• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2017년도 춘계학술대회
• /
• pp.271-274
• /
• 2017

An educational institution issued a degree certificate to those students who have successfully completed all studies included in different levels of the degree program. The degree certificate presented by the University is of major significance in the person's life but the fabrication and circulation of fake certificates is inexpensive because a paper document can easily be forged with the availability of advance printing and copying technologies. So, there is a need to adopt a centralized authentication process that can verify and ensure the authenticity of a document. In order to prevent the spread of fake degree certificates a method is proposed where the integrity of the contents with in the certificate can be verified with the use of and Smart Phone Application. A Quick Response (QR) Code will contain a digital signature over the data such as degree holder's name, major program, Grade Point Average (GPA) obtained etc. Which will be signed by university authorities after the registration in central system and deployed in university. In order to verify the digital signature a person need to use a specific smart phone application which will scan and authenticate the certificate without gaining access to a user's security credentials such as password.

• 인간식물환경학회지
• /
• 제21권6호
• /
• pp.493-500
• /
• 2018

The distribution of standing wreaths has reached about 7.1 million per year and the size of the standing wreath market is estimated to be at least 700 billion won. Among them, 20 to 30 percent are estimated to be reused, resulting in damage to flowerfarms' sales of 110 to 160 billion won per year. Due to the unique characteristics of conventional 3-tier standing wreaths in terms of transportation and installation, companies that lack design expertise have monopolized local distribution markets, and the issue of illegally using standing wreaths has been raised. These issues have highlighted the need for developing new designs and establishing a distribution system to expand the consumption of flowers. This study was carried out to identify consumers' perception of reused standing wreaths and the current systems introduced to prevent the distribution of reused standing wreaths such as the real-name standing wreath production system, the authenticity certificate system, and new standing wreaths. The results of a consumer survey showed that consumers' perception of reused standing wreaths has been high and that reused standing wreaths need to be actively regulated to establish fair trade order and protect consumers' rights. Although the effectiveness of the real-name system, the authenticity certificate system, and new standing wreaths was found to be insufficient, the introduction of these systems was essential and necessary for continuous promotion through broadcasting media.

• International Journal of Computer Science & Network Security
• /
• 제23권5호
• /
• pp.13-20
• /
• 2023

In connected vehicles, drivers are exposed to attacks when they communicate with unauthenticated peers. This occurs when a vehicle relies on outdated information resulting in interactions with vehicles that have expired or revoked certificates claiming to be legitimate nodes. Vehicles must frequently receive or query an updated revoked certificate list to avoid communicating with suspicious vehicles to protect themselves. In this paper, we propose a scheme that works on a highway divided into clusters and managed by roadside units (RSUs) to ensure authenticity and preserve hidden identities of vehicles. The proposed scheme includes four main components each of which plays a major role. In the top hierarchy, we have the authority that is responsible for issuing long-term certificates and managing and controlling all descending intermediate authorities, which cover specific regions (e.g., RSUs) and provide vehicles with short-term pseudonyms certificates to hide their identity and avoid traceability. Every certificate-related operation is recorded in a blockchain storage to ensure integrity and transparency. To regulate communication among nodes, security managers were introduced to enable authorization and access right during communications. Together, these components provide vehicles with an immediately revoked certificate list through RSUs, which are provided with publish/subscribe brokers that enable a controlled messaging infrastructure. We validate our work in a simulated smart highway environment comprising interconnected RSUs to demonstrate our technique's effectiveness.

• 통상정보연구
• /
• 제1권2호
• /
• pp.229-247
• /
• 1999

Where a paper document, a manual signature, or negotiability is required in statute, then solutions must be found through a change in the law. However, where the problem originates in commercial usage, then the solution can be easier, and speedy. Certainly, nearly all of the functions that paper document provides can be equally, or better, satisfied by electronic means. That is, Electronic Commerce(EC), which has been increasing rapidly and is a new type of transaction, may be hindered by legal obstacles to use of Electronic Message, or by uncertainty to its legal effect and validity. Therefore, it is important to sustain legal effect to Electronic Message for the prosperity of EC The one of solutions is to use reliable Electronic signature system by Certification Authority to verify the authenticity of Electronic Message.

• 정보처리학회논문지C
• /
• 제18C권6호
• /
• pp.379-388
• /
• 2011

의료정보는 환자에게 중요한 개인정보로써 반드시 보호돼야 한다. 특히 전자의무기록에 접근할때, 의료인의 강화된 신원확인에 대한 인증방식이 필요하다. 기존의 공인인증서 기반 인증모델은 개인키 관리, 권한위임 등 문제점으로 전자의무기록의 특성을 반영하지 못했다. 본 논문에서는 전자의무기록 시스템에 의료인이 접근하는 경우 지문인식 기반 인증 모델을 적용하여 강화된 인증방식을 제안한다. 전자의무기록의 지문인증 모델은 의료업무의 특성을 반영하여 개인키 관리, 권한위임 문제를 원천적으로 해결하였다.

• 유통과학연구
• /
• 제14권4호
• /
• pp.103-110
• /
• 2016

Purpose - This study investigates the improvement of rationalization of distribution structure in Korean diamond market. It also explores the international distribution of diamond and how the distribution of Korean diamond market system was improved. This study also for providing the evaluation method in case of purchasing diamond on the consumers. Research Design, Data, and Methodology - The research investigates how international diamond distribution market has been changed since 1933 by De Beers. The international Diamond rough stone has been deregulated in supply and demand by Debeers since July, 2000, therefore, the price maintenance policy of diamond market also has been changed. In the short term, the diamond price in market has been down, whereas, in the long term, the market share of Debeers has affected the high quality of diamond price in world market. Before 1985, both G color and VVS1 clarity were used as the level of percentages in the diamond certificate of authenticity in Korea. But, after 1985, the diamond certificate of authenticity uses Diamond Grading Report. Results - Between the 1970's and 1980's, Debeers had controlled about 80 percentages of international diamond supply market. But, Debeers share in diamond market fell by 60 percentages in 2000's. Debeers supplied 31%(4390 carets) of international diamond supply and 41%(39 billion dollars) in 2003. However, Debeers shares 50% of market shares in the diamond supply market by Alosa in Russia. In Korea, the diamond grading report system has been used since 1985. But, the diamond grading report system has price bubbles and much irrational parts in grading system methods. Conclusions - 4C, the grading system of diamond, is a method for comparing and evaluating diamond objectively. Diamond is graded according to its color, cut, clarity, and carat. The price of diamond is determined based on its each item. Consumers purchase diamond for the purpose of investment and wearing. In terms of investment, it is recommended to purchase diamond with color of D grade, cut with Excellent or Very Good Cut grade, Clarity of FL or IF, and more than 3 carat. As for wearing purpose, it is highly recommended for diamond to have color of F or G grade, cut of Excellent or Very Good Cut, clarity of VS2 or SI1, and more than 1 carat Before 2000, Central Selling Organization(CSO) distributed about 80 percentages rough diamond to world market exclusively by purchase, classification, assessment, and sales. After 2000, Dbeers diamond company looses slowly market shares, while Almosa diamond company etc. in Russia are taking over world market shares more and more. Debeers market shares have been falling over the years, and the international diamond markets are gradually growing by other international diamond companies. But, there is no change in Korean diamond market after 1980's. Korean diamond distribution needs to follow international level of Diamond Grading System. By using different grading systems with different panel members, Korean diamond grading system needs to follow international perfect grading systems to grow diamond markets and maintain within top 10 diamond markets countries.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권1호
• /
• pp.437-454
• /
• 2020

According to the privacy regulations of the health insurance portability and accountability act (HIPAA), patients' control over electronic health data is one of the major concern issues. Currently, remote access authorization is considered as the best solution to guarantee the patients' control over their health data. In this paper, a new biometric-based key management scheme is proposed to facilitate remote access authorization anytime and anywhere. First, patients and doctors can use their biometric information to verify the authenticity of communication partners through real-time video communication technology. Second, a safety channel is provided in delivering their access authorization and secret data between patient and doctor. In the designed scheme, the user's public key is authenticated by the corresponding biometric information without the help of public key infrastructure (PKI). Therefore, our proposed scheme does not have the costs of certificate storage, certificate delivery, and certificate revocation. In addition, the implementation time of our proposed system can be significantly reduced.

• 인터넷정보학회논문지
• /
• 제13권2호
• /
• pp.59-71
• /
• 2012

PKI에 기반을 둔 공개키 방식은 인증성과 비밀성에서 뛰어난 반면 적용된 시스템에서 인증서와 키 관리는 큰 부담이다. 또한 암복호 복잡도(complexity)가 크기 때문에 WSN(Wireless Sensor Network)의 제한된 컴퓨팅 장치에서는 사용하기가 어렵다. 이에 키관리 부담을 없앤 IBE(ID Based Encryption) 방식에서 Bilinear Pairing 방식은 수행속도가 뛰어나고 충분히 안전한 DDH(Decisional Diffie Hellman) 알고리즘으로 인/검증을 처리하는 차세대 암호방식이다. Bilinear Pairing의 이론을 구현한 Elliptic Curve Weil Pairing의 알고리즘은 단순하고 CCA(공격)에 IND/NM의 강력한 보안조건을 만족한다. 동작측면에서 Random Oracle Model을 가정한 IBE PKG는 단일 기밀문서 파일서버로 작동하는 우리의 목적 시스템의 구조에 적합하다. 따라서 본 논문는 Weil Pairing Based IBE 방식을 폐쇄적 기밀문서 유통망[2]에 적합하도록 암복호 및 인검증 알고리즘을 개선하고 본 유통망에 적용된 효율적 프로토콜을 제안한다. 본 논문은 먼저 암호화, 무결성 그리고 사용자 인증을 O(DES) 수준으로 수행하는 개선된 알고리즘을 제안하며 한 번의 암호화 처리에서 비밀성, 무결성과 인증성을 달성하는 정보를 암호문에 포함된다. 둘째 PKI 인증서의 효과를 가진 공개 식별자를 적용하여 키 노출의 위험을 줄인 개선된 IBE 방식을 제안한다.

• 정보보호학회논문지
• /
• 제28권6호
• /
• pp.1343-1354
• /
• 2018

표준 인증유지기술로 널리 사용되고 있는 OAuth 2.0 Bearer 토큰, JWT(JSON Web Token) 기술은 고정된 토큰을 반복 전송하는 방식을 이용하고 있어서 네트워크 공격자에 의한 도청공격에 취약하기 때문에 HTTPS 보안통신 환경에서 사용해야 한다는 제약이 있다. 평문통신 환경에서도 사용할 수 있는 인증유지기술로 제안된 OAuth 2.0 MAC 토큰 기술은 서버가 인증된 클라이언트에게 공유된 비밀키를 발급하고 인증요청시 이를 이용하여 MAC 값을 계산하여 제시하는 방식을 사용하는데 서버는 사용자별 공유비밀키를 관리해야 하므로 무상태(stateless) 인증을 제공할 수 없다는 단점이 있다. 이 논문에서는 서버측에서 사용자별 공유비밀키를 관리하지 않고도 무상태 MAC 토큰 인증을 수행할 수 있도록 개선된 난수화 토큰인증 프로토콜을 제시한다. 전체 인증과정에서 HTTPS를 사용할 필요가 없도록 하기 위하여 서버인증서를 이용한 초기인증보안, 인증서토큰을 이용한 전자서명 간편로그인 등의 기술을 난수화 토큰인증 기술과 결합하여 적용함으로써 완전한 무상태형 인증서비스를 제공할 수 있도록 설계하였으며 그 구현 사례를 제시한다.

• 통상정보연구
• /
• 제10권1호
• /
• pp.193-214
• /
• 2008

This study aims to examine similarities and differences of each e-B/L types as well as identify problems of e-B/L utilization and directions for improvement. Especially, it suggests strategies for the realization of e-B/L through reviewing and analyzing commercial types of e-B/L, which have been developed so far. Although e-B/L succeeded in realizing the function as a certificate of title and its distribution value, it has not been fully implemented due to operational problems. Subsequently, e-B/L was realized in the Bolero project as an attempt of system to make up for shortcomings in the failure of previous e-B/L types, but it has still a number of problems. To solve this problem and make use of e-B/L more efficiently, this study focuses on the specific ways to introduce e-B/L and suggest directions for the development of e-Nego system. Preparation of electronic documents is a prerequisite for the development of the e-Nego system, taking distribution of electronic documents into consideration. Next, compatibility of electronic documentation and paper-based documents should be realized, with the guarantee of authenticity of electronic documents.