• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.13
• /
• pp.1033-1055
• /
• 2000

Almost business enterprises have recently used electronic commerce to conduct their business. Electronic commerce has come to encompass the Internet as well as EDI on private networks begun in the 1960s. The Internet is already changing the way that many companies conduct their business. Domestic electronic commerce has rapidly enhanced, while Int'l electronic commerce has gone steady. There are four issues for developing of Int'l Electronic Commerce. Firstly, The EDI Standardization is to be uniformed and prevailed over the world in UN/EDIFACT authorized by ISO. Secondly, There are two useful systems on Electronic Document Transmission, so called, Bolero project system and Trade Card System. It is thought that Bolero system will be more useful for large trading enterprises, especially, who need a Letter of Credit and electronic B/L, while T/C system is proper to small trade companies who do not need those. Successful results of Bolero system is very important for Int'l electronic commerce enterprises. Thirdly, to secure electronic signature, Int'l Certification Authority is essential for the users of Int'l electronic commerce. Trusted way of distributing public keys is to use a Int'l Certification Authority. The Int'l Certification Authority will accept user's public key, along with some proof of identity and serve as a depository of digital certificates. Both governments and the International business community must involve archiving keys with trusted third parties. Finally, It is important that all the nations and UNCITRAL continue efforts to make legal bases in Int'l electronic commerce concerned, including electronic signature, certification etc.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.10
• /
• pp.2473-2480
• /
• 2015

In telemedicaine, people can make their health checked at anywhere from temporal and spatial constraints and It's environment can provide continuous health information regardless of the location of customers through PCs and smart phones. In addition, personal health information collected utilizing the BYOD(bring your own device) is the most important factor data security and guaranteed personal privacy because it's directly connected to the individual's health and life. In this paper, we provide a signature of the private key encryption system and method for providing the security of personal health information data collected utilizing the BYOD. Against replay attacks and man-in-the-middle attacks on security issues that are emerging as a smart environmental health was used as the timestamp and signature methods. Proposed method provides encryption overhead, while a communication was lower compared to the pre-encrypted with a mean 1.499mJ 1.212mJ shown by simulation to respond quickly in an emergency situation to be about 59%.

• Journal of KIISE
• /
• v.45 no.3
• /
• pp.294-302
• /
• 2018

With the emergence of the new service industry due to the development of information and communication technology, cyber space risks such as personal information infringement and industrial confidentiality leakage have diversified, and the security problem has emerged as a critical issue. In this paper, we propose a behavior-based anomaly detection method that is suitable for real-time and large-volume data analysis technology. We show that the proposed detection method is superior to existing signature security countermeasures that are based on large-capacity user log data according to in-company personal information abuse and internal information leakage. As the proposed behavior-based anomaly detection method requires a technique for processing large amounts of data, a real-time search engine is used, called Elasticsearch, which is based on an inverted index. In addition, statistical based frequency analysis and preprocessing were performed for data analysis, and the DBSCAN algorithm, which is a density based clustering method, was applied to classify abnormal data with an example for easy analysis through visualization. Unlike the existing anomaly detection system, the proposed behavior-based anomaly detection technique is promising as it enables anomaly detection analysis without the need to set the threshold value separately, and was proposed from a statistical perspective.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.11
• /
• pp.5642-5670
• /
• 2017

Antivirus is an important issue to the security of virtual machine (VM). According to where the antivirus system resides, the existing approaches can be categorized into three classes: internal approach, external approach and hybrid approach. However, for the internal approach, it is susceptible to attacks and may cause antivirus storm and rollback vulnerability problems. On the other hand, for the external approach, the antivirus systems built upon virtual machine introspection (VMI) technology cannot find and prohibit viruses promptly. Although the hybrid approach performs virus scanning out of the virtual machine, it is still vulnerable to attacks since it completely depends on the agent and hooks to deliver events in the guest operating system. To solve the aforementioned problems, based on in-memory signature scanning, we propose an agentless runtime antivirus system VirtAV, which scans each piece of binary codes to execute in guest VMs on the VMM side to detect and prevent viruses. As an external approach, VirtAV does not rely on any hooks or agents in the guest OS, and exposes no attack surface to the outside world, so it guarantees the security of itself to the greatest extent. In addition, it solves the antivirus storm problem and the rollback vulnerability problem in virtualization environment. We implemented a prototype based on Qemu/KVM hypervisor and ClamAV antivirus engine. Experimental results demonstrate that VirtAV is able to detect both user-level and kernel-level virus programs inside Windows and Linux guest, no matter whether they are packed or not. From the performance aspect, the overhead of VirtAV on guest performance is acceptable. Especially, VirtAV has little impact on the performance of common desktop applications, such as video playing, web browsing and Microsoft Office series.

• Journal of Communications and Networks
• /
• v.18 no.2
• /
• pp.218-226
• /
• 2016

Coordination among users is an inevitable but time-consuming operation in wireless networks. It severely limit the system performance when the data rate is high. We present FC-MAC, a novel MAC protocol that can complete a contention within one contention slot over a joint frequency-code domain. When a node takes part in the contention, it generates randomly a contention vector (CV), which is a binary sequence of length equal to the number of available orthogonal frequency division multiplexing (OFDM) subcarriers. In FC-MAC, different user is assigned with a distinct signature (i.e., PN sequence). A node sends the signature at specific subcarriers and uses the sequence of the ON/OFF states of all subcarriers to indicate the chosen CV. Meanwhile, every node uses the redundant antennas to detect the CVs of other nodes. The node with the minimum CV becomes the winner. The experimental results show that, the collision probability of FC-MAC is as low as 0.05% when the network has 100 nodes. In comparison with IEEE 802.11, contention time is reduced by 50-80% and the throughput gain is up to 200%.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.331-337
• /
• 2014

Paradigm shift to cloud computing has increased the importance of security. Even though public cloud computing providers such as Amazon, already provides security related service like firewall and identity management services, it is not suitable to protect data in cloud environments. Because in public cloud computing environments do not allow to use client's own security solution nor equipments. In this environments, user are supposed to do something to enhance security by their hands, so the needs of visualized security management arises. To implement visualized security management, developing near realtime data handling & packet classification mechanisms are crucial. The key technical challenges in packet classification is how to classify packet in the manner of unsupervised way without human interactions. To achieve the goal, this paper presents automated packet classification mechanism based on naive-bayesian and packet Chunking techniques, which can identify signature and does machine learning by itself without human intervention.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.5
• /
• pp.604-612
• /
• 2019

PKI Internet banking is used to have users register their public keys with the banking server together with the identity information, and verify the signature for both user and transaction authentications by using the registered public keys. Although the Blockchain-based financial systems such as Bitcoin adopt similar digital signature-based authentication scheme, there is no server that participants can register public keys with because they perform P2P payment transactions. The purpose of this paper is to identify the advantages and disadvantages of the Blockchain-based payment transactions by analyzing the differences between the most common PKI Internet banking and Blockchain payment systems. Based on the analysis, this paper suggests the issues that need to be enhanced from the aspects of architecture and security in order for Blockchain payment transaction systems to be applied universally.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.71-84
• /
• 2003

Self-certified public keys need not be accompanied with a separate certificate to be authenticated by other users because the public keys are computed by both the authority and the user. At this point, verifiable self-certified public keys are proposed that can determine which is wrong signatures or public keys if public keys are used in signature scheme and then verification of signatures does not succeed. To verify these public keys, key generation center's public key trusted by users is required. If all users trust same key generation center, public keys can be verified simply. But among users in different domains, rusty relationship between two key generation centers must be accomplished. In this paper we propose inter-domain verifiable self-certified public keys that can be verified without certificate between users under key generation centers whose trusty relationship is accomplished. Also we present the execution of signature and key distribution between users under key generation centers use different public key parameters.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.347-355
• /
• 2012

A biometric hardware security module is a physical device that comes in the form of smartcard or some other USB type security token is composed with biometric sensor and microcontroller unit (MCU). These modules are designed to process key generation and electronic signature generation inside of the device (so that the security token can safely save and store confidential information, like the electronic signature generation key and the biometric sensing information). However, the existing model is not consistent that can be caused by the disclosure of an ID and password, which is used by the existing personal authentication technique based on the security token, and provide a high level of security and personal authentication techniques that can prevent any intentional misuse of a digital certificate. So, this paper presents a model that can provide high level of security by utilizing the biometric security token and Public Key Infrastructure efficiently, presenting a model for privacy preserving personal authentication that links the biometric security token and the digital certificate.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.43-53
• /
• 2019

Recently, a number of military intranet infiltrations suspected of North Korea have been discovered. There was a problem that a vulnerability could occur due to the modification of user authentication data that can access existing military information systems. In this paper, we applied mutual verification technique and API (Application Programming Interface) forgery / forgery blocking and obfuscation to solve the authentication weakness in web browsers that comply with FIDO (Fast IDentity Online) standard. In addition, user convenience is improved by implementing No-Plugin that does not require separate program installation. Performance tests show that most browsers perform about 0.1ms based on the RSA key generation rate. In addition, it proved that it can be used for commercialization by showing performance of less than 0.1 second even in the digital signature verification speed of the server. The service is expected to be useful for improving military information system security as an alternative to browser authentication by building a web secure storage.