• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.40 no.9
• /
• pp.702-713
• /
• 2003

The importance of protection for data and information is increasing by the rapid development of information communication and network. And the concern for protecting private information is also growing due to the increasing demand for lots of services by users. Asymmetric cryptosystem is the mainstream in encryption system rather than symmetric cryptosystem by above reasons. But asymmetric cryptosystem is restricted in applying fields by the reason it takes more times to process than symmetric cryptosystem. In this paper, encryption system which executes authentication works of asymmetric cryptosystem by means of symmetric cryptosystem. The proposed cryptosystem uses an algorithms combines that combines block cipherment with stream cipherment and has a high stability in aspect of secret rate by means of transition of key sequence according to the information of plaintext while symmetric/asymmetric cryptosystem conducts encipherment/deciphermeent using a fixed key. Consequently, it is very difficult to crack although unauthenticator acquires the key information. So, the proposed encryption system which has a certification function of asymmetric cryptosystem and a processing time equivalent to symmetric cryptosystems will be highly useful to authorize data or exchange important information.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.233-236
• /
• 2008

Wire wireless integrated service of BcN(Broadband convergence Network) is expanding. Information Security issue is highlighted for opposing attack of getting information illegally on wire wireless network. The user of PKI(Public Key Infrastructure) cipher system among Information security technology receives various security services about authentication, confidentiality, integrity, non-repudiation and access control etc. A mobile client and server are loaded certificate and wireless internet cryptography module for trusted data send receive. And data sends receives to each other after certification process through validity check of certificate. Certificate and data security system is researched through PKI on wireless network environment and data security system in this paper.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.3
• /
• pp.53-62
• /
• 2015

Recently, number of tablet or Smartphone users increased significantly in domestic and around the world. But violation of personal information such as leakage, misuse and abuse are constantly occurring by using mobile devices which is very useful in our society. Therefore, in this paper it will talk about the problems in the network environment of the mobile environment such as tablet and Smartphone, Mobile Malware, hacking of the public key certificate, which could be potential threat to mobile environment. This thesis will research for people to use their mobile devices more reliable and safer in mobile environment from invasion and leakage of personal information. In order to use Smartphone safely, users have to use Wi-Fi and Bluetooth carefully in the public area. This paper will research how to use App safely and characteristic of risk of worm and Malware spreading. Because of security vulnerabilities of the public key certificate, it will suggest new type of security certification. In order to prevent from the information leakage and infect from Malware in mobile environment without knowing, this thesis will analyze the improved way to manage and use the mobile device.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.621-628
• /
• 2001

SET is one of the useful protocol for credit payment in the Electronic market. Since, the delivery problem is conformed to delivery cooperation not payment problem, the classic SET protocol didn\`t consider about the certification of delivery. But the environment of electronic market be changed to manage the sold, delivery and payment etc.. In this paper, based on this consider, we propose a new SET protocol which has an function to verify the delivery based on SKP and verify it after analyzed by Petri nets. Specially, we consider SKP between Customer, Merchant, and Acquirer for improve the verify function.

• Journal of Korean Society for Quality Management
• /
• v.37 no.2
• /
• pp.1-11
• /
• 2009

Recently, many companies have been very interested in CRM(Customer Relationship Management). Most companies have been also considering the contact center as a key CRM channel, because it is a contact point between customers and companies. It turns out that the contact center handles over 70% of all customer-company interactions and the success or failure of a company can be determined by the customer satisfaction with contact center experiences. Despite of the strategic importance of the contact center, there has been few empirical study on the efficiency of contact center operations in the literature. One of the main purposes of this study is to evaluate the efficiency of contact centers so as to not only identify the current status of contact center operations, but also suggest ways to improve operational efficiency. For this purpose, we apply a non-parametric efficiency measurement method, DEA (Data Envelopment Analysis), to 57 domestic contact centers in order to compare their relative efficiency. It is expected that the measurement methods suggested in this study can be applied to various issues such as service KS certification, outsourcing service management, and the productivity analysis of service personnel.

• Journal of KIISE:Information Networking
• /
• v.29 no.6
• /
• pp.645-653
• /
• 2002

The WPP payment protocol uses the WAP protocol to enable credit card payment on the wireless internet. Since the security of the WAP protocol is based on the WTLS security protocol, there exists an end-to-end security weakness for the WPP payment protocol. This paper is suggesting a payment protocol, which is making use of the Public-Key Cryptosystem and the Mobile Gateway, so assuring end-to-end security independently of specific protocols. As the on-line certification authority is participating on the authentication process of the payment protocol, the suggested payment protocol enables wireless devices to get services from service providers on other domains.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.97-106
• /
• 2003

The important factor in Public-Key Infrastructure is the authentication to correspondent. We receive the digital certificate for authentication between each other, and then we check the existence of validity on the certificate by Certification Revocation List(CRL). But, To use CRL is the scheme used in offline status. So, it is impossible to refer to the latest information and the CRL scheme which is used after downloading is variously unsuitable to getting bigger of the CRL size as time goes on. Therefore, we prefer OCSP(Online Certificate Status Protocol) used in online to CRL used in offline. Consequently, we propose the scheme which provides the request of fast verification in case of requesting the verification on the certificate by owning the same update information to Certificate Registry and distributed OCSP.

• The Journal of the Korea Contents Association
• /
• v.15 no.10
• /
• pp.607-615
• /
• 2015

Mosts user of internet and smart phone has certificate, and uses it when money transfer, stock trading, on-line shopping, etc. Mosts user stores certificate in a hard disk drive of PC, or the external storage medium. In particular, the certification agencies are encouraged for user to store certificate in external storage media such as USB memory rather than a hard disk drive. User think that the external storage medium is safe, but when it is connect to a PC, certificate may be copied easily, and can be exposed to hackers through malware or pharming site. Moreover, if a hacker knows the user's password, he can use user's certificate without restrictions. In this paper, we suggest secure management scheme of the private key file using a password of the encrypted private key file, and a USB Memory's hardware information. The private key file is protected safely even if the encrypted private key file is copied or exposed by a hacker. Also, if the password of the private key file is exposed, USB Memory's container ID, additional authentication factor keeps the private key file safe. Therefore, suggested scheme can improve the security of the external storage media for certificate.

• Proceedings of the Korean Society for Quality Management Conference
• /
• 1998.11a
• /
• pp.435-449
• /
• 1998

Continuous quality improvement (CQI) has been promoting progresses of the social, and which is being studied and applied in much more widespread area at present. This paper systematically studies and reports research results of continuous quality improvement, involved in several key viewpoints of CQI such as the background of management and engineering philosophy on CQI, the objectives of CQI, the ways to implement CQI, the objects of CQI based on process. In terms of management methodology, the results of discussion on Benchmarking & CQI, standardization management and its certification & CQI, TQM pyramid & CQI and self-assessment & CQI etc. are reported. In quality engineering field, CQI culture of variation reduction is presented. Actually this paper is a comprehensive research project report of 'Continuous Quality Improvement System', supported jointly by NSFC and KOSEF.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1819-1831
• /
• 2018

This paper focuses on a header compression method for the Authentication Header (AH) and Encapsulation Security Payload (ESP) for application to 6LoWPAN. Based on the context, an extendible compression method is developed by analysing each field of the AH and ESP. The method is carried out by resetting the AH and ESP header compression formats, adding a MOD field, and setting different working modes. Authentication, encryption, and a mixture of certification and encryption are provided as flexible options. In addition, the value of the original IPv6 extensible header ID (EID) field can be retained, while the number of occupied NHC_ID values can be decreased for future extendibility. The experimental results show the feasibility and validity of the current compression method. By comparison with other solutions, the new mechanism is demonstrated to be advantageous in terms of compression ratio, flexibility and extendibility.