• Journal of Digital Convergence
• /
• v.19 no.10
• /
• pp.287-293
• /
• 2021

Recently, public certificates issued by nationally-recognized certification bodies have been abolished, and internet companies have issued their own common certificates as certification authority. The Electronic Signature Act was amended in a way to assign responsibility to Internet companies. As the use of a joint certificate issued by Internet companies as a certification authority is allowed, it is expected that the fraud damage caused by the theft of public key certificates will increase. We propose an authentication model that can be used in a security gateway that combines PKI with a blockchain with integrity and security. and to evaluate its practicality, we evaluated the security of the authentication model using Sugeno's hierarchical fuzzy integral, an evaluation method that excludes human subjectivity and importance degree using Delphi method by expert group. The blockchain-based joint certificate is expected to be used as a base technology for services that prevent reckless issuance and misuse of public certificates, and secure security and convenience.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.131-136
• /
• 2007

Ad hoc networks enable efficient resource aggregation in decentralized manner, and are inherently scalable and fault-tolerant since they do not depend on any centralized authority. However, lack of a centralized authority prompts many security-related challenges. Moreover, the dynamic topology change in which network nodes frequently join and leave adds a further complication in designing effective and efficient security mechanism. Security services for ad hoc networks need to be provided in a scalable and fault-tolerant manner while allowing for membership change of network nodes. In this paper, we investigate distributed certification mechanisms using a threshold cryptography in a way that the functions of a CA(Certification Authority) are distributed into the network nodes themselves and certain number of nodes jointly issue public key certificates to future joining nodes. In the process, we summarize one interesting report [5] in which the recently proposed RSA-based ad hoc signature scheme, called URSA, contains unfortunate yet serious security flaws. We then propose new scheme by fixing their security flaws.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.233-236
• /
• 2008

Wire wireless integrated service of BcN(Broadband convergence Network) is expanding. Information Security issue is highlighted for opposing attack of getting information illegally on wire wireless network. The user of PKI(Public Key Infrastructure) cipher system among Information security technology receives various security services about authentication, confidentiality, integrity, non-repudiation and access control etc. A mobile client and server are loaded certificate and wireless internet cryptography module for trusted data send receive. And data sends receives to each other after certification process through validity check of certificate. Certificate and data security system is researched through PKI on wireless network environment and data security system in this paper.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.1
• /
• pp.69-78
• /
• 2015

Internet of Things(IoT) is electronic devices and household appliances use wireless sensor network in environment of high speed wireless network and LTE mobile service. The combination of the development of Internet and wireless network led to development of new forms of service such as electronic devices and household appliances can connect to the Internet through various sensors and online servers such as a Home Network. Even though Internet of Things is useful, there are problems in Internet of Things. In environment of Internet of Things, information leakage could happens by illegal eavesdropping and spoofing. Also illegal devices of wireless communication interference can cause interfere in Internet of things service, physical damage and denial of service by modulation of data and sensor. In this thesis, it will analyze security threats and security vulnerability in environment of mobile services and smart household appliances, then it will suggest plan. To solve security issues, it is important that IT and RFID sensor related companies realize importance of security environment rather than focus on making profit. It is important to develop the standardized security model that applies to the Internet of Things by security-related packages, standard certification system and strong encrypted authentication.

• The Journal of Korean Institute of Information Technology
• /
• v.17 no.7
• /
• pp.123-131
• /
• 2019

In this paper, related studies were investigated by dividing them into cost-benefit analysis, security continuity services, and SW-centric calculations. The case analysis was conducted on A institutions in the United States, Japan and South Korea. Based on this, an improvement model was prepared through comparison with the current system. The SCS(Security Continuity Service) performance evaluation system-based information protection service cost calculation model is proposed. This method applies a service level agreement(SLA) and NIST Cybersecurity framework that are highly effective through cost-effectiveness analysis and calculates consideration based on characteristics, performance criteria, and weights by information protection service. This model can be used as a tool to objectively calculate the cost of information protection services at public institutions. It is also expected that this system can be established by strengthening the current recommended statutory level to the enforceability level, improving the evaluation system of state agencies and public institutions, introducing a verification system of information protection services by national certification bodies, and expanding its scope to all systems.

• Journal of the Korean Society of Industry Convergence
• /
• v.20 no.2
• /
• pp.177-186
• /
• 2017

With the latest developments in ICT(Information Communication Technology) technology, research on Intelligent Car, Connected Car that support autonomous driving or services is actively underway. It is true that the number of inputs linked to external connections is likely to be exposed to a malicious intrusion. I studied possible security issues that may occur within the Connected Car. A variety of security issues may arise in the use of CAN, the most typical internal network of vehicles. The data can be encrypted by encrypting the entire data within the CAN network system to resolve the security issues, but can be time-consuming and time-consuming, and can cause the authentication process to be carried out in the event of a certification procedure. To resolve this problem, CAN network system can be used to authenticate nodes in the network to perform a unique authentication of nodes using nodes in the network to authenticate nodes in the nodes and By encoding the ID, identifying the identity of the data, changing the identity of the ID and decryption algorithm, and identifying the cipher and certification techniques of the external invader, the encryption and authentication techniques could be detected by detecting and verifying the external intruder. Add a monitoring node to the CAN network to resolve this. Share a unique ID that can be authenticated using the server that performs the initial certification of nodes within the network and encrypt IDs to secure data. By detecting external invaders, designing encryption and authentication techniques was designed to detect external intrusion and certification techniques, enabling them to detect external intrusions.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.1
• /
• pp.49-56
• /
• 2013

Among U-healthcare services adapting the latest IT technique and medical technique, a body-injecting device technique providing medical service to a patient who has incurable disease. But the body-injecting device technique can be easily exposed during wireless section to the third person and it can be used illegally. This paper proposes certification protocol which certifies a patient and hospital staff using random number created by certification server and a patient with hospital staff by synchronization. Specially, the proposed protocol uses security information created by information registered in certification server previously by a patient and hospital staff so that in keeps from accessing of third person who didn't get approval. And it gives more stability.

• Journal of Digital Convergence
• /
• v.12 no.10
• /
• pp.299-308
• /
• 2014

Today, a number of users using smartphone is very rapidly increasing by development of smartphone performance and providing various services. Also, they are using it for enjoying various services(cloud service, game, banking service, mobile office, etc.). today's mobile security solution is simply to detect malicious code or stay on the level of mobile device management. In particular, the services which use sensitive information, such as certificate, corporation document, personal credit card number, need the technology which are prevented from hacking and leaking it. Recently, interest of these mobile security problems are increasing, as the damage cases been occurred. To solve the problem, there is various security research such as mobile virtualization, ARM trustzone, GlobalPlatform for mobile device. Therefore, in this paper, I suggested efficient method that uses the mobile virtualization techniques of certification, security policy and access control, password/key management, safe storage, etc. and Trustzone of ARM for preventing information leakage and hacking.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.53-64
• /
• 2005

In this paper, proposes Kerberos certification mechanism that improve certification service of PKINIT base that announce in IETF CAT Working Croup. Also proposed Authentication Mechanism for reusability of Ticket that after Ticket's Lifetime is ended, message exchange that Local Client receives Remote Server's service. Since my suggestion to regional services are not described in Kerberos, authentication between regions can be performed via PKINIT(Public Key Cryptography for Initial Authentication) presented by IETF(Internet Engineering Task Force) CAT working group. The new protocol is better than the authentication mechanism proposed by IETF CAT Working group in terms of communication complexity and mechanism according to simplified Ticket issue processing.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.7 no.12
• /
• pp.955-963
• /
• 2017

Nowadays, fintech becomes the key technology of the mobile banking and payments. Financial market is moved to fintech-based non-face-to-face trade/payment from traditional face-to-face process in Korea. Core of this transition is the smartphones, which have several sensitive sensors for personal identifications such as fingerprint and iris recognition sensors. But it has some originated security risks by data path attacks, for instance, hacking and pharming. Multi-level certification and security systems are applied to avoid these threats effectively, while these protections can be cause of some inconvenience for non-face-to-face certifications and financing processes. In this paper, I confirmed that it have sensible differences correspond with the data connection paths such as WiFi networks and mobile communication networks of the smartphones, and I propose a gradual certification method which alleviates the inconvenience by risk-level definitions of the data-paths.