• Title/Summary/Keyword: Single-Sign On

Search Result 200, Processing Time 0.027 seconds

RFID Access Control Using Extended Usage Control Model (확장된 사용 제어 모델을 이용한 RFID 접근 제어)

  • Shin, Woo-Chul;Yoo, Sang-Bong
    • The Journal of Society for e-Business Studies
    • /
    • v.12 no.4
    • /
    • pp.127-144
    • /
    • 2007
  • This paper describes an Security Manager that integrally manages the Information Service related to RFID middleware, Object Name Service, and Web Service for upper level applications. In order to provide the access control of distributed RFID objects, Single-Sign-On has been implemented by extending existing UCON (Usage Control) model and SAML (Security Assertion Markup Language) assertions. The security technology of distributed RFID systems can be included in middleware and protect RFID information. In the future, it can be also applied to ubiquitous sensor networks.

  • PDF

A Java-Based Single Sign-On Library Supporting SAML(Security Assertion Markup Language) for Distributed Applications (분산 Application을 위한 SAML(Security Assertion Markup Language) 지원의 자바 기반 Single Sign-On Library의 설계 및 구현)

  • 정종일;차무홍;신동규;신동일;문기영;김주한
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2003.12a
    • /
    • pp.324-329
    • /
    • 2003
  • Single Sign-On(SSO)은 사용자가 단 한번의 인증으로 분산된 시스템에서 제공하는 다른 서비스에 로그인하는 것을 가능하게 하는 보안 특징이다. SAML은 서로 다른 entity들 사이에서 인증, 권한 그리고 profile 정보의 교환을 가능하게 하는 XML기반의 SSO표준이다. 이러한 표준은 분산 환경에서 서로 다른 보안 서비스들 사이에 상호운용성을 제공한다. 본 논문에서는 SAML APIs로 구성된 자바 기반의 SSO library를 설계 및 구현하고 SAML APIs를 검증하기 위해 분산 application의 prototype을 구성하였다. 개발된 library에서 무결성, 부인방지, 그리고 기밀성 같은 보안고려사항들을 XML기반의 서명과 암호화를 적용하여 보장한다.

  • PDF

Design and Implementation of a Java-Based Single Sign-On Library Supporting SAML (Security Assertion Markup Language) for Grid and Web Services Security (SAML을 이용한 그리드와 웹 서비스 보안을 위한 자바 기반 Single Sign-On 라이브러리의 설계 및 구현)

  • Jeong Jongil;Yu Seokhwan;Shin Dongkyoo;Shin Dongil;Cha Moohong
    • The KIPS Transactions:PartC
    • /
    • v.12C no.3 s.99
    • /
    • pp.339-346
    • /
    • 2005
  • In recent years, the Grid development focus is transitioning from resources to services, A Grid Service is defined as a Web Service that provides a set of well-defined interfaces and follows specific conventions. SAML as a standard for Web Services which enables exchange of authentication, authorization, and profile information between different entities provides interoperability among different security services in distributed environments. In this paper, we implemented SAML API. By offering interoperability for non XML-based authentication technologies using SAML specification offering a method to integrate the existing Single Sign-On technologies, the API provides convenience for accessing different services in Grid architecture.

Sign Language Translation Using Deep Convolutional Neural Networks

  • Abiyev, Rahib H.;Arslan, Murat;Idoko, John Bush
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.14 no.2
    • /
    • pp.631-653
    • /
    • 2020
  • Sign language is a natural, visually oriented and non-verbal communication channel between people that facilitates communication through facial/bodily expressions, postures and a set of gestures. It is basically used for communication with people who are deaf or hard of hearing. In order to understand such communication quickly and accurately, the design of a successful sign language translation system is considered in this paper. The proposed system includes object detection and classification stages. Firstly, Single Shot Multi Box Detection (SSD) architecture is utilized for hand detection, then a deep learning structure based on the Inception v3 plus Support Vector Machine (SVM) that combines feature extraction and classification stages is proposed to constructively translate the detected hand gestures. A sign language fingerspelling dataset is used for the design of the proposed model. The obtained results and comparative analysis demonstrate the efficiency of using the proposed hybrid structure in sign language translation.

Single Sign On between Grid Portal and Web applications on MGrid (MGrid에서 그리드 포털과 웹 어플리케이션의 통합인증)

  • Heo, Dae-Young;Hwang, Dae-Bok;Hwang, Sun-Tae
    • Journal of the Korea Society of Computer and Information
    • /
    • v.14 no.12
    • /
    • pp.1-8
    • /
    • 2009
  • Grid services offer SSO(single sign-on) mechanism using GSI(grid security infrastructure) based on X.509. However. portal applications in web environment use ID and password model for single sign-on. Grid portals means a system which provides grid services by integrating portlet contents on single web interface. In existing research such as GAMA and PURSE, SSO for a whole grid portal is figured out in the way that user is authenticated by ID and password in front and call grid service via GSI at back-end. Other types of web applications outside of portlet framework cannot unfortunately access grid service in SSO way in the existing researches, because the SSO mechanism is developed for portlet framework only. In this paper, we suggest a SSO mechanism based on ID and password model, which forwards authentication information and a GSI token for grid access among portlets and grid-enabled web applications. This mechanism is applied to MGrid for SSO, which consists of applications of java web start, applet, servlet, and etc. as also as portlets.

An Automatic Road Sign Recognizer for an Intelligent Transport System

  • Miah, Md. Sipon;Koo, Insoo
    • Journal of information and communication convergence engineering
    • /
    • v.10 no.4
    • /
    • pp.378-383
    • /
    • 2012
  • This paper presents the implementation of an automatic road sign recognizer for an intelligent transport system. In this system, lists of road signs are processed with actions such as line segmentation, single sign segmentation, and storing an artificial sign in the database. The process of taking the video stream and extracting the road sign and storing in the database is called the road sign recognition. This paper presents a study on recognizing traffic sign patterns using a segmentation technique for the efficiency and the speed of the system. The image is converted from one scale to another scale such as RGB to grayscale or grayscale to binary. The images are pre-processed with several image processing techniques, such as threshold techniques, Gaussian filters, Canny edge detection, and the contour technique.

Design of KT′s Single Sign-On on Public Key Infrastructure (공개키 기반 구조에서 KT Single Sign-On 설계)

  • Yeon, Seung-Ho;Park, Hyun-Gyu;Oh, Hee-Soo;Kim, Yeong-Heon;Jun, Byoung-Min
    • Journal of KIISE:Computing Practices and Letters
    • /
    • v.8 no.2
    • /
    • pp.231-239
    • /
    • 2002
  • This paper gives a comprehensive overview of the SSO solution design on the intranet. SSO described in this paper is based on LDAP, PKI and CA. We designed the data structure to hold many various application services by changing the attribute and DN of LDAP DB. We built LDAP DB using the employee records stored in our organization database. LDAP DB is routinely updated from the database. CA Server that depends on PKI is used to issue the certificates. SHTTP based on SSL is used to protect the data between certificate server and the intranet users.

A study of SSO design based SAML for public library clustering (공공도서관 클러스터링을 위해 SAML 기반의 사용자통합인증 설계에 관한 연구)

  • Byeon, Hoi Kyun;Ko, Il Ju
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.4 no.3
    • /
    • pp.55-67
    • /
    • 2008
  • The user has to subscribe to the library so that user use the library service. User has to register at that in order to use of the nearby another library. Moreover, service such as the inter-library loan and returning my loan book to other library in which the mutual cooperation between the library is needed necessity. But it services due to the constraint condition because of the administrative or technical problems. In this paper excludes the administrative element. The web service model is forming the cluster based on the mutual cooperation between the technologically adjacent public library and provides the technologically necessary single sign-on (SSO) in order to support the additional service. The single sign-on of the library which is concluded by this model using the security information exchange standard (Security Assertion Markup Language : SAML), it is processed by XML base. In using this model, the loan information is confirmed in the attribution in return service library and the model can utilize for the return of loan book in other library. It designs the single sign-on about it.

Design and Implementation of Web Service System for secure Message Transmission in Electronic Commerce (전자상거래 환경에서의 안전한 메시지 전송을 위한 웹 서비스 시스템 설계 및 구현)

  • Park, Jong-Hoon;Kim, Chul-Won
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.14 no.8
    • /
    • pp.1855-1860
    • /
    • 2010
  • This paper describes construction of web services system for secure message transmission appling web services standards. This system composes single sign on module, SSL module and secure message module. We applied these modules to price comparison site. Single sign on module used SAML standards. This module was designed, in order to provide authentication and authorization. As SSL module processes message encryption among end to end, messages of this system are secure. Secure message module is designed according to WS-Security standards and processes authentication, XML signature and XML encryption.

Measurement of Remediation for Compromised User Account of Web Single Sign-On (SSO) (침해된 웹 SSO 계정 보호를 위한 보안 조치 실험 연구)

  • Nam, Ji-Hyun;Choi, Hyoung-Kee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.5
    • /
    • pp.941-950
    • /
    • 2021
  • Single Sign-On (SSO) service manages user's account passwords from multiple websites so that security in a high level is required. Users who use the SSO service are authenticated through the Identity Provider (IdP) when logging into the website. We present the security requirements that IdP can take in order to minimize the user's risk whose IdP account is compromised. We describe the security threats that arise when the security requirements are not satisfied. Through evaluation, we prove that the attacker's session cannot be canceled even if the user recognizes the attack if the IdP does not satisfy the security requirements.