• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1998.12a
• /
• pp.49-65
• /
• 1998

전자문서, 전자결재, 행정 EDI 등과 같은 전자적 매체를 이용한 행정정보화를 실현하기 위한 전자정부 구축 노력이 추진됨에 따라 전자정부 환경에서 발생할 수 있는 각종 정보보호 요소들을 원천적으로 해결하기 위해 전자서명 등과 같은 공개키 기반의 암호 기술 적용이 필수적 요소로 여겨지고 있으나, 공개키 암호기술에 사용되는 암호화 키의 체계적인 관리를 위한 공개키 인증 체계(PKI) 구축에 대한 방안마련이 미흡한 실정이다 이에 본 논문에서는 전자정부 환경에서 공개키 기반 암호 기술의 효과적인 적용을 위한 공개키 인증 체계 모델과 관련 조직 체계 구성 방안에 대해 제안하고자 한다.

• Proceedings of the Korea Society for Simulation Conference
• /
• 2004.05a
• /
• pp.7-12
• /
• 2004

공개키 기반 구조(PKI; Public Key Infrastructure)에 필수적인 요소인 인증서의 상태 검증에 있어서 인증서 상태 검증 서버인 OCSP (Online Certificate Status Protocol) 서버는 실시간 상태 검증을 제공한다. 그러나, 서버와 클라이언트의 메시지 인증을 위해 전자 서명을 수행해야 하며, 이 때 사용되는 공개 암호 연산 과정의 복잡성은 동시에 많은 클라이언트의 요청이 발생할 경우에 응답 시간을 크게 지연시킨다는 단점을 가지고 있다. 본 논문에서는 이러한 문제를 해결하기 위한 인증서 상태 검증 서버의 시뮬레이션 모델을 DEVS (Discrete Event system Specification) 방법론을 이용하여 설계하였다. 이 모델은 인증서의 상태 검증을 요청하는 영역에 위치하여 해쉬 함수를 적용한 인증을 수행하도록 구성되었으며, 시뮬레이션 결과는 제시한 방법이 인증서 상태 검증 속도를 증대시켜 결과적으로 사용자의 응답 시간이 감소되는 것을 보여준다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.280-283
• /
• 2002

본 논문에서는 기존 서버 원격관리 시스템이 안고있던 보안상의 문제점을 최근에 보안 인프라로써 각광을 받고 있는 PKI(Public Key Infrastructure)를 사용한 원격 통합 서버관리 시스템을 제안하고자 한다. 통합 인증서버는 관리자의 인증을 SCVP를 사용해서 검증하며, SSL(Secure Socket Layer)을 통해서 데이터의 기밀성을 보장한다. 또한 제안된 시스템은 관리자가 다양한 종류의 플랫폼과 운영체제를 한번의 인증과정으로 원격에서 통합 관리가 가능한 SSO(Single-Sign On) 시스템이다.

• Journal of Korean Institute of Industrial Engineers
• /
• v.26 no.4
• /
• pp.411-420
• /
• 2000

Among the standards of CALS, CITIS(Contractor Integrated Technical Information Service) is a standard in information share procedure which manages all data and services occurred between a contractor and a purchaser. CITIS services have some security problems like authentication problem and repudiation problem, when they are implemented using the Internet. To solve these problems, CITIS needs a user certificate system which can allow to access important information only to qualified users. This paper proposed a PKI(Public Key Infrastructure) Certificate Authority for CITIS, and created a real User Certificate System which can be adjusted to circumstances of real CITIS.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.6
• /
• pp.845-852
• /
• 2001

Electronic commerce and application service is to universal on the internet, and a large quantity information transmitted on the network, It's needs procedure to access only permit objects for the integrity of information. In order to provide regional services is authentication for control resource and client identification. In particular, public key system is to implement in distributed environment, it is able to insurance users convenience and integrity at the same time. In this paper designed mechanism of cross certification between realms in PKI based on X.509 associated with DNS (Domain Name System) that is presented.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.5
• /
• pp.604-612
• /
• 2019

PKI Internet banking is used to have users register their public keys with the banking server together with the identity information, and verify the signature for both user and transaction authentications by using the registered public keys. Although the Blockchain-based financial systems such as Bitcoin adopt similar digital signature-based authentication scheme, there is no server that participants can register public keys with because they perform P2P payment transactions. The purpose of this paper is to identify the advantages and disadvantages of the Blockchain-based payment transactions by analyzing the differences between the most common PKI Internet banking and Blockchain payment systems. Based on the analysis, this paper suggests the issues that need to be enhanced from the aspects of architecture and security in order for Blockchain payment transaction systems to be applied universally.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.31-40
• /
• 2014

In Korea, the Public Key Infrastructure (PKI) has been introduced. For secure information transmission and identification, the electronic signature authorization system of a certificate-based is built, and then the service provide.The certificate is stored in location what users can easily access and copy. Thus, there is a risk that can be stolen by malware or web account hacking. In addition, private key passwords can be exposed by the logging tool, after keyboard security features are disabled. Each of these security weaknesses is a potential conduit for identity theft, property/asset theft, and theft of the actual certificates. The present study proposes a method to prevent the private key file access illegally. When a certificate is stored, the private key is encrypted by the dependent element of the device, and it is stored securely. If private key leakage occurs, the retrieved key could not be used on other devices.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.3
• /
• pp.163-169
• /
• 2004

In this paper, a conventional key exchange method simply performs the key exchange setup step based on discrete algebraic subjects. But the mutual-authentication procedure of wireless PKI for reducing authentication time uses an elliptical curve for a key exchange setup step. Proposed handover method shows reduced handover processing time than conventional method since it can reduce CRL retrieval time. Also, we compared proposed authentication structure and conventional algorithm. and simulation results show that proposed authentication method outperforms conventional algorithm in all environment regardless of call arrival rate. queue service rate. queue size.

• Journal of Information Technology Services
• /
• v.5 no.3
• /
• pp.173-186
• /
• 2006

The local public organizations, to secure the Confidentiality, Integrity, Authentication and Non-Repudiation of cyber administrative environment is giving it a try to consolidate the official documents among them by standardizing all the documents into XML formats together with the establishment of the GPKI(Government Public Key Infrastructure). The Authentication System based on the PKI(Public Key Infrastructure) used by the GPKI, however, provides only the simple User Authentication and thus it results in the difficulty in managing the position, task, role information of various users required under the applied task environment of public organizations. It also has a limitation of not supporting the detailed access control with respect to the XML-based public documents.In order to solve these issues, this study has analyzed the security problems of Authentication and access control system used by the public organizations and has drawn the means of troubleshoot based on the analysis results through the scenario and most importantly it suggests the access control model applied with PMI and SAML and XACML to solve the located problem.

• Convergence Security Journal
• /
• v.12 no.6
• /
• pp.39-50
• /
• 2012

Battlefield management systems are operated by the Public Key Infrastructure (PKI) and cryptographic equipment is distributed through the personal delivery to the enemy has deodorizing prone to structure. In addition, Per person each battlefield management system (C4I) encryption key operate and authentication module to manage multiple encryption so, encryption key operating is restrictions. Analysis of the problems of this public key infrastructure(PKI), Identity-Based Cryptosystem(IBC) and Attribute-Based Cryptosystem(ABC) to compare construct the future of encrypt ion and authentication system were studied. Authentication method for the connection between the system that supports data encryption and secure data communication, storage, and communication scheme is proposed.