• Proceedings of the Korea Multimedia Society Conference
• /
• 2003.11a
• /
• pp.86-90
• /
• 2003

본 논문은 WPKI 환경에서 KXW(Kerberos V5, X.509 V3, WIM) 인증 메커니즘을 설계한다. 인증 프로토콜로는 Kerberos V5을 이용한 사용자 인증 문제를 해결하며, WAP Forum에서 정의한 보안구조 및 요소, 기존 인증 시스템과 관련된 각종 암호 기술을 살펴본 후, WPKI 기반 구조와 전송 계층 보안등을 이용하여 응용 계층에서의 사용자 인증을 위해 서버 클라이언트가 지니는 설계상의 문제점과 E2E 보안상 취약점을 찾아 대안을 제공한다. 인증 프로토콜인 Kerberos V5와 그 단점을 보완 할 수 있는 무선용 X.509 V3을 결합한 후, 보안성이 우수한 WIM을 인증서 저장 매체로 활용한 올바른 인증 방법 해결책을 제시한다.

• Journal of the Korea Safety Management & Science
• /
• v.6 no.3
• /
• pp.161-174
• /
• 2004

The existing PKI authentication structure uses the OCSP method. The primary task of OCSP is to verify the status of a transaction after verifying the validity of the certificate; but, because of continuing policy changes and updates within the PKI authentication method, the status of certificates and the structures are not consistent. Therefore, the SCVP method can be selected as the broadest method for completing authentication tasks accurately because the SCVP method includes validation of policy changes. An appropriate method for building an mobile environment within the capabilities of low-memory and reduced processing CPU needs to be assessed and developed. This thesis proposes a verification method that is independent of platform and applicable to any 05 in building and expanding the mobile environment.

• Proceedings of the IEEK Conference
• /
• 2004.08c
• /
• pp.519-523
• /
• 2004

In this paper we challenge the user Authentication using KerberosV5 authentication protocol in WPKI environment. This paper is the security structure that defined in a WAP forum and security and watches all kinds of password related technology related to the existing authentication system. It looks up weakness point on security with a problem on the design that uses wireless public key based structure and transmission hierarchical security back of a WAP forum, and a server client holds for user authentication of an application layer all and all, and it provides one counterproposal. Therefore, We offer authentication way solution that connected X.509 V3 with using WIM for complement an authentication protocol KerberosV5 and its disadvantages.

• Proceedings of the Korea Contents Association Conference
• /
• 2005.11a
• /
• pp.175-180
• /
• 2005

To data service is offered successfully including electronic commercial transaction in radio Internet, security problem should be solved. Security protocole for radio internet does certification and key exchange by leitmotif and designed because suppose WPKI(WAP Public Key Infrastructure) mainly and use certificate. Wish to discuss efficient certificate verification of PKI that consider radio surrounding hereupon.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.768-771
• /
• 2005

There are two reasons that the remote medical is newly embossed. One is the development of the info-communications technology that is possible to the remote diagnosis. Another is changing the thinking about the new medical services for the offerers and consumers. Therefore, we suggest the WPKI mobile-environmental remote diagnosis system. The system could apply more efficient connection with the very fast developing diagnosis and medical treatment.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11c
• /
• pp.1827-1830
• /
• 2003

무선 단말기 기반 기술의 발달에 따라 많은 이용자들이 있고, 일반 PC 에서만 사용되던 기술들을 무선의 시간 공간 제약이 없는 작업환경에서 이용하고자 하는 욕구의 증가로 점차 확산되고 있다. 이에 발 맞추어 2003 년 중반 4 개 은행이 PC 에서 사용되던 인터넷 뱅킹을 무선 단말기를 이용하는 서비스로 확장 시행하였다 현재 단말기는 PPC(Pocket PC)와 Palm, 사용되는 운영체제로는 Window CE 와 Palm 을 운영체제로 하는 기기에서 서비스를 제공하고 있어, 위의 단말기를 제외한 이 기종에서 서비스 사용이 어렵다. 더 많은 사용자들의 사용을 위해서는 다양한 단말기에서의 사용이 가능하여야 하기 때문에 이 논문에서는 Linux를 OS로 하는 단말기에서의 WPKI인증 기술을 구현한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.04b
• /
• pp.1401-1404
• /
• 2002

무선인터넷의 활성화와 더불어 무선 전자상거래에 대한 관심이 고조되고 있다. 무선 전자상거래를 하기 위해서는 무선 환경에 적합한 보안/인증 및 지불/결제 솔루션이 필요하며 이러한 기술은 기존 유선인터넷에서 사용하고 있는 방식을 그대로 사용하기에는 어려움이 따른다. 본 연구에선 무선인터넷을 이용한 전자상거래에 안전하고 편리한 지불/결제를 위해 모바일 전자지갑(Mobile Wallet) 모듈의 설계와 이동전화단말기에 전자지갑 모듈을 구현함으로써 안전하고 편리한 지불/결제 솔루션을 제공한다. 모바일 전자지갑을 설계함에 있어 무선인터넷을 이용한 전자지갑 모듈의 동작 프로세스에 대해 기술하였으며, 단말기에 저장된 전자지갑 정보를 읽어와서 지불 및 배송에 필요한 정보에 대해 암호화와 전자서명을 수행하기 위한 전자지갑 용 WML Script 의 설계와 동작 프로세스에 대해 설명한다. 또한 이동전화 단말기에 전자지갑 모듈을 구현함에 있어 오프라인 전자지갑 모듈의 정보 입력과 모바일 전자지갑을 이용한 무선 전자상거래 서비스에 대해 단말 UI(User Interface) 기반으로 구현사례를 설명한다.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12spc
• /
• pp.565-569
• /
• 2021

The rapid growth and development of ICT (Information and Communication Technology) and internet services has boosted the adoption of Mobile Government services all around the globe. There is a huge increase in the adoption of government services during COVID-19 pandemic. Existing Mobile Government (MG) solutions are not trustworthy and secure. This paper provides secure and trustworthy solution for mobile government, proposes a centralized smart governance architecture which is based on trust manager. Our proposed work has Wireless Bridge Certifying Authority (WBCA) and Wireless Public Key Infrastructure (WPKI) thereby ensuring security and privacy. Our proposed work ensures trust with WBCA as WBCA acts as a Trust Manager (TM). Proposed protocol has less computational cost and energy cost

• The KIPS Transactions:PartD
• /
• v.10D no.3
• /
• pp.559-566
• /
• 2003

As cell phone and PDA have been in common use recently, there is a growing tendency to utilize the mobile terminals for M-Commerce. The information security and the receipt of e-trade are very important to support reliable digital transactions in wireless environment as in wired environment. Even though some work such as WML digital signature and WPKI has been studied for M-Commerce, there are several problems on the aspects of the functional limitation of the mobile terminals and the unsecure data transformation of WAP gateway. In this study we have designed and implemented a prototype system of issuing and verifying the electronic receipt that guarantees authentication, data integrity and non-repudiation for secure mobile e-commerce. Moreover, we have enhanced the system performance by letting the trusted independent server verify and manage the electronic receipt.

• Journal of KIISE:Information Networking
• /
• v.29 no.3
• /
• pp.324-332
• /
• 2002

We design authentication protocols for wireless internet not using certificates but using passwords. The target protocols include WTLS and the certificate request protocol in the wireless PKI(Public Key Infrastructure). When a password based protocol is designed and implemented for authentication and key exchange, care mutt be taken of the short length and of the not-so-randomness of passwords. To frustrate the offline guessing attack that makes use of those weaknesses, our two protocols are dependent on the password based authentication protocol that has security proof. In this paper, how to design systematically the security protocols for authentication and key exchange using passwords is presented, and the methodology hopes to be useful in some other area that needs authentication using passwords.