• Journal of the Korean Society for Library and Information Science
• /
• v.41 no.2
• /
• pp.5-29
• /
• 2007

The purpose of this study is to suggest alternative credential system of librarian in Korea. For this purpose, the study analyzes various aspects of credential system in order to find out characteristics, strengths, and weaknesses. The data used in this study are drawn from current situations and problems analysis, critical literature review case study of six countries, and questionnaire survey analysis. Four different kinds of model are suggested. Those are 'Internal Competency Model', 'Minimum Credits Model', ‘Licence Examination Model', 'Graduate School Model'. This study also suggests further research to develop more adequate credential system of librarian in Korea.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.195-199
• /
• 2008

We present an attack which forges a credential without the help of the credential issuer in the protocol designed by Nakazato, Wang and Yamamura at ASIAN 2007 The attack avoids using the credential issuer's private key by taking advantage of the property of bilinear pairing. Implication of this collusion attack by user and verifiers also discussed.

• Journal of the Korean Society of Clothing and Textiles
• /
• v.33 no.5
• /
• pp.732-740
• /
• 2009

The purpose of this study is to discuss Joseon dynastyis first perspective on the Western-style Court Costume which was newly introduced to Joseon through the problems receiving the credential that Japan had sent in new style. For this study, the records of Joseon and Japan at that period have been analyzed. The followings are the results of this research; First, a critical argument on the Western-style Court Costume occurred just before the Port Opening because whether wearing a western costume was the key factor in Joseon dynastyis receiving the credential that Japan had send in new style. Second, Japan received western costume as its domestic courtesy system by establishing the Court Costume of Civil servants in 1872 and consequently Japan established new ceremony procedure of western-style bow in 1875. Third, Joseon dynasty officially opposed to the Western-style Court Costume when Japan sent the credential, because the western costume selected by Japan had beenregarded as that of western barbarian at that time in Joseon. Accordingly, it seems reasonable that before the introduction of western costume into Joseon dynasty, an open-door policy for the West had been a prior settlement for Joseon dynasty regardless of the details of Western-style Court Costume. And also, the pride of civilization of Joseon dynasty, which has been used to express Joseon dynastyis identity as Joseon-centrism, had to be converted before the open-door policy. Ultimately, it could be inferred that the reception of the Western-style Court Costume had been raised as the political and diplomatic problems in the circumstances when the submissive relationship in the traditional Eastern- Asia had been forced to be converted to modern sovereign international relationship.

• Journal of Internet Computing and Services
• /
• v.13 no.6
• /
• pp.55-62
• /
• 2012

Grid web applications by standard Web technology are increasingly used to provide grid service to users as normal Web user interface and service. It is however difficult to integrate a grid security system such as Grid Security Infrastructure (GSI) into Web applications because the delegation way of standard Web security is not the same as the one of Grid security. This can be solved by allowing Web applications to get a Grid credential by using an online credential repository system such as MyProxy. In this paper, we investigate the problem that occurs when MyProxy, which assumes mutual trust between a user and Grid web application, is adapted for achieving security integration between Web and Grid, and we propose a new Grid proxy delegation service to delegate a Grid credential to the Web without assuming mutual trust. In the service, the X.509 proxy delegation process is added to OAuth protocol for credential exchange, and authentication can be done by an external service such as OpenID. So, users can login onto the Grid web application in a single sign-on manner, and are allowed to securely delegate and retrieve multiple credentials for one or more Virtual Organizations.

• Journal of Convergence Society for SMB
• /
• v.6 no.4
• /
• pp.31-36
• /
• 2016

User authentication is the first step to network security. There are lots of authentication types, and more than one authentication method works together for user's authentication in the network. Except for biometric authentication, most authentication methods can be copied, or someone else can adopt and abuse someone else's credential method. Thus, more than one authentication method must be used for user authentication. However, more credential makes system degrade and inefficient as they log on the system. Therefore, without tradeoff performance with efficiency, this research proposed user's behavior based authentication for secure communication, and it will improve to establish a secure and efficient communication.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.5
• /
• pp.127-138
• /
• 2022

In this paper, we present FinDID (Financial Decentralized IDentity), a blockchain-based DID(Decentralized IDentity) service that can flexibly control personal information or credentials through a systematic verification method while complying with the standard service scheme of decentralized identity for the financial sector. DID is an identity management system used in a decentralized environment without a specific certification authority, and as a technology that allows users to control their own information, it can realize self-sovereignty over users' own personal information. Through FinDID, users receive credentials that authenticate their various personal information from the issuer, select only the claims required by the target financial service using their personal electronic wallet, create presentations from credentials. Then they submit it to the financial service, leading to their qualification from the service. FinDID consists of electronic wallet, credential issuer, credential storage, DID service including DID management contract and credential management contract, and financial services using this service scheme. The DID service manages each user's DID and supports all verification processes of the associated identity management scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.769-780
• /
• 2014

In general, internet users need to remember several IDs and passwords when they use diverse web sites. From an effective management perspective, SSO system was suggested to reduce user inconvenience. Kerberos authentication, which uses centralized system management, is a typical example of a broker-based SSO authentication model. However, further research is required, because the existing Kerberos authentication system has security vulnerability problems of password and replay attacks. In SSO authentication systems, a major security vulnerability is the replay attack. When user credentials are seized by attackers, an authorized session can be obtained through a replay attack. In this paper, an improved SSO authentication model based on the broker-based model and a secure lightweight SSO mechanism against credential replay attack is proposed.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.5
• /
• pp.247-254
• /
• 2017

In a Linux system, a user with malicious intent can acquire administrator privileges through attack types that execute shells, and can leak important user information and install backdoor program. In order to solve this problem, the existing method is to analyze the causes of the elevation of privilege, fix the problems, and then patch the system. Recently, a method of detecting an illegal elevated tasks in which information inconsistency occurs through user credentials in real time has been studied. However, since this credential method uses uid and gid, illegal elevated tasks having the root credentials may not be detected. In this paper, we propose a security module that stores shell commands and paths executed with regular privileges in a table and compares them with every file accesses (open, close, read, write) that are executed to solve the case which cannot detect illegal elevated tasks have same credential.

• YAKHAK HOEJI
• /
• v.58 no.2
• /
• pp.129-140
• /
• 2014

Background: As elderly population has been increasing, pharmacists need to possess special knowledge and skills to provide enhanced pharmaceutical care for senior patients. Purpose: This study aims to systematically review on (1) the certified geriatric pharmacists (CGP) system, (2) the curriculum related to geriatric pharmacy education, and (3) the CGP's performance in terms of clinical, economic and humanistic outcomes in the U.S. Method: The information related to CGP system and curriculum was obtained through the official websites of 'American Society of Consultant Pharmacists', 'Commission for Certification in Geriatric Pharmacy' and the selected pharmacy school samples. Articles about on the outcomes of pharmacist-provided cognitive services including Medication Therapy Management were searched through PubMed. Results: To gain the CGP credential, pharmacists need 2-year experience as pharmacist in advance and take the CGP examination. This certification must be renewed every 5 year. Most pharmacy schools provide geriatric-related curriculum through didactic or pharmacy practice classes for pharmacy students and certificate or dual degree in gerontology are given on completion. Most previous outcomes research reported that pharmacists have played a role in yielding favorable results regarding clinical, economic and humanistic outcomes for nursing facilities, hospitals and community pharmacy settings. Conclusion: Considering the organized CGP certification system and concrete educational courses established the basis for pharmacists to exert their ability for senior patients of the U.S., it is suggested to build a geriatric pharmacist credential model for pharmacists to provide the increasing elderly patients with the requisite safe and effective pharmacy care in Korea.

• Journal of Industrial Convergence
• /
• v.21 no.7
• /
• pp.41-49
• /
• 2023

In recent years, various educational institutions have used online certificate services to verify academic achievement related to graduation and grades. However, the certificate of the existing system has limitations in verifying and tracking whether it is true or not and detailed academic background. In this regard, cases of forgery/falsification of online/offline certificates continue to occur. This study proposes a blockchain-based verification method that is safe from forgery and alteration, focusing on university institutions. Necessary information such as detailed class categories for each department, attendance, and detailed grades was collected/analyzed to create a linkage relationship through blockchain. In addition, the system/network environment required for blockchain sharing was considered, and it was implemented as an extension module in the form of an independent web application. As a result of the block chain verification, it was proved that the safe trust verification of educational information and the relationship between detailed information can be traced. This study aims to contribute to the improvement of academic credential verification services and information security for Korean educational institutions in the future.