• Title/Summary/Keyword: Single Sign On

Search Result 199, Processing Time 0.026 seconds

A Framework for Trustworthy Open Shared Authentication Protocol (신뢰적인 개방형 공유 인증 프로토콜 프레임워크)

  • Park, Seung-Chul
    • The KIPS Transactions:PartC
    • /
    • v.18C no.6
    • /
    • pp.389-396
    • /
    • 2011
  • Recently, researches on the shared authentication based on single sign-on have been actively performed so as to solve the problems of current service provider-centric and isolated Internet authentications, including low usability, high cost structure, and difficulty in privacy protection. In order for the shared authentication model, where the authentications of an authentication provider are shared by several Internet service providers, to be accepted in real Internet environment, trustworthiness among users, service providers, and authentication providers on the level of authentication assurance and the level of authentication information protection is necessarily required. This paper proposes a framework for trustworthy and privacy-protected shared authentication protocol based on the user-centric operation and open trust provider network. The proposed framework is differentiated from previous works in the points that it is able to provide interoperable shared authentication services on the basis of open trust infrastructure.

Integrated Authentication Protocol of Financial Sector that Modified OAuth2.0 (OAuth2.0을 변형한 금융권 통합인증 프로토콜)

  • Jung, Kyu-Won;Shin, Hye-seong;Park, Jong Hwan
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.2
    • /
    • pp.373-381
    • /
    • 2017
  • Currently, various types of user authentication methods based on public certificates are used in domestic financial transactions. Such an authorized certificate method has a problem that a different security module must be installed every time a user connects an individual financial company to a web server. Also, the financial company relying on this authentication method has a problem that a new security module should be additionally installed for each financial institution whenever a next generation authentication method such as biometric authentication is newly introduced. In order to solve these problems, we propose an integrated authentication system that handles user authentication on behalf of each financial institution in financial transactions, and proposes an integrated authentication protocol that handles secure user authentication between user and financial company web server. The new authentication protocol is a modified version of OAuth2.0 that increases security and efficiency. It is characterized by performing a challenge-response protocol with a pre-shared secret key between the authentication server and the financial company web server. This gives users a convenient and secure Single Sign-On (SSO) effect.

Single Sign-on에 적용 가능한 인증 모델에 관한 연구

  • 서대희;이임영
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2002.11a
    • /
    • pp.311-314
    • /
    • 2002
  • 인터넷의 급속한 확산으로 인해 사용자들은 다양한 서비스 제공을 받고 있다. 그러나 사용자들 다양한 어플리케이션 서비스를 받기 위해서 각각 다른 ID와 비밀번호를 기억해야 하는 불편을 감수해야만한다. 이러한 비효율적이면서 보안적으로 많은 취약성을 가지고 있어 제안된 시스템이 SSO이다. SSO는 사용자와 관리자에게 효율성과 보안성을 동시에 높여 줄 수 있는 시스템이지만, 다양해져가는 인터넷 환경 속에서 여전히 문제점을 가지고 있다. 따라서 본 논문에서는 SSO에 적용 가능한 브로커 인증 모델을 제시함으로써 SSO를 실제 구성시 기존 모델이 가지고 있는 보안적인 취약성과 효율성을 높이고자 하였다.

  • PDF

Design of A PKI-Based Single Sign-On System (공개키 기반의 단일인증 시스템 설계)

  • 강형자;채수환;유일선
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2002.11a
    • /
    • pp.588-592
    • /
    • 2002
  • 공개키 기반 기술의 인기와 웹 기반의 다양한 응용서비스는 기존 단일인증시스템에 대한 새로운 도전이 되었다. 본 논문에서는 단일인증의 편의성과 통합적인 사용자관리 이외에 공개키 기반 구조와의 연계를 통해 강력한 보안기능을 제공하는 단일인증 시스템을 제안한다. 제안된 시스템은 다양한 시스템 환경에 쉽게 적용 가능한 유연성 있는 구조를 가지며 X.509에서 제시된 PMI구조를 기반으로 설계되어서 이기종의 시스템으로 구성되는 분산환경에서 통합된 접근통제 기능을 제공한다.

  • PDF

Multiview Autostereoscopic Display Technology and Applications

  • Kim, Sung-Sik;Shestak, Sergei A.
    • 한국정보디스플레이학회:학술대회논문집
    • /
    • 2003.07a
    • /
    • pp.463-467
    • /
    • 2003
  • Optical architecture and experimental results on low cost multiview autostereoscopic projection display are presented. The display, containing only one high resolution projection panel and only one projection lens is capable of displaying multiview autostereoscopic images. Key components, applied in the display are segmented mirror for splitting the projection beam and one-dimensional diffuser with slanted axis of diffusion for viewing zone formation. Image distortions, inherent in the display have been compensated with opposite sign pre-distortion of projected perspective images.

  • PDF

A Context-aware Security Architecture for RFID Application (RFID 애플리케이션을 위한 상황 인식 보안 아키텍처)

  • Kwon Jung-Kyu;Chung Mok-Dong
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2006.06c
    • /
    • pp.280-282
    • /
    • 2006
  • 동적인 환경 정보를 제공하는 RFID 플랫폼 환경을 위한 보안 서비스를 제공하기 위해서는 동적인 분산 환경에 대한 고려가 필요하고, 한 번의 인증으로 여러 서비스를 이용할 수 있어야 하고, 다양한 자원의 보안 정책을 단순화 시키고, 보안 정책의 설정과 변경이 쉬워야 있어야 한다. 본 논문에서는 RFID 애플리케이션을 위한 상황 인식 보안 아키텍처로서 Single Sign-On 개념을 구현한 Kerberos를 이용한 통합 인증 모델과 단순한 권한 관리를 위해서 RBAC를 이용한 권한 관리 모델을 제시한다.

  • PDF

Authentication and Authorization Service for Network Security System (차세대 보안 네트워크를 위한 인증 인가 서비스)

  • Kim, Taesung;Cho, Yeongsub;Jin, Seunghun
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2004.05a
    • /
    • pp.1137-1140
    • /
    • 2004
  • 사용자의 인증 및 자원에 대한 접근 권한을 제어하는 인가는 개별 서버에서 수행되어 왔다. 개별적인 인증과 인가는 서버의 관리 부담을 증가시키며, 서비스의 가입과 반복적인 인증으로 인해 사용자에게 불편을 초래한다. 따라서, 본 논문에서는 중앙집중적으로 인증과 인가를 대행하는 AAS를 제안한다. AAS는 ID 관리 기능 외에 단일인증(Single sign on), 멀티티어(multi-tier)인증, 역할기반 접근통제, 인증서 관리 서비스 등을 제공한다.

  • PDF

A Converged Profile and Authentication Control Scheme for Supporting Converged Media Service (융합 미디어 서비스 제공을 위한 통합 프로파일 및 인증제어 기술 연구)

  • Lee, Hyun-Woo;Kim, Kwi-Hoon;Ryu, Won
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.35 no.3B
    • /
    • pp.503-516
    • /
    • 2010
  • In this paper, we propose the converged profile and authentication scheme for supporting converged media services of broadcasting & communications convergence in fixed mobile convergence networks. The proposed scheme supports the management of access, service, mobility and IPTV profiles on subscriber and a function of open API(Application Program Interface) for providing the subscriber profile for the third party service provider with the PUSH/PULL method. The open API is based on a web service and a REST(Representational State Transfer) and provides various services for the third party service provider with ease. In addition, the proposed scheme supports a function of SSO(Single Sign-on). After user succeeded in establishing an access connection, user can sustain the same authentication state with this function although connected access network is changed or IMS(IP Multimedia Subsystem) service network is attached. We evaluate and analyze the performance of the proposed scheme through the implementation of CUPS(Converged User Profile Server) system test-bed.

Radionuclide Sorption in the Geosphere: Role of Single Minerals (지하매질에서의 방사성핵종흡착: 단일광물의 역할)

  • Cho, Young-Hwan;Hyun, Sung-Pil;Hahn, Pilsoo
    • Proceedings of the Mineralogical Society of Korea Conference
    • /
    • 2001.06a
    • /
    • pp.40-40
    • /
    • 2001
  • The sorption behavior of Cs(I), Sr(II), and U(VI) on representative single minerals(oxide and clay) and rocks were comparatively studied by using batch type sorption experiment. The effects of pH, ionic strength and the sorption mechanism were also discussed. It was found that mineral structure played as a main factor governing the sorption characteristics of Cs(I), Sr(II). The sorption of Cs(I) and Sr(II) on minerals showed ionic strength-dependency, which is a indirect sign of weak binding between metal cation and mineral surfaces. However, the sorption behavior of U(VI) was quite different compared with that of Cs(I), and Sr(II). Fe-oxide minerals showed strong tendency for U(VI) sorption, dominating the sorption in the composite/mixture systems. The surface characteristics which arise from mineral structure, and the affinity of metal ions to the sorption sites of minerals are the key to understand the role of minerals in the radionuclide sorption.

  • PDF

A Electronic Starter for Fluorescent Lamps for use as Neon Signs (네온사인 기능을 수행하는 형광램프용 전자식 스타터)

  • 송상빈;곽재영;여인선;임건호
    • Proceedings of the Korean Institute of IIIuminating and Electrical Installation Engineers Conference
    • /
    • 1999.11a
    • /
    • pp.228-233
    • /
    • 1999
  • In this paper we develop an electronic starter circuit that is suitable for Neon sign operation of switch-start fluorescent lamps. The developed starter enable single pulse ignition of fluorescent lamp at the peak point of preheating current, irrespective of the position of the Tum-On signal. This is possible due to the sequential operation of two transistors different in their operation characteristics and a diode operation characteristic. The switching endurance test using this starter has been carried for more than 3000 hours for a single switch-start on a severe blinking condition of preheating of 0.1s and of successive lighting interval of 0.1s.

  • PDF