• International Commerce and Information Review
• /
• v.12 no.1
• /
• pp.55-73
• /
• 2010

The thesis examines new innovation of various aspect to overcome lots of problems which come by when we execute simplification of trade procedure and administration fairly. Practical implications regarding the innovation of electronic trade infrastructure are as follows. First, it will propel the standardization of electronic trade section in the technical side and the construction atmosphere of international authentication system must be created. The work process should be redesigned in order to implement export-import procedures that meet the relevant standards. Second, the improvement of system for electronic process is necessary in the law and institutional aspect. In order to eliminate any obstacles to the trade procedure, clearer legal grounds regarding legitimate controls and minimum necessity must be established. Also, laws should be revised to admit mutual recognition among certification organizations, in lieu of international agreement-based mutual recognition between government. Third, the detailed improvement for the integration of the electronic trade infrastructure will be demanded. Additionally, user-centered quality management protocols should be established via connections with the systems already existing in governmental bodies. Fourth, various trade institution should harmonized and interconnected with other partners through mutual cooperation for standardization of operational system. A system which can monitor and remotely diagnose and resolve system errors should be established to provide tailor-made service and improve operational efficiency. At the same time, it is necessary to build a cooperative system to share information and promote comprehensive management for efficient operation.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.9
• /
• pp.2056-2063
• /
• 2015

Recently, as the service scale of cloud service is expanded, an anxiety due to concerns on new vulnerabilities and security related incidents and accidents are also increasing. This paper proposes a certification scheme for multiple session management of security sessions which are generated after the user authentication. The proposed session multiplexing scheme enables the independent management of security sessions in the level of virtualization (hypervisor) within the service provider. As a result of performance analysis, providing a strong safety due to session multiplexing and mutual authentication, and the superiority of performance was proven by comparing it with the existing mutual authentication encryption algorithms.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.257-266
• /
• 2009

Now a days, as increased the use of mobile units like a laptop computer and PDA, the demand for high speed internet service is increasing. On the other hand, PKMv2 which is provided from IEEE 802.16e cannot support fully on the security of high speed internet service. This paper proposes light-weight mutual authentication protocol which solved security problem of PKMv2 related to integrity of mobile node for transmission of safe high speed data of mobile node operating in mobile WiMAX environment. Proposed mutual authentication protocol increases the efficiency as the user in network can move in network safely without additional procedure of authentication between subscriber and base station after user's initial authentication. Also, the proposed mutual authentication protocol is safe from the security attack (the man-in-the-middle attack and reply attack) between subscriber and base station by generating a key adopt to PRF() function using random number and secret value in order to secure certification.

• Journal of KIISE:Information Networking
• /
• v.37 no.3
• /
• pp.187-197
• /
• 2010

The fusion stream of recent broadcasting and communication make multimedia content served in the area of broadcasting into IPTV service which transmits it through high-speed internet, cable TV net and satellite net in realtime. However, as the digital broadcasting service is extended to various media, the security of IPTV service content provided to users by service provider is not fully supported by CAS(Conditional Access System) provided by existing broadcasting system. This paper proposes interactive certification protocol which can efficiently distinguish the receiving-qualification of user between Set-Top Box and Smart Card which are parts of configurations for IPTV system. The proposed protocol uses hash function to make Set-Top Box transmit receiving-qualification about the channel fee which user pays more properly than existing protocol. Also, the proposed protocol uses session key generated between receiver and smart card through inter certification process and encrypts EMM not the service to be used by anyone illegally.

• Journal of Korea Multimedia Society
• /
• v.11 no.8
• /
• pp.1101-1110
• /
• 2008

Nespot provides a convenient wireless internet connection service. The existing IEEE 802.1X EAP-MD5 authentication mechanism can be achieved based on ID/password information for a wireless connection. The Nespot system offers an advanced accounting and authorization procedure for providing wireless user authentication mechanism. However, many problems were found on the existing Nespot EAP-MD5 mechanism such as a ill value exposure, a leakage of personal information on wireless authentication procedure and a weakness on Nespot mutual authentication mechanism. Therefore, we analyzed the limitation of the existing IEEE 802.1X EAP-MD5 certification system, and suggested a one-time session key based authentication mechanism. And then we offered a simplified encryption function on the Nespot certification process for providing secure mutual authentication process.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.7
• /
• pp.1393-1400
• /
• 2017

As the number of smartphone users increases, vulnerability to privacy protection is increasing. This is because personal information is stored on various servers connected to the Internet and the user is authenticated using the same ID and password. Authentication methods such as OTP, FIDO, and PIN codes have been introduced to solve traditional authentication methods, but their use is limited for authentication that requires sharing with other users. In this paper, we propose the authentication method that is needed for the management of shared information such as hospitals and corporations. The proposed algorithm is an algorithm that can authenticate users in the same place in real time using smart phone IMEI, QR code, BLE, push message. We propose an authentication algorithm that can perform user authentication through mutual cooperation using a smart phone and can cancel realtime authentication. And we designed and implemented a mutual authentication system using proposed algorithm.

• Journal of Digital Contents Society
• /
• v.5 no.2
• /
• pp.95-100
• /
• 2004

For improve level of information security, the necessity of evaluation and certification of Information Security System(ISS) in increasing. Evalustion and Certification Institute have evaluated ISS for risk prevention of information dysfunction in an advanced countries. But, the problem of the time and cost occurred when it is caused by with application of unlike evaluation criteria each other. The result of effort to solution, Common Criteria(CC) and Common Evaluation Methodology(CEM) is using for evaluation of ISS and mutual recognition. Evaluation participant is needed flexible and active interpretation of CC and CEM for an efficient evaluation preparation and performance.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.297-302
• /
• 2004

Internet becomes absolutely necessary tools due to rapid progress of information technology. Educational correspondence abount an age of information demand is a education focused on a learner and remote education based on information technology. WBI(Web Based Instruction) is a formation that remotly educate a learner using web, possible mutual reaction between instructor and learner, submint various studying material, has a good point to overcome spatial restriction. Internal and external standardization working is accelerated and recently XML security studies are activated using XML which is next generation web standard document format. And XML electronic signature raise interworking between digital signature systems used by various field of using XML document. Using these merit and complementing defect are main contents that users have to pay about Certification service to get CA certificate from 2004 june. This paper propose multiplex Certification remote education agent system using XML digital signature to satisfy security requirement.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.4
• /
• pp.61-68
• /
• 2011

Recently arithmetic circuit of lightweight AES symmetric key algorithm that can apply to passive tag have been developed, then security protocol of RFID system using AES symmetric encryption techniques have been proposed. This paper proposed security enhancement protocol of RFID system using lightweight AES arithmetic circuit and random number generator of passive tag. The proposed protocol have AES algorithm and random number generator at server, reader, tag, and transmit encrypted message by separate secret key using random number at each session. The mutual authentication of tag and reader used reader random number and tag random number. As a result, proposal protocol reduce authentication steps of the existing mutual authentication protocol, and reduce amount of computation of tag, and demonstrate as secure protocol to every attack type of attacker by decrease communication step of Air Zone.

• Journal of the Korean Dietetic Association
• /
• v.21 no.4
• /
• pp.333-341
• /
• 2015

This article aimed to investigate problems relating to medical tourism based on a review of medical tourism reports and statistics in the global healthcare industry. To be a leading nation in the global healthcare industry, the needs and culture of many peoples, including Muslims, should be considered. Qualified medical services by JCI certification, including nutrition services, will provide opportunities to participate in the international and Asia medical tourism markets. In this article, the definitions of medical tourism, medical service, Halal and Haram, nutrition service for inbound Muslim patients, and Halal food supply in Korea were examined for medical service improvement. Mutual assistance between the government and private enterprise, sharing of medical service information, and construction of a cooperative network system are needed and should be supported by the government.