• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.850-853
• /
• 2008

As th Internet grew rapidly, the Electronic Commerce that is based on Internet increased. The Electronic Commerce is unsubstantial in the mutual authentication between the parties and a commerce As a solution to this issue, a Web server uses a Client Message technology. The purpose of Client Message is to validate the user and the electronic commercial transaction. Further, it increases efficiency and offers several ability at various purposes. However, the Client Message is transferred and stored as an unencrypted text file, the information can be exposed easily to the network threats, end system threats, and Client Message harvesting threats. In this paper designed by used crypto algorithm a Secure Message as a solution to the issue have proposed above. Further, designed a security service per Network transmitting message to transfer client's user input information to a Web server safety.

• Journal of Digital Contents Society
• /
• v.12 no.1
• /
• pp.95-105
• /
• 2011

It has become commonplace to use web-based business process systems in a variety of fields, and electronic litigation is not an exception. In electronic procedures where court records are at the core of the system, the electronic document architecture should be designed in a way that electronic documents are safely circulated and utilized on the web with a consideration of the authentication of records, particularity of cases and document security such as prevention of forgery or falsification. Based on a study of electronic formats suitable for court records, the Extensible Markup Language (XMP) for management of special case information and security requirements for circulation of electronic documents, this paper suggests an adequate architecture for electronic documents designed for electronic litigation involving constitutional matters and looks into cases where such architectures are applied. The studies in this paper will serve as a useful reference for those planning to realize web-based business process that enables exchanges of electronic documents.

• Journal of Information Processing Systems
• /
• v.8 no.3
• /
• pp.495-520
• /
• 2012

A secure Electronic Payment System (EPS) is essential for the booming online shopping market. A successful EPS supports the transfer of electronic money and sensitive information with security, accuracy, and integrity between the seller and buyer over the Internet. SET, CyberCash, Paypal, and iKP are the most popular Credit Card-Based EPSs (CCBEPSs). Some CCBEPSs only use SSL to provide a secure communication channel. Hence, they only prevent "Man in the Middle" fraud but do not protect the sensitive cardholder information such as the credit card number from being passed onto the merchant, who may be unscrupulous. Other CCBEPSs use complex mechanisms such as cryptography, certificate authorities, etc. to fulfill the security schemes. However, factors such as ease of use for the cardholder and the implementation costs for each party are frequently overlooked. In this paper, we propose a Web service based new payment system, based on ANSI X9.59-2006 with extra features added on top of this standard. X9.59 is an Account Based Digital Signature (ABDS) and consumer-oriented payment system. It utilizes the existing financial network and financial messages to complete the payment process. However, there are a number of limitations in this standard. This research provides a solution to solve the limitations of X9.59 by adding a merchant authentication feature during the payment cycle without any addenda records to be added in the existing financial messages. We have conducted performance testing on the proposed system via a comparison with SET and X9.59 using simulation to analyze their levels of performance and security.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.649-651
• /
• 2021

In recent years, O2O services for real estate sales are widely distributed in web platforms and apps. This allows sellers, buyers, and real estate brokers to quickly and conveniently conduct real estate sales and charter contracts. However, in the O2O-based real estate sales information system, it wastes time and money for real estate buyers due to the posting of fake information, partial correction of the sales information, and intentional non-posting of the sales information. Therefore, we propose a method of detecting the false or not of real estate property information that can occur on the web platform, and design and implement a proposal system for this. To this end, we propose a method of detecting personal identity and property information based on DID, a distributed identity authentication protocol. The false real estate sales information detection system proposed by us can determine the existence of real estate sales information, partially correct the false sales information, or prove whether or not intentionally unpublished in three steps.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.8
• /
• pp.1799-1808
• /
• 2010

Recently the increasing collaborative research requires the remote medical and clinical data sharing and access of external institutions. In this paper, an interoperability framework between Grid and PACS using Web services is proposed and implemented in order to provide flexible and efficient medical data management. The Digital Imaging and Communications in Medicine(DICOM) standard defines medical image data exchange and transfer between PACSs and image databases. However, medical data exchange between hospitals is limited within the trusted and static environments. Moreover, DICOM does not provide medical data management and the Grid middleware does not include standard toolkit to access DICOM data. To address this issue, a Web services-based Grid Service Mediator (WGSM) which provides PACS integration and medical image data management is developed. The WGSM consists of several service mediators such as compress mediator, GridFTP mediator, RFT mediator, MyProxy mediator, MDS mediator, and RLS mediator and others. The proposed Web services-based framework provides user authentication and secure data access between PACSs in collaborative environments. In particular, the WGSM allows ordinary users to access remote PACS data in a simple and efficient manner without any the knowledge about underlying Grid middleware.

• The Journal of Society for e-Business Studies
• /
• v.6 no.3
• /
• pp.101-113
• /
• 2001

Security is very important in EC(Electronic Commerce) environment because exchanged information(that is transaction details, private data, charges data(card-no, accounts), etc) is various and is very sensitive. So, In this paper, we propose Secure-ReXpis(Reliable St excellent Xh3 Processing Infrastructure) System that transfer message and support Message Level Security(Encryption/Decryption and Digital Signature). And we implement Message Confidentiality Service, User Authentication ＆ Message Integrity Service and Non-Repudiation Service among the various Security Services. This system support XML message format and EDI message, WEB Data and Private Format Data, etc.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.11S
• /
• pp.3278-3288
• /
• 1999

This paper proposes a security platform, called SCAP(Security platform for CORBA based APplication), to cope with potential threats in a distributed object system. SCAP supports CORBA security specification announced by OMG. SCAP is comprised of four functional blocks, which co-work with ORB to provide security services: Authentication Block, Association Block, Access Control Block, and Security Information Management Block. It is designed to support Common Secure Interoperability Functionality Level 2, which is useful for large-scale intra-, or inter-network based applications. Actual security services, which are dependent on supporting security technology, will be provided as external security service for replace ability. Implementation issues such as how to simulate an interceptor mechanism using a commercial ORB product without source code, and how to extend Current object required for security services are also described. At the end of the paper, the SCAP applied to the web environment is described to show its practical utilization.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06d
• /
• pp.35-39
• /
• 2007

OpenID는 웹 서비스를 위한 사용자 중심의 분산형 인증 메커니즘을 제공한다. OpenID를 이용하면 기존의 아이디와 패스워드를 이용한 인증방법보다 더 편리한 회원등록과 로그인 기능을 제공 할 수 있다. 본 논문에서는 OpenID를 이용하여 모바일 웹 환경에서의 사용자 인증 메커니즘을 설계한다. 먼저, 이동통신 망과 무선인터넷에서의 사용자 인증기술에 대해서 분석하고, OpenID를 이용한 개선된 모바일 웹 사용자 인증 메커니즘을 제안한다. 제안하는 메커니즘의 목표는 모바일 웹 사용자에게는 보다 효율적인 회원등록과 로그인 기능을 제공하고, 모바일 웹 서비스 제공자에게는 좀 더 신뢰성 있는 사용자 인증 수단을 제공하는 데 있다.

• 한국벤처창업학회:학술대회논문집
• /
• 2007.11a
• /
• pp.45-80
• /
• 2007

국세청에서 제공하는 홈택스서비스(Home Tax Service: HTS)는 최근의 정보기술(IT)발전과 인터넷 사용의 보편화에 따라 전자세정 기반 구축을 통해 납세자가 세무서를 방문하지 않고 집이나 사무실에서 모든 세금문제를 인터넷(www.hometax.go.kr)으로 편리하게 해결할 수 있는 종합세무행정 서비스이다. 홈택스가입자 현황을 보면 2002년 12월 60만명에서 2005년 12월말 현재 392만명으로 6.5배 증가하였으며, 2007년 2월 5일 500만명을 돌파하였다. 홈택스서비스는 전자신고 등 e-서비스 품질과 활성화 측면에서 세계적으로 앞서고 있고 최근 일본, 중국, 말레이시아, 베트남 등 다수 국가가 우리나라 홈택스에 대한 벤치마킹 의사를 표명한 바 있다. 국세전자신고제도의 활성화 방안은 다음과 같다. 첫째, 납세서비스 패러다임의 선진화이다. 둘째, 다양한 서비스 제공으로 고객만족도를 제고하여야 한다. 셋째, 전자납부 이용자에 일정률의 세액감면 인센티브를 부여하여야 한다. 넷째, 납세자 지식정보화 교육을 강화하여야 한다. 전자신고는 납세자와 과세당국간 보다 편리하고 효율적인 세무환경을 마련하는 방향으로 전개되어야 한다. 기술적으로 신뢰성을 높이기 위하여는 web상에서 실체를 구별하는 식별(identification)력과 그 실체의 속성을 구별하는 인증(authentication)력을 확보하는 방향에서 접근되어야 할 것이다.

• 한국IT서비스학회:학술대회논문집
• /
• 2002.11a
• /
• pp.374-378
• /
• 2002

웹을 이용한 서비스는 위와 같은 여러 장점을 가지고 있지만 각종 데이터 및 문서가 웹 상에 존재하므로 가상공간에서의 문서의 처리가 위조나 변경이 가능하다. 이러한 웹 상에서의 전송 시 발생할 수 있는 수많은 역기능들을 줄일 수 있는 가장 강력한 방법은 암호 응용 기술을 전자상거래 시스템 구축에 사용함으로써, 기밀성(confidentiality), 무결성(integrity), 인증(authentication) 등의 보안 서비스를 제공하는 것이다. 이에 본 논문에서는 현재 진행중인 표준화 단체의 동향을 파악하고 WS-Security 명세서를 통해 웹 서비스 보안의 전반적인 기술을 분석한다.