• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.05a
• /
• pp.217-220
• /
• 2022

디지털 전환 시대를 맞아 일상생활 대부분이 온라인으로 이동하면서 온라인상에서 자신을 나타내는 신뢰할 수 있는 신분증의 필요성이 커지게 되었다. 신원 확인 방법은 중앙 집중식 모델에서 현재는 자기주권신원 모델로 변화하는 과정에 있으며 사용되는 핵심 기술은 탈중앙 식별자 DID(Decentralized Identifier)이다. DID는 기존 신원 체계와 달리 개인의 데이터 소유권을 개인에게 돌려줘 데이터 주권을 지킬 수 있게 해줌으로써 개인의 정보 공유 범위를 결정하는 SSI(Self Sovereign Identity)를 실현하는 기술이다. DID를 이용하면 데이터의 무결성, 투명성을 보장하는 자격 증명(Verifiable Credential, Verifiable Presentation) 발급이 가능하며 이를 검증하는 데이터는 모두 블록체인에 올라가 있는 것이 특징이다. 본 논문에서는 실제 서비스와 유사한 시뮬레이션 환경을 구축하여 자격 증명의 사용자 프라이버시를 보호하는 방법인 BBS+서명 기법에 대해 알아보고자 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.210-211
• /
• 2023

디지털 신원은 온라인 환경에서 빠르게 중요해지고 있으며, 그 관리의 중요성은 날로 커지고 있다. 중앙화된 신원 관리 시스템의 한계를 인식하며, 탈중앙화된 신원 관리 시스템인 DID(Decentralized Identifier)에 대한 연구와 관심이 확대되고 있다. 그럼에도 불구하고, DID 활용 시 개인정보 유출의 리스크는 여전히 남아 있다. 이러한 문제를 해결하기 위해, 본 연구는 일회용 DID 기법을 제시하였고, 해당 기법은 사용자의 비연결성을 향상시키며, 키 유출과 관리 문제를 최소화한다. 본 연구를 통해, 일회용 DID가 비연결성 강화, 키의 안전한 관리 등의 이점을 제공함을 확인하였다.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.11 no.1
• /
• pp.31-44
• /
• 2008

The 1st phase framework data implementation of National Geographic Information Systems (NGIS) used 1:5,000 digital map with 5 years updating period which is lacking in the latest information. This is a significant factor which hinders the use of framework data. This study proposed the efficient technical method of a location based object data management and system implementation for updating framework data. First, we did an object-oriented data modeling and database design using a location based features identifier(UFID: Unique Feature IDentifier). The second, we developed the system with various functions such as a location based UFID creation, input and output, a spatial and attribute data editing, an object based data processing using UML(Unified Modeling Language). Finally, we applied the system to the study area and got high quality data of 99% accuracy and 35% benefit effect of personnel expenses compare to the previous method. We expect that this study can contribute to the maintenance of national framework data as well as the revitalization of various GIS markets by providing user the latest framework data and that we can develop the methods of a feature-change modeling and monitoring using an object based data management.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.3
• /
• pp.497-505
• /
• 2015

Existing Wi-Fi networks require users to follow network settings of the AP (Access Point), resulting in inconveniences for users, and the password of the AP is shared by all users connected to the AP, causing security information leaks as time goes by. We propose, in this work, a personalized secure Wi-Fi network, in which each user is assigned her own virtual Wi-Fi network. One virtual Wi-Fi per user makes the user-centric network configuration possible. A user sets a pair of her own SSID and password on her device a priori, and the AP publishes its public key in a suitable way. The AP also maintains an open Wi-Fi channel, to which users can connect anytime. On user's request, the user device sends a connection request message containing a pair of SSID and password encrypted with the AP's public key. Receiving the connection request message, the AP instantiates a new virtual AP secured with the pair of SSID and password, which is dedicated to that single user device. This virtual network is securer because the password is not shared among users. It is more convenient because the network adapts itself to the user device. Experiments show that these advantages are obtained with negligible degradation in the throughput performance.

• The Journal of the Korea Contents Association
• /
• v.17 no.7
• /
• pp.276-282
• /
• 2017

Password-based authentication is vulnerable because of its low cost and convenience, but it is still widely used. In order to increase the security of the password-based user authentication method, the password is changed frequently, and it is recommended to use a combination of numbers, alphabets and special characters when generating the password. However, it is difficult for users to remember passwords that are difficult to create and it is not easy to change passwords periodically. Therefore, in this paper, we implemented a user authentication system that does not require a password by using the USB memory that is commonly used. Authentication data used for authentication is protected by USB data stored in USB memory using USB device information to improve security. Also, the authentication data is one-time and reusable.Based on this, it is possible to have the same security as the password authentication system and the security level such as certificate or fingerprint recognition.

• Journal of Broadcast Engineering
• /
• v.13 no.4
• /
• pp.528-543
• /
• 2008

Internet Protocol Television (IPTV) provides an interactive and personalized service for realizing integrated broadcasting and telecommunication services. Set-top box (SIB) connected to TV is an essential component required for IPTV and has a unique hardware identifier used in identification and authentication. It means that subscriber authentication based on box-level identification is inconsistent with IPTV's main intention of providing personalized services. The proposed solution is to provide an opportunity to use the flexible user-centric authentication mechanism through Java Card applets in IPTV application server and 3G networks. This paper suggests personalized services by moving the user's private data and authentication management beyond the STB to a truly personalized device, the ubiquitous mobile phone. In addition, this paper presents effectiveness and security analysis for verifying the proposal.

• Journal of Information Technology Services
• /
• v.8 no.4
• /
• pp.75-86
• /
• 2009

Unlike physical products, the distribution of digital content has involved many participants in all distribution phases from providers to consumers. The longer the distribution channel for services is, or the more participants that take part in it, the more the added value of the content increases. Consequently, the customer usefulness has been maximized. In order to enhance the values of digital content, it is utterly urgent to implement a service infrastructure that could be shared by all participants along the distribution path. Digital content is distributed from a creator to a final user through complex value chain stages. All the participants along the value chain exchange information about copyrights, marketing, and contents themselves, through the distribution channel. Recently, the more the distributed Information Technology environment has been widely used, the more the necessity of an identifier for digital content has been increased. In this paper, we examine the current status of the Korean distribution market of digital content, identify necessary distribution services of digital content, and establish a systematic roadmap to implement these services.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.1
• /
• pp.1-5
• /
• 2016

The all-in-one service, for example, mobile wallet enables users to have credit card, membership card, and coupon in one place. It has been one of important o2o services with offline payment. In order to take advantage of mobile commerce, it is necessary to authenticate clients automatically without entering their passwords. This paper proposes an automatic client authentication method in all-in-one service. At registration, clients receives and stores an authentication ticket from a company, which contains an user's identifier and password encrypted by company's symmetric key. Client can be authenticated by transferring authentication tickets to companies at service requests.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.5
• /
• pp.2267-2285
• /
• 2016

Information Centric Networking that uses content name instead of IP address as routing identifier can handle challenges such as traffic explosion and user mobility, but it also suffers from scalability and incompatibility problems. In this paper by combining the concept of software defined networking and Internet end to end arguments, we propose a wide area deployable software defined information centric networking service model named SD-ICN. SD-ICN employs a dual space structure that separates edge service network and core transmission network. The enhanced SDN techniques are used in edge service network in order to implement intelligent data routing and caching, while traditional IP technique is reserved in core transmission network so as to provide wide area high speed data transmission. Besides, a distributed name resolution system based on the cooperation of different controllers is also presented. The prototype experiments in our campus network show that SD-ICN can be deployed in a scalable and incremental way with no modification of the core network, and can support typical communication modes such as multicast, mobility, multihoming, load balancing, and multipath data transmission effectively.

• Proceedings of the Korea Contents Association Conference
• /
• 2009.05a
• /
• pp.283-288
• /
• 2009

Semantic service can be defined as the service providing search API or reasoning API based on ontology and Web Services. It performs a pre-defined task by exploiting URI, classes, and properties. This study introduces a semantic service composition method based on a semantic broker referring ontology and management information of semantic services stored in a semantic service manager with requirements of the user. The requirements consist of input instances, an output class, a visualization type, semantic service names, and property names. This composition method provides dynamically generated semantic service pipelines including composit semantic services. The user can execute the pipelines provided by the semantic broker to find a meaningful semantic pipeline. After all, this study contributes to develop a system supporting human service planners who want to find composit semantic services among distributed semantic services.