Çѱ¹ÀÎÅͳÝÁ¤º¸ÇÐȸ ³í¹®Áö
Current Result Document : 6 / 7
| ÇѱÛÁ¦¸ñ(Korean Title) |
OAuth ±â¹ÝÀÇ ´ë¸® ÀÎÁõ¼ À§ÀÓ ¼ºñ½º |
| ¿µ¹®Á¦¸ñ(English Title) |
OAuth based Proxy Delegation Service |
| ÀúÀÚ(Author) |
Çã´ë¿µ
Ȳ¼±ÅÂ
Daeyoung Heo
Suntae Hwang
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 13 NO. 06 PP. 0055 ~ 0062 (2012. 12) |
Çѱ۳»¿ë
(Korean Abstract) |
±×¸®µå ȯ°æ¿¡¼ ±×¸®µå ¼ºñ½º¸¦ À¥ ÀÎÅÍÆäÀ̽º ¹× À¥ ¼ºñ½º·Î Á¦°øÇϱâ À§ÇØ À¥ Ç¥ÁØ ±â¼ú¿¡ ±â¹ÝÀ» µÐ ±×¸®µå-À¥ ¾ÖÇø®ÄÉÀ̼ÇÀÌ Áõ°¡ÇÏ°í ÀÖ´Ù. ±×·¯³ª À¥ Ç¥ÁØ º¸¾È ±¸Á¶¿¡¼ À§ÀÓ ÀÎÁõ ¹æ¹ýÀÇ ºÎÀç·Î À¥ ¾ÖÇø®ÄÉÀ̼ǿ¡ ±×¸®µå º¸¾È ½Ã½ºÅÛ GSI¸¦ ÅëÇÕÇÏ´Â °ÍÀº ¸Å¿ì ¾î·Æ´Ù. À̸¦ ÇØ°áÇϱâ À§Çؼ´Â ¿Â¶óÀÎ ÀÚ°ÝÁõ¸í ÀúÀå ¼ºñ½º¸¦ ÀÌ¿ëÇÏ¿© À¥ ¾ÖÇø®ÄÉÀ̼ǿ¡¼ ±×¸®µå ÀÚ°ÝÁõ¸íÀ» »ç¿ë ÇÒ ¼ö ÀÖµµ·Ï ÇØ¾ß ÇÑ´Ù. º» ³í¹®¿¡¼´Â ±×¸®µå-À¥ ¾ÖÇø®ÄÉÀ̼ǰú »ç¿ëÀÚ °£ÀÇ »óÈ£ ½Å·Ú¸¦ ÀüÁ¦·Î ÇÏ´Â ¿Â¶óÀÎ ÀÚ°ÝÁõ¸í ÀúÀå ¼ºñ½ºÀÎ MyProxy¸¦ »ç¿ëÇÏ´Â ¹æ¹ýÀÇ ¹®Á¦Á¡À» ºÐ¼®ÇÏ°í, »óÈ£ ½Å·Ú¸¦ ¹ÙÅÁÀ¸·Î ÇÏÁö ¾Ê´Â ±×¸®µå ÀÚ°ÝÁõ¸í À§ÀÓ ¼ºñ½º¸¦ Á¦¾ÈÇÑ´Ù. ÀÌ ¼ºñ½ºÀÇ ÀÚ°ÝÁõ¸í ±³È¯ ÇÁ·ÎÅäÄÝÀº OAuth¿¡ X.509 ÀÎÁõ À§ÀÓ ÀýÂ÷¸¦ Ãß°¡ÇÑ °ÍÀÌ´Ù. ÀÌ À§ÀÓ ¼ºñ½º´Â ±×¸®µå-À¥ ¾ÖÇø®ÄÉÀ̼ǿ¡°Ô ´ÜÀÏ ·Î±×¿ÂÀ» Á¦°øÇÏ°í, Çϳª ÀÌ»óÀÇ ±×¸®µå ÀÚ°ÝÁõ¸íÀ» À§ÀÓÇÏ°í ȹµæÇÒ ¼ö ÀÖ´Â º¸¾È ¹æ¹ýÀ» Á¦°øÇÑ´Ù. |
¿µ¹®³»¿ë
(English Abstract) |
Grid web applications by standard Web technology are increasingly used to provide grid service to users as normal Web user
interface and service. It is however difficult to integrate a grid security system such as Grid Security Infrastructure (GSI) into Web applications because the delegation way of standard Web security is not the same as the one of Grid security. This can be solved by allowing Web applications to get a Grid credential by using an online credential repository system such as MyProxy. In this paper, we investigate the problem that occurs when MyProxy, which assumes mutual trust between a user and Grid web application, is adapted for achieving security integration between Web and Grid, and we propose a new Grid proxy delegation service to delegate a Grid credential to the Web without assuming mutual trust. In the service, the X.509 proxy delegation process is added to OAuth protocol for credential exchange, and authentication can be done by an external service such as OpenID. So, users can login onto the Grid web application in a single sign-on manner, and are allowed to securely delegate and retrieve multiple credentials for one or more Virtual Organizations.
|
| Å°¿öµå(Keyword) |
X.509 À§ÀÓ ÀÎÁõ
±×¸®µå º¸¾È
°ø°³ÀÎÁõ
X.509 Proxy Delegation
Grid Security
OAuth
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
