• Journal of Venture Innovation
• /
• v.2 no.2
• /
• pp.21-29
• /
• 2019

In the public certificate technology commonly used in Korea, users have a cumbersome problem of always resetting when they forget their password. In this paper, as a solution to this problem, we propose a secure authentication certificate password recovery protocol using blockchain, PKI, and DID for distributed storage. DID is a schema for protecting block ID in blockchain system. The private key used in the PKI is configured as a user's biometric, for example, a fingerprint, so that it can completely replace the memory of the complex private key. To this end, based on the FIDO authentication technology that most users currently use on their smartphones, the process of authenticating a user to access data inside the block minimizes the risk of an attacker taking over the data.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.9C
• /
• pp.908-922
• /
• 2003

The Public Key Infrastructure (PKI) trends to delegate the certificate path processing to the Delegated Path Discovery (DPD) Server and Delegated Path Validation (DPV) server recently. The most critical factor for the selection of the delegated server is to allow the server to be equipped with a high reliability through a low cost, and simple implementation. In this paper, we propose a new certificate path processing scheme employed the trusted CA as the DPD/DPV server by adding the capability of the Validation Authority (VA) to the trusted CA. Since our proposed scheme uses the existing trusted CA as validation server, we can achieve a high trust through a simple implementation for the processing. Besides, we propose an additional scheme for reducing an overhead on the trusted CA. it is obtained by delegating digital signature verification to CAs on the path and by skipping the repeated path processing. As the result, our proposed validation scheme can be performed efficiently with high speed and low computational overhead.

• Convergence Security Journal
• /
• v.14 no.4
• /
• pp.3-8
• /
• 2014

Wireless Ad hoc Network is threatened from many types of attacks because of its open structure, dynamic topology and the absence of infrastructure. Attacks by malicious nodes inside the network destroy communication path and discard packet. The damage is quite large and detecting attacks are difficult. In this paper, we proposed attack detection technique using secure authentication infrastructure for efficient detection and prevention of internal attack nodes. Cluster structure is used in the proposed method so that each nodes act as a certificate authority and the public key is issued in cluster head through trust evaluation of nodes. Symmetric Key is shared for integrity of data between the nodes and the structure which adds authentication message to the RREQ packet is used. ns-2 simulator is used to evaluate performance of proposed method and excellent performance can be performed through the experiment.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.7
• /
• pp.861-870
• /
• 2002

The area of business applications in the internet are extended enormously in result of fast development of computing and communication technologies, increase of internet use, and use of intranet/extranet in enterprise information system. Widely spread the use of the internet, there are various applications for Business to Business (B to B) or Business to Customer(B to C) model that are based on the intranet or extranet. This paper designed and implemented the Web-based Electronic Bidding System for Business to Business (B to B) model. The technical issues of electronic bidding system in the internet are involved in the connection between web client and server, electronic data interchange for the contract document, and security solution during the bidding and contracting processes. The web-based electronic bidding system in this paper is implemented using Java applet and servlet as a connection interface for web client and sewer, XML/EDI-based documents for a bid and a contract, and bidding server and notary server for enhancing the security using PKI(Public Key Infrastructure)-based public key cryptography, digital signature and Certification Authority (CA).

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.8
• /
• pp.1466-1477
• /
• 2016

Public key infrastructure(PKI), principle technology of the certificate, is a security technology providing functions such as identification, non-repudiation, and anti-forgery of electronic documents on the Internet. Our government and financial organizations use PKI authentication using ActiveX to prevent security accident on the Internet service. However, like ActiveX, plug-in technology is vulnerable to security and inconvenience since it is only serviceable to certain browser. Therefore, the research on HTML5 authentication system has been conducted actively. Recently, domestic bank introduced PKI authentication complying with web standard for the first time. However, it still has inconvenience to register a certification on each website because of same origin policy of web storage. This paper proposes the certificate based SSO protocol that complying with web standard to provide user authentication using certificate on several sites by going around same origin policy and its security proof.

• ALGAE
• /
• v.35 no.2
• /
• pp.107-121
• /
• 2020

Mariculture is regarded as the only option to supply the increasing demands for seaweeds as human food, feeds, fodder, and phycolloids in a sustainable manner. Technologies for culturing a range of seaweed species have been developed successively in Korea since the 1970s. In 2017, Korean marine farms produced 1,761,526 t of seaweed. The key focus of the industry is on the production of Pyropia (523,648 t), Undaria (622,613 t), and Saccharina (542,285 t). Pyropia is economically the most important species in Korea, accounting for up to 68% of total production value. As the top exporter of Pyropia in the world, Korea exported up to US $525 million of Pyropia products to 110 countries in 2018. Other economically important genera include Sargassum, Ulva, Capsosiphon, Codium, and Gracilariopsis, all of which are used for food, and Gelidium, Pachymeniopsis, and Ecklonia which are used as raw material for phycocolloid extraction. Significant work has gone into developing more productive strains of key seaweed species, and in 2012 the Korean government began to certify seaweed varieties. To date, 19 seaweed cultivars have been registered including 13 Pyropia, 5 Undaria, and 1 Saccharina. The industry is now seeking not only to increase productivity but also to add value through processing. Convenience foods and snacks have been developed that target health-conscious consumers and utilize the nutritional properties of seaweeds. The industry is also seeking to promote the sustainability of seaweed farming. One seaweed company in Korea obtained the world's first ASC-MSC (Aquaculture Stewardship Council-Marine Stewardship Council) certification in 2019 and more are expected to follow their lead. With continued research support, the Korean seaweed industry plans to continue to expand to meet new market demands at a sustainable pace.

• The Journal of Society for e-Business Studies
• /
• v.16 no.4
• /
• pp.1-16
• /
• 2011

A digital certificate mandated by the Electronic Signature Act has become familiar in our daily lives as 95% of the economically active population hold certificates. Due to upgrades to 256 bit level security that have become effective recently, the security and reliability of digital certificates are expected to increase. Digital certificates based on Public Key Infrastructure (PKI) have been known as "no big problem," but the possibility of password exposure in cases of leaked digital certificates still exists. To minimize this vulnerability, various existing studies have introduced alternative password methods, expansion of certificate storage media, and multiple certification methods. These methods perform enhanced functions but also have limitations including the fact that the secureness of passwords is not guaranteed. This study suggests an alternative method for enhancing the level of password secureness as a way to improve password security. This new method improves security management and enhances the convenience of using digital technologies. The results may be used for developing digital certificate related security technologies and research in the future.

• Journal of Environmental Health Sciences
• /
• v.40 no.5
• /
• pp.425-434
• /
• 2014

Objectives: The purpose of this study is to introduce the establishment process and results of the Seoul Metropolitan Government's road map on environmental health policy. Methods: The process consisted of expert group meetings, civic participation, research, and questionnaire survey for priority environmental health policy agenda items in Seoul. Results: The announced vision for the environmental health policy was "a healthy environment, safety in Seoul". This policy was established in order to define environment health policy initiatives for a period of five years with an aim to protect Seoul citizens' health from hazardous environmental factors. The resulting Seoul environmental health policy consisted of four areas and 16 key agenda items. The four areas were "Protection for children against hazardous materials", "Enhancement of health and safety of all", "Carcinogen-free and endocrine-disrupting chemical-free Seoul (reducing environmental exposure to hazardous materials), and "Establish the foundation of environmental health policy". Sixteen key agenda items include the enhancement of management of spaces for children, certification of environmental health status at schools, establishment of a unit responsible for the environmental health of children, strengthening environmental health management for susceptible populations (children, the aged, and the socioeconomically vulnerable), management of hazardous materials, physical hazardous factors (noise, radiation, etc.), indoor air quality, and the enhancement of monitoring, research, and regulation of environment health. Conclusion: The Seoul Metropolitan Government established an environmental health policy road map for a five-year period (2013-2017). To implement this environmental health policy, budget allocation, and detailed execution plans are required.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.4
• /
• pp.61-68
• /
• 2011

Recently arithmetic circuit of lightweight AES symmetric key algorithm that can apply to passive tag have been developed, then security protocol of RFID system using AES symmetric encryption techniques have been proposed. This paper proposed security enhancement protocol of RFID system using lightweight AES arithmetic circuit and random number generator of passive tag. The proposed protocol have AES algorithm and random number generator at server, reader, tag, and transmit encrypted message by separate secret key using random number at each session. The mutual authentication of tag and reader used reader random number and tag random number. As a result, proposal protocol reduce authentication steps of the existing mutual authentication protocol, and reduce amount of computation of tag, and demonstrate as secure protocol to every attack type of attacker by decrease communication step of Air Zone.

• Journal of KIISE:Information Networking
• /
• v.29 no.4
• /
• pp.368-374
• /
• 2002

In the third generation mobile telecommunication systems such as UMTS, one of the important problems for value-added services is to check the recoverability of costs used by a mobile user. Previous authentication and payment schemes for value-added services by a mobile user across multiple service domains, rely on the concept of the on-line TTP, which serves as the users certification authority. In the third generation systems with many service providers, a wide range of services, and a diverse user population, authentication mechanisms with the on-line TTP provide a far from ideal solution. In this paper we present an efficient public-key protocol for mutual authentication and key exchange designed for value-added services in the third generation mobile telecommunications systems. The proposed ticket based authentication and payment protocol provides an efficient way for VASP to check the recoverability of costs without communication with the on-line TTP Furthermore, the proposed ticket based protocol can provide anonymous service usage for a mobile user.