• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.4
• /
• pp.15-27
• /
• 2002

The purpose of this paper is to present both the specification of delta-CRL and the polices for delta CRL in order to solve the problem involved in issuing and maintaining the certificate revocation lists for the mobile communication network. If the user request to revoke the certificate issued by certification authority, the certification should be revoked and listed up in the certificate revocation list. In general, the certificate revocation list is issued regularly. Therefore PKI application should download the CRL and prove the validity of CRL. The traffic size of the exchanged traffic should be reduced for the mobile communication environment. The result if this paper can be used for the mobile communication various environments to reduce the size of CRL.

• The Journal of the Korea Contents Association
• /
• v.14 no.12
• /
• pp.565-573
• /
• 2014

We have various e-commerce like on-line banking, stock trading, shopping using a PC or SmartPhone. In e-commerce, two parties use the certificate for identification and non-repudiation but, the attack on the certificate user steadily has been increasing since 2005. The most of hacking is stealing the public certificate and private key files. After hacking, the stolen public certificate and private key file is used on e-commerce to fraud. Generally, the private key file is encrypted and saved only with the user's password, and an encrypted private key file can be used after decrypted with user password. If a password is exposed to hackers, hacker decrypt the encrypted private key file, and uses it. For this reason, the hacker attacks user equipment in a various way like installing Trojan's horse to take over the user's certificate and private key file. In this paper, I propose the management method to secure private key of PKI using One Time Password certification technique. As a result, even if the encrypted private key file is exposed outside, the user's private key is kept safely.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.9
• /
• pp.1977-1982
• /
• 2012

Social network service user or smart phone user is very convenient, because there are supported to various social network services such as Facebook, Twitter, Flickr, Naver blog, Daum blog, and so on. This Is very good because they store multimedia datas that user wants to cyber space if they want it conveniently. But, if social network user increases, space of cloud storage increases sharply, and when social network service used user dies then they have big problems such as they did not know in existing. Typically, problems of notice, dissemination, storage, and inheritance for digital asset can happen representatively. Now, If successor send relation information of he and his dead user that is family to social network service provider then service provider checks it. And successor may can use, save and only backup are possible after confirm of family relation truth. Therefore, We wish to propose ADAM that successor may can inherit digital assets easily, conveniently, and safely in this paper. If someone use ADAM, successor submits information about dead and own family relation in the third certification party. And ADAM can be inherited freely and conveniently about digital assets as general assets passing through right inheritance process.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.11
• /
• pp.189-200
• /
• 2011

With rapid development and contribution of IT technology IT fushion healthcare service which is a form of future care has been changed a lot. Specially, as IT technology unites with healthcare, because delicate personal medical information is exposed and user's privacy is invaded, we need preperation. In this paper, u-healthcare service model which can manage patient's ID information as user's condition and access level is proposed to protect user's privacy. The proposed model is distinguished by identification, certification of hospital, access control of medical record, and diagnosis of patient to utilize it efficiently in real life. Also, it prevents leak of medical record and invasion of privacy by others by adapting user's ID as divided by user's security level and authority to protect privacy on user's information shared by hospitals.

• Journal of the Korean Society of Safety
• /
• v.35 no.5
• /
• pp.74-85
• /
• 2020

Smart phone zombie or Smombie means pedestrians who walk without attention to their surroundings because they are focused upon their smart phone. Because the traffic accidents and injuries caused by Smombie have been increased rapidly in recent years, the social attention and policies are needed to prevent it. This study was conducted to analyze Smombie's current status and some solutions used before and to propose new improved method through the latest ICT trend. In this study, we did the field survey to check Smombies at several places in Seoul through people counting, and found that a lot of pedestrians still use the smart phone while walking. And we analyzed many case studies about some solutions to prevent Smombies previously. The case studies include legal regulations, government policies, smart phone app services and facilities that are used before. We studied them through internet searches and reference studies and we also checked the current operating situation as visiting several places that the solutions actually has been operated. Therefore, we found there are some limitations in previous solutions in terms of effectiveness and management. To consider new solution that can be expected to overcome the limitations, we analyzed the latest ICT trends focused on features to utilize the Smombie prevention, especially video recognition and digital signage. In these days, video recognition has been developed rapidly with assistance of AI technology and it can recognize the specific pedestrian's characteristics such as holding smart phone as well as hair style, clothes, backpack and etc. On the other hands, the digital signage is the convergence device that includes big display, network connection and various IoT sensors. It can be used as public media in many places for public services as well as advertising. Through these analysis results, we show the requirements and the user scenario for the improved method to prevent Smombie. Finally, we propose to develop R&D technology to recognize Smombie exactly as pedestrian attributes and to spread creative contents to increase pedestrian's interest and engagement for Smombie prevention through digital signage.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.6
• /
• pp.1-8
• /
• 2019

Medical information is an important personal information for patients, and it must be protected. In particular, when medical personnel approach electronic medical records, authentication for enhanced security is essential. However, the existing public certificate-based certification model did not reflect the security characteristics of the electronic medical record(EMR) due to problems such as personal key management and authority delegation. In this study, we propose a fingerprint recognition-based authentication model with enhanced security to solve problems in the approach of the existing electronic medical record system. The proposed authentication model is an EMR system based on fingerprint recognition using PEMS (Private-key Escrow Management Server), which is applied with the private key commission protocol and the private key withdrawal protocol, enabling the problem of personal key management and authority delegation to be resolved at source. The performance experiment of the proposed certification model confirmed that the performance time was improved compared to the existing public certificate-based authentication, and the user's convenience was increased by recognizing fingerprints by replacing the electronic signature password.

• Journal of Korean Society of Disaster and Security
• /
• v.16 no.3
• /
• pp.35-43
• /
• 2023

This study introduces a study on the adjustment methods of the Life Safety Index. The Life Safety Index is a service provided by the Life Safety Prevention Service System. It comprehensively evaluates individuals' levels of safety in their daily lives, continually monitors their safety status, and presents a comprehensive index to prevent safety accidents in advance. Previous studies have developed the Life Safety Index using evaluation criteria (items) for assessing life safety prevention services, incorporating both the AHP (Analytic Hierarchy Process) and Likert Scale techniques. In this study, we build upon this existing Life Safety Index and explore methods for applying adjustment factors based on individuals' characteristics to enhance its accuracy and customization. We develop adjustment factors using existing national statistics to provide personalized services tailored to individual profiles. Therefore, this paper proposes a method for providing customized services by applying adjustment factors to the Life Safety Index, contributing to the development and application of life safety index adjustment methodologies.

• Journal of the Korean Institute of Landscape Architecture
• /
• v.40 no.6
• /
• pp.1-12
• /
• 2012

This study aims to suggest ways to improve sustainability on housing complexes. This study sampled eight housing projects in Seoul and GyeongGi-Do in Korea, which were completed in June 2007 and June 2008. Then, are retention and maintenance on "constructed greens for ecological environment" including "green structures substitutes retaining walls", "green roofs", and "green walls." Study methods are field investigations of the sampled sites, and Post Occupancy Analysis. Major findings were; 1) "constructed greens" are not well retained in more sites and and this implies the GBCS(Green Building Certification System) does not meet its objectives well, 2) User showed lower user satisfaction to "constructed greens". User satisfaction concerning "green structures substitute retaining walls" was higher than the satisfaction on the other constructed green type. Satisfaction Assessment Criteria lower 1han average were "level of quality", "meet the design objectives", "vegetation management status", "vegetation maintenance". 3) User satisfaction was strongly correlated on the level of quality factor of "constructed green". In addition, tue other factors are the significant correlations between the satisfactions. The present GBCS has inadequate assessment standards for maintenance, which lead to lower the entire satisfaction. Therefore, periodic recertification system, education and information providing for the managing personals, and incentives for good maintenance or disincentive for poor maintenance of the "constructed greens" are suggested to improve the GBCS.

• The Journal of Society for e-Business Studies
• /
• v.25 no.2
• /
• pp.1-14
• /
• 2020

ISO 15118 is an international standard that defines communication between electric vehicles and electric vehicle chargers. Plug & Charge (PnC) was also defined as a technology to automatically authenticate users when using charging services. PnC indicates automatic authentication technology where all processes such as electric vehicle user authentication, charging and billing are automatically processed. According to the standard, certificates for chargers and CPSs (Certificate Provisioning Services) should be under the V2G (Vehicle to Grid) Root certificate. In Korea, the utility company operates its own PKI (Public Key Infrastructure), making it difficult to provide chargers under the V2G Root Certificate. Therefore, a method that can be authenticated is necessary even when you have different Root Certificates. This paper proposes to apply cross-certificate technology to PnC authentication. Automatic authentication of Cross Certification is to issue a cross-certificate of the Root CA and include it in the certificate chain to proceed with automatic authentication, even if you have different Root certificates. Applying cross-certificate technology enables verification of certificates under other Root certificates. In this paper, the PnC automatic authentication and cross certificate automatic authentication is implemented, so as to proceed with proof of concept proving that both methods are available. Define development requirements, certificate profiles, and user authentication sequences, and implement and execute them accordingly. This experiment confirms that two automatic authentication are practicable, especially the scalability of automatic authentication using cross-certificate PnC.

• Journal of Internet of Things and Convergence
• /
• v.7 no.3
• /
• pp.69-74
• /
• 2021

With the recent development of biometric authentication technology, the user authentication techniques using biometric authentication are increasing. Various problems arised in certification techniques that use various existing methods such as ID/PW. Therefore, recently, a method of improving security by introducing biometric authentication as secondary authentication has been used. In this thesis, proposal of the user authentication system that can detect user identification and anomalies using ECGs that are extremely difficult to falsify through the electrical biometric signals from the heart among various biometric authentication devices is studied. The system detects user anomalies by comparing ECG data received from a wrist-mounted wearable device-type ECG measurement tool with identification and ECG data stored in blockchain form on the database and identifying the user's location through a beacon system.