• Journal of Industrial Convergence
• /
• v.21 no.12
• /
• pp.37-43
• /
• 2023

In today's business landscape, collaboration and interoperability are crucial for organizational success and profitability. However, integrating operations across multiple organizations is challenging due to differing roles and policies in Identity and Access Management (IAM). User-centric identity (UCI) adopts a personalized approach to digital identity management, centering on the end-user for authentication and access control. It provides a decentralized system that ensures secure and customized access for each user. UCI aims to address complex security challenges by aligning access privileges with individual user requirements. This research delves into UCI's ability to streamline resource access amidst conflicting IAM roles and protocols across various organizations. The study presents a UCI-based multi-domain access control (MDAC) framework, which encompasses an ontology, a unified method for articulating access roles and policies across domains, and software services melding with UCI infrastructure. The goal is to enhance organizational resource management and decision-making by offering clear guidelines on access roles and policy management across diverse domains, ultimately boosting companies' return on investment.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.11a
• /
• pp.913-915
• /
• 2022

본 논문은 클라우드 환경에 적합한 IAM(Identity and Access Management) 솔루션을 제안한다. 오픈소스 라이브러리인 Keycloak[1]을 이용하여 그룹 별 권한 관리 및 권한에 따른 리소스 관리가 가능하도록 하며, 솔루션을 쉽게 도입하여 사용할 수 있도록 컨테이너 기술을 통해 신속하게 환경을 구축하고 배포할 수 있게 도와주는 플랫폼인 Docker 를 사용해 Docker image 형식으로 제공한다.

• Journal of IKEEE
• /
• v.27 no.4
• /
• pp.548-555
• /
• 2023

With the advancement of the internet, the use of personal information in online interactions has increased, underscoring the significance of data protection. Breaches of personal data due to unauthorized access can result in psychological and financial damage to individuals, and may even enable wide-ranging societal attacks aimed at those associated with the victims. In response to such threats, there is active research into security measures using blockchain to safeguard personal information. This study proposes a system that uses middleware and IAM (Identity and Access Management) services to protect personal information in a BaaS (Blockchain as a Service) environment where blockchain is provided via the Internet. The middleware operates on servers where IAM roles and policies are applied, authenticates users, and performs access control to allow only legitimate users to access blockchain data existing in the cloud. Additionally, to understand the impact of the proposed personal information protection method on the system, we measure the response time according to the time taken and the number of users under three assumed scenarios, and compare the proposed method and research related to personal information protection using blockchain in terms of security characteristics such as idea, type of blockchain, authentication, and confidentiality.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.573-586
• /
• 2016

With the adoption of cloud computing, the number of companies that take advantage of cloud computing has increased. Additionally, various of existing service providers have moved their service onto the cloud and provided user with various cloud-based service. The management of user authentication and authorization in cloud-based service technology has become an important issue. This paper introduce a new technique for providing authentication and authorization with other inter-cloud IAM (Identity and Access Management). It is an essential and easy method for data sharing and communication between other cloud users. The proposed system uses the credentials of a user that has already joined an organization who would like to use other cloud services. When users of a cloud provider try to obtain access to the data of another cloud provider, part of credentials from IAM server will be forwarded to the cloud provider. Before the transaction, Access Agreement must be set for granting access to the resource of other Organization. a user can access the resource of other organization based on the control access configuration of the system. Using the above method, we could provide an effective and secure authentication system on the cloud.