• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 한국정보통신학회 2017년도 춘계학술대회
• /
• pp.271-274
• /
• 2017

An educational institution issued a degree certificate to those students who have successfully completed all studies included in different levels of the degree program. The degree certificate presented by the University is of major significance in the person's life but the fabrication and circulation of fake certificates is inexpensive because a paper document can easily be forged with the availability of advance printing and copying technologies. So, there is a need to adopt a centralized authentication process that can verify and ensure the authenticity of a document. In order to prevent the spread of fake degree certificates a method is proposed where the integrity of the contents with in the certificate can be verified with the use of and Smart Phone Application. A Quick Response (QR) Code will contain a digital signature over the data such as degree holder's name, major program, Grade Point Average (GPA) obtained etc. Which will be signed by university authorities after the registration in central system and deployed in university. In order to verify the digital signature a person need to use a specific smart phone application which will scan and authenticate the certificate without gaining access to a user's security credentials such as password.

• Journal of People, Plants, and Environment
• /
• 제21권6호
• /
• pp.493-500
• /
• 2018

The distribution of standing wreaths has reached about 7.1 million per year and the size of the standing wreath market is estimated to be at least 700 billion won. Among them, 20 to 30 percent are estimated to be reused, resulting in damage to flowerfarms' sales of 110 to 160 billion won per year. Due to the unique characteristics of conventional 3-tier standing wreaths in terms of transportation and installation, companies that lack design expertise have monopolized local distribution markets, and the issue of illegally using standing wreaths has been raised. These issues have highlighted the need for developing new designs and establishing a distribution system to expand the consumption of flowers. This study was carried out to identify consumers' perception of reused standing wreaths and the current systems introduced to prevent the distribution of reused standing wreaths such as the real-name standing wreath production system, the authenticity certificate system, and new standing wreaths. The results of a consumer survey showed that consumers' perception of reused standing wreaths has been high and that reused standing wreaths need to be actively regulated to establish fair trade order and protect consumers' rights. Although the effectiveness of the real-name system, the authenticity certificate system, and new standing wreaths was found to be insufficient, the introduction of these systems was essential and necessary for continuous promotion through broadcasting media.

• International Journal of Computer Science & Network Security
• /
• 제23권5호
• /
• pp.13-20
• /
• 2023

In connected vehicles, drivers are exposed to attacks when they communicate with unauthenticated peers. This occurs when a vehicle relies on outdated information resulting in interactions with vehicles that have expired or revoked certificates claiming to be legitimate nodes. Vehicles must frequently receive or query an updated revoked certificate list to avoid communicating with suspicious vehicles to protect themselves. In this paper, we propose a scheme that works on a highway divided into clusters and managed by roadside units (RSUs) to ensure authenticity and preserve hidden identities of vehicles. The proposed scheme includes four main components each of which plays a major role. In the top hierarchy, we have the authority that is responsible for issuing long-term certificates and managing and controlling all descending intermediate authorities, which cover specific regions (e.g., RSUs) and provide vehicles with short-term pseudonyms certificates to hide their identity and avoid traceability. Every certificate-related operation is recorded in a blockchain storage to ensure integrity and transparency. To regulate communication among nodes, security managers were introduced to enable authorization and access right during communications. Together, these components provide vehicles with an immediately revoked certificate list through RSUs, which are provided with publish/subscribe brokers that enable a controlled messaging infrastructure. We validate our work in a simulated smart highway environment comprising interconnected RSUs to demonstrate our technique's effectiveness.

• International Commerce and Information Review
• /
• 제1권2호
• /
• pp.229-247
• /
• 1999

Where a paper document, a manual signature, or negotiability is required in statute, then solutions must be found through a change in the law. However, where the problem originates in commercial usage, then the solution can be easier, and speedy. Certainly, nearly all of the functions that paper document provides can be equally, or better, satisfied by electronic means. That is, Electronic Commerce(EC), which has been increasing rapidly and is a new type of transaction, may be hindered by legal obstacles to use of Electronic Message, or by uncertainty to its legal effect and validity. Therefore, it is important to sustain legal effect to Electronic Message for the prosperity of EC The one of solutions is to use reliable Electronic signature system by Certification Authority to verify the authenticity of Electronic Message.

• The KIPS Transactions:PartC
• /
• 제18C권6호
• /
• pp.379-388
• /
• 2011

Ensuring the security of medical records is becoming an increasingly important problem as modern technology is integrated into existing medical services. As a consequence of the adoption of EMR(Electronic Medical Records) in the health care sector, it is becoming more and more common for a health professional to edit and view a patient's record. In order to protect the patient's privacy, a secure authentication model to access the electronic medical records system must be used. A traditional identity based digital certificate for the authenticity of EMR has private key management and key escrow of a user's private key. In order to protect the EMR, The traditional authentication system is based on the digital certificate. The identity based digital certificate has many disadvantages, for example, the private key can be forgotten or stolen, and can be easily escrow of the private key. Nowadays, authentication model using fingerprint recognition technology for EMR has become more prevalent because of the advantages over digital certificate -based authentication model. Because identity-based fingerprint recognition can eliminate disadvantages of identity-based digital certificate, the proposed authentication model provide high security for access control in EMR.

• Journal of Distribution Science
• /
• 제14권4호
• /
• pp.103-110
• /
• 2016

Purpose - This study investigates the improvement of rationalization of distribution structure in Korean diamond market. It also explores the international distribution of diamond and how the distribution of Korean diamond market system was improved. This study also for providing the evaluation method in case of purchasing diamond on the consumers. Research Design, Data, and Methodology - The research investigates how international diamond distribution market has been changed since 1933 by De Beers. The international Diamond rough stone has been deregulated in supply and demand by Debeers since July, 2000, therefore, the price maintenance policy of diamond market also has been changed. In the short term, the diamond price in market has been down, whereas, in the long term, the market share of Debeers has affected the high quality of diamond price in world market. Before 1985, both G color and VVS1 clarity were used as the level of percentages in the diamond certificate of authenticity in Korea. But, after 1985, the diamond certificate of authenticity uses Diamond Grading Report. Results - Between the 1970's and 1980's, Debeers had controlled about 80 percentages of international diamond supply market. But, Debeers share in diamond market fell by 60 percentages in 2000's. Debeers supplied 31%(4390 carets) of international diamond supply and 41%(39 billion dollars) in 2003. However, Debeers shares 50% of market shares in the diamond supply market by Alosa in Russia. In Korea, the diamond grading report system has been used since 1985. But, the diamond grading report system has price bubbles and much irrational parts in grading system methods. Conclusions - 4C, the grading system of diamond, is a method for comparing and evaluating diamond objectively. Diamond is graded according to its color, cut, clarity, and carat. The price of diamond is determined based on its each item. Consumers purchase diamond for the purpose of investment and wearing. In terms of investment, it is recommended to purchase diamond with color of D grade, cut with Excellent or Very Good Cut grade, Clarity of FL or IF, and more than 3 carat. As for wearing purpose, it is highly recommended for diamond to have color of F or G grade, cut of Excellent or Very Good Cut, clarity of VS2 or SI1, and more than 1 carat Before 2000, Central Selling Organization(CSO) distributed about 80 percentages rough diamond to world market exclusively by purchase, classification, assessment, and sales. After 2000, Dbeers diamond company looses slowly market shares, while Almosa diamond company etc. in Russia are taking over world market shares more and more. Debeers market shares have been falling over the years, and the international diamond markets are gradually growing by other international diamond companies. But, there is no change in Korean diamond market after 1980's. Korean diamond distribution needs to follow international level of Diamond Grading System. By using different grading systems with different panel members, Korean diamond grading system needs to follow international perfect grading systems to grow diamond markets and maintain within top 10 diamond markets countries.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권1호
• /
• pp.437-454
• /
• 2020

According to the privacy regulations of the health insurance portability and accountability act (HIPAA), patients' control over electronic health data is one of the major concern issues. Currently, remote access authorization is considered as the best solution to guarantee the patients' control over their health data. In this paper, a new biometric-based key management scheme is proposed to facilitate remote access authorization anytime and anywhere. First, patients and doctors can use their biometric information to verify the authenticity of communication partners through real-time video communication technology. Second, a safety channel is provided in delivering their access authorization and secret data between patient and doctor. In the designed scheme, the user's public key is authenticated by the corresponding biometric information without the help of public key infrastructure (PKI). Therefore, our proposed scheme does not have the costs of certificate storage, certificate delivery, and certificate revocation. In addition, the implementation time of our proposed system can be significantly reduced.

• Journal of Internet Computing and Services
• /
• 제13권2호
• /
• pp.59-71
• /
• 2012

PKI-based public key scheme is outstanding in terms of authenticity and privacy. Nevertheless its application brings big burden due to the certificate/key management. It is difficult to apply it to limited computing devices in WSN because of its high encryption complexity. The Bilinear Pairing emerged from the original IBE to eliminate the certificate, is a future significant cryptosystem as based on the DDH(Decisional DH) algorithm which is significant in terms of computation and secure enough for authentication, as well as secure and faster. The practical EC Weil Pairing presents that its encryption algorithm is simple and it satisfies IND/NM security constraints against CCA. The Random Oracle Model based IBE PKG is appropriate to the structure of our target system with one secret file server in the operational perspective. Our work proposes modification of the Weil Pairing as proper to the closed network for secret file distribution[2]. First we proposed the improved one computing both encryption and message/user authentication as fast as O(DES) level, in which our scheme satisfies privacy, authenticity and integrity. Secondly as using the public key ID as effective as PKI, our improved IBE variant reduces the key exposure risk.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제28권6호
• /
• pp.1343-1354
• /
• 2018

OAuth 2.0 bearer token and JWT(JSON web token), current standard technologies for authentication and authorization, use the approach of sending fixed token repeatedly to server for authentication that they are subject to eavesdropping attack, thus they should be used in secure communication environment such as HTTPS. In OAuth 2.0 MAC token which was devised as an authentication scheme that can be used in non-secure communication environment, server issues shared secret key to authenticated client and the client uses it to compute MAC to prove the authenticity of request, but in this case server has to store and use the shared secret key to verify user's request. Therefore, it's hard to provide stateless authentication service. In this paper we present a randomized token authentication scheme which can provide stateless MAC token authentication without storing shared secret key in server side. To remove the use of HTTPS, we utilize secure communication using server certificate and simple signature-based login using client certificate together with the proposed randomized token authentication to achieve the fully stateless authentication service and we provide an implementation example.

• International Commerce and Information Review
• /
• 제10권1호
• /
• pp.193-214
• /
• 2008

This study aims to examine similarities and differences of each e-B/L types as well as identify problems of e-B/L utilization and directions for improvement. Especially, it suggests strategies for the realization of e-B/L through reviewing and analyzing commercial types of e-B/L, which have been developed so far. Although e-B/L succeeded in realizing the function as a certificate of title and its distribution value, it has not been fully implemented due to operational problems. Subsequently, e-B/L was realized in the Bolero project as an attempt of system to make up for shortcomings in the failure of previous e-B/L types, but it has still a number of problems. To solve this problem and make use of e-B/L more efficiently, this study focuses on the specific ways to introduce e-B/L and suggest directions for the development of e-Nego system. Preparation of electronic documents is a prerequisite for the development of the e-Nego system, taking distribution of electronic documents into consideration. Next, compatibility of electronic documentation and paper-based documents should be realized, with the guarantee of authenticity of electronic documents.