• Title/Summary/Keyword: Certificate

Search Result 1,365, Processing Time 0.032 seconds

Passwordless Protection for Private Key Using USIM Information (USIM 정보를 활용한 패스워드리스 방식의 개인키 보호 방안)

  • Kim, Seon-Joo
    • The Journal of the Korea Contents Association
    • /
    • v.17 no.6
    • /
    • pp.32-38
    • /
    • 2017
  • Despite the opinion that certificate is useless, half of the population in Korea (approx. 35 million) get an certificate, and use it for internet banking, internet shopping, stock trading, and so on. Most users store their certificates on a usb memory or smartphone, and certificates or passwords stored on such storage media can be easily attacked and used to disguise as legitimate users. Due to these security problem of certificate, a various authentication technologies has been proposed such as smartphone owner authentication using SMS, and a personal authentication using biometric authentication. However, a safe technique is not presented yet without user password, and certificate. In this paper, I proposed a method to secure certificate/private key without a user password using a combination of USIM card and smartphone's information. Even if a hacker gets the user password, the certificate, and the private key, he can not use the certificate. User do not need to remember complex password which is a combination of alphabetic / numeric / special characters, and use his certificate safely.

Modeling and Simulation of the Efficient Certificate Status Validation System on Public Key Infrastructure (공개키 기반 구조에서의 효율적인 인증서 상태 검증 방법의 모델링 및 시뮬레이션)

  • Seo, Hee-Suk;Kim, Tae-Kyoung;Kim, Hee-Wan
    • Journal of the Korea Computer Industry Society
    • /
    • v.5 no.5
    • /
    • pp.721-728
    • /
    • 2004
  • OCSP (Online Certificate Status Protocol) server which checks the certificate status provides the real time status verification in the PKI (Public Key Infrastructure) system which is the essential system of certificate. However, OCSP server need the message authentication with the server and client, so it has some shortcomings that has slow response time for the demands of many clients concurrently and has complexity of the mathematical process in the public encryption system. In this research, simulation model of the certificate status vertification server is constructed of the DEVS (Discrete EVent system Specification) formalism. This sever model is constructed to practice the authentication with hash function when certificate is checked. Simulation results shows the results of increase of the certificate status verification speed and decrease of the response time to the client.

  • PDF

A Study on Measures for Improving Obligatory Use of Digital Certificate for Eletronic Financial Transactions (전자금융거래시 공인인증서 의무사용 개선방안에 관한 연구)

  • Jeong, Gi Seog
    • Convergence Security Journal
    • /
    • v.13 no.6
    • /
    • pp.25-33
    • /
    • 2013
  • Digital certificate must be used for electronic financial transactions in Korea. But because digital certificate is based ActiveX of Internet Explorer, it is difficult to use digital certificate in other web browsers. It interrupts a development of various authentication technology and a growth of related industry. Also digital certificate can be leaked because of being stored in harddisk or USB. The government eased obligatory use of digital certificate and opened doors to other authentication techniques. But any other authentication techniques are not used because they are not approved as alternative technology. The revised bills with digital certificate abolition as the main agenda have been submitted to the National Assembly. Whether the revised bills pass or not will be decided by a regular session of the National Assembly depending on the calculation and dynamics composition of related industry. In this paper, a controversy over obligatory use of digital certificate is examined and measures are found.

A Study on the Real-Time Certificate Status Verification System Using VDN (VDN을 이용한 실시간 인증서 상태 검증 시스템의 관한 연구)

  • Lee, Kwang-Hyoung;Kim, Hyun-Chul
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.7 no.5
    • /
    • pp.858-865
    • /
    • 2006
  • A certificate that is issued by the certification authority can be revoked within the period of validity by various reasons such as the loss of private key, disqualification or the change in key. Therefore, the certificate status verification must precede prior to use Currently, the CRL or the OCSP methods are used in most cases. But the CRL system can't guarantee the present status of the certificate, and the OCSP generates heavy network traffic by checking or requesting certificate status in real-time using high-capacity messages. In this paper, we propose a system that requests the certificate verification by creating VDN for user identity information. Through this system, the certification authority will be able to guarantee the certificate's status in real-time, and solve the problem of the sewer and network overload by verifying and finding user identity information from VDN, Based on the results, we propose a real-time certificate status verification system which can improve the speed of the verification. We confirmed the improvement in speed by testing and comparing it with the existing methods.

  • PDF

Decentralized Identity Based Digital Certificate System for Prevention of Infectious Diseases (감염병 예방을 위한 분산ID 기반 디지털 증명서 시스템)

  • Park, Sung-chae;Lee, Ju hyun;Park, Keundug;Youm, Heung Youl
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.32 no.1
    • /
    • pp.49-66
    • /
    • 2022
  • The COVID-19 pandemic has led many countries around the world to introduce and employ a digital certificate system to prevent infectious diseases, however, there are difficulties in using the compatible digital certificate between countries in that the international standards of the system have not been developed. Accordingly, we propose an improved system, comparing two methods of presenting a certificate, existing QR code-based and a short-range wireless communication-based certificates. The proposed system is a digital certificate system against the spread of infectious disease by storing verification information of the certificate using decentralized identity-based technology on the blockchain. Blockchain-based trust anchor improves security by solving the problem of forgery and alteration of certificates and guaranteeing the identity of certificate issuers and presenters. This system is also expected to enhance usability providing concurrent verification of a number of certificates(vaccination certificates, recovery certificates, test results, identity certificates, etc.) in a single certificate presentation.

A Study on Preferences and Utilities of Digital Signature Certificate Choice Factors Using Conjoint Analysis (컨조인트 분석을 이용한 인증서 선택요인 및 효용가치에 대한 연구)

  • Whanchul Kang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.1
    • /
    • pp.117-128
    • /
    • 2023
  • Due to the full revision of the Digital Signature Act (enforcement on December 10, 2020), various certificates are being released and competing in the market. Under fierce competition, the certificate market share of large IT platform companies is increasing, and it is predicted that they will eventually monopolize the market. Therefore, identifying the consumer's certificate choice factors and understanding the difference in importance between the choice factors are essential elements for establishing a company's strategy for the certificate market and product positioning, and are key points in setting the government's certificate policy direction. In this study, consumers' certificate choice factors were extracted based on the details of preceding papers and surveys, and based on the extracted choice factors, 4 choice factors (reliability of issuer, program installation, certificate usage method(how to use), versatility(where to use)) were identified through a Delphi survey. As a result of conjoint analysis by conducting a consumer survey with selected choice factors, the reliability of the issuer was found to be the most important utility value. In order of importance, the certificate usage method(how to use), program installation, and versatility(where to use) appeared.

Recent Trend Analysis of Certificate Revocation Mechanism (인증서 폐기 메커니즘의 최근 동향 분석)

  • 황원섭;김자영;정수민;윤동식
    • Proceedings of the Korea Information Assurance Society Conference
    • /
    • 2004.05a
    • /
    • pp.77-82
    • /
    • 2004
  • The notion of a certificate was introduced by Kohnfelder in his 1978 MIT bachelor's thesis. The idea, now common, was that a certificate is a digitally signed statement binding the key-holder's name to a public key. With the increasing acceptance of digital certificate, there has been a gaining impetus for methods to nullify the compromised digital certificates and enable the end user to receive this information before be trusts a revoked certificate. The problem of certificate revocation is getting more and more crucial with the development of wide spread PKIs. In this paper, we investigate recent trend of certificate revocation mechanism.

  • PDF

A Study on the Perception, Motivation for Acquisition, And Improvement Measures of the Korean Cooking Certificate (한식조리기능사 자격증에 대한 인식 및 취득 동기, 개선 방안 연구)

  • Min, Kye-Hong
    • Culinary science and hospitality research
    • /
    • v.14 no.1
    • /
    • pp.181-190
    • /
    • 2008
  • The purpose of this study is to make profits and enhance national competitiveness through the globalization of Korean food. For this purpose, this study analyzed the certificate of qualification for Korean cooking technicians in the field of technical cooking. The results of presenting the perception, motivation for acquisition, and improvement measures of the Korean cooking certificate are as follows. First, as for the perception, if Korean cooking technicians acquire the certificate, they are acknowledged to acquire the qualifications and basic technology as licensed cooks in Korean food; however, they cannot practically execute cooking affairs. They cannot receive additional marks in time of employment. Getting the special education in cooking schools is helpful to acquiring the certificate. Second, the motivation for acquisition results from its advantage over other types of business, and a hope for running Korean food restaurants. Third, the improvement measures cover changing examination contents to be utilized in practical affairs, improving cooking methods, fair evaluation, and considering excessive technicians not to depreciate the value of the certificate.

  • PDF

Certificate Issuing Protocol Supporting WAKE-KR (WAKE-KR을 지원하는 인증서 발행 프로토콜)

  • 이용호;이임영
    • Journal of Korea Multimedia Society
    • /
    • v.6 no.2
    • /
    • pp.288-300
    • /
    • 2003
  • As the importance of information security gets recognized seriously, ciphers technology gets used more. Particularly, since public key ciphers are easier to control the key than symmetric key ciphers and also digital signature is easily implemented, public key ciphers are increased used. Nowadays, public key infrastructure is established and operated to use efficiently and securely the public key ciphers. In the public key infrastructure, the user registers at the certificate authority to generate the private key and public key pair and the certificate authority issues the certificate on the public key generated. Through this certificate, key establishment between users is implemented and encryption communication becomes possible. But, control function of session key established in the public key infrastructure is not provided. In this thesis, the certificate issuing protocol to support the key recovery of the session key established during the wireless authentication and key establishment is proposed.

  • PDF

A Study on Delegation used SPKI Certificate in Grid (그리드에서 SPKI 인증서를 이용한 권한 위임에 관한 연구)

  • Lee, Seoung-Hyeon;Lee, Jae-Seung;Moon, Ki-Young;Lee, Jae-Kwang
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.11 no.2
    • /
    • pp.309-315
    • /
    • 2007
  • It is X.509 certificate that use to offer authentication and delegation service in grid. Authentication service offers by X.509 user certificate, and delegation service offers by X.509 proxy certificate. However, in case of provide delegation service using X.509 poxy certificate, can not fulfill complicated delegation requirement of grid. In this paper, proposed delegation mechanism that is done restricted delegation, multiple delegation and light weight that delegation service that use existent X.509 proxy certificate does not have. In this paper, delegation service that proposed used SPKI certificate.