• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.69-76
• /
• 2010

public certification is some kind of electric ID which can prove the valid user, based on open KEY. usually it had been used in the field of government complaint, e-commerce, financial. but recently it expands the its use range through computerization of work process of diversity fields such as e-sports, property, medical industry. because of this reason, importance for user certificate process is gradually rose. The purpose of this paper is looking at the method for user certification of public certificates and draw a way for enforce the user certification process by Vulnerability Analysis. To draw the alternative we study the Authentication Principle and policy structure of public certification system by researching references, has drew the limitation for policy of certification. we provide the guideline to enforce the user certification through conclusion which has been drew from previous step.

• Journal of the Semiconductor & Display Technology
• /
• v.18 no.1
• /
• pp.74-78
• /
• 2019

As software becomes larger and network technology develops, the management of distributed data becomes more popular. Therefore, it is becoming increasingly important to use blockchain technology that can guarantee the integrity of data in various fields by utilizing existing infrastructure. Blockchain is a distributed computing technology that ensures that servers participating in a network maintain and manage data according to specific agreement algorithms and rules to ensure integrity. As smart contracts are applied, not only passwords but also various services to be applied to the code. In order to reinforce existing research on smart contract applied to the blockchain, we proposed a dynamic conditional rule of smart contract that can formalize rules of smart contract by introducing ontology and SWRL and manage rules dynamically in various situations. In the previous research, there is a module that receives the upper rule in the blockchain network, and the rule layer is formed according to this module. However, for every transaction request, it is a lot of resources to check the top rule in a blockchain network, or to provide it to every blockchain network by a reputable organization every time the rule is updated. To solve this problem, we propose to separate the module responsible for the upper rule into an independent server. Since the module responsible for the above rules is separated into servers, the rules underlying the service may be transformed or attacked in the middleware. Therefore, the security mechanism using TLS and PKI is added as an agent in consideration of the security factor. In this way, the benefits of computing resource management and security can be achieved at the same time.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.4
• /
• pp.13-23
• /
• 2004

Proxy signature scheme based on delegation of warrant is studied in these days. Proxy signature is a signature scheme that the original signer delegates his signing warrant to the proxy signer, and the proxy signer creates a signature on behalf of the original signer. For using this scheme, the security for Protecting from the forgeability or misuse is necessary. There are several security requirements for using the proxy signature schemes. In this paper we suggest the proxy-register protocol scheme that original signer registers to the verifier about the proxy related information. In our scheme, verifier verifies the signature that original signer creates about the proxy information and sets the warrant of proxy signer, validity period for proxy signature and some limitation. Finally, we will show the advantages of our suggestion by comparing with the previous proxy signature schemes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.91-103
• /
• 2004

The survey of network firewall system has been focused on the deny policy that protects information from the unlicensed and the intrusion detection system. Government has solved several firewall problems as building the intranet separated from the intranet. However, the new firewall system would been satisfied both the denialpolicy and information share with the public, according as government recently emphasizes electronic service. Namely, it has to provide the functions such as the information exchange among divisions, partial share of information with the public, network connection and the interception of illegal access. Also, it considers the solution that protects system from hacking by inner user and damage of virus such as Worm. This Paper suggests the protects information system using the intrusion prevention system and role-based security policy to support the partial opennessand the security that satisfied information share among governments and public service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.131-136
• /
• 2007

Ad hoc networks enable efficient resource aggregation in decentralized manner, and are inherently scalable and fault-tolerant since they do not depend on any centralized authority. However, lack of a centralized authority prompts many security-related challenges. Moreover, the dynamic topology change in which network nodes frequently join and leave adds a further complication in designing effective and efficient security mechanism. Security services for ad hoc networks need to be provided in a scalable and fault-tolerant manner while allowing for membership change of network nodes. In this paper, we investigate distributed certification mechanisms using a threshold cryptography in a way that the functions of a CA(Certification Authority) are distributed into the network nodes themselves and certain number of nodes jointly issue public key certificates to future joining nodes. In the process, we summarize one interesting report [5] in which the recently proposed RSA-based ad hoc signature scheme, called URSA, contains unfortunate yet serious security flaws. We then propose new scheme by fixing their security flaws.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.347-355
• /
• 2012

A biometric hardware security module is a physical device that comes in the form of smartcard or some other USB type security token is composed with biometric sensor and microcontroller unit (MCU). These modules are designed to process key generation and electronic signature generation inside of the device (so that the security token can safely save and store confidential information, like the electronic signature generation key and the biometric sensing information). However, the existing model is not consistent that can be caused by the disclosure of an ID and password, which is used by the existing personal authentication technique based on the security token, and provide a high level of security and personal authentication techniques that can prevent any intentional misuse of a digital certificate. So, this paper presents a model that can provide high level of security by utilizing the biometric security token and Public Key Infrastructure efficiently, presenting a model for privacy preserving personal authentication that links the biometric security token and the digital certificate.

• Journal of Biomedical Engineering Research
• /
• v.24 no.6 s.81
• /
• pp.533-541
• /
• 2003

In the paper. the health card system to integrate several cards into one card for protecting patient's privacy and security problems is proposed. Firstly, it is defined the minimal data set for integrating several patient cards into one card using IC card, and developed the issuing system to issue the integrated patient IC card. In order to secure and certificate a patient's personal information. the integrated patient IC card has applied 3-DES and the PKI certificate authority based Windows 2000 is established. The receipt and reservation system for taking care of a healthcare has developed to cooperate with the existing hospital computer system. The integrating patient IC card system proposed in this paper is implemented to 11 hospitals and used for 1.000 patients. On the result of the simulation. the proposed system can receive or reserve for a patient to take care of healthcare in the simulated hospitals and also establish the basis of the mechanism to share a medical information.

• International Commerce and Information Review
• /
• v.13 no.4
• /
• pp.51-79
• /
• 2011

Korea has accomplished the establishment of the National Single Window for Paperless Trade. Since 1991, it has developed Trade Automation Service System based on EDI technology. In 2003, Korean government and private sectors jointly began to set up National Paperless Trade Service( e-Trade Service) as one of the e-government projects. In 2008, they commenced the uTradeHub Service which was equipped with Internet based e-B/L and e-Nego service systems for the first time in the world To facilitate the service Korea amended its e-Trade facilitation Act and Law by 2007. At the end of 2011, Korea historically recorded its trade volume of 1 trillion US dollars and joined '$1 trillion trade club' as the 9the member country since the country had started international trade less than five decades ago. A rolling out of the e-B/L and e-Nego service will 'ally reduce the transaction costs of trading businesses and accelerate the activation e-trade services. The purposes of the study are to examine 'e-B/L Korea' service and its facilitation strategies as well as identify obstacles to utilize the 'e-B/L Korea' service. The paper reviewed and analyzed Korea's Paperless trade system and distinctive characteristics of the 'e-B/L Korea Service. Parts of the fOWld distinctive characteristics of the Korea's e-B/L service are as follows; It is well equiped with IT and legal system. It also has more that 30,000 potential users who are already uTradeHub service users. The paper indicated several weaknesses of the current system such as global KPI issues, circulation of the electronic documents not only in the domestic market but also among economies, development of the electronic Bill of Exchange. As resolution measures, the paper recommended the introduction of mutual recognition system of PKI among trade partner counties, setting up e-trade solution for small and medium companies, and special attention to raise users' awareness of the e-B/L service.