摘要:
A message security processing system and method for Web services are provided. In the message security processing system in which messages are exchanged between a client and a server with a SOAP-RPC format, each of the client and the server includes: a security interface allowing information related to digital signature, encryption, and timestamp insertion to be set in a security context object for an application program to meet security requirements of the client or the server; a security handler receiving the security context object from the security interface, and performing security processing of a request message by calling security objects stored in a request queue of the security context object one by one in order or performing security processing of a response message by calling security objects stored in a response queue of the security context object one by one in order; and an XML security unit supporting an XML security functions by called by the security handler.
摘要:
A message security processing system and method for Web services are provided. In the message security processing system in which messages are exchanged between a client and a server with a SOAP-RPC format, each of the client and the server includes: a security interface allowing information related to digital signature, encryption, and timestamp insertion to be set in a security context object for an application program to meet security requirements of the client or the server; a security handler receiving the security context object from the security interface, and performing security processing of a request message by calling security objects stored in a request queue of the security context object one by one in order or performing security processing of a response message by calling security objects stored in a response queue of the security context object one by one in order; and an XML security unit supporting an XML security functions by called by the security handler.
摘要:
An encryption key management method for mobile terminals for providing at least one mobile terminal which is connected to a network to use services with an encryption key required for issuing a certificate which is needed for the services and managed by a certification authority by using an encryption key management server is provided. The method includes operations of: a registration requesting operation where the mobile terminal generates an encryption key registration request; an encryption key managing operation where the encryption key management server generates and manages the encryption key in response to the encryption key registration request; a transferring operation of sending the generated encryption key to the mobile terminal; and a security service providing operation of receiving the certificate managed by the certification authority and providing selective security services specific to the content of the services provided to the mobile terminal. The method can relieve the hardware load of mobile terminals while providing a security service using various conventional certification authorities.
摘要:
The invention relates to an apparatus and method for detecting an illegitimate change of web resources, which is capable of detecting whether or not HTML, XHTML and XML documents, general text documents, binary data of graphic files linked to HTML document and the like are illegitimately changed using XML digital signature and XML encryption when inquiring corresponding web page. It is characteristic of the present invention to confirm in real time whether or not the web page is illegitimately changed by inserting an illegitimate change detecting information into the web page by a web server administrator and executing corresponding web page through a web browser by a user.
摘要:
There is disclosed a node booting method in a high-speed parallel computer. Other than the method in which the system using a conventional network down loads the operating system kernel image from the boot server, the method according to the present invention provides an environment by which a boot can be progressed in parallel and a boot progress state can be monitored through a console terminal, thus improving a boot speed. The node booting method according to the present invention is comprised of a first step of finding a logical boot path using a node construction table managed by a firmware; a second step of determining boot subject nodes so that copy of an operating system kernel image can be made simultaneously; a third step of copying effective portions of the operating system loaded at the memories onto the subject nodes; a fourth step of informing a boot node of the node state and to display the boot progress state on a console terminal at the start and end time of the booting; and a fifth step of simultaneously starting execution at the remaining portions of the copied operating system when the kernel image are completely copied onto all the nodes.
摘要:
In an apparatus for authenticating a user by employing feature points of a fingerprint image of the user, a fingerprint image input circuit scans a fingerprint of a user to be registered to provide a first fingerprint image and a fingerprint of a user to be authenticated to provide a second fingerprint image. A host provides registered feature points data corresponding to the first fingerprint image and target feature points data corresponding to the second fingerprint image. A security token circuit estimates a position difference and a direction difference between pairs of a registered feature point and a target feature point and corrects the two feature points based on the position difference and the direction difference to provide authentication result data.
摘要:
A 4-state bar code printing and reading system for use in physical distribution-related services such as mail pieces, receptacles, reception and management forms or the like, and a method for controlling the system are disclosed. The 4-state bar code printing system comprises a bar code information acquiring section for acquiring, storing and determining a mail piece sorting information; an information recorded density enhancing section for evaluating a value of a character, by using of a compression method depending upon a type of the information and digit, which are determined by the bar code information acquiring section; an input information encoding section for arranging the values of the bars produced by the information recorded density enhancing section in order of values of bars of the 4-state bar code, and dividing the values into groups each consisting of 3 bars; an error correcting codeword producing section for producing an error correcting codeword based on the result of the information encoding section the input value of an error correcting level; and a print frame producing section for arranging the error correcting codeword produced from the error correcting codeword producing section and the data produced from the information recorded density improving section in order of a start bar, a data, an error correcting codeword, and a stop bar, to print a 4-state bar code print font on a mail piece.
摘要:
A system for performing face registration and authentication using face information, and a method thereof. A set of readily distinguishable features for each user is selected at a registration step and only the set of features selected at the registration step is used at a face authentication step, whereby memory use according to unnecessary information and amount of data calculation for face authentication can be reduced. Thus, the present system has an advantage in that identity authentication through face authentication can be performed even under restricted environments of a USB token or smart card with limited resources. The present system further has advantages in that authentication performance is improved, as readily distinguishable feature information is used, and the time for face authentication is reduced, as face authentication is performed using the SVM built by using the optimal set of readily distinguishable features at a training step.
摘要:
The present invention relates to a direct memory access controller, specifically to a direct memory access controller which controls the direct memory access between internal modules and high speed external memories such as SDRAM(Synchronous Dynamic RAM) in high speed digital signal processors having burst transmission feature. The direct memory access controller comprises a plurality of direct memory access controller circuits, a direct memory access bus arbiter, and a direct memory access bus bridge connecting a direct memory access master bus and a direct memory access slave bus and providing a data transmission path between external high speed memories and input/output devices according to a signal from the direct memory access controller which is connected to said master bus.
摘要:
In the inter-working method of wireless Internet (gateways) according to the present invention described above, DIAMETER which is the first version of the IETF-RFC standard of mobile IP application is applied to the application scenario based on wireless Internet gateway of a home network, not on FA or HA of Mobile IP. After all mobile communication providers connect to wireless Internet, subscribers are not bounded to the network of their mobile communication provider and have the freedom to select any external wireless Internet portal site and use the service of it. Such a wireless Internet connection method will make wireless Internet contents popular in the open wireless network epoch and provide wireless Internet contents providers with an excellent chance. The authentication of the wireless Internet gateways of other networks, authorization, accounting management, structures and techniques proposed by the present invention can give solutions to security problems of wireless internet gateway (ex WAP G/W) that have not overcome, and provide reliability to wireless Internet electronic commercial trade service.
摘要翻译:在上述根据本发明的无线因特网(网关)的互通方式中,作为移动IP应用的IETF-RFC标准的第一版本的DIAMETER被应用于基于家庭的无线因特网网关的应用场景 网络,不在移动IP的FA或HA上。 在所有移动通信提供商连接到无线互联网之后,用户不限于其移动通信提供商的网络,并且可以自由地选择任何外部无线因特网门户网站并使用其服务。 这种无线互联网连接方式将使无线互联网内容在开放的无线网络时代流行,为无线互联网内容提供商提供了极好的机会。 本发明提出的其他网络的无线互联网网关的认证,授权,会计管理,结构和技术,可以解决未能克服的无线网关(例如WAP G / W)的安全问题,提供可靠性 无线互联网电子商务贸易服务。