• Journal of Information Technology Services
• /
• v.3 no.2
• /
• pp.85-98
• /
• 2004

As the e-Commerce based on the XML technology is getting bigger, user authentication, integrity, non-repudiation and confidentiality has become important for security. Since the XML technology is widely used for exchanging information among the Internet e-business systems, the security of XML documents is essentially required and XML digital signature should be supported. To support the digital signature of XML documents, W3C proposed the XML-Signature specification as an international standard that describes five transform algorithms. In this paper, we design and implement a XML/PKI based digital tax invoice system. Our system supports the five transforming algorithms defined in the XML-Signature specification and exchanges digital tax invoices among enterprises securely. We design and implement the flexible and efficient system consists of reusable components using CBD(Component Based Development).

• International journal of advanced smart convergence
• /
• v.9 no.3
• /
• pp.246-252
• /
• 2020

Facial recognition is a biometric technology that is used in various fields such as user authentication and identification of human characteristics. Face recognition applications are practically used in various fields, but very few applications have been developed to improve the factory work environment. We implemented applications that uses face recognition to identify a specific employee in a factory .work environment and provide customized information for each employee. Factory workers need documents describing the work in order to do their assigned work. Factory managers can use our application to register documents needed for each worker, and workers can view the documents assigned to them. Each worker is identified using face recognition, and by tracking the worker's face during work, it is possible to know that the worker is in the workplace. In addition, as a mobile app for workers is provided, workers can view the contents using a tablet, and we have defined a simple communication protocol to exchange information between our applications. We demonstrated the applications in a factory work environment and found several improvements were required for practical use. We expect these results can be used to improve factory work environments.

• Journal of Digital Contents Society
• /
• v.12 no.1
• /
• pp.95-105
• /
• 2011

It has become commonplace to use web-based business process systems in a variety of fields, and electronic litigation is not an exception. In electronic procedures where court records are at the core of the system, the electronic document architecture should be designed in a way that electronic documents are safely circulated and utilized on the web with a consideration of the authentication of records, particularity of cases and document security such as prevention of forgery or falsification. Based on a study of electronic formats suitable for court records, the Extensible Markup Language (XMP) for management of special case information and security requirements for circulation of electronic documents, this paper suggests an adequate architecture for electronic documents designed for electronic litigation involving constitutional matters and looks into cases where such architectures are applied. The studies in this paper will serve as a useful reference for those planning to realize web-based business process that enables exchanges of electronic documents.

• The Journal of the Korea Contents Association
• /
• v.11 no.5
• /
• pp.481-488
• /
• 2011

Generally speaking, a document is a mutual promise between two parties and functions as a legally-binding trust for a transaction. A document should be produced on a mutual agreement basis, and its credibility shall be attained if the transparency of a document production is ensured. Therefore, sequence analysis of the procedures in a document production is very important for appraisal of a document. The purpose of this research is to distinguish sequence association between the erased carbon ingredients of a pencil and the ingredients left in a ball-point pen and thus suggest a method that determines whether mutual agreement was applied or not in signing an insurance policy. This method analyzes if the carbon ingredients of a pencil are left in the bottom section of a ball-point pen through infrared photography. If the carbon ingredients of a pencil are left in the bottom section of a pen, the pen shall absorb infrared rays and mark a dense concentration. This method applies a relatively simple infrared photography system and therefore shall be beneficial to a personal appraisal store.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.8
• /
• pp.1466-1477
• /
• 2016

Public key infrastructure(PKI), principle technology of the certificate, is a security technology providing functions such as identification, non-repudiation, and anti-forgery of electronic documents on the Internet. Our government and financial organizations use PKI authentication using ActiveX to prevent security accident on the Internet service. However, like ActiveX, plug-in technology is vulnerable to security and inconvenience since it is only serviceable to certain browser. Therefore, the research on HTML5 authentication system has been conducted actively. Recently, domestic bank introduced PKI authentication complying with web standard for the first time. However, it still has inconvenience to register a certification on each website because of same origin policy of web storage. This paper proposes the certificate based SSO protocol that complying with web standard to provide user authentication using certificate on several sites by going around same origin policy and its security proof.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.1
• /
• pp.149-157
• /
• 2003

Recently, the Internet enhanced by development of IT makes the processing and exchanging of information, As the Internet is sending and receiving digitized documents over the Internet e-mail system. The security of document information is being threated when exchanging digitized documents over an open network such as the Internet. The degree of threat is even higher when sensitive documents are involved Therefore, in this paper, the secure e-mail system on a client is designed and implemented in order to make secure exchanging of digitized documents. By using the public key infrastructure in which encrypted mail transmission, proof of delivery and integrity of the message are garanted, unauthorized manipulation, illegal acquisition and mutual authentication problem can be prevented in order to secure the document information which is crucial and sensible when exchanging the digitized document over the Internet. Futhenmore, by using the SET protocol based on public key cryptography, the secure mail system is designed and implemented in order for the users not having any professional knowledge to deal with the system easily and friendly in GUI environment.

• Journal of Internet Computing and Services
• /
• v.11 no.4
• /
• pp.143-158
• /
• 2010

The illegal leakage of enterprise digital confidential information will threaten the enterprise with bankruptcy. Today since most small-and-medium companies have no capability to fight against illegally compromising their critically confidential documents in spite of knowing the leakage of them, strongly safe distribution system of the digital confidential documents should be designed so in secure as to prevent any malicious intent of embezzlement from accessing the critical information. Current DRM-based protection system is not always perfect to protect the digital secrets, even seems to leave the secrets open. Therefore our study has analyzed the illegal leakage paths that hackers attack against and the vulnerability of the current protection systems. As result, we study the group communication based system architecture satisfying the security conditions to make even legitimate working employee keep out of the confidential documents, without performance degradation. The main idea of this architecture is to stay every secrets in encrypted form; to isolate the encrypted documents from the crypto-key; to associate every entity with one activity and to authenticate every entity with DSA-based public key system; multiple authentication method make hackers too busy to get a privilege to access the secrets with too many puzzle pieces. This paper deal with the basic architectural structure for the above issues.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.139-150
• /
• 2008

Recently, financial institutes and industrial companies are adopted to security token such as OTP, smart card, and USB authentication token and so on for secure system management and user authentication. However, some research institutes have been introduced security weaknesses and problems in security tokens. Therefore, in this paper, we analyses of security functions and security requirements in security token performed by analyses of standardization documents, trends, security problems, attack methods for security tokens. Finally, we propose a CC v.3.1 based security token protection profile.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.12
• /
• pp.2601-2608
• /
• 2010

It is difficult to merge text document and to remake use of documents on the most collaborative document authoring system using text document, and also to provide the storage place for saving and keeping documents. It has vulnerable drawbacks about the security though it provides the accessible abilities due to basing it on Web. In this paper, we design and implementation the collaborative document authoring system for XML document to improve a couple of problems on these systems. For these, we based on the DOM to manipulate the modeling object documents and utilized RMI on this system without considering socket communication when it transmits and receives Java objects. We improved the security through processes of authentication. By providing templates and editing functions such as annotation, visualization of document structures, we made easier making collaborative document authoring more than ever.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.389-395
• /
• 2014

In a biometric signature scheme, a user's biometric key is used to sign the document. It also requires the user be authenticated with biometric recognition method, prior to signing the document. Because the biometric recognition is launched every time the signature session started, it is not suitable for electronic commerce applications such as shopping malls where large number of documents to sign are required. Therefore, to commercialize biometric based signature schemes, the new proxy signature scheme is needed to ease the burden of the signer. In the proxy signature scheme, the signer can delegate signing activities to trustful third parties. In this study, the biometric based signature delegation method is proposed. The proposed scheme is suitable for applications where a lot of signing are required. It is consisted of biometric key generation, PKI based mutual authentication, signature generation and verification protocols.