• Journal of Korea Multimedia Society
• /
• v.11 no.8
• /
• pp.1101-1110
• /
• 2008

Nespot provides a convenient wireless internet connection service. The existing IEEE 802.1X EAP-MD5 authentication mechanism can be achieved based on ID/password information for a wireless connection. The Nespot system offers an advanced accounting and authorization procedure for providing wireless user authentication mechanism. However, many problems were found on the existing Nespot EAP-MD5 mechanism such as a ill value exposure, a leakage of personal information on wireless authentication procedure and a weakness on Nespot mutual authentication mechanism. Therefore, we analyzed the limitation of the existing IEEE 802.1X EAP-MD5 certification system, and suggested a one-time session key based authentication mechanism. And then we offered a simplified encryption function on the Nespot certification process for providing secure mutual authentication process.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.293-303
• /
• 2017

FIDO(Fast IDentity Online) technology is expanding very rapidly which can replace traditional password-based authentication with biometrics technology[1,7]. FIDO provides convenient authentication with biometrics technology and secure key management with smart card technology, but it does not provide user identification, thus traditional user identification technology should be used before a FIDO device is registered to a FIDO server. K-FIDO[3] is an approach to implement FIDO and certificate-based authentication technology into a single device that user can utilize certificate-based authentication in initial registration of FIDO device to FIDO server. It is expected that very shortly users will own and use multiple K-FIDO devices. If we consider the traditional approach of copying single certificate to multiple devices or issuing independent certificate to each device, there will be many complex problems. In this paper we propose more secure and convenient key management technology in multiple K-FIDO device scenario using self-extended certification[4].

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.123-133
• /
• 2002

In Network Environment, Kerberos certification mechanism to require Kerberos server in other area unconditionally belief. Also, Kerberos server in cooperation area must be share server of other area and secret key. To solve these two problems, this paper proposed safe security mechanism of doing to ably IETF CAT's PKINIT/PKCROSS a1gorithm with Public Key Infrastructure and use Directory System and service between realms do trust and prove each Kerberos trust center base. Also, Although Kerberos server of each area must be foreknowing each server's secret key and public key, Obtain through Trust center and acquire each area's public key and common symmetric key, Application server excluded process that must register key in Key Distribution Center.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.7
• /
• pp.117-128
• /
• 2012

Recently IT infrastructure plays a central role in the base of the society. However, use of personal registration number on internet sites has become a major factor increasing danger of leaking of personal information. Currently, the government is recommending various information protection services in order to prevent the collection of personal registration numbers and leaking of personal information on the internet. Among them, i-PIN service is the one recommended for minimal use of personal registration numbers on the internet. Although i-PIN can be used as a way to substitute personal registration numbers on the internet, there are certain limitations in using i-PIN as the only key to recognize individuals. This study proposes organization of web system in which self certification can be conducted using i-PIN as a tool for personal certification. Also its usability and stability have been verified through performance test when i-PIN service is linked with web service and used as personal certificate. But i-PIN service is unavailable if obstacles occur in providers of i-PIN self certification. To settle this inconvenience, the study also proposes how to cope with such obstacles.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.13
• /
• pp.1033-1055
• /
• 2000

Almost business enterprises have recently used electronic commerce to conduct their business. Electronic commerce has come to encompass the Internet as well as EDI on private networks begun in the 1960s. The Internet is already changing the way that many companies conduct their business. Domestic electronic commerce has rapidly enhanced, while Int'l electronic commerce has gone steady. There are four issues for developing of Int'l Electronic Commerce. Firstly, The EDI Standardization is to be uniformed and prevailed over the world in UN/EDIFACT authorized by ISO. Secondly, There are two useful systems on Electronic Document Transmission, so called, Bolero project system and Trade Card System. It is thought that Bolero system will be more useful for large trading enterprises, especially, who need a Letter of Credit and electronic B/L, while T/C system is proper to small trade companies who do not need those. Successful results of Bolero system is very important for Int'l electronic commerce enterprises. Thirdly, to secure electronic signature, Int'l Certification Authority is essential for the users of Int'l electronic commerce. Trusted way of distributing public keys is to use a Int'l Certification Authority. The Int'l Certification Authority will accept user's public key, along with some proof of identity and serve as a depository of digital certificates. Both governments and the International business community must involve archiving keys with trusted third parties. Finally, It is important that all the nations and UNCITRAL continue efforts to make legal bases in Int'l electronic commerce concerned, including electronic signature, certification etc.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.7 no.12
• /
• pp.955-963
• /
• 2017

Nowadays, fintech becomes the key technology of the mobile banking and payments. Financial market is moved to fintech-based non-face-to-face trade/payment from traditional face-to-face process in Korea. Core of this transition is the smartphones, which have several sensitive sensors for personal identifications such as fingerprint and iris recognition sensors. But it has some originated security risks by data path attacks, for instance, hacking and pharming. Multi-level certification and security systems are applied to avoid these threats effectively, while these protections can be cause of some inconvenience for non-face-to-face certifications and financing processes. In this paper, I confirmed that it have sensible differences correspond with the data connection paths such as WiFi networks and mobile communication networks of the smartphones, and I propose a gradual certification method which alleviates the inconvenience by risk-level definitions of the data-paths.

• Journal of Korean Society of Water and Wastewater
• /
• v.34 no.2
• /
• pp.105-114
• /
• 2020

In this study, based on the System Dynamics (SD) methodology, the interrelationship between the factors inherent in the operation of the New Technology Certification System (NTCS) in Korea was identified by a causal map containing a feedback loop mechanism in connection with 'new technology development investment', 'commercialization of new technology', and 'sales by new technology'. This conceptualized causal map was applied to the simulation of the operations of the New Excellent Technology and Environmental Technology Verification System (NET&ETV) run by the Ministry of Environment among various NTCSs in Korea. A SD computer simulation model was developed to analyze and predict the operational performance of the NET&ETV in terms of key performance indices such as 'sales by new technology'. Using this model, we predicted the future operational status the NET&ETV and found a policy leverage that greatly influences the operation of the NET&ETV. Also the sensitivity of the key indicators to changes in the external variables in the model was analyzed to find policy leverage.

• The Journal of the Korea Contents Association
• /
• v.6 no.12
• /
• pp.12-20
• /
• 2006

In this paper, we propose electronic payment protocol using GDHP blind signature scheme to activate e-business in the wire/wireless integrated environment. The protocol applied elliptic curve algorithm on the GDHP base and improved the efficiency of the existing blind signature technique on the basis of communication frequency and calculation number. And the protocol accelerated speed and strengthened safety against man-in-the-middle attacks and forward secrecy because the certification between individuals is performed by the session key created by Weil paring using elliptic curve cryptosystem in the limited entity $F_q$ instead of the certification used in the existing PayWord protocol.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2023.05a
• /
• pp.183-183
• /
• 2023

Smart water cities (SWC) are urban municipalities that utilizes modern innovations in managing and preserving the urban water cycle in the city; with the purpose of securing sustainability and improving the quality of life of the urban population. Understanding the different urban water characteristics and management strategies of cities situate a baseline in the development of evaluation scheme in determining whether the city is smart and sustainable. This research herein aims to develop measurements and evaluation for SWC Key Performance Indicators (KPIs), and set up a unified global standard and certification scheme. The assessment for SWC is performed in technical, as well as governance and prospective aspects. KPI measurements under Technical Pillar assess the cities' use of technologies in providing sufficient water supply, monitoring water quality, strengthening disaster resilience, minimizing hazard vulnerability, and maintaining and protecting the urban water ecosystem. Governance and Prospective Pillar on the other hand, evaluates the social, economic and administrative systems set in place to manage the water resources, delivering water services to different levels of society. The performance assessment is composed of a variety of procedures performed in a quantitative and qualitative manner, such as computations through established equations, interviews with authorities in charge, field survey inspections, etc. The developed SWC KPI measurements are used to evaluate the urban water management practices for Busan Eco Delta city, a Semulmeori waterfront area in Gangseo district, Busan. The evaluation and scoring process was presented and established, serving as the basis for the application of the smart water city certification all over the world. The established guideline will be used to analyze future cities, providing integrated and comprehensive information on the status of their urban water cycle, gathering new techniques and proposing solutions for smarter measures.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.3C
• /
• pp.211-219
• /
• 2002

Mobile IP(RFC2002) is representative protocols that support mobility to host. In this paper, we propose a mobile IP registration protocol using public-key based certificates and CA(certification authority). Our proposed protocol authenticates the registration message of mobile node and prevents replay attack and minimal use of public key cryptography, Also, Our proposed protocol directly authenticates between agents and mobile nodes using certificates. Though the computer simulation, we prove that our proposal has better performance than the previous public-key based Mobile IP registration protocol.