The Experts below are selected from a list of 114 Experts worldwide ranked by ideXlab platform
Dongwan Shin - One of the best experts on this subject based on the ideXlab platform.
-
COMPSAC - Towards Secure Virtual Directories: A Risk Analysis Framework
2010 IEEE 34th Annual Computer Software and Applications Conference, 2010Co-Authors: William R. Claycomb, Dongwan ShinAbstract:Directory services are used by almost every enterprise computing environment to provide data concerning users, computers, contacts, and other objects. Virtual directories are components that provide Directory services in a highly customized manner. Unfortunately, though the use of Virtual Directory services are widespread, an analysis of risks posed by their unique position and architecture has not been completed. We present a detailed analysis of six attacks to Virtual Directory services, including steps for detection and prevention. We also describe various categories of attack risks, and discuss what is necessary to launch an attack on Virtual directories. Finally, we present a framework to use in analyzing risks to individual enterprise computing Virtual Directory instances. We show how to apply this framework to an example implementation, and discuss the benefits of doing so.
-
SAC - A framework for risk analysis in Virtual Directory security
Proceedings of the 2010 ACM Symposium on Applied Computing - SAC '10, 2010Co-Authors: William R. Claycomb, Dongwan ShinAbstract:Directory services are used by almost every enterprise computing environment. Virtual directories are components that provide Directory services in a highly customized manner. Unfortunately, an analysis of risks posed by their unique position and architecture has not been completed. We present a detailed analysis of six attacks to Virtual Directory services. We also describe various categories of attack risks, and discuss what is necessary to launch an attack. Finally, we present a framework to use in analyzing these risks.
-
a framework for risk analysis in Virtual Directory security
ACM Symposium on Applied Computing, 2010Co-Authors: William R. Claycomb, Dongwan ShinAbstract:Directory services are used by almost every enterprise computing environment. Virtual directories are components that provide Directory services in a highly customized manner. Unfortunately, an analysis of risks posed by their unique position and architecture has not been completed. We present a detailed analysis of six attacks to Virtual Directory services. We also describe various categories of attack risks, and discuss what is necessary to launch an attack. Finally, we present a framework to use in analyzing these risks.
-
Threat modeling for Virtual Directory services
43rd Annual 2009 International Carnahan Conference on Security Technology, 2009Co-Authors: William R. Claycomb, Dongwan ShinAbstract:Directory services are corporate computing objects responsible for providing information about user accounts, computer accounts, contacts, etc. Virtual directories are powerful tools for consolidating this data, modifying it if necessary, and presenting it to the end user in a highly customized manner. While attacks against Directory services have been identified, attacks and vulnerabilities of Virtual directories remain largely unstudied. In this paper, we present an analysis of four types of attacks on Virtual Directory services. In doing so, we describe how each is performed, and discuss how to detect and prevent each type of attack. This first step towards protecting Virtual Directory services is critical to protecting the information contained in the source directories - information which could potentially contain sensitive data and be used for authentication and/or access control decisions.
-
A User Controlled Approach for Securing Sensitive Information in Directory Services
Journal of Universal Computer Science, 2009Co-Authors: William R. Claycomb, Dongwan ShinAbstract:Enterprise Directory services are commonly used in enterprise systems to store object information relating to employees, computers, contacts, etc. These stores can act as information providers or sources for authentication and access control de- cisions, and could potentially contain sensitive information. An insider attack, partic- ularly if carried out using administrative privileges, could compromise large amounts of Directory information. We present two solutions for protecting Directory services information from insider attacks. The first is a centralized approach utilizing a cus- tomized Virtual Directory server. The second is a distributed approach using existing key management infrastructure and a new component called a Personal Virtual Direc- tory Service. We explain how these solutions interact with existing Directory services and client applications. We also show how impact to existing users, client applications, and Directory services are minimized, and how we prevent insider attacks from revealing protected data. We compare and contrast both solutions, including potential tradeoffs, administrative overhead, and enterprise systems impact. Additionally, our solution is supported by implementation results showing the impact to client performance and Directory storage capacity.
William R. Claycomb - One of the best experts on this subject based on the ideXlab platform.
-
COMPSAC - Towards Secure Virtual Directories: A Risk Analysis Framework
2010 IEEE 34th Annual Computer Software and Applications Conference, 2010Co-Authors: William R. Claycomb, Dongwan ShinAbstract:Directory services are used by almost every enterprise computing environment to provide data concerning users, computers, contacts, and other objects. Virtual directories are components that provide Directory services in a highly customized manner. Unfortunately, though the use of Virtual Directory services are widespread, an analysis of risks posed by their unique position and architecture has not been completed. We present a detailed analysis of six attacks to Virtual Directory services, including steps for detection and prevention. We also describe various categories of attack risks, and discuss what is necessary to launch an attack on Virtual directories. Finally, we present a framework to use in analyzing risks to individual enterprise computing Virtual Directory instances. We show how to apply this framework to an example implementation, and discuss the benefits of doing so.
-
SAC - A framework for risk analysis in Virtual Directory security
Proceedings of the 2010 ACM Symposium on Applied Computing - SAC '10, 2010Co-Authors: William R. Claycomb, Dongwan ShinAbstract:Directory services are used by almost every enterprise computing environment. Virtual directories are components that provide Directory services in a highly customized manner. Unfortunately, an analysis of risks posed by their unique position and architecture has not been completed. We present a detailed analysis of six attacks to Virtual Directory services. We also describe various categories of attack risks, and discuss what is necessary to launch an attack. Finally, we present a framework to use in analyzing these risks.
-
a framework for risk analysis in Virtual Directory security
ACM Symposium on Applied Computing, 2010Co-Authors: William R. Claycomb, Dongwan ShinAbstract:Directory services are used by almost every enterprise computing environment. Virtual directories are components that provide Directory services in a highly customized manner. Unfortunately, an analysis of risks posed by their unique position and architecture has not been completed. We present a detailed analysis of six attacks to Virtual Directory services. We also describe various categories of attack risks, and discuss what is necessary to launch an attack. Finally, we present a framework to use in analyzing these risks.
-
Threat modeling for Virtual Directory services
43rd Annual 2009 International Carnahan Conference on Security Technology, 2009Co-Authors: William R. Claycomb, Dongwan ShinAbstract:Directory services are corporate computing objects responsible for providing information about user accounts, computer accounts, contacts, etc. Virtual directories are powerful tools for consolidating this data, modifying it if necessary, and presenting it to the end user in a highly customized manner. While attacks against Directory services have been identified, attacks and vulnerabilities of Virtual directories remain largely unstudied. In this paper, we present an analysis of four types of attacks on Virtual Directory services. In doing so, we describe how each is performed, and discuss how to detect and prevent each type of attack. This first step towards protecting Virtual Directory services is critical to protecting the information contained in the source directories - information which could potentially contain sensitive data and be used for authentication and/or access control decisions.
-
A User Controlled Approach for Securing Sensitive Information in Directory Services
Journal of Universal Computer Science, 2009Co-Authors: William R. Claycomb, Dongwan ShinAbstract:Enterprise Directory services are commonly used in enterprise systems to store object information relating to employees, computers, contacts, etc. These stores can act as information providers or sources for authentication and access control de- cisions, and could potentially contain sensitive information. An insider attack, partic- ularly if carried out using administrative privileges, could compromise large amounts of Directory information. We present two solutions for protecting Directory services information from insider attacks. The first is a centralized approach utilizing a cus- tomized Virtual Directory server. The second is a distributed approach using existing key management infrastructure and a new component called a Personal Virtual Direc- tory Service. We explain how these solutions interact with existing Directory services and client applications. We also show how impact to existing users, client applications, and Directory services are minimized, and how we prevent insider attacks from revealing protected data. We compare and contrast both solutions, including potential tradeoffs, administrative overhead, and enterprise systems impact. Additionally, our solution is supported by implementation results showing the impact to client performance and Directory storage capacity.
Bum-jae You - One of the best experts on this subject based on the ideXlab platform.
-
A framework for Internet-based interaction of humans, robots, and responsive environments using agent technology
IEEE Transactions on Industrial Electronics, 2005Co-Authors: Dong To Nguyen, Bum-jae YouAbstract:In this paper, a systematic framework for Internet-based interaction of humans, robots, and environments is proposed by using agent technology. The framework is validated by proposing the concept of slave agents, a Virtual Directory facilitator (VDF) to control the slave agents, and a responsive multiagent environment. It creates a robot control system in which humans, robots, and environments can interact without much prior knowledge. Finally, a number of experiments have been conducted successfully by adopting JadeLeap middleware and Foundation for Intelligent Physical Agents (FIPA) standard under the environment composed of a personal digital assistant (PDA), a home service robot-intelligent, sweeping security assistant companion (ISSAC), and a video camera network. Experimental results show that the proposed framework increases the availability of whole system, decreases the time for Internet connection of robots and user devices such as PDAs, and provides the responsiveness of environments.
-
Network human-robot interface at service level
2005Co-Authors: To Dong Nguyen, Bum-jae YouAbstract:Network human-robot interface is an important research topic. In home application, users access the robotic system directly via voice, gestures or through the network. Users explore a system by using the services provided by this system and to some extend users are enable to participate in a service as partners. A service may be provided by a robot, a group of robots or robots and other network connected systems (distributed sensors, information systems, etc). All these services are done in the network environment, where uncertainty such as the unstable network connection, the availability of the partners in a service, exists. Moreover, these services are controlled by several users, accessing at different time by different methods. Our research aimed at solving this problem to provide a high available level, flexible coordination system. In this paper, a multi-agent framework is proposed. This framework is validated by using our new concept of slave agents, a responsive multi-agent environment, a Virtual Directory facilitator (VDF), and a task allocation system using contract net protocol. Our system uses a mixed model between distributed and centralized model. It uses a centralized agent management system (AMS) to control the overall system. However, the partners and users may be distributed agents connected to the center through agent communication or centralized at the AMS container using the slave agents to represent the physical agents. The system is able to determine the task allocation for a group of robot working as a team to provide a service. A number of experiments have been conducted successfully in our lab environment using Issac robot, a PDA for user agent and a wireless network system, operated under our multi agent framework control. The experiments show that this framework works well and provides some advantages to existing systems.
Kenneth Ramey - One of the best experts on this subject based on the ideXlab platform.
-
Oracle Directory Services Installation and Configuration
Pro Oracle Identity and Access Management Suite, 2016Co-Authors: Kenneth RameyAbstract:Oracle offers multiple options for Lightweight Directory Access Protocol (LDAP) data storage. Oracle Internet Directory (OID) and Oracle Unified Directory (OUD) both provide storage, and Oracle Virtual Directory (OVD) allows multiple disparate LDAP stores to be presented as a single source.
-
Directory synchronization and Virtualization
2016Co-Authors: Kenneth RameyAbstract:Oracle Internet Directory (OID), Oracle Virtual Directory (OVD), and the Directory Integration Platform (DIP) provide Oracle Directory Services with the ability to consolidate user management and integrate with other applications.
-
oracle identity management and identity stores
2016Co-Authors: Kenneth RameyAbstract:Many organizations have multiple identity stores to support various business units and processes. These identity stores might be in the form of Lightweight Directory Access Protocol (LDAP)-compatible directories, database tables, or other formats. In many cases, Oracle Identity Manager (OIM) can be used to manage these various Directory formats using Oracle Virtual Directory (OVD). Although this book concentrates on using Oracle Internet Directory (OID) as the primary identity store using LDAP synchronization, it is important to consider this configuration as a possible solution when your environment necessitates it. You might also find it useful to configure the LDAP synchronization to use OVD to start with and prepare the environment for multiple data stores.
Frank M. Shipman - One of the best experts on this subject based on the ideXlab platform.
-
Structuring access to a dynamic collection of digital documents: The Walden's Paths Virtual directories
Lecture Notes in Computer Science, 2004Co-Authors: Unmil P. Karadkar, Luis Francisco-revilla, Richard Furuta, Frank M. ShipmanAbstract:The Walden's Paths project facilitates incorporation of Web-based documents into the K-12 classroom environment. Currently Walden's Paths uses a static presentation mechanism, based on the authors of the paths, to display the available paths to the readers. As the number of authors and readers increases, it becomes increasingly difficult for readers to find the paths from a list that is based solely on the authors. The most suitable organization of paths varies with the task at hand and the reader's environment. The use of Virtual directories has been proposed for managing dynamic collections of digital documents. These directories are not physically present in the file system; only a user query is stored. At access time, the database of files is queried to select files of interest and these are included in the Directory. This mechanism allows readers to organize paths according to their needs while maintaining a hierarchy and preserving the context. This paper proposes that inclusion of the Virtual Directory mechanism in Walden's Paths will enable the readers to organize data to better suit their conceptual model and presents a working prototype of this feature.
-
DDEP/PODDP - Structuring Access to a Dynamic Collection of Digital Documents: The Walden’s Paths Virtual Directories
Digital Documents: Systems and Principles, 2000Co-Authors: Unmil P. Karadkar, Luis Francisco-revilla, Richard Furuta, Frank M. ShipmanAbstract:The Walden’s Paths project facilitates incorporation of Web-based documents into the K-12 classroom environment. Currently Walden’s Paths uses a static presentation mechanism, based on the authors of the paths, to display the available paths to the readers. As the number of authors and readers increases, it becomes increasingly difficult for readers to find the paths from a list that is based solely on the authors. The most suitable organization of paths varies with the task at hand and the reader’s environment. The use of Virtual directories has been proposed for managing dynamic collections of digital documents. These directories are not physically present in the file system; only a user query is stored. At access time, the database of files is queried to select files of interest and these are included in the Directory. This mechanism allows readers to organize paths according to their needs while maintaining a hierarchy and preserving the context. This paper proposes that inclusion of the Virtual Directory mechanism in Walden’s Paths will enable the readers to organize data to better suit their conceptual model and presents a working prototype of this feature.
