• Journal of Korea Multimedia Society
• /
• v.4 no.6
• /
• pp.562-569
• /
• 2001

IMT-2000 mobile system will provide many application services such as mobile internet, wireless electronics commerce applications using air interface with high data rate. These applications require high data integrity, data confidentiality, user authentication, user identity confidentiality and non-repudiation. In this study, we analyze air interface performance for network access security services in IMT-2000 mobile systems. Signal traffic for network access security services requires 0.2kbps ∼ 4.5kbps with the conditions of 246∼768bits/message, 0.2 ∼ 1.0 basic service/sec and the security services of the rate of 0.2∼ 1.0 times compared with basic services.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.8
• /
• pp.1762-1767
• /
• 2005

PKI provides good resolutions for the authentication of user in the situation not to meet each other, but it is not enough to provide the resolution of authorization in distributed computing environments. Especially, we offer a variety forms of the user Authentication, the Integrity and a security service of the Non-Repudiation, but an authorization Policy, because of the complexity with a lot of information, using m understandable XML, makes a simple and easy certificate to read, and we get the information from DOM fee and do a XML analysis and stardardized-method usage easily In this paper, we provide the AAS model being able to use with the solution of the distributed users' authorization, and we implement an authorization policy module, using XML. in the Linux-based Apache Web server.

• The KIPS Transactions:PartC
• /
• v.10C no.4
• /
• pp.405-412
• /
• 2003

As the XML is approved standard language by the UN, the progress which complemented the XML security has being processed rapidly. In this paper, we design and implement the "XML-Signcryption" as a security mechanism to protect the XML document that can operate between other platforms. The signature and encryption which is the standard specification in W3C needs to be able to proceed them separately. Generally the signature and encryption require four times modular exponential operation, however the signcryption only needed three times modular exponential operation. This will benefit overall system effectiveness in terms of cost. And this scheme offers to convenient the user, because the signature and encryption implement as a single XML format. This tool can save the parsing time as a number of tags is few within a document. And also, in this paper, based on a research of Web Services security, we can apply XML-Signcryption to the SOAP message to provide the security services. Based on the XML-Signcryption scheme which provides confidentiality, integrity, authentication and non-repudiation to the XML document and Web Service security simultaneously.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.10a
• /
• pp.635-638
• /
• 2018

The Cost for introducing smart factory will decrease and the service type will change from a large scale to small quantity manufacturing, when 3D printing technologies have actively applied and smart factory related technologies have more stably developed. If customers have to provide private information, the availability of developed technology may cause slow progress. We propose a new protocol for custom manufacturing service of smart factory. The proposed approach is designed for smart contract based IoT convergence network. We analyzed the requirements of the proposed approach which provides anonymity, privacy, fairness, and non-repudiation. We compared it with closely related studies to show originality and differences.

• Journal of Convergence Society for SMB
• /
• v.6 no.2
• /
• pp.19-24
• /
• 2016

A Study on the Information Security System of Fin-Tech Business In traditional electronic commerce, there have not been severe issues of trading information through documents in paper or the closed EDI. The scale of e-commerce has increased as internet develops, however, turning to the online e-commerce, which caused a number of issues such as authentication, information forgery, and non-repudiation between the parties. To prevent conflicts from such troubles and perform the post management, security technologies are applied throughout the process of e-commerce, certificates intervening. Lately, meanwhile, FinTech has been creating a sensation around the mobile payment service. Incidents of information leakage from card corporations and hackings imply the need of securing safety of the financial service. Development and evolution of FinTech industry must be accompanied by information protection. Therefore, this research aims to inquire into the information security system of leading FinTech company in a foreign country.

• Journal of Communications and Networks
• /
• v.11 no.6
• /
• pp.574-588
• /
• 2009

Although much research has been conducted in the area of authentication in wireless networks, vehicular ad-hoc networks (VANETs) pose unique challenges, such as real-time constraints, processing limitations, memory constraints, frequently changing senders, requirements for interoperability with existing standards, extensibility and flexibility for future requirements, etc. No currently proposed technique addresses all of the requirements for message and entity authentication in VANETs. After analyzing the requirements for viable VANET message authentication, we propose a modified version of TESLA, TESLA++, which provides the same computationally efficient broadcast authentication as TESLA with reduced memory requirements. To address the range of needs within VANETs we propose a new hybrid authentication mechanism, VANET authentication using signatures and TESLA++ (VAST), that combines the advantages of ECDSA signatures and TESLA++. Elliptic curve digital signature algorithm (ECDSA) signatures provide fast authentication and non-repudiation, but are computationally expensive. TESLA++ prevents memory and computation-based denial of service attacks. We analyze the security of our mechanism and simulate VAST in realistic highway conditions under varying network and vehicular traffic scenarios. Simulation results show that VAST outperforms either signatures or TESLA on its own. Even under heavy loads VAST is able to authenticate 100% of the received messages within 107ms. VANETs use certificates to achieve entity authentication (i.e., validate senders). To reduce certificate bandwidth usage, we use Hu et al.'s strategy of broadcasting certificates at fixed intervals, independent of the arrival of new entities. We propose a new certificate verification strategy that prevents denial of service attacks while requiring zero additional sender overhead. Our analysis shows that these solutions introduce a small delay, but still allow drivers in a worst case scenario over 3 seconds to respond to a dangerous situation.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.4 s.42
• /
• pp.155-164
• /
• 2006

VoIP technology is Eight New Services among Ubiquitous-IT839 strategies. This paper tested wiretapping or VoIP service in connected a soft phone and LAN and WAN sections, Internet telephones and a device. IP PBX, a banner operator network to have been connected to VoIP Internet network. As a result of having experimented on wiretapping of VoIP networks, Vulnerability was found. and a wiretapping by attacks of a hacker was succeeded in a terminal and proxy and attachment points of a VoIP network like a hub to follow a CVE list. Currently applied a security plan of an each wiretapping section in viewpoints of 6 security function of Access Control. Confidentiality, Authentication. Availability, Integrity. Non-repudiation in VoIP networks named to 070. Prevented wiretapping of contents by the results, the AES encryption that executed wiretapping experiment about a packet after application of a security plan. Prevented wiretapping, and kept security and audit log. and were able to accomplish VoIP information protection to network monitoring and audit log by an access interception and qualification and message hash functions and use of an incoming refusal.

• Journal of Korea Society of Industrial Information Systems
• /
• v.8 no.1
• /
• pp.43-54
• /
• 2003

E-Commerce, characterized by the exchange of message, occurs between individuals, organizations, or both. A critical promotion factor of e-Commerce is message authentication, the procedure that allows communicating parties to verify the received messages are authentic. It consists of message unforgery, message non-repudiation, message unalteration, and origin authentication. It is possible to perform message authentication by the use of public key encryption. PGP(Pretty Good Privacy) based on X.400 MHS(Message Handling System) and PKC(Public Key Cryptosystem) makes extensive use of message exchange. In this paper we propose, design and implement NMAP(New Message Authentication Protocol), an applied public information based encryption system to solve the message authentication problem inherent in public key encryption such as X.400 protocol and PGP protocol and were to cope with the verification of NMAP using fuzzy integral. This system is expected to be use in the promotion of the e-Commerce and can perform a non-interactive authentication service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.7 no.2
• /
• pp.107-122
• /
• 1997

Most of the currently used electronic mail system has the threat of security such as illegal leak of message, forgery, uncertain identity, denial of sending and receiving, and so forth. The security for this system is not satisfied yet, thus we explore these problems. In this thesis, we implement the security services for internet mail system which cover the weakness for traditional mail system. This system provides not only security services which PEM and PGP provides (i.e message confidentiality, message integrity, originator authentication, non-repudiation of origin), but also message replay prevention. and non-denial of recipient using certification of contents. In addition, this system increases security of the digital signature by signing with signature block formatting on the creation of it. And it increases security of the digital enveloping by encrypting with encryption block formatting of message encryption key.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.3
• /
• pp.1428-1438
• /
• 2013

Services take place in Internet environment, a formation of the trust relationship between user and service provider for services. Different authentication schemes such as using Certificate of Public Key Infrastructure authentication and using ID/PW for a simple user authentication have been proposed for trust relationship. In addition, in the case of electronic financial transactions, transaction integrity and non-repudiation features are provided. These services are provided in Internet environment, use various measures to ensure service safety. However, it was difficult to prevent attacks using existing security technology because of emergence of MITB attack that manipulate the memory area of the Web browser and social engineering attacks such as phishing/pharming, requires application of new security technologies became. In this paper, we propose a concept of smart secure-pad, and utilize it safely formed a trust relationship between user and service provider, a model has been proposed to ensure safety of data transmission. Proposed model's security evaluation results show security against to MITB attack and phishing/pharming that can't be prevent attack using existing security technology. In addition, service provider can easily apply the model in safe environment can provide Internet service using provided representative services applying the proposed model.