Sekpon Juntapremjitt

IS Industrie (Thailand) Ltd., Siayuthia, Bangkok, Thailand

Are you Sekpon Juntapremjitt?

Claim your profile

Publications (11)0 Total impact

  • [Show abstract] [Hide abstract]
    ABSTRACT: This paper proposes the design and development of Role- based Access Control (RBAC) model for the Single Sign-On (SSO) Web-OLAP query spanning over multiple data warehouses (DWs). The model is based on PKI Authentication and Privilege Management Infrastructure (PMI); it presents a binding model of RBAC authorization based on dimension privilege specified in attribute certificate (AC) and user identification. Particularly, the way of attribute mapping between DW user authentication and privilege of dimensional access is illustrated. In our approach, we apply the multi-agent system to automate flexible and effective management of user authentication, role delegation as well as system accountability. Finally, the paper culminates in the prototype system A-COLD (Access Control of web-OLAP over multiple DWs) that incorporates the OLAP features and authentication and authorization enforcement in the multi-user and multi-data warehouse environment.
    No preview · Chapter · Mar 2010
  • Somchart Fugkeaw · Piyawit Manpanpanich · Sekpon Juntapremjitt
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper proposes the design and development framework of collaborative access control for OLAP queries spanning over multi-data warehouse (DW). The approach is based on PKI Authentication and Privilege Management Infrastructure (PMI); it presents a binding model of DW user identification and privilege of fact and dimensional access. To integrate several security policies from DWs, we employ the XACML policy integration to serve interoperation and authorization management. In our approach, we apply the multi-agent system to automate flexible and effective management of user authentication, role delegation as well as system accountability. Finally, the implementation details of the prototype A-Cold (Access Control of web-OLAP over multiple DWs) is presented to demonstrate our research idea.
    No preview · Conference Paper · Apr 2009
  • Somchart Fugkeaw · Piyawit Manpanpanich · Sekpon Juntapremjitt
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper proposes an access control and authentication infrastructure for accessing data in a multi data warehouse environment. We employ single sign on for authentication and role based access control (RBAC) for authorization. When users submit OLAP queries to the data warehouse, the authorization rules are enforced. In our approach, we use multi-agent systems to automate the authentication, authorization and accounting stages when accessing multi-Data Warehouse. For the implementation, A-Cold system prototype is developed to validate our proposed model.
    No preview · Article · Dec 2008
  • Source
    Sekpon Juntapremjitt · Somchart Fugkeaw · Piyawit Manpanpanich
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper proposes a novel design and implementation of distributed RBAC (dRBAC) and single sign-on (SSO) system that spans over multiple administrative domains with high availability. The core idea is based on multi-agent systems (MAS) technique owing to its modularity, autonomy, distributedness, flexibility, and scalability. All agents serve their specific purposes. Leveraging agents simplifies high availability. PKI is used for trust enablement between intra- and inter-domain agent communications. The security assertion markup language (SAML) is adopted for supporting the exchange of authentication and authorization information in the architecture. The approach supports strong two-factor authentication with X.509 digital certificate. The authorization scheme is based on the privilege management infrastructure (PMI). Finally, we reported our extended implementation status and demonstrated that our proposed model is efficient and flexible to implement in the multiple SSO and PKI domains.
    Preview · Conference Paper · Apr 2008
  • Somchart Fugkeaw · Piyawit Manpanpanich · Sekpon Juntapremjitt
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper presents the extended development of the AmTRUE project implementing the SSO-two factor authentication and RBAC authorization in the multiple applications and multi-domain environment. The authentication and authorization are based on the X.509 public key certificate and privilege management infrastructure (PMI). In our model, we introduce the security assertion markup language (SAML) to support the exchange of authentication and authorization information. SAML enables the single sign-on (SSO) authentication in the multi-organization to be more manageable and scalable. Besides, we enhance our system to be capable to work with the access control policies of the organizations using XACML This promotes the flexibility of AmTRUE for the seamless interoperation with another standard access control policy. Finally, the implementation is presented.
    No preview · Conference Paper · Jan 2008
  • Somchart Fugkeaw · Piyawit Manpanpanich · Sekpon Juntapremjitt
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper proposes the design and development of SSO two factor authentication and RBAC authorization in the multiple applications and multi-domain environment. The authentication and authorization are based on the X.509 public key certificate and privilege management infrastructure (PMI). In our model, the security assertion markup language (SAML) is adopted to support the exchange of authentication and authorization information. SAML enables the single sign-on (SSO) authentication in the federation environment to be more manageable and scalable. This is required for the distributed computing systems where the strong authentication and dynamic authorization are needed. Finally, we presented our ongoing implementation status and demonstrated that our proposed model serves as another practical solution in implementing the dynamic RBAC policy management in the multiple SSO and PKI domains.
    No preview · Conference Paper · Nov 2007
  • Somchart Fugkeaw · Piyawit Manpanpanich · Sekpon Juntapremjitt
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper presents the approach of the distributed RBAC (DRBAC) access control of the multi-application delegated to the multi-user and multi-relying party federations. In our approach, DRBAC utilizes Public Key Infrastructure (PKI) and Privilege Management Infrastructure (PMI) to serve the authentication and authorization. We propose the dynamic mapping scheme based on the Attribute Certification model in handling user identification, role assignment, and privilege delegation. To encourage distributedness, better scalability and performance, as well as ease of management and extension, Multi-Agent Systems concept is applied for the automation of the authentication, authorization and accountability functionalities. For the trust management of multiple PKI domains, we employ the Certificate Trust Lists (CTLs) model to make the different PKI domains can interoperate effectively. Finally, our ongoing implementation is demonstrated to prove our proposed model.
    No preview · Conference Paper · Nov 2007
  • Somchart Fugkeaw · Piyawit Manpanpanich · Sekpon Juntapremjitt
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper proposes the design of multi-user authentication in the multi-application based environment and role-based access control by using PKI Authentication and X.509 privilege management infrastructure (PMI). A binding model of RBAC authorization based on attribute certificate (AC) and public key certificate (PKC) is presented. Especially, the way of attribute mapping between PKC, bridge AC, and role AC is illustrated. In addition, the activity-based policy enforcement is introduced to make the system respond to malicious activities more appropriately. At a core, the multi agent system approach is applied to automate the flexible and effective management of user authentication, role delegation as well as system accountability. Finally, we reported our ongoing implementation status and demonstrated that our proposed model is a potential solution to support strong authentication and dynamic authorization in the multi-user and multi-application environment.
    No preview · Conference Paper · Nov 2007
  • Source
    Somchart Fugkeaw · Piyawit Manpanpanich · Sekpon Juntapremjitt
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper proposes a hybrid model of an authentication technique and a role based access control (RBAC) based on X.509 public key certificate and attribute certificate. With attribute certificate the user role is bound to an identity of the public key certificate in which the permissions are assigned to the holder. A mapping model of RBAC authorization and authentication is presented. In addition, we also deal with the issue of system service disruption and recovery as well as an activity-based policy. With our proposed model, the full authentication, authorization, and accountability (AAA) are supported. We apply the multi agent system concept to facilitate the authentication and the authorization based on the PKI infrastructure. Finally, the project called AmTRUE (Authentication Management and Trusted Role-based Authorization in Multi-Application and Multi-User Environment) has been developed to implement our research idea.
    Preview · Conference Paper · Nov 2007
  • Somchart Fugkeaw · Piyawit Manpanpanich · Sekpon Juntapremjitt
    [Show abstract] [Hide abstract]
    ABSTRACT: In this paper, we propose a novel single sign-on (SSO) approach based on multi-agent system (MAS) and public key infrastructure (PKI) authentication scheme. This allows the model to benefit from key advantages of the two schemes, i.e. the capability of the multi-agent technique and the strength of PKI. In addition we also deal with the issue of agent service disruption and recovery as well as real-time client privilege management. We apply MAS concept to facilitate multi-application authentication and authorization process for multiple concurrent users. Depending on the type, an agent serves such various functions as client certificate validation, authorization check, access granting, administration, application delegation scheduling. PKI is employed to create trust among agents. Finally, we proved our idea with real implementation and testing.
    No preview · Conference Paper · Apr 2007
  • Somchart Fugkeaw · Piyawit Manpanpanich · Sekpon Juntapremjitt
    [Show abstract] [Hide abstract]
    ABSTRACT: Authentication, Authorization, Accountability (AAA) is always required for a good access control system. This paper proposes a Single Sign-On (SSO) model that serves the AAA property with the activity-based policy. The trust in this approach is enabled by the use of public key infrastructure (PKI) which is applied for client two-factor authentication and secures the infrastructure. We introduce the preventive activity-based authorization policy for dynamic user privilege controls. It helps prevent successive unauthorized requests in a formal manner. At the core, we apply the Multi-Agent System (MAS) concept to facilitate the authentication and the authorization process in order to work with multi-applications and multi-clients more dynamically and efficiently. The agent system functions when each client requests to sign on and it is responsible for validating a client certificate, granting an access role to the client, and controlling a concurrent use of applications.
    No preview · Article · Jan 2007