• Journal of Digital Convergence
• /
• v.14 no.5
• /
• pp.341-348
• /
• 2016

Because VPN(Virtual Private Network) uses internet network, the security technique should support it and evaluation technique based on standard should support it. Therefore the method should be organized that can evaluate the security of VPN based on the related standard. In this study, we intended to construct the security evaluation model through combining CC(Common Criteria) which is a evaluation standard and a part of security(Confidentiality, Integrity, Non-repudiation, Accountability, Authenticity) evaluation of ISO which is the standard of software quality evaluation. For this, we analyzed the quality requirements about intra-technology and security of VPN and constructed the evaluation model related to the quality characteristics of two international standard. Through this, we are able to construct a convergence model for security evaluation of VPN. Through accumulating the evaluation practices for VPN in the future, the suitability and validity of the evaluation model must be improved.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 1999.12a
• /
• pp.411-419
• /
• 1999

EBPP는 소비자, 사업자간에 고지서 발송, 접수 및 지불을 네트워크를 통하여 전자적으로 처리하는데 필요한 환경을 의미하며, 인터넷을 기반으로 하여 전자우편 혹은 웹 페이지를 통하여 고지서를 처리한다 EBPP 시스템은 크게 소비자, 사업자 그리고 은행간의 거래로 이루어 지지만 컴퓨터 및 인터넷의 보급의 한계 등의 문제로 현재로서 모든 고지서를 전자적으로 처리하는 것은 무리가 따른다. 그럼에도 불구하고 EBPP 시스템은 1) 경쟁력 확보를 위해 기업/금융 기관들이 인터넷을 통한 고품질 서비스 개발에 주력하는 추세이고, 2) 고객과의 보다 긴밀한 관계 유지를 위한 수단 제공하며, 3) 인터넷 등 온라인 통신 인구가 급격한 증가(2701년에 전체 인구의 약 50%가 활용할 것으로 전망)하고 있으며,4) 소비자를게 보다 편리한 지불방법 제시해주며, 5) 또 다른 마케팅 매체로 활용 가능하므로 앞으로의 전망이 매우 밝다. EBPP시스템은 크게 금융기관, 기업, 소비자 부분으로 구성되며, 소비자와 접촉 방법으로는 대표적으로 Web과 전자우편을 생각할 수 있으며, EBPP 시스템을 구축하기 위해서는 기본적으로 상접 혹은 기업에서 청구에 필요한 정보를 등록시키는 통합 청구서버(Bill consolidation server), 소비자에게 청구 가능한 정보를 갖고있는 청구 제시서버 (Bill presentment server), 소비자의 지불요청에 따라 은행으로부터 지불을 요구하는 지불서버(Payment gateway) 등이 필요하며, 이들 각각의 서버들의 구성 요소들은 제공하는 서비스에 따라 달라질 수 있다. 통합 청구서버에서 청구 제시서버로 전송되는 청구 건은 통상적으로 실시간 처리되는 것이 아니라 통합 청구서버에 존재하는 Spool DB에 저장되어 그 양이 일정한도를 넘어서면 자동 전송되도록 하여, 망의 할용도를 높이는 역할을 수행한다. 청구 제시서버의 DB에 등록된 청구 건은 인터넷을 통해 소비자에게 청구되며, 소비자에게 전송 되는 청구서는 사용자DB를 참조하여 사용자가 미리 정의한 원하는 형태로 변환되어 전달되며, 필요시 암호화 과정을 거치는 것이 가능해야 한다. 전송된 청구서는 전자우편의 경우, 암호해독이 가능한 전용 브라우저를 통해 열람 되며, 이는 다시 전용 브라우저를 통해 지불인증이 승인되어 청구 제시서버에게 전송된다. EBPP 시스템의 제어 흐름은 크게 기업이 청구 정보를 소비자에게 제시하는 흐름과 소비자의 지불 승인으로 인해 기업이 은행에 지불을 요구하는 흐름으로 구분할 수 있다. 본 논문에서는 통합 청구서버 및 정구 제시서버의 역할 및 구성 요소들에 대해 서술하고, EBPP 시스템과 연동하여야 하는 메일 서버와의 상호 작용에 대해 서술할 것이다. 본 시스템을 아직 구현이 되지 않은 관계로 시스템의 성능 등의 수치적 결과를 제시할 수 없는 상태다.

• Microbiology and Biotechnology Letters
• /
• v.30 no.2
• /
• pp.116-122
• /
• 2002

The partial 165 rDNA sequences of 6 lactic acid bacterial strains isolated from Kimchi were determined. Two strains were Leuconostoc mesenteroides and the rest were incorrectly classified and turned out to be Lactobacillus. As the case of dairy lactic acid bacteria, the strains isolated from Kimchi also had cell-envelope proteinase (CEP) activity. As the result of partial CEP gene amplification with CEP-specific primers, the expected 1.2-kb amplificate was obtained not from Leu. mesenteroides but from Lactobacillus strains. The deduced amino acid sequence of PCR product amplified from the genomic DNA of Lactobacillus pentosus KFR1821 showed 95％ and 92％ homology with those of PrtPs from Lactococcus lactis subsp. cremoris and Lactobacillus paracasei subsp. paracasei, respectively. The PCR amplificate was used as a probe and the result of Southern hybridization illuminated the location of CEP gene in chromosomal DNA of Lb. pentosus KFR1821.

• The Journal of the Korea Contents Association
• /
• v.14 no.6
• /
• pp.1-10
• /
• 2014

Through the development of internet mobile devices and online business activation, sensitive data of unspecified user is being easily exposed. In such an open business environment, the outflow of sensitive personal information has often been remarked on recently for which adoption of encryption solution for database became top priority in terms of importance. In 2011, government also legislated for the protection of personal information as an information network law, and is now applying the law to a variety of industries. Firms began to comply with these regulations by establishing various measures for protection of personal information and are now quickly introducing encryption solution to reinforce security of personal information they are managing. In this paper, I present architecture and technological parts that should be considered when introducing security solution.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.5
• /
• pp.147-154
• /
• 2015

Satellite broadcasting networks, like if you have if you have just received information that everyone must bring the required security attributes this earth should be done as encryption. In this paper, a satellite communication network AH additional security header in transport mode IPsec VPN by applying the SHA-256 and MD-5 authentication algorithm to authenticate the data portion Error rate and analyze the BER and Throughput. First, to generate a normal IP packet added to IPsec transport mode security header AH were constructed internal authentication data by applying the SHA-256 and MD-5 algorithm. Channel coder was applied to the Rate Compatible Punctured Turbo Codes, packet retransmission scheme Hybrid-ARQ Type-II and Type-III were used. Modulation method was applied to the BPSK, the wireless channel Markov channel (Rician 80%, Rayleigh 20% and Rician 90%, Rayleigh 10%) as an authentication algorithm according to the satellite channel state analyzed how they affect the error rate and Throughput.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.4
• /
• pp.149-157
• /
• 2011

Passive tags are inferior to active tags in processing efficiency, so they have difficulty in largevolume processing. The proposed protocol reduces the volume of computation in passive tags and, at the same time, improves authentication for enhanced safety and security. That is, different from existing RFID protocols that return the same value even if an error happens when the reader reads a tag, the improved RFID security protocol returns a new value using a re-counter and processes the computation part of a tag in the reader or in a back.end system. Even if the information of a tag is acquired by an malicious way, it is not actual information but encrypted information that is not usable. In addition, even if tag information is read in sequence, it is changed in each read, so the protocol is safe from Location Tracking.

• Journal of Korea Society of Industrial Information Systems
• /
• v.17 no.6
• /
• pp.11-17
• /
• 2012

The HC-128 stram cipher which selected for the final eSTREAM portfolio is suitable for mobile Ad-Hoc network environments because of the ability of high-speed encryption in restricted memory space. In this paper, we analyzed the vulnerability of side channel analysis attack on HC-128 stream cipher. At the first, we explain a flaw of previous theoretical analysis result which defined the complexity of side-channel attack of HC-128 stream cipher as 'low' and then re-evaluate the security against side-channel attack by estimating the concrete complexity for recovering the secret key. As a result, HC-128 stream cipher is relatively secure against side-channel attack since recovering the secret key have $2^{65}$ computation complexity which is higher than other stream cipher's one.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.6C
• /
• pp.645-650
• /
• 2006

GSM(Global System for Mobile communications) provides mobile users with portability and convenience as the most popular standard for mobile phones in the world. However, GSM system has the problem that can't normally authenticate a user by the exposure of IMSI(International Mobile Subscriber Identity) of Ms(Mobile station) during the user authentication procedure. In this paper, we propose secure user authentication by preventing the exposure if IMSI via transfer the encrypted IMSI from the HLR(Home Location Register) and making the only network entities verified from the HLR use the IMSI value, as the modified mechanism based on the original user authentication protocol to solve this authentication problem. Also the proposed mechanism provides fast user authentication without changing the architecture between new VLR and old VLR in the original GSM user authentication protocol as well as user's anonymity by using a temporary ID.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.3
• /
• pp.133-142
• /
• 2013

Recently, smart devices for various services have been developed using converged telecommunications, and the markets for near field communication (NFC) mobile services is expected to grow rapidly. In particular, the realization of mobile NFC payment services is expected to go commercial, and it is widely attracting attention both on a domestic and global level. However, this realization would increase privacy infringement, as personal information is extensively used in the NFC technology. One example of such privacy infringement would be the case of the Google wallet service. In this paper, we propose an mutual authentication scheme based on NTRU for secure channel in OTA and an zero-knowledge proof scheme NTRU based on for protecting user information in NFC mobile payment systems without directly using private financial information of the user.

• The KIPS Transactions:PartC
• /
• v.9C no.2
• /
• pp.149-156
• /
• 2002

Current vaccine program which scans virus code patterns has a difficult to detect the encrypted viruses or polymorphic viruses. The decryption part of polymorphic virus appears to be different every time it replicates. We must monitor the behavior of the decryption code which decrypts the body of the virus in order to detect these kinds of viruses. Specialty, it is not easy for the existing methods to detect the virus if the virus writer has modified the loop count of execution intentionally. In this paper, we propose an advanced emulator using a new algorithm so as to detect various kinds of polymorphic viruses. As a result of experiment using advanced emulator, we found that our proposed method has improved the virus detecting rate about 2%. In addition, our proposed system has a merit that it runs on not only MS-Windows but also Linux, and Unix-like Platform.