• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2005.11a
• /
• pp.281-284
• /
• 2005

Kerberos is system that offer authorization in internet and authentication service. Can speak that put each server between client and user in distributed environment and is security system of symmetry height encryption base that offer authentication base mutually. Kerberos authentication is based entirely on the knowledge of passwords that are stored on the Kerberos Server. A user proves her identity to the Kerberos Server by demonstrating Knowledge of the key. The fact that the Kerberos Server has access to the user's decrypted password is a rwsult of the fact that Kerberos does not use public key cryptogrphy. It is a serious disadvantage of the Kerbercs System. The Server must be physically secure to prevent an attacker from stealing the Kerberos Server and learning all of the user passwords. Kerberos was designend so that the server can be stateless. The Kerberos Server simply answers requests from users and issues tickets. This study focused on designing a SIP procy for interworking with AAA server with respect to user authentication and Kerberos System. Kerberos is security system of encryption base that offer certification function mutually between client application element and server application element in distributed network environment. Kerberos provides service necessary to control whether is going to approve also so that certain client may access to certain server. This paper does Credit-Control Server's function in AAA system of Diameter base so that can include Accounting information that is connected to Rating inside certification information message in Rating process with Kerberos system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.12
• /
• pp.2271-2279
• /
• 2007

In this paper, we introduce the notion of certificate-based encryption in multi-receiver environment, which avoids the inherent key escrow problem while preserving the implicit certification in identity-based encryption. We also construct a highly efficient certificate-based encryption scheme for multi-receiver environment, which eliminates pairing computation to encrypt a message for multiple receivers. Moreover, the proposed scheme only needs one pairing computation for decrypting the ciphertext. We compare our scheme with the most efficient identity-based encryption scheme for multi-receiver environment proposed by Baek et.al.[1] in terms of the computational point of view, and show that our scheme provides better efficiency than Baek's scheme. Finally, we discuss how to properly transform our scheme into a new public key broadcast encryption scheme based on subset-cover framework.

• The KIPS Transactions:PartC
• /
• v.12C no.2 s.98
• /
• pp.301-308
• /
• 2005

According to banking online transaction grows very rapidly, guarantee validity about business transaction has more meaning. To offer guarantee validity about banking online transaction efficiently, certificate status verification system is required that can an ieai-time offer identity certification, data integrity, guarantee confidentiality, non-repudiation. Existing real-time certificate status verification system is structural concentration problem generated that one node handling all transactions. And every time status verification is requested, network overload and communication bottleneck are occurred because ail useless informations are transmitted. it does not fit to banking transaction which make much account of real response time because of these problem. To improve problem by unnecessary information and structural concentration when existing real-time certificate status protocol requested , this paper handle status verification that break up inspection server by domain. This paper propose the method of real~time certificate status verification that solves network overload and communication bottleneck by requesting certification using really necessary Reduction information to certification status verification. And we confirm speed of certificate status verification $15\%$ faster than existing OCSP(Online Certificate Status Protocol) method by test.

• Journal of Korea Multimedia Society
• /
• v.6 no.5
• /
• pp.849-860
• /
• 2003

As mobile device is becoming more popular, E-Commerce changes into M-Commerce. Especially, IMT-2000 (International Mobile Telecommunication 2000) service is prepared for M-Commerce and this has USIM (Universal Subscriber Identity Module) as a core of certification of individuality and transactions. As a result, the area of mobile service going to expand by USIM. But, mobile services using USIM leave much to be desired, and developed application don't variety. In this paper, for the efficient design of USIM, the structure of USIM and protocol is analyzed, and secure payment solution in USIM is proposed. Specially, offline payment system is proposed for the verification of proposed protocols including security, saving, and calculation of balance. finally, the simulation of proposed payment system on USIM is performed using Java Card.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.49-58
• /
• 2018

A certificate is a means to certify users by conducting the identification of the users, the prevention of forgery and alteration, and non-repudiation. Most people use an accredited certificate when they perform a task using online banking, and it is often used for the purpose of proving one's identity in issuing various certificates and making electronic payments in addition to online banking. At this time, the issued certificate exists in a file form on the disk, and it is possible to use the certificate issued in an existing device in a new device only if one copies it from the existing device. However, most certificate duplication methods are a method of duplication, entering an 8-16 digit verification code. This is inconvenient because one should enter the verification code and has a weakness that it is vulnerable to security issues. To solve this weakness, this study proposes a method for enhancing security certificate duplication in a multi-channel using TCP and BLE. The proposed method: 1) shares data can be mutually authenticated, using BLE Advertising data; and 2) encrypts the certificate with a symmetric key algorithm and delivers it after the certification of the device through an ECC-based electronic signature algorithm. As a result of the implementation of the proposed method in a mobile environment, it could defend against sniffing attacks, the area of security vulnerabilities in the existing methods and it was proven that it could increase security strength about $10^{41}$ times in an attempt of decoding through the method of substitution of brute force attack existing method.

• Journal of Embryo Transfer
• /
• v.28 no.3
• /
• pp.207-213
• /
• 2013

This study was carried out to examine a molecular marker system for parentage test in Jeju Black cattle (JBC). Based on the preliminarily studies, we finally selected for construction of a novel genetic marker system for molecular traceability, identity test, breed certification, and parentage test in JBC and its related industrial populations. The genetic marker system had eight MS markers, five indel markers, and two single nucleotide polymorphisms (SNPs; g.G299T and g.del310G) within MC1R gene which is critical to verify the breed specific genotypes for coat color of JBC differing from those of exotic black cattle breeds such as Holstein and Angus. The results showed lower level of a combined non-exclusion probability for second parent (NE-P2) of $4.1202{\times}10^{-4}$ than those previously recommended by International Society of Animal Genetics (ISAG) of $5.000{\times}10^{-4}$ for parentage, and a combined non-exclusion probability for sib identity (NE-SI) of $2.679{\times}10^{-5}$. Parentage analysis has been successfully identified the JBC offspring in the indigenous population and cattle farms used the certified AI semens for production using the JBC-derived offspring for commercial beef. This combined molecular marker system will be helpful to supply genetic information for parentage test and traceability and to develop the molecular breeding system for improvement of animal productivity in JBC population.

• Smart Media Journal
• /
• v.12 no.2
• /
• pp.27-35
• /
• 2023

Currently, online user authentication is perform using joint certificates issued by accredited certification authorities and simple certificates issued by private agency. In such a PKI(Public Key Infrastructure) system, various cryptographic technologies are used, and in particular, digital signatures are used as a core technology. The digital signature scheme is equally used in DID(Decentralized Identity), which is attracting attention to replace the existing centralized system. As such, the digital signature-based user authentication used in current online services is also applied in the metaverse, which is attracting attention as the next-generation online world. Metaverse, a compound word of "meta," which means virtual and transcendent, and "universe," means a virtual world that includes the existing online world. Due to various developments of the metaverse, it is expted that new authentication technologies including biometric authentication will be used, but existing authentication technologies are still being used. Therefore, in this study, we study digital signature scheme that can be efficiently used for user authentication in the developing metaverse. In particular, we experimentally analyze the effectiveness of ECDSA, which is currently used as a standard for digital signatures, and Schnorr signatures, which can quickly verify a large amount of signatures.

• Journal of Fisheries and Marine Sciences Education
• /
• v.4 no.2
• /
• pp.121-128
• /
• 1992

Taking the present circumstances into account that we are approaching the realization stage of interchange and cooperation between North and South Korea through a preparatory stage, recovery of national homogeneity is an essential precondition for reunification. The important first Step is pursuing of recovery of educational homogeneity for this purpose. The authors carried out 8 general observation on the fundamental educational system with ideology, on the actual state and characteristic of educational system for industrial technicians, and especially on the educational system for fisheries technical manpower in the North Korea. It was found that the North Korea's basic idea of educational policy is constituted by bringing up the communistic human beings on the ground of "the Ideas of Identity" and by bringing up industrial technical manpower for development of communistic economic. The basic educational system consists of 1-4-6-4 school years system, and 11 years of compulsory education up to the higher middle schools is imposed to all people. The educational system for industrial technicians is also composed of the regular school system which is following the basic educational system and of the irregular school system which is being attached to the industrial bodies. The fisheries educational system is very similar to the general educational system for industrial technicians, and the fisheries workers are treated more warmly in comparison with the workers engaging in the other industrial fields. By this study, the authors failed to find out the concrete content of the fisheries educational system including the curriculum owing to the lack of information, but this task should be studied continuously to make provision of reunification in the near future. Expressly, a continuous and profound research is required to be carried out on actual accepted state of the international maritime conventions together with the marine officers' certification system for the shipping and fisheries fields in the North Korea.

• Journal of Convergence for Information Technology
• /
• v.8 no.5
• /
• pp.85-93
• /
• 2018

This study investigates the suitability of the blockchain and FIDO among non-face-to-face authentication means in order to secure diversity of identfication means operated in South Korea. In order to do this, the study selected and analyzed seven conformance criteria (universality, persistence, uniqueness, convenience, security, applicability, and economics), and the results were appropriate. Accordingly, in order to apply the blockchain and FIDO as the identification means, the related regulations and notices should be revised to improve the identification procedure. In addition, differentiated certification standards should be established for each service field to apply various authentication means as well as existing identification means, and the authentication means should be continuously developed and linked with the service. In the future, the identification means will bring security of the information circulation environment in the IoT, so it should be implemented in a variety of services by supporting application of identification means.

• Convergence Security Journal
• /
• v.16 no.5
• /
• pp.57-63
• /
• 2016

In recent years, there is growing interest in 'Fin-tech' in the domestic and international financial sector. And a variety of services in such a situation has emerged. To ensure the safety of from hacking attacks, many new technologies have been developed. These leading technology is the Bio-authentication method that you consider applying to the financial sector. Bio authentication is using biometric information. Also it is known that can cope the threat of fabrication and modifying attacks with shared and stored. However, Recently, When you look at hacking incidents of biometric data(560 million cases) in the United States Office of Personnel Management and advent of the fingerprints counterfeit technology, We can be known that should be reconsidered about the safety of bio-certification. Especially, it should be provided with a response measures for the problem of embezzlement that biometric information already been leaked. Thereby In this paper, by investigating biometric technologies and practices applied and of the vulnerability factor in many industries, it expected to be utilized in the prepared threats countermeasures in accordance with the application of the biometric authentication technology in a future.