• The Magazine for Energy Service Companies
• /
• s.32
• /
• pp.20-21
• /
• 2005

제일 큰 변화는 ESCO자금지원 신청에 전자민원 처리를 위해 인터넷을 이용한 자금신청제도를 도입하였다. 기존 서류제출에 의한 자금신청절차를 인터넷기반을 이용한 자금신청방식으로 혁신한 것이다. 이에 따라 앞으로 ESCO업체는 공단에 내방할 필요 없이 사무실에서 공인인증서 로그인을 통해 편리하게 자금 추천신청을 할 수 있게 되었다.

• Review of KIISC
• /
• v.30 no.3
• /
• pp.31-36
• /
• 2020

사용자를 온라인에서 확인하는 인증 기술은 최근 코로나 19로 인한 비대면 서비스들의 확산으로 더욱 중요해졌다. 이러한 인증 기술로는 인터넷/모바일 뱅킹, 전자 정부 등에 널리 사용되고 있는 공인인증서부터 카카오 뱅크 등의 사설인증, 블록체인을 이용한 분산ID 기술, 사용자 편의성을 강조한 간편 인증 등으로 진화하고 있다. 본 기고에서는 여러 가지 형태의 인증 방식에 대한 특징과 동향을 살펴보고 이를 통한 발전 방향을 살펴보고자 한다.

• The Magazine for Energy Service Companies
• /
• s.70
• /
• pp.34-39
• /
• 2011

2011년도 에너지이용합리화자금은 "2011년 에너지이용합리화사업을 위한 자금지원지침"(지식경제부공고 제2011-81호)에 근거하여 본고와 같이 추진중에 있다. ESCO투자사업 정책자금은 매월 단위로 신청가능하며 자금신청자의 공인인증서를 이용하여 에너지관리공단 홈페이지를 통해 자금추천 신청이 가능하다.

• 월간 기계설비
• /
• s.229
• /
• pp.41-42
• /
• 2009

조달청이 입찰자 정보를 분석해 불법전자입찰을 색출해내는 '불법전자입찰 징후분석시스템'을 본격 가동한다. 조달청(청장 권태균)은 지난 7월 22일 "아직도 일부 입찰자들이 전자입찰시스템을 악용, 담함 및 공인 인증서 대여 등의 불법입찰 행위를 하고 있다"고 지적하고 "이를 체계적이고 상시 감시하기 위한 불법전자 입찰 징후분석시스템(이하 '징후분석시스템')을 본격 가동해 불법입찰 혐의가 짙은 201개 업체를 공정거래 위원회에 조사요청 할 계획"이라고 밝혔다. 이번 '징후분석시스템'의 본격가동으로 인증서 대여를 통한 불법전자입찰 행위를 뿌리 뽑아, 국가예산의 낭비방지 및 공공공사와 조달물품의 품질 제고에 기여할 것으로 기대된다.

• Journal of Korean Society of Disaster and Security
• /
• v.5 no.1
• /
• pp.21-28
• /
• 2012

This study can be solved a means of authentication of electronic financial transactions. We suggest that smart devices can be useful to authenticate in electronic financial transactions regardless of time and place. Our new authentication method named Lock-Unlock authentication method with smart devices. This method will be expected to reduce many kind of accidents (theft, phishing, hacking, certificates and simple certified OTP, ATM withdrawals, ARS, etc.) by account locking in electronic financial transactions. And helpful to users can effectively protect electronic financial transactions and minimize the accident during get a electronic trading.

• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.1-11
• /
• 2010

Recently, We have many private information leakage cases through internet which cause social problems and it is impossible to change or update the leaked information, it is also used to the third crime such as identity theft, internet fraud. Hackers are interested in stealing private information for making money, in this point private information leakage problems are constantly increased hereafter. In this paper, I surveyed the authorization model on site registration which is currently used in Korea, and the problem of collecting personal identification number, I proposed policy model of useless method of private information, especially leaked information can not be used anymore in internet.

• Journal of Venture Innovation
• /
• v.2 no.2
• /
• pp.21-29
• /
• 2019

In the public certificate technology commonly used in Korea, users have a cumbersome problem of always resetting when they forget their password. In this paper, as a solution to this problem, we propose a secure authentication certificate password recovery protocol using blockchain, PKI, and DID for distributed storage. DID is a schema for protecting block ID in blockchain system. The private key used in the PKI is configured as a user's biometric, for example, a fingerprint, so that it can completely replace the memory of the complex private key. To this end, based on the FIDO authentication technology that most users currently use on their smartphones, the process of authenticating a user to access data inside the block minimizes the risk of an attacker taking over the data.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.49-58
• /
• 2018

A certificate is a means to certify users by conducting the identification of the users, the prevention of forgery and alteration, and non-repudiation. Most people use an accredited certificate when they perform a task using online banking, and it is often used for the purpose of proving one's identity in issuing various certificates and making electronic payments in addition to online banking. At this time, the issued certificate exists in a file form on the disk, and it is possible to use the certificate issued in an existing device in a new device only if one copies it from the existing device. However, most certificate duplication methods are a method of duplication, entering an 8-16 digit verification code. This is inconvenient because one should enter the verification code and has a weakness that it is vulnerable to security issues. To solve this weakness, this study proposes a method for enhancing security certificate duplication in a multi-channel using TCP and BLE. The proposed method: 1) shares data can be mutually authenticated, using BLE Advertising data; and 2) encrypts the certificate with a symmetric key algorithm and delivers it after the certification of the device through an ECC-based electronic signature algorithm. As a result of the implementation of the proposed method in a mobile environment, it could defend against sniffing attacks, the area of security vulnerabilities in the existing methods and it was proven that it could increase security strength about $10^{41}$ times in an attempt of decoding through the method of substitution of brute force attack existing method.

• Journal of IKEEE
• /
• v.19 no.4
• /
• pp.617-624
• /
• 2015

In this paper, an adult authentication system based on authentication certificate was designed and implemented using smartphone and near-field communication. It has three advantages. First, it achieves easy, convenient, and fast authentication by using smartphone and near-field communication. Second, it achieves extremely high security and reliability by exploiting authentication certificate. Third, it achieves extremely low risk of personal information leakage by generating and sending only virtual identification code. Finally, it has a proper legal basis by Digital Signature Act. It consists of adult authentication module, near-field communication control module, policy server module, and database server module. A prototype of the proposed system was designed and implemented, and it was verified to have correct operation.

• The KIPS Transactions:PartC
• /
• v.12C no.3 s.99
• /
• pp.317-322
• /
• 2005

The existing certificate based authentication or identification just verifies whether the owner of private key corresponding to public key of certificate is the DN user set in the user field in the certificate or not, then we cannot find out who is the actual private key owner in a real world. To make up for this weak points, the method to insert the identification number like the resident registration number into the certificate extension field is applied as a technical standard to current domestic PKI system. In this paper, we propose the ECC based integrated identification, identification number checking and key management protocol providing user validation during the login.