• Journal of the Korean Data and Information Science Society
• /
• v.28 no.1
• /
• pp.163-171
• /
• 2017

With the advance of function of smart phone system and internet services, mobile trade grows more popular in the area of e-business or banking. These environmental changes, it makes the needs of authorized certificates. Authorized certificate is not only important in these days but also future society. In 2015, 27 millions of Korean people used public key certificate, but most of them does not know the details on the public key certificate. Therefore, in this paper, we explain and investigate the characteristics on the public certificate and explain the relation ship between authorized certificate and public key encrytion. By investigating several papers, internet data, newspapers and books, we found the historical changes, substantial aspects, the encryption systems on the authorized certificate. Also we study the pros and cons of authorized certificate. Finally we predict the number of issued authorized certificate for the future society based on nonparametric statistical method.

• International Commerce and Information Review
• /
• v.6 no.1
• /
• pp.191-210
• /
• 2004

There are increasing needs for an individual or enterprise to interchange documents electronically through communication network to enhance the efficiency of business, owing to rapid process of transactions. But e-commerce encounters the problems regarding the handling the electronic documents, that is to say, deposit and proof of the electronic documents. This paper deals with Authorized Electronic Data Depot as an integrated system for processing, relaying and proving documents that. Authorized Electronic Data Depot operates as e-enabler in exchanging documents in trust among administrative agencies and a comprehensive government directory, digital government seal certification system and DNS system. Authorized Electronic Data Depot leads public and private sectors to save the paper-related costs. But the regulations concerning an authorized electronic data depot is introduced in the course of revision of Electronic Transactions Act. The purpose of this paper is to suggest some guidelines in legalizing the authorized electronic data depot.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.7
• /
• pp.2703-2718
• /
• 2015

Nowadays, public cloud storage is gaining popularity and a growing number of users are beginning to use the public cloud storage for online data storing and sharing. However, how the encrypted data stored in public clouds can be effectively shared becomes a new challenge. Proxy re-encryption is a public-key primitive that can delegate the decryption right from one user to another. In a proxy re-encryption system, a semi-trusted proxy authorized by a data owner is allowed to transform an encrypted data under the data owner's public key into a re-encrypted data under an authorized recipient's public key without seeing the underlying plaintext. Hence, the paradigm of proxy re-encryption provides a promising solution to effectively share encrypted data. In this paper, we propose a new certificate-based proxy re-encryption scheme for encrypted data sharing in public clouds. In the random oracle model, we formally prove that the proposed scheme achieves chosen-ciphertext security. The simulation results show that it is more efficient than the previous certificate-based proxy re-encryption schemes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.2
• /
• pp.83-92
• /
• 1999

Cryptography techniques can prevent eavesdroppers from maliciously intercepting or modifying sensitive information. however misuses of encryption may cause other problems First if the encryption key is lost or damaged even an authorized access to the original data will be denied. Second criminals can prevent authorized law enforcement officers from examining the necessary information by using the strong encrypted data can provide solutions for the situations. In this paper we propose a new key escrow system based on the ElGamal cryptosystem. Our system provide time-bound eavesdropping under court authorized permission protect from trustee's cheating and prevent user's shadow public key generation.

• Journal of Engineering Education Research
• /
• v.12 no.1
• /
• pp.3-16
• /
• 2009

The purpose of this study is to prepare diverse measures to enhance the utilization of national authorized qualification. The detail objectives of this study are first, to re-establish the utilization scope and range of national authorized qualification through analysis of advance research and theory in various fields of learning on the function of qualification; and second, to set the direction to strengthen the utilization of national authorized qualification. Based on discussions on the various fields of learning on the function of qualification, this study divided the utilization scope of qualification into personal utilization for the benefit of the qualification acquirer him or herself and public utilization for the social and economic benefits. And according to this distinction, we prepared measures to strengthen the utilization of national authorized qualification. First of all, as a way to strengthen personal utilization of the national authorized qualification, we prepared measures to enhance accessibility and facilitate further improvement. As a means to enhance accessibility, we proposed restriction on setting the application condition, diversification of qualification authorization method, facilitation of partial qualification system and minimization of expense required to acquire qualification. Also for the further improvement, we proposed creation of job-level centered grade system and development of job-level centered qualification item by stage. For strengthening the public utilization of national authorized qualification, we come up with ways of strengthening flexibility, transparency, public trust and compatibility. As a way to strengthen flexibility, we proposed establishment of qualification demand monitoring system, expansion of direct participation of users on qualification management, establishment of qualification expiration period and its renewal. For the strengthening of transparency, we proposed to build general qualification information system and to utilize qualification recommendation system. To strengthen public trust, we proposed to strengthen the management of qualification management regulation, secure independency, establish internal audit system and strengthen post management of national authorized qualification. And lastly, we suggested that compatibility comparison standard between qualification and qualification level standard be developed for the strengthening of compatibility.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.44 no.1
• /
• pp.51-59
• /
• 2021

Electronic document communication based on a digital channel is becoming increasingly important with the advent of the paperless age. The electronic document based on PDF format does not provide a powerful customer experience for a mobile device user despite replacing a paper document by providing the content integrity and the independence of various devices and software. On the other hand, the electronic document based on HTML5 format has weakness in the content integrity as there is no HTML5 specification for the content integrity despite its enhanced customer experience such as a responsive web technology for a mobile device user. In this paper, we design the Document-HTML, which provides the content integrity and the powerful customer experience by declaring the HTML5 constraint rules and the extended tags to contain the digital signature based on PKI. We analyze the existing electronic document that has been used in the major financial enterprise to develop a sample. We also verify the Document-HTML by experimenting with the sample of HTML electronic communication documents and analyze the PKI equation. The Document-HTML document can be used as an authorized electronic document communication and provide a powerful customer experience in the mobile environment between an enterprise and a user in the future.

• Journal of Internet Computing and Services
• /
• v.18 no.2
• /
• pp.1-11
• /
• 2017

There are two kinds of wireless network access to a certain place by using smart devices - 1) open (anonymous) - access and 2) user-authorized access. The open-access is a non-authorization connection method which does not need to require Smart device's user authorized information. It means open-access use only user's SSID (Service Set Identifier) information to access the wireless AP devices following public wireless network standard. This access mechanism is not suitable to use all of public wireless networks because users have to get all wireless network information around them. As a result, huge data for smart devices should be one of the most critical overload problems for them. Secondly, the user-authorized access method uses wireless network information (SSID and password) chosen by the users. So, the users have to remember and use the network access information data manually whenever accessing the network. Like open-access, this access method also has the operational and inconvenient problem for the users - manually inputting access information whenever connecting to the network. To overcome this problem in both schemes, we propose two improved wireless network access methods: 1) the implementation of automatic AP connection mechanism using user-authorization and iBeacon messages, and 2) SSID registration form for public wireless networks.

• The KIPS Transactions:PartA
• /
• v.10A no.5
• /
• pp.433-438
• /
• 2003

To provede public services through Internet, there are several prerequisites such as security issue resolutions for public area installation and hardware support for authorized signatures etc. in addition to web-based system development. A kiosk-based system is a right solution for public services provision through Internet because a kiosk has hardware features supporting authorized signatures and also it can be installed at public area through Internet without security exposure, meeting security guidelines of National Intelligence Service. The process to provide public services through a koisk is that a client requests a kind of public services selecting menu through the kiosk, then the system issues a civil service documents after taking authentification and payment process. To support those kinds o processes it is required to support electronic payment using SMART card in addition to cash payment and to apply government standard security guidelines to protect administrative and personal information. This kiosk-based Internet public service system support and meet those all requirements.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.1
• /
• pp.302-322
• /
• 2021

In the system of ciphertext policy attribute-based encryption (CP-ABE), only when the attributes of data user meets the access structure established by the encrypter, the data user can perform decryption operation. So CP-ABE has been widely used in personal health record system (PHR). However, the problem of key abuse consists in the CP-ABE system. The semi-trusted authority or the authorized user to access the system may disclose the key because of personal interests, resulting in illegal users accessing the system. Consequently, aiming at two kinds of existing key abuse problems: (1) semi-trusted authority redistributes keys to unauthorized users, (2) authorized users disclose keys to unauthorized users, we put forward a CP-ABE scheme that has authority accountability, user traceability and supports arbitrary monotonous access structures. Specifically, we employ an auditor to make a fair ruling on the malicious behavior of users. Besides, to solve the problem of user leaving from the system, we use an indirect revocation method based on trust tree to implement user revocation. Compared with other existing schemes, we found that our solution achieved user revocation at an acceptable time cost. In addition, our scheme is proved to be fully secure in the standard model.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.109-112
• /
• 2021

The article considers the state of legislation that regulates the use of public methods of obtaining information by authorized state bodies. The correlation of public investigative (search) actions with operative-search measures as concepts denoting the application of public methods of obtaining information has been studied. In addition, it argues the need for more detailed delineation and legislative regulation of public investigative (search) actions and operational and investigative measures at the legislative and departmental levels. The purpose of the article is to analyze certain provisions of the Law of Ukraine "On operational and investigative activities" to identify inconsistencies in the content of the text of the law in order to correct and prevent ambiguity in the theory and practice of law enforcement.