• Journal of information and communication convergence engineering
• /
• v.5 no.2
• /
• pp.144-149
• /
• 2007

Grid technologies make it possible for IT resources to be shared across organizational and security domains. The traditional identity-based access control mechanisms are unscalable and difficult to manage. Thus, we propose the FAS (Federation Agent Server) model which is composed of three modules: Certificate Conversion Module (CCM), Role Decision Module (RDM), and Authorization Decision Module (ADM). The proposed FAS model is an extended Role-Based Access Control (RBAC) model which provides resource access capabilities based on roles assigned to the users. FAS can solve the problem of assigning multiple identities to a shared local name in grid-map file and mapping the remote entity's identity to a local name manually.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1103-1106
• /
• 2008

Data Grid is a kind of Grid computing provides the cooperative environment through the distributed data sharing, and can manage the massive data easily and efficiently. We designed and implemented Globus Toolkit4 (GT4) based database access and integration service (GDAIS). This service was implemented as Grid service for run on the GT4 which is Grid middleware. And it provides functions which are automatic registration of database in virtual organization, distributed query service, and the unified user interface. Also this system can use components which are provided from GT4. Therefore it can improve the efficiency to distribute and manage databases, can easily access and integrate of the distributed heterogeneous data in Grid environments.

• Proceedings of the IEEK Conference
• /
• 2003.11b
• /
• pp.107-110
• /
• 2003

In this paper, we propose sharing 3D media between multisite using enhanced Access Grid (e-AG) which is a composition of 3D display and Access Grld (AG) Conventional AG and other collaborative systems have a limitation to share immersive 3D media Thus, proposed system supports sharing 3D media contents in a AG meeting section. Real object can be shared by acquiring stereo image with pre-calibrated stereo camera and by delivering, and virtual object can be shared by transmitting state information after downloading 3D model. And also, real video scene acquired by stereo camera and virtual object from 3D model can be displayed on the 3D display system of each node adaptively. The characteristics of proposed sharing method are sharing 3D media, displaying 3D media on a system adaptively, supporting real-time interaction. The proposed sharing method will be used remote lecture, remote collaboration with 3D media.

• The KIPS Transactions:PartC
• /
• v.10C no.3
• /
• pp.273-280
• /
• 2003

When an existing user authorization systems in Grid access many user to local system and subject DN (Distinguished Name) in a user-proxy authenticate and ID in local system is one-to-one mapping, they have difficulties in ID management, memory resource management and resource management. At this, a variety of subject DN is shared of one local ID in an existing Grid. But this faces many difficulties in applying all requirements for many Grid users. Thus, we suppose user authorization system based on a certificate not them based on ID in this paper. That is, we add user's access level to extension field in a certificate, and make a supposed authorization system decide access limitation level on resources instead of an existing ID mapping methods.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.60 no.2
• /
• pp.416-422
• /
• 2011

Smart grid is the next generation intelligent power grid that combines the existing electric power infrastructure and information infrastructure. It can optimize the energy efficiency in both directions, suppliers and power consumers to exchange information in real time. In smart grid environments, with existing network security threats due to the smart grid characteristics, there are additional security threats. In this paper, we propose a security mechanism that provides mutual authentication and key agreement between a remote user and the device. The proposed mechanism has some advantages that provides secure mutual authentication and key agreement and secure against a replay attack and impersonation attacks.

• Information and Communications Magazine
• /
• v.20 no.8
• /
• pp.100-112
• /
• 2003

Access Grid(AG)는 분산되어 있는 컴퓨터들을 네트워크로 연결해 슈퍼컴퓨터처럼 사용할 수 있는 Grid망을 이용해, 기존 화상회의 시스템과는 달리 원거리 사용자들에게 실재감 있는 그룹간 협업 환경을 제공한다. 본 논문에서는 AG에 대한 개념 및 관련 연구에 대한 연계성을 소개하며, AG 노드를 구축하기 위한 장비와 소프트웨어의 구성·설치 및 활용 방안을 구체적으로 제시한다. 또한 국내외 AG의 현황 및 향후 발전 방향에 대한 논의를 덧붙여, 국내 AG 활동의 활성화를 촉진하고자 한다.

• The KIPS Transactions:PartA
• /
• v.12A no.2 s.92
• /
• pp.161-170
• /
• 2005

Grid makes a virtual high-performance computing resource by connecting geographically distributed heterogeneous resources. Building access control system is an important factor In the grid environment In this paper, we design and implement a grid access control system based on Globus Toolkit, which is one of the popular grid middleware. Especially, to guarantee the site autonomy for resource provider, we use several environment configuration files. Moreover, we design and implement PGAM to produce more detail and diverse information to ease the development of value added services.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.04a
• /
• pp.846-848
• /
• 2009

The interest in the access and integration of distributed massive data resources has increased recently. This paper presents the Advanced Collection Manager(CM) service with OGSA-DAI component which can access and integrate the distributed data resources. The Advanced CM service supports the data resource of various types. And it can provide the query, updating, transforming and delivering data via cooperating with other services in Grid Information Retrieval(Grid-IR or GIR) System. As a result, it can access and manage the data resource more flexible and efficient.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.8
• /
• pp.1799-1808
• /
• 2010

Recently the increasing collaborative research requires the remote medical and clinical data sharing and access of external institutions. In this paper, an interoperability framework between Grid and PACS using Web services is proposed and implemented in order to provide flexible and efficient medical data management. The Digital Imaging and Communications in Medicine(DICOM) standard defines medical image data exchange and transfer between PACSs and image databases. However, medical data exchange between hospitals is limited within the trusted and static environments. Moreover, DICOM does not provide medical data management and the Grid middleware does not include standard toolkit to access DICOM data. To address this issue, a Web services-based Grid Service Mediator (WGSM) which provides PACS integration and medical image data management is developed. The WGSM consists of several service mediators such as compress mediator, GridFTP mediator, RFT mediator, MyProxy mediator, MDS mediator, and RLS mediator and others. The proposed Web services-based framework provides user authentication and secure data access between PACSs in collaborative environments. In particular, the WGSM allows ordinary users to access remote PACS data in a simple and efficient manner without any the knowledge about underlying Grid middleware.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.455-468
• /
• 2008

In this paper, we propose FAS model for establishing trust based on digital certificates in Grid security framework. The existing RBAC(Role Based Access Control) model is extended to provide permissions depending on the users‘ roles. The FAS model is designed for a system independent integrated Grid security by detailing and extending the fundamental architecture of user, role, and permission. FAS decides each user’s role, allocates access right, and publishes attribute certificate. FAS is composed of three modules: RDM, PCM, and CCM. The RDM decides roles of the user during trust negotiation process and improves the existing low level Grid security in which every single user maps a single shared local name. Both PCM and CCM confirm the capability of the user based on various policies that can restrict priority of the different user groups and roles. We have analyzed the FAS strategy with the complexity of the policy graph-based strategy. In particular, we focused on the algorithm for constructing the policy graph. As a result, the total running time was significantly reduced.