• 제목/요약/키워드: Certificate

Search Result 1,365, Processing Time 0.032 seconds

A Secure Digital Signature Delegation Scheme using CAs (CA를 이용한 안전한 서명 검증 위임 기법)

  • 최연희;박미옥;전문석
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.6
    • /
    • pp.55-65
    • /
    • 2003
  • To perform the certificate validation processing on the user-side application induces the very considerable overhead because of the complex and time-consuming characteristic of the validation processing. Especially, the verification for digital signature over a certificate can be the major reason of the overhead, since the verification accompanies with the cryptographic calculation over each certificate on the certificate path. In this paper, we propose a new certificate validation scheme can reduce the overhead caused by user-side certificate validation processing and improve the utilization of CAs. As the result, our proposed scheme can not only reduces the overhead for the validation processing by decreasing the cryptographic calculation but also improves the utilization of CAs by employing them to the validation processing.

A Study on the Application of Cross-Certification Technology for the Automatic Authentication of Charging Users in ISO 15118 Standard (ISO 15118 충전 사용자 자동인증을 위한 교차인증서 기술의 적용에 관한 연구)

  • Lee, Sujeong;Shin, Minho;Jang, Hyuk-soo
    • The Journal of Society for e-Business Studies
    • /
    • v.25 no.2
    • /
    • pp.1-14
    • /
    • 2020
  • ISO 15118 is an international standard that defines communication between electric vehicles and electric vehicle chargers. Plug & Charge (PnC) was also defined as a technology to automatically authenticate users when using charging services. PnC indicates automatic authentication technology where all processes such as electric vehicle user authentication, charging and billing are automatically processed. According to the standard, certificates for chargers and CPSs (Certificate Provisioning Services) should be under the V2G (Vehicle to Grid) Root certificate. In Korea, the utility company operates its own PKI (Public Key Infrastructure), making it difficult to provide chargers under the V2G Root Certificate. Therefore, a method that can be authenticated is necessary even when you have different Root Certificates. This paper proposes to apply cross-certificate technology to PnC authentication. Automatic authentication of Cross Certification is to issue a cross-certificate of the Root CA and include it in the certificate chain to proceed with automatic authentication, even if you have different Root certificates. Applying cross-certificate technology enables verification of certificates under other Root certificates. In this paper, the PnC automatic authentication and cross certificate automatic authentication is implemented, so as to proceed with proof of concept proving that both methods are available. Define development requirements, certificate profiles, and user authentication sequences, and implement and execute them accordingly. This experiment confirms that two automatic authentication are practicable, especially the scalability of automatic authentication using cross-certificate PnC.

e-C/O under FTA (FTA 체결에 따른 전자원산지증명서 활성화 방안)

  • Lee, Chang-Sook;Kim, Jong-Chill
    • International Commerce and Information Review
    • /
    • v.15 no.3
    • /
    • pp.475-498
    • /
    • 2013
  • The most fundamental reason why FTA Agreement must be concluded is based on the preferential tariff treatment among country parties. In order to get applied by the preferential tariff treatment under an FTA, the parties need to meet the rules of origin and the criteria stipulated under the FTA simultaneously. In addition, Certificate of Origin(C/O) document is required to claim for the preferential treatment under the FTA Agreement. In South Korea, the electronic Certificate of Origin can be issued by the UNI-PASS and FTA-PASS of the Korea Customs Service. The Web Certification System of the Korea Chamber of Commerce & Industry also is established. But the majority cases of requesting the preferential Certificate of Origin are generally performed by the business partners. The settlement and activation of electronic Certificate of Origin are urgently needed to maximize the effects of FTA, First, this paper examines the application situation of electronic Certificate of Origin throughly. Second, the current circumstances related to electronic Certificate Origin are analyzed in the practical and systematic perspectives. Finally, the improvements for activating electronic Certificate of Origin is suggested.

  • PDF

Development and Application of a Digital Certificate Classification Framework: A Configuration Perspective (디지털 인증 분류 프레임워크의 개발과 적용: 상황적 관점)

  • Kim, Chang-Su;Gafurov, Dilshodjon
    • Information Systems Review
    • /
    • v.11 no.3
    • /
    • pp.107-123
    • /
    • 2009
  • In this paper, we review digital certificate technologies and their applications in e-commerce. Current digital certificate technologies are evaluated and their importance is explained. The configuration of certificate flows from providers to users through software, hardware, and network technologies is described. These five domains and the configuration of digital certificate flows guide our review of the characteristics of digital certificates. We then develop a framework for the classification of digital certificates that integrate these five domains with VeriSign's types and levels of assurance. In order to demonstrate the adequacy of our digital certificate classification framework, we populated it with VeriSign's digital certificates. Within each domain, VeriSign's classes of digital certificates are classified in accordance with the VeriSign type and level of assurance. The results of our analysis suggest that the framework is a useful step in developing a taxonomy of digital certificate technologies. The strengths and weaknesses of the study are discussed, and opportunities for further research are identified and discussed.

A Study on the Introduction of a Rigging and Slinging Certificate System to Reduce a Struck by Object Accidents (건설현장 물체에 맞음 사고 저감을 위한 줄걸이 작업 전문 자격제도 도입에 관한 연구)

  • Yeom, Chun Ho;Lee, Jinho;Park, Hyeon
    • Journal of the Korean Society of Safety
    • /
    • v.33 no.5
    • /
    • pp.92-100
    • /
    • 2018
  • According to 'The Analysis of Industrial Accidents in 2016' by Ministry of Employment and Labor, the number of deaths caused by accidents in the construction field is 391, accounting for 47% of 826 industrial fatalities in all industries. The breakdown of the 391 fatalities of the construction industry shows that 'struck by an object' accident had 30 fatalities, the 3rd in frequency following falling (235) and crashing (32) accidents. This study aims to explore ways to reduce the 'struck by an object' accident with emphasis on safety education and certificate system for rigging and slinging works. This study reviews literature on rigging and slinging works and analyzes 'struck by an object' accidents. The rules and regulation on the rigging and slinging works are also reviewed both for Korea and other countries with best practices in construction safety such as Singapore, Japan, U.K., and U.S. The rigging and slinging certificate systems of those countries are also reviewed to find any advantage in the construction safety management. In addition, a pilot rigging and slinging certificate system was executed in one of domestic construction site followed by two surveys: one on the riggers who participated in the pilot operation and the other on general managers in domestic construction sites. Based on the analysis of the 'struck by an object' accidents and pilot operation, this study proposes a rigging and slinging certificate system to reduce accidents, enhancing safety condition of construction sites. The certificate system was proposed in a way to accommodate working practice of construction sites. Depending on rigging careers and a crane load capacity, riggers are eligible to apply either basic or master certificate which makes difference in the level of rigging works. The safety condition of rigging and slinging work could be substantially enhanced if workers, managers, supervisors, administrators, and policy makers work together consistently.

A History Check System of Public Electronic Certificate using OCSP Service (OCSP 서비스를 이용한 공인인증서 사용이력 확인 시스템)

  • Kim, Nam-Gon;Cho, Beom-Joon
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.20 no.3
    • /
    • pp.543-548
    • /
    • 2016
  • Public electronic certificates, as an important means for identification, have been used as the main economic transactions, including banking, e-government, e-commerce. identification. However, damage cases of certificates have been increased by Illegally issued and by hacking practices. Also the users have a difficult in ensuring that their certificates when and where to use. Therefore, the proposed system gives the organization code for the Institutions using OCSP services in advance, the organization code embedded in extensions of OCSP request message structure when institutions ask the validation of certificate to CA(Certificate Authority). Also, OCSP server can extract the organization code from OCSP request message, confirm the institution, and record it in certificate history management table of DB. In this paper, we presented a system that could determine the certificate history check using OCSP service, public electronic certificate validation service, and implemented to prevent and cope immediately with financial incidents.

A Study on the National System of the Professional Qualification -for Terecommunication Profession- (국제기술 자격제도에 관한 연구 -통신 전문직을 중심으로-)

  • 조정현
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.4 no.1
    • /
    • pp.8-24
    • /
    • 1979
  • Including the Qualfication of Staffer required for Commuinication, the National Law of Professional qualification is a basic law for supply with manpower of high growth industry, and it is aiming at perfect the national Policy Concerned improvement for education and training of staff, carrying out of state examination for qualification and getting an occupation or application for special qualification. This law has established a management committee for qualification system in The Ministry of Science and Technique ROK, and authorized competence Minister according to kind of special qualification aiming at getting employment, practical use and courteous treatment in society and economy for national qualification, and also regulated their each official duty. A qualification of staffer required for communication is an administrative measure giving as occupational certificate after some examination for knowledge, technique and faculty in vocational ability to adapt to intrinsic of telecommunication. This certificate has the cause of an attribution of over the sphere of telecommunication, and so it has been originated in international situation, and then some of them is forced by international law, otherwise it be in common use between the nations. The Characteristic and orthodox of communication certificate has been succeded continually in company with development of telecommunication and the appliable field of them is specified, but the sovereign power of nation is approved by ITU that she can extent the applicable position for communication certificate and coordinate the utility of qualification for telecommunication value. Korean telecommunication law excepted the application of communication certificate in public communication field. It is unreasonable and even disobeyed against the theory of communication science and intrinsic of telecommuncation. Therefore it should be corrected immediately and then communication certificate have to accept in the public communication field at all, if so, the application field of communication certificate can have more than useful extenxion such as administration measure should be achieved by the management committee for qualification system in Ministry of Science and Technique and competemce Minister appointed according to special kind of certificate and the administration have to manage by the method and proccess caused by communication science or cooperative system between administration, industry, education and science. And, then, every acquisitor of qualification also has to try to perfect his vocational duty sincerely and to promote each self-realization.

  • PDF

The Relationship between University Students' Major Selection Motivation and Intention to Acquire Certificates and the Influence of Recognition of Value Using Certificate-Focusing on the Health and Medical Information Manager Certificate (대학생들의 전공선택동기와 자격증 취득의향 간의 관계 및 자격증 활용가치 인식의 영향 -보건의료정보관리사 자격증을 중심으로-)

  • Seung-A Cho
    • Journal of the Health Care and Life Science
    • /
    • v.10 no.2
    • /
    • pp.211-220
    • /
    • 2022
  • This study was conducted to understand the relationship between college students' motivation to choose a major and their intention to acquire a certificate. As a result of the study, only social motivation among the motives for choosing a major influenced the intention to obtain a certificate. Second, only social motivation influenced the perception of the value of using certificates. Third, in the relationship between the motivation for choosing a major and the intention to acquire a certificate, the perception of the value of using a certificate did not affect. Based on these research results, this study confirmed that in the case of departments related to health and medical fields, students with strong social motivation such as employment have a high willingness to obtain certificates.

A study of real-time certificate validation using OCSP and SCVP (실시간 인증서 검증을 위한 OCSP와 SCVP의 연동방안에 대한 연구)

  • 배두현;송오영;박세현
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2002.11a
    • /
    • pp.381-384
    • /
    • 2002
  • 현재 인증서의 상태 검증을 실시간으로 제공하기 위해 각 CA(Certificate Authority)들은 고전적 방법인 CRL(Certificate Revocation List) 배포보다는 OCSP(Online Certificate Status Protocol)을 통하여 인증서의 상태에 대한 정보를 실시간으로 제공한다. 그러나, 경로검증 및 인증서 정책 맵핑 및 정책검증과 인증서 상태검증을 제공하는 SCVP(Simple Certificate Validation Protocol)는 CRL을 사용하는 한계로 인하여 실시간 검증을 제공하지 못하고 있다. 또한 OCSP는 인증서의 실시간 상태검증만을 제공할 뿐, 인증서의 경로검증과 인증서 정책 맵핑 및 정책검증에 대한 서비스는 제공하지 못하고 있다. 따라서, 이러한 두 프로토콜의 단점을 보안하고, 인증서 검증서버가 제공해야 하는 모든 서비스를 제공하기 위해 OCSP와 SCVP의 연동방안에 대한 연구를 통하여 SCVP에서의 실시간 검증을 제공할 수 있도록 한다.

  • PDF

Certificate-Based Encryption Scheme without Pairing

  • Yao, Ji;Li, Jiguo;Zhang, Yichen
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.6
    • /
    • pp.1480-1491
    • /
    • 2013
  • Certificate-based cryptography is a new cryptographic primitive which eliminates the necessity of certificates in the traditional public key cryptography and simultaneously overcomes the inherent key escrow problem suffered in identity-based cryptography. However, to the best of our knowledge, all existed constructions of certificate-based encryption so far have to be based on the bilinear pairings. The pairing calculation is perceived to be expensive compared with normal operations such as modular exponentiations in finite fields. The costly pairing computation prevents it from wide application, especially for the computation limited wireless sensor networks. In order to improve efficiency, we propose a new certificate-based encryption scheme that does not depend on the pairing computation. Based on the decision Diffie-Hellman problem assumption, the scheme's security is proved to be against the chosen ciphertext attack in the random oracle. Performance comparisons show that our scheme outperforms the existing schemes.