• The Journal of Korean Medicine
• /
• v.29 no.1
• /
• pp.67-84
• /
• 2008

Objective : The main purpose of this study was to evaluate the effect of Jasinwhalhyul-tang (Zishenhuoxue-tang, JWT) on MRL/MpJ-Ipr/Ipr mouse model with systemic lupus erythematosus. Methods: The effect of JWT on MRL/MpJ-Ipr/Ipr mice that have autoimmune disease similar to SLE in humans was evaluated after JWT per oral in the present study. Mice were administered with Jasinwhalhyul-tang (Zishenhuoxue-tang, JWT) (80 or 400mg/kg) or distilled water for control group from experimental week 10 for 22 weeks. Results : The amount of erythematosus skin lesion and proteinuria were significantly decreased. The size and weight of cervical lymph nodes and spleen were significantly reduced. The ratio between activated $CD3^+CD69^+$ T-cells and undifferentiated $CD3^+CD4^-CD8^-$ T-cells in lymph nodes, spleen and kidney was effectively reduced. The gene expression of TGF-$\beta$ in spleen and kidney was increased. The amount of anti-dsDNA IgG in blood was decreased. The gene expression of TGF-$\beta$ in normal mouse spleen cells was increased depending on concentration by treatment of with T cell stimulating agent. In the histological examination of skin and kidney, the amount of infiltration of immune cells involved in the inflammatory response was decreased. Conclusions : According to the above results, JWT should be considered as an applicable therapeutic agent to SLE in clinical practice. Further research is required to investigate other efficacies of JWT on SLE.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.10a
• /
• pp.283-285
• /
• 2016

최근 IT 기술의 발전으로 다양한 IoT 기기들이 등장하고 있다. 이러한 IoT 기기들에 접근하기 위해 사용자는 인증을 하는 과정을 거쳐야 한다. 하지만 IoT 기기들이 서로 다른 인증시스템을 가지고 있고 각각의 기기들을 통합적으로 관리하기 위해 일반적으로 IoT 게이트웨이를 이용하여 통합된 인증 시스템을 구축하여 사용하고 있다. 하지만 기존 IoT 게이트웨이의 경우 접근 시마다 사용자 계정으로 로그인해야하는 불편함과 세션 연결의 취약점이 존재한다. 따라서 본 논문에서는 IoT 게이트웨이에서 개선된 사용자 인증 및 API 접근을 위한 JWT를 제안한다.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2020.11a
• /
• pp.330-332
• /
• 2020

최근 4차 산업혁명이 가속화되면서 IT 기반 산업들이 제품 중심 사업에서 서비스 위주의 사업으로 변화하는 양상을 보인다. 그에 뒤 받침 하듯이 세계 스타트업 기업 가치를 측정해 보았을 때 1위부터 4위까지 모두 IT 기반의 사업이라는 것을 확인할 수 있다. 그중 750억 달라 가치를 가진 Uber, 560억 가치를 가진 디디추싱은 모두 차량 공유 시스템을 서비스를 기업으로, 세계 각국의 사람들의 현재 차량 매칭 서비스에 관심이 집중 되어있다. 이러한 차량 매칭 서비스는 사용자들 실시간 매칭을 해주기 때문에 많은 사람들이 서버에 접속하여 인증을 요청하게 된다. 또한 기업은 많은 사람들의 실시간 인증을 처리해야하기 때문에 다수의 요청을 처리하는 것은 시스템 사양을 결정하게 되는 중요한 요소가 된다. 이러한 서버 기반 인증 방식은 메모리에 부하가 걸리는 문제가 발생한다. 본 논문에서는 다수의 사람들이 들어오는 차량 매칭 서비스에서 토큰 인증 기반 방식인 JWT를 활용하여 기존의 서버에 사용자의 정보를 저장하는 세션 인증 방식보다 좀 더 효율적인 인증 방식을 제안하고자 한다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.4
• /
• pp.43-53
• /
• 2020

There are three standards for FIDO1 authentication technology: Universal Second Factor (U2F), Universal Authentication Framework (UAF), and Client to Authenticator Protocols (CTAP). FIDO2 refers to the WebAuthn standard established by W3C for the creation and use of a certificate in a web application that complements the existing CTAP. In Korea, the FIDO certified market is dominated by UAF, which deals with standards for smartphone (Android, iOS) apps owned by the majority of the people. As the market requires certification through FIDO on PCs, FIDO Alliance and W3C established standards that can be certified on the platform-independent Web and published 『Web Authentication: An API for Accessing Public Key Credentials Level 1』 on March 4, 2019. Most PC do not contain biometrics, so they are not being utilized contrary to expectations. In this paper, we intend to present a model that allows login in PC environment through biometric recognition of smartphone and FIDO UAF authentication. We propose a model in which a user requests login from a PC and performs FIDO authentication on a smartphone, and authentication is completed on the PC without any other user's additional gesture.

• Journal of Internet Computing and Services
• /
• v.19 no.5
• /
• pp.55-66
• /
• 2018

Since existing server-based authentications use vulnerable password-based authentication, illegal leak of personal data occurs frequently. Since this can cause illegal ID compromise, alternative authentications have been studied. Recently token-based authentications like OAuth 2.0 or JWT have been used in web sites, however, they have a weakness that if a hacker steals JWT token in the middle, they can obtain plain authentication data from the token, So we suggest a new authentication method using the verification token of authentic code to encrypt authentication data with effective time. The verification is to compare an authentication code from decryption of the verification-token with its own code. Its crypto-method is based on do XOR with ECDH session key, which is so fast and efficient without overhead of key agreement. Our method is outstanding in preventing the personal data leakage.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1343-1354
• /
• 2018

OAuth 2.0 bearer token and JWT(JSON web token), current standard technologies for authentication and authorization, use the approach of sending fixed token repeatedly to server for authentication that they are subject to eavesdropping attack, thus they should be used in secure communication environment such as HTTPS. In OAuth 2.0 MAC token which was devised as an authentication scheme that can be used in non-secure communication environment, server issues shared secret key to authenticated client and the client uses it to compute MAC to prove the authenticity of request, but in this case server has to store and use the shared secret key to verify user's request. Therefore, it's hard to provide stateless authentication service. In this paper we present a randomized token authentication scheme which can provide stateless MAC token authentication without storing shared secret key in server side. To remove the use of HTTPS, we utilize secure communication using server certificate and simple signature-based login using client certificate together with the proposed randomized token authentication to achieve the fully stateless authentication service and we provide an implementation example.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1103-1113
• /
• 2020

Hospitals store and manage personal and health information through the electronic medical record (EMR). However, vulnerabilities and threats are increasing with the provision of various services for information sharing in hospitals. Therefore, in this paper, we propose a model to prevent personal information leakage due to the transmission of patient information in EMR. A method for granting permission to securely receive and transmit patient information from hospitals where patient medical records are stored is proposed using OAuth authorization tokens. A protocol was proposed to enable secure information delivery by applying and delivering the record access restrictions desired by the patient to the OAuth Token. OAuth Delegation Token can be delivered by writing the authority, scope, and time of destruction to view patient information.This prevents the illegal collection of patient information and prevents the leakage of personal information that may occur during the delivery process.

• Asia Marketing Journal
• /
• v.15 no.4
• /
• pp.161-186
• /
• 2014

There are many cases of rebranding and its numbers are growing. However, rebranding is still under research in the academic field, and there is no guideline on the effective way to change brand name. The objective of this paper is to integrate two inconsistent predictions from categorization theory and schema incongruity theory: a negative linear relationship (categorization theory) versus an inverted-U-shape relationship (schema incongruity theory) between brand name incongruity and consumer evaluation into one framework. Specifically, this study examines how the effect of incongruity between an existing brand name and a new brand name (hereafter called "brand name incongruity") on the new brand name attitude differs depending on a consumer's individual characteristics (need for cognition). The experiment demonstrates that consumers with a high need for cognition show a better attitude towards a new brand name when the brand name was rebranded moderately incongruent compared to congruent or extremely incongruent. Thus, the experiment demonstrates that there is an inversed U-shape relationship between brand name incongruity and new brand name evaluation for consumers with a high need for cognition. On the contrary, consumers with a low need for cognition show a better attitude towards a new brand name when the brand name is rebranded congruently compared to incongruent conditions (moderate incongruity and extreme incongruity). This result indicates that there is a negative linear relationship between brand name incongruity and new brand name evaluation. Key theoretical and managerial implications of the present study are as follows. This study integrates two alternative views of research on incongruity evaluation into one framework by demonstrating that need for cognition moderates the relationship between brand name incongruity and consumer evaluation. This present study provides a conceptual basis for understanding consumer evaluation towards a new brand name. Next, though rebranding is a very important decision making of brand management, there is no guideline on how to change a brand name. The findings of this research can suggest which degree of change is optimal when rebranding in order to utilize and strengthen existing brand equity. More specifically, when our target customer has high need for cognition, moderately incongruent rebranding can be optimal, whereas for those with low need for cognition, rebranding in accordance with existing brand name will be optimal.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.573-586
• /
• 2016

With the adoption of cloud computing, the number of companies that take advantage of cloud computing has increased. Additionally, various of existing service providers have moved their service onto the cloud and provided user with various cloud-based service. The management of user authentication and authorization in cloud-based service technology has become an important issue. This paper introduce a new technique for providing authentication and authorization with other inter-cloud IAM (Identity and Access Management). It is an essential and easy method for data sharing and communication between other cloud users. The proposed system uses the credentials of a user that has already joined an organization who would like to use other cloud services. When users of a cloud provider try to obtain access to the data of another cloud provider, part of credentials from IAM server will be forwarded to the cloud provider. Before the transaction, Access Agreement must be set for granting access to the resource of other Organization. a user can access the resource of other organization based on the control access configuration of the system. Using the above method, we could provide an effective and secure authentication system on the cloud.