• Journal of Digital Contents Society
• /
• v.12 no.2
• /
• pp.165-176
• /
• 2011

Recently, digital rights management (DRM) related researches are widely spreading with prosperity of IT industries. The DRM technology protects proprietor of copyright by preventing mischanneling and illegal copy. In this paper, we propose a new DRM model that has an enhanced and efficient protocol based on certificate using smart card. The proposed model overcomes weaknesses of WCDRM model and has following additional advantages: first, copy protection is enhanced by hiding user's specific information from attacker by storing the information within smart card; second, server load for contents encryption is reduced by making clear protocols among author, distributer, certificate authority, and users; third, offline user authentication is guaranteed by combining partial secret values in media players and smart card. Exposure of core information also is minimized by storing them in smart card. In addition, we show that the proposed system is more secure than WCDRM model by comparing various factors of anonymous attackers.

• Journal of Digital Convergence
• /
• v.20 no.4
• /
• pp.637-643
• /
• 2022

Beauty in the modern society is a professional occupation in which art and science are fusion-integrated, and in order to enter as a beautician, obtaining a national technical certificate is a routine customs clearance procedure. As it is time to present objective data on the national technology license and employment fields preferred by prospective beauticians, it is a time to analyze the perceptions and trends of the national technical license of the beautician preferred by beauty academy students who design success in the future beauty industry. Did. As a result of the analysis, the preferred national skill certificate and the desired employment field showed a very high correlation, and the personality and interests of the male, younger, unmarried, and student groups were selected as the priority, while the 30s or older, married or divorced, self-employed, and office workers, Housewives had a much higher rate of employment prospects. Through this study, it is possible to seek the essential tendency and development direction of beauty talents, and it is thought that it will set a desirable direction for R&D for education of national technical qualifications in the future and greatly contribute to the activation of the beauty academy market.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.4
• /
• pp.800-806
• /
• 2015

WAVE(Wireless Access in Vehicular Environments) system is wireless communication technology that vehicle sends and receives packets between vehicles or between vehicles and infrastructure in a high-speed mobile environment. In this study, we have designed and implemented a CRL(Certificate Revocation List) download protocol that is used to verify certificate revocation status of the other party when the vehicles communicate with WAVE system. This protocol operates over UDP. And to support security features, also, ECDSA(Elliptic Curve Digital Signature Algorithm) is used for mutual authentication and ECIES(Elliptic Curve Integrated Encryption Scheme) is used to ensure the confidentiality. Moreover, this protocol ensures the integrity of data by adding MAC(Message Authentication Code) to the end of packet and support the error and flow control mechanisms.

• Journal of Digital Convergence
• /
• v.19 no.10
• /
• pp.287-293
• /
• 2021

Recently, public certificates issued by nationally-recognized certification bodies have been abolished, and internet companies have issued their own common certificates as certification authority. The Electronic Signature Act was amended in a way to assign responsibility to Internet companies. As the use of a joint certificate issued by Internet companies as a certification authority is allowed, it is expected that the fraud damage caused by the theft of public key certificates will increase. We propose an authentication model that can be used in a security gateway that combines PKI with a blockchain with integrity and security. and to evaluate its practicality, we evaluated the security of the authentication model using Sugeno's hierarchical fuzzy integral, an evaluation method that excludes human subjectivity and importance degree using Delphi method by expert group. The blockchain-based joint certificate is expected to be used as a base technology for services that prevent reckless issuance and misuse of public certificates, and secure security and convenience.

• Journal of Convergence for Information Technology
• /
• v.10 no.7
• /
• pp.7-13
• /
• 2020

IoT which is the core IT of the 4^th industrial revolution, is providing various services from users in the conversion with other industries. The IoT convergence technology is leading the communication paradigm of communication environment in accordance with the increase of convenience for users. However, it is urgently needed to establish the security measures for the rapidly-developing IoT convergence technology. As IoT is closely related to digital ethics and personal information protection, other industries should establish the measures for coping with threatening elements in accordance with the introduction of IoT. In case when security incidents occur, there could be diverse problems such as information leakage, damage to image, monetary loss, and casualty. Thus, this paper suggests a certificate management technique for safe control over access in IoT-based Cloud convergence environment. This thesis designed the device/user registration, message communication protocol, and device renewal/management technique. On top of performing the analysis on safety in accordance with attack technique and vulnerability, in the results of conducting the evaluation of efficiency compared to the existing PKI-based certificate management technique, it showed about 32% decreased value.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.10a
• /
• pp.463-466
• /
• 2016

Sharing of product and process information with partners is a basic activity and key requirement which ensures success of distribution. ePedigree that encapsulates all of the event data from manufacturer to retail shop provides a flexible mechanism of storing and sharing traceable information to the partners of supply chain and credibility of shared information through digital signature based on Public Key Infrastructure (PKI). To generate the signature that can be authenticated through PKI, the partners of supply chain should pay for PKI certificates from Certificate Authority (CA). In case of agrifood cooperatives which consist of petty merchants or farmers, it is hard to pay for the PKI certificate for all members and is a big obstacle for the ePedigree to be applied to the supply chain. This paper proposes a private certification method of ePedigree for cooperatives. Cooperatives can apply the ePedigree using the proposed method to all the members at small cost and the proposed method can assure the credibility of information at the same level of the previous ePedigree.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.34
• /
• pp.157-185
• /
• 2007

The purpose of this thesis is to contribute to the activation of e-contract service for one stop e-trade by analyzing the problems and its solutions in e-contract service at home and abroad. In order to achieve the purpose of this thesis, case studies are done on e-contract service providers such as CECTRUST service of NTT DATA in Japan and HanCM.com of Haansoft in Korea and user companies such as Taisei Corporation using CECTRUST service and Hyundai Card using HanCM.com. The problems in the e-contract service are the lack of e-contract service providers, rare publicity of e-contract service, limited use of e-contract service at only home, higher pricing for e-contract service, short time management of e-contract documents by service providers, no application of newly developed security technology to e-contract service, unsatisfaction of requirements of e-contract service provider as trusted third party, absence of lower pricing e-contract service by service provider, authorizing key error in electronic signature under recognized authentication system in case of fail in renewal of digital certificate and reproduction of digital certificate. The solutions of these problems are the upbringing of e-contract service providers, broad publicity of e-contract service, development of e-contract service on a global basis, establishment of lower pricing for e-contract service, long time management of e-contract documents by service providers, application of newly developed security technology such as bio technology to e-contract service, satisfaction of requirements of e-contract service provider as trusted third party by designation of recognized e-document repository, development of lower e-contract service by way of application service provider(ASP), introduction of time stamping of e-contract document and signature key value. The limitation of this thesis is that the problems and its solutions could not meet with the broad recognition as they are conferred by intuition because of few e-contract service provider.

• Journal of Korea Multimedia Society
• /
• v.7 no.12
• /
• pp.1719-1728
• /
• 2004

The fusion of Internet technology and applications with wireless communication provides a new business model and promises to extend the possibilities of commerce to what is popularly called mobile commerce, or m-commerce. In mobile Internet banking service through wireless local area network, security is a most important factor to consider. We describe the development of security service for mobile Internet banking on Personal Digital Assistants (PDAs). Banking Server and Authentication Server were developed to simulate banking business and to support certificate management of authorized clients, respectively. To increase security, we took hybrid approach in implementation: symmetric block encryption and public-key encryption. Hash function and random number generation were exploited to generate a secret key. The data regarding banking service were encrypted with symmetric block encryption, RC4, and the random number sequence was done with public-key encryption. PDAs communicate through IEEE 802.IIb wireless LAN (Local Area Network) to access banking service. Several banking services and graphic user interfaces, which emulatedthe services of real bank, were developed to verity the working of each security service in PDA, the Banking Server, and the Authentication Server.

• Journal of Digital Convergence
• /
• v.10 no.6
• /
• pp.153-158
• /
• 2012

Digital contents market has been drastically increasing under Clouding Computing and Smart Phone environment. The Contents industry is going to be more essential portion than manufacture or service industry in the near future. One good example of high value-added contents is the Harry Potter series which exceeds 10 years' net profit of Hundai automobile company. This one example shows us very well that digital contents market as a core-engine for culture industry development is economically influential and attractive as well. This study focuses on activation of Digital Copyright Exchange in knowledge service convergence era. First, it examines other services like stock exchange, electronic documents and authentication certificate etc. which are similar to DCE service. Then it analyzes what factors make copyright industry have interested in the DCE the through technology acceptance model. Based on the results of the analysis, finally, this study evaluates how the DCE contributes to copyright industry overall including fair utilization of works.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.3
• /
• pp.87-97
• /
• 2014

Pharming attack is a confidence trick that the hacker catch away customers financial information on Internet banking. At first, a hacker installs malicious execution code on customers PC in secret. As a customer tries to connect a Internet banking Web site, the malicious code changes it to phishing site in Internet explorer. The hacker catch away customers financial information in process of internet banking. The hacker steals money from customer's bank account using stolen information. PKI is a widespread and strong technology for providing the security using public key techniques. The main idea of PKI is the digital certificate that is a digitally signed statement binding an user's identity information and his public key. The Internet banking service stands on the basis of PKI. However, the bank is trusted in natural, the only customer is certified in the present Internet banking. In this paper, we propose a method of cross certification in Internet banking. The customer certify a bank and the bank certify the customer in proposed method. The method can service to customer the secure Internet banking about pharming attack. We compare the proposed method with other methods.