• Journal of Digital Convergence
• /
• v.14 no.5
• /
• pp.341-348
• /
• 2016

Because VPN(Virtual Private Network) uses internet network, the security technique should support it and evaluation technique based on standard should support it. Therefore the method should be organized that can evaluate the security of VPN based on the related standard. In this study, we intended to construct the security evaluation model through combining CC(Common Criteria) which is a evaluation standard and a part of security(Confidentiality, Integrity, Non-repudiation, Accountability, Authenticity) evaluation of ISO which is the standard of software quality evaluation. For this, we analyzed the quality requirements about intra-technology and security of VPN and constructed the evaluation model related to the quality characteristics of two international standard. Through this, we are able to construct a convergence model for security evaluation of VPN. Through accumulating the evaluation practices for VPN in the future, the suitability and validity of the evaluation model must be improved.

• The Research Journal of the Costume Culture
• /
• v.6 no.2
• /
• pp.109-126
• /
• 1998

The purpose of this study was to analyze the expressional characteristics of the machine aesthetics in the fashion design. First, this study was started from analyzing mechanical beauty represented on the early 20th century art style. Machine aesthetics has influenced on the art and fashion design from modern to now. Futurism was grounded in the complete renewal of human sensibility brought about by the great discoveries of science. Especially, Russia avant-garde was inspired by the Futurism, that is Rayonism, Constructivism, Suprematism. Kasimir Malevich moved on immediately to purely abstract paintings of which the first was a black square on a white canvas. He had begun the art he called 'Suprematism'. Malevich's geometry was funded on the straight line, the supremely elemental form which symbolized man's ascendancy over the chaos of nature. The square was the basic suprematist element and was a repudiation of the world of appearances, and of past art. He repudiated any marriage of convenience between the artist and the engineer. Vladimir Tatlin made some of the most revolutionary works of modern art, these were the first works to be called 'construction'. Constructivists believed that the essential conditions of the machine and the consciousness of man inevitably create an aesthetic which would reflect their time. They eulogized simple shapes. That believed that buildings and objects should be freed from the ornamental excrescences and the accumulated barnacles of past art. Consequently, under the theoretical background, the result is as follows. First, The functional formativeness of machine aesthetics was expressed as a geometrical silhouette, construction line, non-ornamental construction, simple color in the 20th century design. Second, The mechanical formativeness of machine aesthetics was expressed as a construction of new material-iron, aluminium, plastic, glass-, geometrical form of material in he 20th century design. That is, machine beauty has more concerned with the expressional ideology of the art style and the formativeness of fashion design by silhouette, construction line, material, form.

• Convergence Security Journal
• /
• v.4 no.2
• /
• pp.35-41
• /
• 2004

Proxy signature scheme based on delegation of warrant is studied in these days. Proxy signature Is a signature scheme that the original signer delegates his signing warrant to the proxy signer, and the proxy signer creates a signature on behalf of the original signer. For using this scheme, the security for protecting from the forgeability or misuse is necessary. There are several security requirements for using the proxy signature schemes. In this paper we suggest the proxy-register protocol scheme that original signer registers to the verifier about the proxy related information. In our scheme, verifier verifies the signature that original signer creates about the proxy information and sets the warrant of proxy signer, validity period for proxy signature and some limitation. Finally, we will show the advantages of our suggestion by comparing with the previous proxy signature schemes.

• Journal of KIISE
• /
• v.41 no.11
• /
• pp.982-991
• /
• 2014

The integrity assurance of recorded video by car black boxes are necessary as the car black box is becoming more popular. In this paper, we propose a video data integrity assurance scheme reflecting the features of car black box. The proposed method can detect any kind of deletion, insertion, modification of frames by cyclic chaining using inter block relation. And, it provides the integrity assurance function consistently even in cases of file overwriting because of no more free space in storage, partial file data lost. And non-repudiation is supported. Experimental results with a car black box embedded system with A8 application processor show that our method has a feasible computational overhead to process full HD resolution video at 30 frames per second in a real time.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.817-820
• /
• 2003

With a great improvement of computers and Network communication skills, we can exchange information quickly. There have been many researches on the subject how to guarantee the information security by security mechanism and cryptography schemes. Nowadays, many people in this area show their interest in money transfer systems between accounts, which can provide a secure mechanism in which people can send money to the legitimate party or person safe. However, we have teamed many ways to distort messages and repudiate the malicious activity in mail systems based on SSL mechanism. It is very likely that important information which must be kept in secret is laid exposed to un_authorized user. Accordingly, to provide stronger security service, researches on electronic payment system which tan guarantee the security characteristics such as confidentiality, integrity, user authentication, Non-repudiation, are strongly needed. In this paper, we analize the characteristics of the previous researches in this field, and also propose a securer electronic payment system based on ECC algorithm.

• The KIPS Transactions:PartD
• /
• v.10D no.3
• /
• pp.559-566
• /
• 2003

As cell phone and PDA have been in common use recently, there is a growing tendency to utilize the mobile terminals for M-Commerce. The information security and the receipt of e-trade are very important to support reliable digital transactions in wireless environment as in wired environment. Even though some work such as WML digital signature and WPKI has been studied for M-Commerce, there are several problems on the aspects of the functional limitation of the mobile terminals and the unsecure data transformation of WAP gateway. In this study we have designed and implemented a prototype system of issuing and verifying the electronic receipt that guarantees authentication, data integrity and non-repudiation for secure mobile e-commerce. Moreover, we have enhanced the system performance by letting the trusted independent server verify and manage the electronic receipt.

• The Journal of the Korea Contents Association
• /
• v.14 no.12
• /
• pp.565-573
• /
• 2014

We have various e-commerce like on-line banking, stock trading, shopping using a PC or SmartPhone. In e-commerce, two parties use the certificate for identification and non-repudiation but, the attack on the certificate user steadily has been increasing since 2005. The most of hacking is stealing the public certificate and private key files. After hacking, the stolen public certificate and private key file is used on e-commerce to fraud. Generally, the private key file is encrypted and saved only with the user's password, and an encrypted private key file can be used after decrypted with user password. If a password is exposed to hackers, hacker decrypt the encrypted private key file, and uses it. For this reason, the hacker attacks user equipment in a various way like installing Trojan's horse to take over the user's certificate and private key file. In this paper, I propose the management method to secure private key of PKI using One Time Password certification technique. As a result, even if the encrypted private key file is exposed outside, the user's private key is kept safely.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.16
• /
• pp.183-203
• /
• 2001

To accomplish international electronic commerce via the Internet, the most serious dilemma is the international payment system. The BBL is a secure and effective electronic commerce framework for the replacement of traditional paper documents by electronic messages via the Internet providing significant benefits in terms of cost savings, improved logistics and reduced errors in documentation. The most important legal obstacles in the BBL are how to secure authenticity, non-repudiation and message integrity as well as the status of negotiability equivalent to paper B/L. These kinds of functions may be carried out through the electronic title registry of the Bolero International Limited. The technical structure is supported contractually by the Bolero Rulebook. And other documents except B/L can be made out without any legal or technical problems. What are the handicaps of the BBL in its practical use at this time? I can summarize the current and expected problems as follows: First, the fee to join Bolero Association Limited is burdensome to sellers, buyers and trade related organizations all over the world. Second, the liability in errors or defaults in operating central data registry of Bolero International Limited is limited to U.S.$100,000. The amount is not sufficient to the many bulk cargo owners to cover the damages. Third, businessmen are used to traditional paper documents; therefore it takes much time for them to change their customs and practices. So the BBL and traditional papers would be used simultaneously for the time being. Finally, it is very important to incorporate the Rulebook, a multilateral contract binding on all users signed, in each domestic law, which will accomplish the uniform law basis.

• The Journal of the Korea Contents Association
• /
• v.5 no.3
• /
• pp.9-17
• /
• 2005

Recently, there are rapid development of information and communication technology and rapid growing of e-business users. We propose a method for security problem on the internet environment which changes from wire internet to wireless internet or wire/ wireless internet. Wireless e-business adopts credit card WPP protocol and AIP protocol proposed by ASPeCT. WAP, one of the protocol used by WPP has weakness of leaking out information from WG which connected wire and wireless communication. Certification chain based AIP protocol requires a lot of computation time and user IDs are known to others. We propose a Micro-Payment protocol based on credit card. Our protocol use the encryption techniques of the public key with ID to ensure the secret of transaction in the step of session key generation. IDs are generated using ECC based Weil pairing. We also use the certification with hidden electronic sign to transmit the payment result. The proposed protocol also solves the privacy protection and Non-repudiation problem.

• The KIPS Transactions:PartC
• /
• v.14C no.7
• /
• pp.545-552
• /
• 2007

P3P(Platform for Privacy Preference) that is used in the World Wide Web is a standard to define and negotiate policies about definition, transmission, collection, and maintenance of personal information. Current P3P standard provides methods that define client personal information protection policy and P3P policy associated with web server. It also provides a method that compares these two policies. The current P3P standard, however, does not handle detail functions for safe transmission of the personal information and data. Also, it does not handle problems that can be induced by the detail functions. In this paper, in order to solve these problems, we propose a Secure P3P(S-P3P) protocol, which is a security protocol for the current P3P standard, offers mutual authentication between the web server and the client, and guarantees integrity and confidentiality of the messages and data. Furthermore, a S-P3P protocol provides non-repudiation on transmission and reception of personal information that is transmitted from the client to the web server.