• Journal of Digital Contents Society
• /
• v.9 no.1
• /
• pp.125-130
• /
• 2008

User web service is increasing by development of internet technology. Quantity of encrypted data that transmitted through the network are increasing by development of encipherment technology. We have many problems; it is caused by technical development and service increase of user requests. It is like that, we have reliability of contents and illegality copy problem of internet contents in web application system. It is contents protection skills in web that encipherment technology, authentication and digital signature. We need message encoding and secret key for solve vulnerability of encipherment in web application system. In this paper, we propose a distributed secure system that can data confidentiality and user authentication. It prevent performance degradation from bottle neck in encipherment server, and improve service quality.

• Proceedings of the Korean Information Science Society Conference
• /
• 1998.10a
• /
• pp.530-532
• /
• 1998

본 연구에서는 안전한 네이밍 서비스를 제공하는 기존 Secure DNS를 확장시켜 GUI방식의 관리자 인터페이스를 설계하였다. 따라서 시스템 설정에 대한 configuration과 보안관련 도구의 핵심이라 할 수 있는 로그의 관리가 용이해 졌다. 또한 관리자 인터페이스에 의해 각각의 자원 레코드에 대한 자동적인 삽입, 삭제가 가능하며, 암호화 알고리즘의 추가를 interactive하게 처리한다. 그밖에 기존 Secure DNS에서는 새로운 암호와 알고리즘을 추가할 때마다 재 컴파일 해야하는 단점이 있다. 이를 해결하기 위해 'Dynamic link interface'를 설계하였다. 이는 암호화 알고리즘의 입출력 표준을 정하고 이를 단일한 시스템 API로 구성하여 Secure DNS가 초기화 될 때 동적 라이브러리를 사용하여 각각의 암호화 알고리즘을 메모리에 적재하는 방식을 택한다. 그 밖에 Secure DNS를 이용하여 제공할 수 있는 응용방안으로 개인의 공개키 분배서비스와 X.509 체계를 이용한 인증서를 제공하는 서비스를 제안한다. 따라서 본 연구에서는 인터넷의 기본 인프라스트럭쳐인 DNS를 최대한 활용할 수 있는 여러 가지 방안과 그 해결책을 제시한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.15-24
• /
• 2004

Electronic commerce is widely used with the development of information communication technologies in internet using public key certificates. And the study for access control in Web application and DB system is also progressed actively. There are many verification method for PKC(Public Key Certificates), which are CRL, OCSP, SCVP and others. But their certificates verification methods for PKC cannot to be applied to PMI(Privilege Management Infrastructure) which is using AC(Attribute certificates) because of synchronization of PKC and AC. It is because AC has no public key, AC Verifier must get the PKC and verify the validity on PKC and AC. So in this paper we proposed the new AC-based certificate verification model. which provide the synchronization in two certificates(AC and PKC).

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.869-870
• /
• 2011

통신이 발달로 인터넷 망을 이용해 고용량의 데이터를 빠르게 주고받을 수 있게 되었으며, 이로 인하여 데이터를 원격 저장소에 저장하여 언제 어디서든 빠르게 접근할 수 있는 서비스가 발전하게 되었다. 하지만 데이터를 저장하는 서버의 보안 및 서버관리자의 신뢰 문재가 발생하게 되었고, 이를 해결하기위해 서버에 저장되는 데이터의 암호화 및 이를 검색할 수 있는 기술이 필요하게 되었다. 기존의 검색 가능 암호의 경우 이메일 서비스를 기반으로 구성이 되어 하나의 데이터에 많은 키워드를 저장하게 되는 원격 저장소 서비스에 적용하기 어렵다. 또한 필드 기반 검색기능을 제공해 검색이 유연하지 않고 결합 키워드 검색 시 연산의 효율성이 떨어지는 문제점이 존재한다. 따라서 본 논문은 블룸필터를 사용하여 대량의 키워드를 효율적으로 저장 및 검색 할 수 있으며 필드 프리한 결합키워드 검색을 지원하는 공개키 검색 가능 암호 시스템을 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.109-119
• /
• 2004

The home network environment can be defined as a network environment, connecting digital home devices such as computer systems, digital appliances, and mobile devices. In this kind of home network environments, there will be numerous local/remote interactions to monitor and control the home network devices and the home gateway. Such an environment may result in communication bottleneck. By applying the mobile agents that can migrate among the computing devices autonomously and work on behalf of the user, remote interactions and network traffics can be reduced enormously. The mobile agent authentication is necessary to apply mobile agent concept to the home network environments, as a prerequisite technology for authorization or access control to the home network devices and resources. The existing mobile agent systems have mainly used the public key based authentication scheme, which is not suitable to the home network environments, composed of digital devices of limited computation capability. In this paper, we propose a shared key based mobile agent authentication scheme for single home domain and expand the scheme to multiple domain environments with the public key based authentication scheme. Application of the shared key encryption scheme to the single domain mobile agent authentication enables to authenticate the mobile agent with less overhead than the public key based authentication scheme.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.9 no.2
• /
• pp.370-378
• /
• 2008

The CEDA(Certified E-Document Authority) is a reliable third party that deposit electronic document having legal effects securely, and verify contents of document or transmission. This paper focuses on a function of secure transmission among several important functions, and implements public key encryption system for secure transmission when server and user communicate for image transmission. This paper follows a standard fundamental rule of X.509 in ITU-T, and it uses symmetric encryption algorithm to raise speed of a large data operation. A key of symmetric encryption algorithm is encrypted by private key in public key system, it protects to be modified using digital signature for data integrity. Also it uses certificates for mutual authentication.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2003.11a
• /
• pp.132-135
• /
• 2003

컴퓨터와 네트워크 발전으로 인한 인터넷의 확산은 오프라인으로 제공되던 많은 서비스들을 온라인화로 변화하는 계기가 되었다. 이러한 다양한 온라인 서비스중의 하나가 전자 경매이다. 전자 경매란 오프라인 경매 시스템의 취약점을 보완하여 온라인으로 경매가 가능하도록 하는 서비스이다. 따라서 본 논문에서는 상호 인증서 교환을 가정으로 하여 안전하고 효율적인 전자 경매 시스템 구축을 위해 공개키 암호화 방식과 해쉬 함수를 이용하면서 사용자의 편리성이 제공되는 전자경매 시스템을 제안 및 구성하였다.

• Proceedings of the Korea Contents Association Conference
• /
• 2006.11a
• /
• pp.622-625
• /
• 2006

The basic observation of the present paper is that cryptographic solutions that have been proposed so far completely ignore the communication context. IPSec is a security protocol suite that provides encryption and authentication services for IP messages at the network layer of the Internet. We propose example to provide key recovery capability by adding key recovery information to an IP datagram. It is possible to take advantage of the communication environment in order to design key recovery protocols that are better suited and more efficient.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.1
• /
• pp.87-92
• /
• 2020

Various devices, which are powerful computer and low-performance sensors, is connected to IoT network. Accordingly, applying mutual authentication for devices and data encryption method are essential since illegal attacks are existing on the network. But cryptographic methods such as symmetric key and public key algorithms, hash function are not appropriate to low-performance devices. Therefore, this paper proposes blockchain-based lightweight IoT mutual authentication protocol for the low-performance devices.

• Journal of KIISE:Information Networking
• /
• v.30 no.2
• /
• pp.189-198
• /
• 2003

As people are damaged increasingly by personal information leakage, awareness about user privacy infringement is increasing. However, the existing DRM system does not support the protection of user's personal information because it is not necessary for the protection of copyrights. This paper is suggesting a license administration protocol which is more powerful to protect personal information in DRM. To protect the exposure of users identifier, this protocol uses temporary ID and token to guarantee anonymity and it uses a session key by ECDH to cryptography and Public-Key Cryptosystem for a message so that it can protect the exposure of personal information and user's privacy.