device in case of moved user's direct path who device differs.