• The KIPS Transactions:PartC
• /
• v.10C no.3
• /
• pp.273-280
• /
• 2003

When an existing user authorization systems in Grid access many user to local system and subject DN (Distinguished Name) in a user-proxy authenticate and ID in local system is one-to-one mapping, they have difficulties in ID management, memory resource management and resource management. At this, a variety of subject DN is shared of one local ID in an existing Grid. But this faces many difficulties in applying all requirements for many Grid users. Thus, we suppose user authorization system based on a certificate not them based on ID in this paper. That is, we add user's access level to extension field in a certificate, and make a supposed authorization system decide access limitation level on resources instead of an existing ID mapping methods.

• Journal of information and communication convergence engineering
• /
• v.2 no.2
• /
• pp.128-131
• /
• 2004

We suggest resource authorization system based on RBAC admitting someone to access resources. In existing grid environment, The authorization mechanism on user's resource is to give users an authority on the basis of DN(Distinguished Name) of proxy certificate and map file mapped in local system ID by one-to-one. In this case, it is difficulty in resource management such as each accounting management, memory resource, and disk resource, if the number of users, who want to use them is increased. To solve this problem, we specify the role of user's task in extension fields of his proxy certificate instead of the authorization mechanism of user's ID and propose resource authorization system being able to access his resource.

• Journal of Internet Computing and Services
• /
• v.13 no.1
• /
• pp.15-25
• /
• 2012

Mobile IPv6 (MIPv6) is a host-based protocol supporting global mobility while Proxy Mobile IPv6 (PMIPv6) is a network-based protocol supporting localized mobility. This paper makes its focus on how to reduce the longer delay and extra cost arising from the combination of authentication, authorization and accounting (AAA) and PMIPv6 further. Firstly, a novel authentication scheme (Proxy-AAA) is proposed, which supports fast handover mode and forwarding mode between different local mobility anchors (LMAs). Secondly, a cost analysis model is established based on Proxy-AAA. From the theoretical analysis, it could be noted that the cost is affected by average arrival rate and residence time.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.137-144
• /
• 2004

3GPP(3rd Generation Project Partnership)-WLAN(Wireless Local Area Network) interworking refers to the utilization of resources and access to services within the 3GPP system by the WLAN UE(User Equipment) and user respectively. The intent of 3GPP-WLAN Interworking is to extend 3GPP services and functionality to the WALN access environment. We propose an efficient mechanism for the setup of UE-initiated tunnels in 3GPP-WLAN interworking. The proposed mechanism is based on a secret key which is pre-distributed in the process of authentication and key agreement between UE and 3GPP AAA(Authentication, Authorization Accounting) server. Therefore it can avoid modular exponentiation and public key signature which need a large amount of computation in UE. Also the proposed scheme provides mutual authentication and session key establishment between UE and PDGW(Packet Data Gateway).

• The Journal of Korean Medicine
• /
• v.33 no.3
• /
• pp.147-159
• /
• 2012

Objectives: Systems related to the production, authorization, and listing for insurance of herbal medicine products were compared between South Korea and Taiwan to illuminate herbal medicine products system issues in South Korea. Methods: Papers, and laws and policies related to the production, authorization, and listing for insurance of herbal medicine products in South Korea and Taiwan are analyzed to create the primary documents. The documents from South Korea were screened with the advice of a specialist, while those from Taiwan have been verified through local investigation and with the help of a related specialist. The screened documents were then compared and analyzed in the order of the systems related to the production, authorization, and listing for insurance of herbal medicine products. Results: The systems related to the production of herbal medicine products satisfy GMP requirements in both countries, while Taiwan has more specialized systems related to the production of herbal medicine products and a more strict authorization program as compared to South Korea. While South Korea has most of the herbal medicine products classified as non-prescription drugs, Taiwan has them as prescription drugs. And while South Korea does not allow new herbal medicine products to be listed for insurance, Taiwan allows for once-a-year application toward listing for insurance. Conclusions: In order to ensure the safe and effective use of herbal medicine products, systems related to the production, authorization, and listing for insurance of herbal medicine products are to be established, while the categorization of medicine products principally used by Korean medicine doctors should be prepared. Furthermore, prescription by a Korean medicine doctor for new drugs made with natural products and their listing for insurance need to be encouraged.

• Journal of Environmental Impact Assessment
• /
• v.20 no.6
• /
• pp.927-936
• /
• 2011

환경영향평가(Environmental Impact Assessment : EIA)는 대규모 개발사업에 관련된 의사결정의 효과성을 향상시킬 수 있는 제도이다. 알제리와 한국의 EIA 제도를 비교분석하여 특징 및 장단점을 파악하여 다른 계획관련 정부기관과 환경관련 기관과의 조정 및 협조 수준의 차이점을 연구하였다. 알제리와 한국의 EIA 제도는 의사결정 절차에 관련된 규정에서는 유사하지만 주민참여 수준에서는 한국이 발달되어 있다. 스크리닝 제도에서는 프랑스의 영향을 받은 알제리의 제도가 비교적 잘 발달되어 있다.

• Journal of KIISE:Information Networking
• /
• v.32 no.5
• /
• pp.551-560
• /
• 2005

To reduce the amount of the signaling messages occurred in movement, HMIPv6 has been introduced as the hierarchical mobility management architecture tor MIPv6 by regarding the locality of movements. When approaching the visited link, the authentication procedure should be done successfully prior to any motility support message exchanges. The AAA(Authentication, Authorization and Account) authentication service is applied gradually to the wireless LAN and Cellular networks. However, It may bring about the service latency for the sessions of requiring the real-time processing due to not providing the optimized signaling in local and frequent movements. In this paper, we propose the authentication architecture with 'delegation' scheme to reduce the amount of signaling message and latency to resume for local movements by integrating it with HMIPv6 architecture. We provide the integrated authentication model and analyze the performance and effectivity of our proposal and finally offer the analysis materials comparing to the exiting authentication scheme. It cuts down the cost to $33.6\%$ at average measurement.

• Journal of information and communication convergence engineering
• /
• v.5 no.2
• /
• pp.144-149
• /
• 2007

Grid technologies make it possible for IT resources to be shared across organizational and security domains. The traditional identity-based access control mechanisms are unscalable and difficult to manage. Thus, we propose the FAS (Federation Agent Server) model which is composed of three modules: Certificate Conversion Module (CCM), Role Decision Module (RDM), and Authorization Decision Module (ADM). The proposed FAS model is an extended Role-Based Access Control (RBAC) model which provides resource access capabilities based on roles assigned to the users. FAS can solve the problem of assigning multiple identities to a shared local name in grid-map file and mapping the remote entity's identity to a local name manually.

• International Journal of Internet, Broadcasting and Communication
• /
• v.5 no.2
• /
• pp.18-22
• /
• 2013

Mobile IPv6 (MIPv6) is a host-based protocol supporting global mobility while Proxy Mobile IPv6 (PMIPv6) is a network-based protocol supporting localized mobility. This paper makes its focus on how to reduce the longer delay and extra cost arising from the combination of authentication, authorization and accounting (AAA) and PMIPv6 further. Firstly, a novel authentication scheme (Proxy-AAA) is proposed, which supports fast handover mode and forwarding mode between different local mobility anchors (LMAs). Secondly, a cost analysis model is established based on Proxy-AAA. From the theoretical analysis, it could be noted that the cost is affected by average arrival rate and residence time.

• Journal of KIISE
• /
• v.41 no.11
• /
• pp.921-926
• /
• 2014

Face detection refers to the process extracting facial regions in an input image, which can improve speed and accuracy of recognition or authorization system, and has diverse applicability. Since conventional works have tried to detect faces based on the whole shape of faces, its detection performance can be degraded by occlusion made with accessories or parts of body. In this paper we propose a method combining local feature descriptors and probability modeling in order to detect partially occluded face effectively. In training stage, we represent an image as a set of local feature descriptors and estimate a statistical model for normal faces. When the test image is given, we find a region that is most similar to face using our face model constructed in training stage. According to experimental results with benchmark data set, we confirmed the effect of proposed method on detecting partially occluded face.