• Journal of the Korean Society of Marine Environment & Safety
• /
• v.23 no.7
• /
• pp.834-846
• /
• 2017

An increase in the number of retiring experienced pilots as well as drastic graying of new pilots will raise the problems on deepening imbalance of supply and demand of pilots over the next 7 years, which could entail fatal problems for the safety of harbour pilotage. In this study, the improvement plan of legal system to ease imbalance between supply and demand of pilots and help secure more experienced pilots has been proposed. A current state survey and analysis, statistical analysis, questionnaire survey on foreign countries, in-depth consultation with experts, etc., were all carried out to support this research. The conclusions of this study are, firstly, to propose an amendment that the minimum requirement of 5 years of seagoing service as a master to sit for the pilot exam should be relaxed to 2 years(which must include at least 1 year of master's seagoing service within the most recent 5 years) but the minimum requirement of 1 year of pilotage service should be reinforced to 1 year and 6 months to obtain a higher class of pilot certificate. Secondly, it is proposed that an amendment offering an additional 1 point per year over the minimum period of 2 years of seagoing service as a master should be added, with a maximum of 10 points in order to rationalize the additional incentive point system. In order to secure experienced pilots and resolve the legal conflict between the certificate revalidation system and the retirement system, it is also proposed that an amendment be passed revoking the retirement system and limiting the validity of any new certificates only to 68 years of age when issuing or revalidating a certificate, if an applicant is over a certain age. Promotional work, such as collecting opinions from interested parties and generating positive public awareness, should be carried out in the future. It will also be necessary to conduct a study on the training pilot exam system.

• Journal of Internet Computing and Services
• /
• v.13 no.2
• /
• pp.59-71
• /
• 2012

PKI-based public key scheme is outstanding in terms of authenticity and privacy. Nevertheless its application brings big burden due to the certificate/key management. It is difficult to apply it to limited computing devices in WSN because of its high encryption complexity. The Bilinear Pairing emerged from the original IBE to eliminate the certificate, is a future significant cryptosystem as based on the DDH(Decisional DH) algorithm which is significant in terms of computation and secure enough for authentication, as well as secure and faster. The practical EC Weil Pairing presents that its encryption algorithm is simple and it satisfies IND/NM security constraints against CCA. The Random Oracle Model based IBE PKG is appropriate to the structure of our target system with one secret file server in the operational perspective. Our work proposes modification of the Weil Pairing as proper to the closed network for secret file distribution[2]. First we proposed the improved one computing both encryption and message/user authentication as fast as O(DES) level, in which our scheme satisfies privacy, authenticity and integrity. Secondly as using the public key ID as effective as PKI, our improved IBE variant reduces the key exposure risk.

• Korean Security Journal
• /
• no.59
• /
• pp.71-90
• /
• 2019

As the demand for national security and national safety is gradually increasing in accordance with the trend of the times and social environment, and the use of private areas for effective prevention and supply required for the demand for safety services, this paper analyzed the Japanese private security testing system for the introduction of the Korea security certification system as a way to secure expertise in the private security industry and drew the following conclusion. First, certificate segmentation should be carried out according to the clearly divided field and scope of the expense operation. Second, it is necessary to distinguish the qualification of the private security qualification according to the level. Third, it is necessary to utilize the combined evaluation method through the departmental and practical tests. Fourth, an assessment should be made through the link between departments and practical subjects. Fifth, the diversity of the acquisition methods should be placed to ensure the gainer's accessibility. Finally, the use of professional and visible use of professional personnel should be achieved through benefit assessment for those who are qualified for

• Journal of Biomedical Engineering Research
• /
• v.24 no.6 s.81
• /
• pp.533-541
• /
• 2003

In the paper. the health card system to integrate several cards into one card for protecting patient's privacy and security problems is proposed. Firstly, it is defined the minimal data set for integrating several patient cards into one card using IC card, and developed the issuing system to issue the integrated patient IC card. In order to secure and certificate a patient's personal information. the integrated patient IC card has applied 3-DES and the PKI certificate authority based Windows 2000 is established. The receipt and reservation system for taking care of a healthcare has developed to cooperate with the existing hospital computer system. The integrating patient IC card system proposed in this paper is implemented to 11 hospitals and used for 1.000 patients. On the result of the simulation. the proposed system can receive or reserve for a patient to take care of healthcare in the simulated hospitals and also establish the basis of the mechanism to share a medical information.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.4
• /
• pp.769-776
• /
• 2016

TELNET is vulnerable to network attack because it was designed without considering security. SSL/TLS and SSH are used to solve this problem. However it needs additional secure protocol and has no backward compatibility with existing TELNET in this way. In this paper, we have suggested STELNET(Secured Telnet) which supports security functionalities internally so that has a backward compatibility. STELNET supports a backward compatibility with existing TELNET through option negotiation. On STELNET, A client authenticates server by a certificate or digital signature generated by using ECDSA. After server is authenticated, two hosts generate a session key by ECDH algorithm. And then by using the key, they encrypt data with AES and generate HMAC by using SHA-256. After then they transmit encrypted data and generated HMAC. In conclusion, STELNET which has a backward compatibility with existing TELNET defends MITM(Man-In-The-Middle) attack and supports security functionalities ensuring confidentiality and integrity of transmitted data.

• Journal of the Korean Society of Environmental Restoration Technology
• /
• v.18 no.1
• /
• pp.91-102
• /
• 2015

In connection with biodiversity that has recently become the topic, competition to secure biological genetic resources is being heightened all over the world. Korea also has a variety of efforts to secure and preserve plant genetic resources, and has recognized the importance of the function and role of arboretums. Arboretums in Korea, however, have the problems in terms of quality due to the rapid increase. One of the problems is shortages in experts who are essential for the proper functioning of arboretums. To solve the problem, the State introduced Gardener Training Program certification system and started to train gardeners. However, gardeners who have actually employed at arboretums are less than 20% and thus the problem of shortages in experts still exists. In this context, this study examined 44 registered arboretums in Korea to find out the current situation of experts; analyzed arboretum experts and the program certification system in view of relevant laws; and investigated the current situation of training programs being operated in three Gardener Training Program certification organizations. Finally, this study conducted a survey of 68 gardeners who completed the training program at Chollipo Arboretum and tried to suggest a plan for securing experts from the gardener training programs. The plan for utilizing the trained gardeners as experts in arboretums is as follows: First, legal standards for the employment of experts in arboretums should be strengthened. Second, it is necessary to evaluate training programs, in order to raise the reliability of arboretum experts' expertise. Third, official validity that can be honored in all arboretums should be granted to a certificate of program completion. Finally, networks of gardeners who completed the programs should be formed through follow-up management of them.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.373-381
• /
• 2017

Currently, various types of user authentication methods based on public certificates are used in domestic financial transactions. Such an authorized certificate method has a problem that a different security module must be installed every time a user connects an individual financial company to a web server. Also, the financial company relying on this authentication method has a problem that a new security module should be additionally installed for each financial institution whenever a next generation authentication method such as biometric authentication is newly introduced. In order to solve these problems, we propose an integrated authentication system that handles user authentication on behalf of each financial institution in financial transactions, and proposes an integrated authentication protocol that handles secure user authentication between user and financial company web server. The new authentication protocol is a modified version of OAuth2.0 that increases security and efficiency. It is characterized by performing a challenge-response protocol with a pre-shared secret key between the authentication server and the financial company web server. This gives users a convenient and secure Single Sign-On (SSO) effect.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.3C
• /
• pp.133-139
• /
• 2011

Nowadays, it is considered as an important task to protect digital contents from illegal use and reproduction. In many cases, there are secure servers to authenticate the allowed users and the user authentication process is performed by communication between the servers and users. However, if the number of users and contents are increased, the servers should treat a large amount of authentication loads and the authentication cost will be considerably increased. Moreover, this scheme is not adequate for some players in which only a limited function of communication is deployed. In order to solve this problem, this paper proposes an authentication method which can certificate both the digital contents and players, and prevent illegal reproduction without the certification server. The proposed scheme is secure in the replay attack, the man in the middle attack, and data substitution attack.

• Journal of The Korean Society of Agricultural Engineers
• /
• v.61 no.3
• /
• pp.89-99
• /
• 2019

The project to utilize kenaf as thermal power plant fuel has a positive effect on the unused energy utilization, greenhouse gas reduction, and farm income. However, it is analyzed that it is difficult to secure economical efficiency because the fuel cost of kenaf is higher than that of power by thermal power plant and Renewable Energy Certification (REC). The project of power generation using kenaf is meet the government's major policies, while government support is essential for securing economical efficiency. As a result of the sensitivity analysis on the ratio of the government subsidies, to secure economical efficiency, the power generation prices using kenaf through the direct financial support of the government indicate that 47% and 76% of kenaf fuel cost are supported by government in case of the Saemangeum reclamation and Gangneung-si, respectively. In the case of the government indirect policy support, if kenaf is included as a renewable energy source of Renewable Energy Portfolio Standard and REC is granted, the economic efficiency of Saemangeum reclamation and Gangneung-si is obtained when REC secured at 1.05 or more and 2.43 or more, respectively. The results of this study are meaningful in that the direct and indirect effects of the government on the development of the herbaceous energy crop, kenaf, were evaluated economically. These results are to suggest the need for demonstration study, but economics analyze and evaluate are necessary based on operational data through the demonstration phase in the future.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.3
• /
• pp.1428-1438
• /
• 2013

Services take place in Internet environment, a formation of the trust relationship between user and service provider for services. Different authentication schemes such as using Certificate of Public Key Infrastructure authentication and using ID/PW for a simple user authentication have been proposed for trust relationship. In addition, in the case of electronic financial transactions, transaction integrity and non-repudiation features are provided. These services are provided in Internet environment, use various measures to ensure service safety. However, it was difficult to prevent attacks using existing security technology because of emergence of MITB attack that manipulate the memory area of the Web browser and social engineering attacks such as phishing/pharming, requires application of new security technologies became. In this paper, we propose a concept of smart secure-pad, and utilize it safely formed a trust relationship between user and service provider, a model has been proposed to ensure safety of data transmission. Proposed model's security evaluation results show security against to MITB attack and phishing/pharming that can't be prevent attack using existing security technology. In addition, service provider can easily apply the model in safe environment can provide Internet service using provided representative services applying the proposed model.