• The Journal of Information Systems
• /
• v.10 no.1
• /
• pp.127-146
• /
• 2001

The area of business applications in the internet are extended enormously in result of fast development of computing and communication technologies, increase of internet use, and use of intranet/extranet in enterprise information system. Widely spread the use of the internet, there are various applications for Business to Business (B to B) or Business to Customer(B to C) model that are based on the intranet or extranet. This paper designed and implemented the Web-based Electronic Bidding System for Business to Business (B to B) model. The technical issues of electronic bidding system in the internet are involved in the connection between web client and server, electronic data interchange for the contract document, and security solution during the bidding and contracting processes. The web-based electronic bidding system in this paper is implemented using Java applet and servlet as a connection interface for web client and server, XML/EDI-based documents for a bid and a contract, and bidding server and notary server for enhancing the security using PKI(Public Key Infrastructure)-based public key cryptography, digital signature and Certification Authority(CA).

• Journal of the Korea Computer Industry Society
• /
• v.2 no.6
• /
• pp.845-852
• /
• 2001

Electronic commerce and application service is to universal on the internet, and a large quantity information transmitted on the network, It's needs procedure to access only permit objects for the integrity of information. In order to provide regional services is authentication for control resource and client identification. In particular, public key system is to implement in distributed environment, it is able to insurance users convenience and integrity at the same time. In this paper designed mechanism of cross certification between realms in PKI based on X.509 associated with DNS (Domain Name System) that is presented.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.4
• /
• pp.1864-1876
• /
• 2016

Card-Not-Present (CNP) transactions taking place remotely over the Internet are becoming more prevalent. Cardholder authentication should be provided to prevent the CNP fraud resulting from the theft of stored credit card numbers. To address the security problems associated with CNP transactions, the use of a virtual card number derived from the transaction details for the payment has been proposed, instead of the real card number. Since all of the virtual card number schemes proposed so far are based on a password shared between the cardholder and card issuer, transaction disputes due to the malicious behavior of one of the parties involved in the transaction cannot be resolved. In this paper, a new virtual card number scheme is proposed, which is associated with the cardholder's public key for signature verification. It provides strong cardholder authentication and non-repudiation of the transaction without deploying a public-key infrastructure, so that the transaction dispute can be easily resolved. The proposed scheme is analyzed in terms of its security and usability, and compared with the previously proposed schemes.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.1
• /
• pp.82-87
• /
• 2002

In the rapidly growing e-business area, the protection of information from hacking or tapping becomes very serious issue. Therefore, the more effective, convenient and secure methods are required to make the e-business more active. in this study, we develop the effective method of protecting digital contents on the public key infrastructure. To do this, we propose the partial encryption scheme to reduce the encryption time, and therefore, to release the server's workload. Our suggested scheme is believed to bring the strong competition to the portal service agents.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.04a
• /
• pp.1184-1189
• /
• 2000

PKI(Public Key Infrastructure)는 공개키 암호 어플리케이션에 사용되어지는 공개키의 유효성을 보장하기 위해 공개키에 대한 전자인증서의 발행과 획득, 조회, 검증을 위해 사용되는 인증서 관리 기반구조를 말한다. 본 논문에서는 인트라넷 환경에서의 PKI 응용 서비스에 적용 가능한 공개키 인증 시스템을 Linux를 기반으로 설계하고 그 prototype을 구현하였다. 인증 시스템은 Root CA와 하위 CA 및 Client로 구성되어 있고, 인증서 발행, 갱신, 폐지 등의 기능을 수행한다. 제안된 시스템의 구현 환경은 Linux를 기반으로 하는 Apache Web-Server와 암호 라이브러리는 SSL을 기반으로 하는 Openssl을 사용하였다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.3
• /
• pp.507-513
• /
• 2007

In this paper, we propose an efficient authentication protocol based on certificateless signature scheme, which does not need anyinfrastructure to deal with certification of public keys, among the vehicles in Vehicular Ad-hoc Networks. Moreover, due to the characteristicsof VANET nodes (i.e., vehicles) that is fast and movement, the proposed protocol introduces the concept of interval signing key to overcome efficiently the problem of certificate revocation in traditional Public Key Infrastructure(PKI).

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.6
• /
• pp.3299-3315
• /
• 2019

Deniable authentication (DA) is a protocol in which a receiver can generate an authenticator that is probabilistically indistinguishable from a sender. DA can be applied in many scenarios that require user privacy protection. To enhance the security of DA, in this paper, we construct a new deniable authenticated encryption (DAE) scheme that realizes deniable authentication and confidentiality in a logical single step. Compared with existing approaches, our approach provides proof of security and is efficient in terms of performance analysis. Our scheme is in an identity-based environment; thus, it avoids the public key certificate-based public key infrastructure (PKI). Moreover, we provide an example that shows that our protocol is applicable for e-voting systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.59-67
• /
• 2003

PMI(Privilege Management Infrastructure) certificates as well as Public-Key certificates must be validated before being used. Validation for a PMI certificate requires PMI certificate path validation, and PKC(Public-Key Certificate) path validations for each entity in the PMI certificate path. This validation work is quite complex and burdened to PMI certificate verifiers. Therefore, this paper suggests a delegated PMI certificate validation that uses specialized validation server, and defines a validation protocol which is used between validation server and client.

• Journal of The Korea Institute of Healthcare Architecture
• /
• v.30 no.1
• /
• pp.27-36
• /
• 2024

Purpose: The role and facilities of public health centers responsible for local health are becoming increasingly important due to recurring infectious diseases such as COVID-19. With sudden outbreaks of infectious diseases, the infrastructure of public health center facilities like screening clinics are constructed varies depending on local conditions. resulting in discrepancies between intended usage and actual usage. Establishing guidelines for infectious disease response facilities that can be efficiently used within local communities is necessary. Methods: Field surveys are conducted at 6 public health centers to gather insights into the essential rooms, circulation patterns, and key considerations for space planning in screening clinics. Results: Ten design considerations emerge from the data, including spatial requirements, circulation guidelines, and considerations for accommodating diverse user needs and local conditions. Implications: Further research is needed to translate these guidelines into prototypes of temporary facilities.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2022.05a
• /
• pp.211-211
• /
• 2022

The marketization reform from the open-door policy in 1978 was not only booming export-oriented industries with foreign investment but also expanding the role of private actors in the Chinese water sector. Private Sector Participation (PSP) has become an important element in developing urban infrastructure by providing better services with advanced facilities. The rapid development of PSP-driven urban water infrastructure in China has a positive impacted on Chinese economic development, particularly in coastal areas. PPPs in some coastal areas have successfully spread out over China since China applied the first Build-Operate-Transfer (BOT) mode in the water sector in the early 1990s. The market-oriented water and wastewater, Public-Private Partnership (PPP) mechanism in the initial period of China has been transformed into a state-dominated PPP mechanism. The development pattern of the water and wastewater PPPs in China has been divided in four stages: the first period from 1984 to 2002, the second period from 2003 to 2008, the third period from 2009 to 2014, and the last period after 2015. The study aims to investigate the successful process of water and wastewater PPPs in local areas through five socioeconomic elements: export-oriented economic strategy, urbanization, cheap land policy, infrastructure investment, and water issues and climate change. In addition, the study focuses on analyzing the extent to which the Chinese government re-asserted its control over the PPP mechanism by classifying five elements in three different development Phases from early 2000 to 2020. The Jiangsu Province in the estern coastal area has actively invited PPP projects in the water and wastewater sectors. The successful introduction and rapid growth of PPPs in the urban water infrastructure has made the province an attractive area for a foreign investor.