• Journal of Advanced Navigation Technology
• /
• v.13 no.3
• /
• pp.459-465
• /
• 2009

Digital watermarking is a technique to insert a visually imperceptible information into an image so that the information can be extracted for the purposes of ownership verification or authentication. And watermarking techniques can be classified as either fragile or robust. Robust watermarks are useful for copyright and ownership assertion purposes. They cannot be easily removed and should resist common image manipulation procedures such as rotation, scaling, cropping, etc. On the other hand, fragile watermarks are easily corrupted by any image processing procedure, it can detect any change to an image as well as localizing the areas that have been changed. In this paper, we propose a fragile watermarking algorithm using a special hierarchical structure for integrity verification of image and detection of manipulated location. In the proposed method, the image to be watermarked is divided into blocks in a multi-level hierarchy and calculating block digital signatures in this hierarchy. The proposed method thwarts the cut-and-paste attack and the experimental results to demonstrate the effectiveness of the proposed method.

• Journal of Digital Convergence
• /
• v.12 no.7
• /
• pp.279-284
• /
• 2014

Recently, m-health care is be a problem that the patient's information is easily exposed to third parties in case of emergency situation. This paper propose an attribute-based access control protocol to minimize the exposure to patient privacy using patient information in the emergency environment. Proposed protocol, the patient's sensitive information to a third party do not expose sensitive information to the patient's personal health information, including hospital staff and patients on a random number to generate cryptographic keys to sign hash. In addition, patient information from a third party that is in order to prevent the illegal exploitation of the patient and the hospital staff to maintain synchronization between to prevent the leakage of personal health information.

• Journal of Digital Convergence
• /
• v.15 no.8
• /
• pp.183-193
• /
• 2017

Digital accredited certificates issued under the Digital Signature Act provide essential functionalities for online service, so certificates are used for various services such as online banking, e-government. However, certificates can be stolen by hackers and users need to install separate software to use certificates. Recently FIDO, which aims to solve the problems of password-based authentication and the lack of interoperability between authentication methods, is used for biometric authentication and TrustZone, hardware-based secure environment, is used for safe smartphone usage. In this paper, the new service method is suggested which uses FIDO-based biometric authentication and stores certificates in TrustZone. This method can not only improve security and convenience but also be easily applied to the service because it uses built-in functionalities of new smartphones such as biometric sensors and TrustZone. It is expected that people can use certificates in a safe and convenient way with this method.

• International Commerce and Information Review
• /
• v.4 no.1
• /
• pp.21-38
• /
• 2002

1999년 7 월부터 시행된 "전자거래기본법"은 전자문서와 전자거래의 효력을 법적으로 인정하고 있다. 그러나 본 법률이 제정될 당시 UNCITRAL의 전자상거래 모델법(1996)을 그대로 답습하여 영미 법계와 달리 대륙법계인 우리 나라의 실정에는 맞지 않는 조항이 포함되고 법률의 체계도 기본법 체계라고 보기에는 어려운 법률제정체계 문제점도 등장하고 있다. 이에 따라 본 연구에서는 전자문서의 개념과 데이터, 기록물 등의 다른 개념과의 관계 재정립을 통한 전자문서의 정의재조명과 동법에서의 "전자거래" 개념의 해석을 통한 전자거래 개념의 발전방향을 살펴본 후 현재 동법과 전자서명법과의 관계해석을 통해 법제정 추진체계 및 방향에 대하여 검토하였다. 전자문서와 관련해서는 기존의 문서개념과 기능을 생각하건대 현재 각종 법률에서 언급되고 있는 전자문서의 개념은 제한적으로 해석되어야 한다. 문서라는 개념을 넘어서는 새로운 개념도입이 필요하다면, 디지털컨텐츠의 포함한 전자적 기록 내지 전자적 매시지라는 개념도입이 불가피하다. 그러나 이러한 방식은 재산권을 표상하는 정보(컨텐츠, 화폐가치의 정보 등)와 기존의 문서와 서면을 대신하는 정보를 혼합시켜 이해하게 만들어 오히려 해석상 혼란을 가중시킬 수 있다. 따라서 기존의 문서나 서면을 대체하는 '전자문서'라는 개념은 그대로 사용하되, 기타 정책목적상 필요하다고 판단되는 디지털 컨텐츠, 화폐가치를 표상한 정보(전자화폐, 전자자금 정보 등) 등은 개별법률에서 이에 관한 정의를 하고 규율을 하는 것이 바람직할 것이다. 전자거래와 관련해서는 본 개념을 전자문서와 관련시켜 파악해서는 안된다는 것을 전제로 강학적 의미로 전자거래의 해석부분은 이해를 하되, 특정한 법률에는 그 법률제정목적에 맞는 전자거래의 개념정의를 통해 법률제정 내지 개정목적을 달성하면 될 것이다. 전자거래를 포괄하는 법률은 가능하지도 않고 이것이 가능하다 하더라도 결국 포함되어야 하는 전자거래 관련 규정을 선별하는 것도 쉽지 않을 것이다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.11A
• /
• pp.870-881
• /
• 2009

The rapid development of healthcare information management for 3D medical digital library, 3D PACS and 3D medical diagnosis has addressed security issues with medical IT technology. This paper presents multiple 3D medical image data for protection, authentication, indexing and diagnosis information hiding applied to healthcare information management. The proposed scheme based on POCS watermarking embeds the robust watermark for doctor's digital signature and information retrieval indexing key to the distribution of vertex curvedness and embeds the fragile watermark for diagnosis information and authentication reference message to the distance difference of vertex. The multiple embedding process designs three convex sets for robustness, fragileness and invisibility and projects 3D medical image data onto three convex sets alternatively and iteratively. Experimental results confirmed that the proposed scheme has the robustness and fragileness to various 3D geometric and mesh modifiers at once.

• Journal of Digital Convergence
• /
• v.19 no.10
• /
• pp.287-293
• /
• 2021

Recently, public certificates issued by nationally-recognized certification bodies have been abolished, and internet companies have issued their own common certificates as certification authority. The Electronic Signature Act was amended in a way to assign responsibility to Internet companies. As the use of a joint certificate issued by Internet companies as a certification authority is allowed, it is expected that the fraud damage caused by the theft of public key certificates will increase. We propose an authentication model that can be used in a security gateway that combines PKI with a blockchain with integrity and security. and to evaluate its practicality, we evaluated the security of the authentication model using Sugeno's hierarchical fuzzy integral, an evaluation method that excludes human subjectivity and importance degree using Delphi method by expert group. The blockchain-based joint certificate is expected to be used as a base technology for services that prevent reckless issuance and misuse of public certificates, and secure security and convenience.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.551-556
• /
• 2001

The ESES system has been developed to supply a digital signature function, an encryption function, and a library of cryptographic primitives and algorithm for securing an XML document and the existing non-XML documents that are exchanged in the electronic commerce. In this paper, we will introduce the overview of ESES system and explain how the ESES processes to offer security services Finally we\`ll conclude our talk by presenting the summary and further works.

• Proceedings of the Korea Contents Association Conference
• /
• 2004.11a
• /
• pp.291-295
• /
• 2004

As a large quantity of information is presented in XML format on the web, there are increasing demands for XML security. Until now research on XML security has been focused on the security of data network using digital signature and encryption technology. As XML data become extensive and complex however XML security comes to involve not only network security but also managerial security. But XML encryption support simple network security. So it cannot support multiple users and multiple access control policy. In this paper, we propose an integration method of encryption and access control policy for securing XML documents. This methodology can support multiple authorization of multiple users with integrating access control. And this can reduce the cost of the existing complicated access evaluation process of access control by using pre-processing.

• Journal of the Korean Society for information Management
• /
• v.25 no.1
• /
• pp.75-98
• /
• 2008

With explosive growth in the area of the Internet and IT services, various types of e-documents are generated and circulated. An e-Document is a sort of electronic records which a organization performs works and goals. In this study, we propose a security algorithm for secure use and distribution of e-documents. Especially, the proposed method can be applied to generate digital signature which can guarantee authenticity, integrity, confidentiality of an e-document and authenticate authorized users. Also, we can get higher security level as using a smart card that provides highly storing capacity and security. We carried out an experiment to verify efficiency and security of the proposed method.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.1_2
• /
• pp.112-117
• /
• 2004

In this paper, we propose a suitable multiplication architecture for cellular automata in a finite field $GF(2^m)$. Proposed least significant bit first multiplier is based on irreducible all one Polynomial, and has a latency of (m+1) and a critical path of $ 1-D_{AND}＋1-D{XOR}$.Specially it is efficient for implementing VLSI architecture and has potential for use as a basic architecture for division, exponentiation and inverses since it is a parallel structure with regularity and modularity. Moreover our architecture can be used as a basic architecture for well-known public-key information service in $GF(2^m)$ such as Diffie-Hellman key exchange protocol, Digital Signature Algorithm and ElGamal cryptosystem.