• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.9
• /
• pp.6282-6289
• /
• 2015

Today, there is an increasing number of cases in which certificate information is leak, and accordingly, electronic finance frauds are prevailing. As certificate and private key a file-based medium, are easily accessible and duplicated, they are vulnerable to information leaking crimes by cyber-attack using malignant codes such as pharming, phishing and smishing. Therefore, the use of security token and storage toke' has been encouraged as they are much safer medium, but the actual users are only minimal due to the reasons such as the risk of loss, high costs and so on. This thesis, in an effort to solve above-mentioned problems and to complement the shortcomings, proposes a system in which digital signature for Internet banking can be made with a simply bio-authentication process. In conclusion, it was found that the newly proposed system showed a better capability in handling financial transitions in terms of safety and convenience.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.351-354
• /
• 2009

In the internet communication technology, authentication of the user is main task. So far, very popular researches have been proposed for user authentications based on user_id and password. These existing methods have some merits as well as demerits also. In this paper, we analyzed the existing authentication method problems and implement a secure PingPong-128 based key generator for internet technology. In our new scheme, we are using one time password and security card numbers to generate the secure tokens for the user and internet service provider.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.5
• /
• pp.81-88
• /
• 2010

Sun et al. proposed a new design of wearable token system for security of mobile devices, such as a notebook and PDA. In this paper, we show that Sun et al.'s system is vulnerable to off-line password guessing attack and man in the middle attack based on known plain-text attack. We propose an improved scheme which overcomes the weaknesses of Sun et al.'s system. The proposed protocol requires to perform one modular multiplication in the wearable token, which has low computation ability, and modular exponentiation in the mobile devices, which have sufficient computing resources. Our protocol has no security problem, which threatens Sun's system, and known vulnerabilities. That is, the proposed protocol overcomes the security problems of Sun's system with minimal overheads.

• The Journal of the Convergence on Culture Technology
• /
• v.8 no.1
• /
• pp.523-529
• /
• 2022

Art sponsorship contributed to the development of culture and art by supporting art activities to be financially stable. Various problems in the non-fungible tokens (NFTs) market, such as speculative transactions, are also expected to be improved through sound art sponsorship. This study proposes methods of implementing art sponsorship using NFTs and smart contracts. First, we propose a method of posting the acknowledgement of art sponsorship using NFT metadata. Second, we propose a method to remit sponsorship funds according to the project schedule using time-locked wallets. Third, we propose a method to remit sponsorship funds when major events of the project occur or requirements are met using Event-Driven Execution. The proposed methods can be used to share the fact about art sponsorship and safely fund it. However, many decisions about art projects must be made based on information generated outside the blockchain, which can lead to Oracle problems, so further research is needed.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.4
• /
• pp.667-673
• /
• 2021

Unauthorized generations and sales of non-funable tokens (NFTs) without the consent of the creator is one of the biggest problems that arise in NFT Marketplaces. This study proposes a method to practically reduce the problem of NFT sales without the consent of the creator by means of authentication with social media accounts. Through the proposed method, creators who are already using social media as a means of communication and marketing for creative activities can authenticate with their own accounts. Creators who have difficulty authenticating with their own accounts will be provided with alternatives to authenticate using human networks. In addition, the proposed method of protecting creator rights was designed using a flowchart to enable development using only the public API (Application Programming Interface) provided by social media. The proposed method can protect creators' rights and reduce damage caused by NFT fraud by inducing buyers to trade NFTs of authorized sellers through social media.

• KIPS Transactions on Software and Data Engineering
• /
• v.11 no.10
• /
• pp.399-408
• /
• 2022

ERC-20, the standard API for Ethereum token smart contracts, was introduced to ensure compatibility among applications such as wallets and decentralized exchanges. However, many compatibility vulnerability problems have existed because there is no rigorous functional specifications for each API nor conformance review tools for the standard. In this paper, we proposed a new review procedure and a tool to perform the procedure to review if ERC-20 token smart contract programs for the Ethereum blockchain conform to the de facto standards. Based on the knowledge from an analysis on the ERC-20 API functional behavior of the top 100 token smart contract programs in the existing Ethereum blockchain, a new specification for the de facto standard for ERC-20 API was explicitly defined. The new specification enabled us to design a systematic review method for Ethereum smart contract programs. We developed a tool to support this review method and we evaluated a few benchmark programs with the tool.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.1
• /
• pp.173-181
• /
• 2009

This paper proposes an algorithm to transform RDF(Resource Description Framework) models for ontology into CPN(Colored Petri Net) models. The algorithm transforms the semantics of the RDF model into the topology of the CPN by mapping the classes and the properties of the RDF onto the places of the CPN model then reflects the RDF statements on the CPN by representing the relationships between them as token transitions on the CPN. The basic idea of reflecting the RDF statements on the CPN is to generate a token, which is an ordered pair consisting of two tokens (one from the place mapped into the subject and the other one from the place mapped into the object) and transfer it to the place mapped into the predicate. We have actually built CPN models for given RDF models on the CNPTools and inferred and extracted answers to the RDF queries on the CPNTools.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.373-375
• /
• 2021

In the case of Korean, the possibility of development is lower than that of English if tagging is done through the word tokenization like English. Although the form of tokenizing the corpus by separating it into morpheme units via KoNLPy is represented as a graph database, full separation of voice files and verification of practicality is required when converting the module from graph database to corpus. In this paper, morphology representation using STT API is shown in Raspberry Pi. The voice file converted to Corpus is analyzed to KoNLPy and tagged. The analyzed results are represented by graph databases and can be divided into tokens divided by morpheme, and it is judged that data mining extraction with specific purpose is possible by determining practicality and degree of separation.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.12
• /
• pp.115-127
• /
• 2023

In this paper, we propose a SBT user authentication method for decentralized environment like blockchain. Due to tranparancy of blockchain, it is difficult to secure the privacy of person information, so it is necessary to use a new authentication method. In order to solve this problem, research using SBT for user authentication is being conducted, however most studies have implemented SBT in form of removing function which is related to trasmission from NFT without applying the technical features requried for SBT. The proposed scheme of this paper is implemented SBT which secured safetey and usabillity with using locking token function of ERC-5192. Also, based of implemented SBT scheme propose a user authentication process. To verify our approach, we set a hypothetical user authentication scenario based on the proposed user authentication process and deployed a smart contract that satisfies the 19 function call scenarios that occur in that scenario.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.29-34
• /
• 2023

KMS (Knowledge Management System) is used by various organizations to share information. This KMS includes important information as well as basic information used by each organization. To protect infortant information stored in KMS, many KMS use user identification and authentication features. In such a KMS security environment, if the account information of a user who can access the KMS is leaked, a malicious attacker using the account information can access the KMS and access all authorized important information. In this study, we propose KMS with user access control function that can protect important information even if user account information is leaked. The KMS with the user access control function proposed in this study protects the stored files in the KMS by applying an encryption algorithm. Users can access important documents by using tokens after logging in. A malicious attacker without a Token cannot access important files. As a result of checking the unit function for the target user access control function for effectiveness verification, it was confirmed that the access control function to be provided by KMS is normally provided.