• Journal of Advanced Navigation Technology
• /
• v.14 no.1
• /
• pp.27-32
• /
• 2010

In this paper, we research a virtual card generation system to secure e-commerce. Network security has increased the need to meet rapidly growing trend. And the amount and quality of e-commerce expansion due to the need for secure commerce transactions has increased even more. Instead of exposing the actual credit card number, we expose a virtual card number on the network. It can prevent the risk of hacking. We proved that through various experiments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.1
• /
• pp.77-87
• /
• 2000

타원곡선 이산대수 문제에 기초한 공개키 암호시스템에서 타원곡선 멱승은 반드시 필요한 연산이며 연산들 중에서 가장 복잡도가 크다. 따라서 효율적인 암호시스템 구현을 위해서는 타원곡선 멱승연산을 효율적으로 구현하는 것이 중요하다. 본 논문에서는 복합 좌표계(mixed coordinate system)를 이용한 멱승 방법을 GF(pm)상에서 정의되는 타원 곡선을 적용하여 최적의 효율성을 갖는 타원곡선 멱승 구현법을 제안한다. 또한 ‘곱셈을 이용한 역원 연산 알고리즘(IM; Inversion with Multiplication)’을 이용하여 더욱 효율적인 구현이 가능함을 보인다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.6
• /
• pp.1191-1196
• /
• 2017

Lately, the three mobile telecom companies in Korea are competing for the launch of Internet of Things services for using home. Typical launched services are in the smart home related fields. However, Internet of Things as mobile telecom based are at an early stage, expected that various services will be started continuously. At this point, we have been planning to analyze the preference of Internet of Things for objects based on the services already launched. In order to apply the analytic hierarchy method, the first stage factors were designed as Safety, Security, Health care, Intelligence and Home appliances. In addition, the second stage factors were organized into 18 detailed services presented in the conceptual model. As a result, Health care (23.2%) was the most preferred priority. These results can be interpreted as the result of interest in health by improving income. We presented the theoretical and practical implications of these results.

• Journal of Korea Multimedia Society
• /
• v.15 no.8
• /
• pp.1048-1058
• /
• 2012

This paper proposes the DDMPF(Distributed Data Management Protocol using FAT) which prevents data loss and keeps the security of self-organized storages by comprising a client, a storage server, and a verification server in clouding environment. The DDMPF builds a self-organized storage server, solves data loss by decentralizing the partitioned data in it in contrast to the centralized problem and the data loss caused by the storage server problems of existing clouding storages, and improves the efficiency of distributed data management with FAT(File Allocation Table). And, the DDMPF improves the reliability of data by a verification server's verifying the data integrity of a storage server, and strengthens the security in double encryption with a client's private key and the system's master key using EC-DH algorithm. Additionally, the DDMPF limits the number of verification servers and detects the flooding attack by setting the TS(Time Stamp) for a verification request message and the replay attack by using the nonce value generated newly, whenever the verification is requested.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.06c
• /
• pp.316-318
• /
• 2006

유비쿼터스 환경에서는 개체가 특별히 소비자를 지정하지 않고 메시지를 송신하는 것과 같은 메시지 전송방법을 자주 사용하게 된다. 이런 통신 방법으로 기존에는 N:1 클라이언트/서버 통신 방법을 기반기술로 하였으나 컴퓨팅 기기들이 점점 산재되고, 기기들의 이동성 또한 증가되면서, 이러한 통신 모델은 여러 형태의 분산 컴퓨팅 환경에 적용하기에는 불충분하게 되었다. 유비쿼터스 컴퓨팅 환경을 포함한 오늘날의 많은 분산 컴퓨팅 환경에서는 여러 응용들의 메시지 상호작용을 위해 간접 통신 모델을 사용하고 있다. 전통적인 통신 모델을 사용하는 대신에 같은 간접 통신 모델을 이용하면, 분산 환경에서의 응용들 사이의 결합도를 감소시키고 많은 정적인 요구들을 제거할 수 있는 이점이 있다. 본 논문에서는 신뢰할 수 있는 유비쿼터스 환경을 만들기 위해 UPnP 기반의 안전한 메시지 통신 서비스를 설계하고 구현한다. 구현된 서비스는 내용기반의 검색이 가능하고, SPKI/SDSI 인증서를 이용하여 정당한 권한을 지닌 제공자와 소비자만이 메시지를 주고받을 수 있도록 한다.

• The Korean Journal of Air & Space Law and Policy
• /
• v.34 no.1
• /
• pp.203-234
• /
• 2019

The concept of denied boarding is defined in Article 2(j) of Regulation 261/2004 thus: "denied boarding means a refusal to carry passengers on a flight, although they have presented themselves for boarding under the conditions laid down in Article 3(2), except where there are reasonable grounds to deny them boarding, such as reasons of health, safety or security, or inadequate travel documentation." So far as relevant to this case, to be entitled to compensation, if denied boarding, Article 3(2) provides a passenger must first come within the scope of the protection of the Regulation, which applies under the following conditions: "${\cdots}$.that passengers (a) have a confirmed reservation on the flight concerned and, except in the case of cancellation referred to in Article 5, present themselves for check-in, as stipulated and at the time indicated in advance and in writing (including by electronic means) by the air carrier, the tour operator or an authorised travel agent, or, if no time is indicated, not later than 45 minutes before the published departure time." This paper reviews the EU Cases such as Rodríguez Cachafeiro v. Iberia [2012] Case C-321/11; Finnair Oyj v. Timy Lassooy [2012] Case C-22/11; Caldwell v. easyJet Airline Co. Ltd. [2015] ScotSC 64. ECJ and Sheriff court of Scotland held that the concept of denied boarding, within the meaning of Articles 2(j) and 4 of Regulation No 261/2004 establishing common rules on compensation and assistance to passengers in the event of denied boarding and of cancellation or long delay of flights, and repealing Regulation No 295/91, must be interpreted as relating not only to cases where boarding is denied because of overbooking but also to those where boarding is denied on other grounds, such as operational reasons. Also, ECJ ruled that Articles 2(j) and 4(3) must be interpreted as meaning that the occurrence of extraordinary circumstances resulting in an air carrier rescheduling flights after those circumstances arose cannot give grounds for denying boarding on those later flights or for exempting that carrier from its obligation, under Article 4(3) of that regulation, to compensate a passenger to whom it denies boarding on such a flight.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.255-258
• /
• 2004

Efficient finite field operation in the elliptic curve (EC) public key cryptography algorithm, which attracts much of latest issues in the applications in information security, is very important. Traditional serial finite multipliers root from Mastrovito's serial multiplication architecture. In this paper, we adopt the polynomial basis and propose a new finite field multiplier, inducing numerical expressions which can be applied to exhibit 3 times as much performance as the Mastrovito's. We described the proposed multiplier with HDL to verify and evaluate as a proper hardware IP. HDL-implemented serial GF (Galois field) multiplier showed 3 times as fast speed as the traditional serial multiplier's adding only Partial-sum block in the hardware.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.585-596
• /
• 2001

In this paper, a new stream cipher algorithm based on the chaos theory is proposed and is applied to a Web security system. The Web security system is composed of three parts： certificate authority (CA), Web client, and Web server. The Web client and server system include a secure proxy client (SPC) and a secure management server (SMS), respectively, for data encryption and decryption between them. The certificate is implemented based on X.509 and the RSA public key algorithm is utilized for key creation and distribution to certify both the client and server. Once a connection is established between the client and server, outgoing and incoming data are encrypted and decrypted, respectively, using one of the three cipher algorithms： chaos, SEED, and DES. The proposed chaos algorithm outperforms the other two conventional algorithms in processing time and complexity. Thus, the developed Web security system can be widely used in electronic commerce (EC) and Internet banking.

• Journal of Korea Multimedia Society
• /
• v.8 no.1
• /
• pp.79-87
• /
• 2005

In e-commerce applications, a public key cryptosystem is an important and indispensible element for the basic security operations such as authentication, digital signaturing, and key distribution. In wired network environments, the public key infrastructure certificate, which is based on X.509 specification, has been widely used. On the other hand, it still remains difficult to use the certificate information in wireless network environments due to the inherent limitations of the hand-held devices such as low computational power and short battery life. In this paper, we facilitate a codesign approach by implementing a software public-key cryptosystem and classifying its internal computation overheads quantitatively using a software profiling technique. Moreover, we propose a method to analyze the profiled data and apply it to the problem of software/hardware partitioning in a codesign approach. As an illustrative example, we analyze the computational overheads of an EC-Elfagamal application and examine a critical computational path.

• The Journal of Fisheries Business Administration
• /
• v.35 no.1
• /
• pp.57-85
• /
• 2004

To develop an blue tourism website(BTW) for electronic commerce(EC), information requirements of BTW are defined firstly. We defined information requirements of BTW from two aspects, i.e., front office and back office. Information requirements for front office were derived by consumer purchasing decision process. And information requirements for back office were derived by tourism value chain. Total 29 functions are identified as critical EC related functions of BTW. Among them, 25 functions were investigated into BTW. BTWs were searched by search engines - Yahoo and Empas - to Korean websites. There are 12 specialized BTWs, except one cyber museum website. For 12 websites, 25 functions were probed. By the results, in need recognition stage of blue tourism, only weather information was provided in most websites. In information search stage of blue tourism, package recommendation and various contents were provided in most websites. In consumption stage of blue tourism, traffic information were provided in most websites. And in after - sales service stage of blue tourism, bulletin board function was implemented in most websites. The rest of the functions were scarcely implemented. On the whole, it was concluded that most EC related functions of BTW in Korea were not implemented properly. To improve the status quo, it is expected in the dimension of individual website, that marketing planning, customized service, intelligent service, reinforcing purchasing assistance functions, customer relationship management, and escrow service etc. need to be implemented. And it is expected in the dimension of blue tourism industry, that standardizing product catalog, security assistance policy, information sharing by industrial database, finding referral model of BTW, elevating information mind, revising related laws etc. are needed.