• The Journal of Society for e-Business Studies
• /
• v.12 no.4
• /
• pp.127-144
• /
• 2007

This paper describes an Security Manager that integrally manages the Information Service related to RFID middleware, Object Name Service, and Web Service for upper level applications. In order to provide the access control of distributed RFID objects, Single-Sign-On has been implemented by extending existing UCON (Usage Control) model and SAML (Security Assertion Markup Language) assertions. The security technology of distributed RFID systems can be included in middleware and protect RFID information. In the future, it can be also applied to ubiquitous sensor networks.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.324-329
• /
• 2003

Single Sign-On(SSO)은 사용자가 단 한번의 인증으로 분산된 시스템에서 제공하는 다른 서비스에 로그인하는 것을 가능하게 하는 보안 특징이다. SAML은 서로 다른 entity들 사이에서 인증, 권한 그리고 profile 정보의 교환을 가능하게 하는 XML기반의 SSO표준이다. 이러한 표준은 분산 환경에서 서로 다른 보안 서비스들 사이에 상호운용성을 제공한다. 본 논문에서는 SAML APIs로 구성된 자바 기반의 SSO library를 설계 및 구현하고 SAML APIs를 검증하기 위해 분산 application의 prototype을 구성하였다. 개발된 library에서 무결성, 부인방지, 그리고 기밀성 같은 보안고려사항들을 XML기반의 서명과 암호화를 적용하여 보장한다.

• The KIPS Transactions:PartC
• /
• v.12C no.3 s.99
• /
• pp.339-346
• /
• 2005

In recent years, the Grid development focus is transitioning from resources to services, A Grid Service is defined as a Web Service that provides a set of well-defined interfaces and follows specific conventions. SAML as a standard for Web Services which enables exchange of authentication, authorization, and profile information between different entities provides interoperability among different security services in distributed environments. In this paper, we implemented SAML API. By offering interoperability for non XML-based authentication technologies using SAML specification offering a method to integrate the existing Single Sign-On technologies, the API provides convenience for accessing different services in Grid architecture.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.2
• /
• pp.631-653
• /
• 2020

Sign language is a natural, visually oriented and non-verbal communication channel between people that facilitates communication through facial/bodily expressions, postures and a set of gestures. It is basically used for communication with people who are deaf or hard of hearing. In order to understand such communication quickly and accurately, the design of a successful sign language translation system is considered in this paper. The proposed system includes object detection and classification stages. Firstly, Single Shot Multi Box Detection (SSD) architecture is utilized for hand detection, then a deep learning structure based on the Inception v3 plus Support Vector Machine (SVM) that combines feature extraction and classification stages is proposed to constructively translate the detected hand gestures. A sign language fingerspelling dataset is used for the design of the proposed model. The obtained results and comparative analysis demonstrate the efficiency of using the proposed hybrid structure in sign language translation.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.1-8
• /
• 2009

Grid services offer SSO(single sign-on) mechanism using GSI(grid security infrastructure) based on X.509. However. portal applications in web environment use ID and password model for single sign-on. Grid portals means a system which provides grid services by integrating portlet contents on single web interface. In existing research such as GAMA and PURSE, SSO for a whole grid portal is figured out in the way that user is authenticated by ID and password in front and call grid service via GSI at back-end. Other types of web applications outside of portlet framework cannot unfortunately access grid service in SSO way in the existing researches, because the SSO mechanism is developed for portlet framework only. In this paper, we suggest a SSO mechanism based on ID and password model, which forwards authentication information and a GSI token for grid access among portlets and grid-enabled web applications. This mechanism is applied to MGrid for SSO, which consists of applications of java web start, applet, servlet, and etc. as also as portlets.

• Journal of information and communication convergence engineering
• /
• v.10 no.4
• /
• pp.378-383
• /
• 2012

This paper presents the implementation of an automatic road sign recognizer for an intelligent transport system. In this system, lists of road signs are processed with actions such as line segmentation, single sign segmentation, and storing an artificial sign in the database. The process of taking the video stream and extracting the road sign and storing in the database is called the road sign recognition. This paper presents a study on recognizing traffic sign patterns using a segmentation technique for the efficiency and the speed of the system. The image is converted from one scale to another scale such as RGB to grayscale or grayscale to binary. The images are pre-processed with several image processing techniques, such as threshold techniques, Gaussian filters, Canny edge detection, and the contour technique.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.2
• /
• pp.231-239
• /
• 2002

This paper gives a comprehensive overview of the SSO solution design on the intranet. SSO described in this paper is based on LDAP, PKI and CA. We designed the data structure to hold many various application services by changing the attribute and DN of LDAP DB. We built LDAP DB using the employee records stored in our organization database. LDAP DB is routinely updated from the database. CA Server that depends on PKI is used to issue the certificates. SHTTP based on SSL is used to protect the data between certificate server and the intranet users.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.3
• /
• pp.55-67
• /
• 2008

The user has to subscribe to the library so that user use the library service. User has to register at that in order to use of the nearby another library. Moreover, service such as the inter-library loan and returning my loan book to other library in which the mutual cooperation between the library is needed necessity. But it services due to the constraint condition because of the administrative or technical problems. In this paper excludes the administrative element. The web service model is forming the cluster based on the mutual cooperation between the technologically adjacent public library and provides the technologically necessary single sign-on (SSO) in order to support the additional service. The single sign-on of the library which is concluded by this model using the security information exchange standard (Security Assertion Markup Language : SAML), it is processed by XML base. In using this model, the loan information is confirmed in the attribution in return service library and the model can utilize for the return of loan book in other library. It designs the single sign-on about it.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.8
• /
• pp.1855-1860
• /
• 2010

This paper describes construction of web services system for secure message transmission appling web services standards. This system composes single sign on module, SSL module and secure message module. We applied these modules to price comparison site. Single sign on module used SAML standards. This module was designed, in order to provide authentication and authorization. As SSL module processes message encryption among end to end, messages of this system are secure. Secure message module is designed according to WS-Security standards and processes authentication, XML signature and XML encryption.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.941-950
• /
• 2021

Single Sign-On (SSO) service manages user's account passwords from multiple websites so that security in a high level is required. Users who use the SSO service are authenticated through the Identity Provider (IdP) when logging into the website. We present the security requirements that IdP can take in order to minimize the user's risk whose IdP account is compromised. We describe the security threats that arise when the security requirements are not satisfied. Through evaluation, we prove that the attacker's session cannot be canceled even if the user recognizes the attack if the IdP does not satisfy the security requirements.