• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.5
• /
• pp.59-66
• /
• 2006

A Certification Authority issues X.509 public key certificates to bind a public key to a subject. The subject is specified through one or more subject names in the 'subject' or 'subjectAltName' fields of a certificate. In reality, however, there are individuals that have the same or similar names. This ambiguity can be resolved by including a 'permanent identifier' in all certificates issued to the same subject, which is unique across multiple CAs. But, a person's unique identifier is regarded as a sensitive personal data. Such an identifier cannot simply be included as part of the subject field, since its disclosure may lead to misuse. We present a new method for secure and accurate user authentication through the PEPSI included in the standard certificate extension of a X.509 certificate. The PEPSI can be served not only for user authentication but also for the user anonymity without divulging personal information.

• IEIE Transactions on Smart Processing and Computing
• /
• v.3 no.5
• /
• pp.298-305
• /
• 2014

In this study, a novel Randomly Shifted Certification Authority Authentication protocol was used in ad hoc networks to provide authentication by considering the MAC layer characteristics. The nodes achieve authentication through the use of public key certificates issued by a CA, which assures the certificate's ownership. As a part of providing key management, the active CA node transfers the image of the stored public keys to other idle CA nodes. Finally the current active CA randomly selects the ID of the available idle CA and shifts the CA ownership by transferring it. Revoking is done if any counterfeit or duplicate non CA node ID is found. Authentication and integrity is provided by preventing MAC control packets, and Enhanced Hash Message Authentication Code (EHMAC) can be used. Here EHMAC with various outputs is introduced in all control packets. When a node transmits a packet to a node with EHMAC, verification is conducted and the node replies with the transmitter address and EHMAC in the acknowledgement.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.6
• /
• pp.1480-1491
• /
• 2013

Certificate-based cryptography is a new cryptographic primitive which eliminates the necessity of certificates in the traditional public key cryptography and simultaneously overcomes the inherent key escrow problem suffered in identity-based cryptography. However, to the best of our knowledge, all existed constructions of certificate-based encryption so far have to be based on the bilinear pairings. The pairing calculation is perceived to be expensive compared with normal operations such as modular exponentiations in finite fields. The costly pairing computation prevents it from wide application, especially for the computation limited wireless sensor networks. In order to improve efficiency, we propose a new certificate-based encryption scheme that does not depend on the pairing computation. Based on the decision Diffie-Hellman problem assumption, the scheme's security is proved to be against the chosen ciphertext attack in the random oracle. Performance comparisons show that our scheme outperforms the existing schemes.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.9
• /
• pp.49-55
• /
• 2017

Despite the Openflow's switch migration occurs after the channel was established in secure manner (optional), the current cryptography protocol cannot prevent the insider attack as the attacker possesses a valid public/private key pair. There are methods such as the certificate revocation list (CRL) or the online certificate status protocol (OCSP) that tries to revoke the compromised certificate. However, these methods require a management system or server that introduce additional overhead for the communication. Furthermore, these methods are not able to mitigate power abuse of an insider. In this paper, we propose a role-based identity-based cryptography (RB-IBC) that integrate the identity of the node along with its role so the nodes within the network can easily mitigate any role abuse of the nodes. Besides that, by combining with IBC, it will eliminate the need of exchanging certificates and hence improve the performance in a secure channel.

• Convergence Security Journal
• /
• v.4 no.2
• /
• pp.85-90
• /
• 2004

A certificate is important media for the purpose of offering user-authentication service on PKI system. In the paper we analyzed management implement which could make the efficient use of a certificate. This implement called ClientCA will make efficient use of the service about user-authentication consisting of the basis in the age of information through efficient management and partial use of each certificates. Especially, ClientCA could be used efficiently by grafting a small group of PKI system which is operated with particular purposes.

• Journal of Engineering Education Research
• /
• v.15 no.4
• /
• pp.76-84
• /
• 2012

The purpose of this study is to develop an evaluation criteria for students' portfolios in an annual intramural contest. To accomplish the purpose, evaluation categories and their questions were developed after previous literature, ABEEK's evaluation guidelines, and eight Universities' evaluation forms were analyzed. Furthermore, experts' validity tests were completed by showing that the evaluation criteria form was validated with a mean score of 4.24. Also, the inter-rater reliability was turned out with a high score of .86. The interview results by evaluators of students' portfolios made the final version of evaluation criteria form include five evaluation criteria categories and their allotted score portions: overall organization(40), personal information(15), certificates and awards(5), curriculum(15), and extra-curriculum(15). The importance of overall organization was discussed from the perspectives of teachers as well as students.

• International Journal of Korean Welding Society
• /
• v.3 no.1
• /
• pp.57-62
• /
• 2003

The education examination and qualification systems around the world are now changing rapidly and unifying as one system. The Korean national system should be harmonious with this international tendency, in order to overcome the high degree of international economic competition. In this article, the current state of the international and national systems are critically compared and discussed with the intention of proposing improvements to the Korean national system. The Korean Welding Society has revamped its system so that its certificates might be recognized by the welding institutions in foreign countries such as the European Welding Federation (EWF) and still be recognized by the Korean Government. Their desire to join the system of International Institute of Welding (IIW).

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.10b
• /
• pp.863-866
• /
• 2001

Mobile IP는 호스트의 이동성을 제공하여주는 대표적인 프로토콜이다. 이러한 이동 네트워킹 환경에서 전자상거래를 비롯한 여러 가지 다양한 데이터 서비스가 원활하게 제공되기 위해서는 정보보호 문제가 선결되어야 한다. 본 논문에서는 Mobile IP에서 공개키 기반 인증서와 CA(Certification Authority)를 이용한 Mobile IP 등록 프로토콜을 제안한다. 제안된 프로토콜은 이동 노드(mobile node)의 등록 메시지 인증과 재사용 공격(replay attack)을 방지한 수 있으며, 무선 환경을 고려한 공개키 암호방식을 최소로 사용하도록 제안하였다. 또한, 인증서를 이용한 인증방식으로 에이전트(agent)들과 이동노드간의 직접적인 인증이 이루어지도록 하였다. 제안된 Mobile IP 등록 프로토콜은 시뮬레이션을 통하여 기존에 제안된 공개키 기반의 Mobile IP 등록 프로토콜보다 성능이 우수하다는 것을 확인할 수 있었다.

• Journal of Korean Society for Quality Management
• /
• v.28 no.4
• /
• pp.106-118
• /
• 2000

We analyze the current quality management status for firms producing steel outfits of ships and develop an efficient QMS appropriate to Korean steel outfit industry. The firms recently obtained ISO 9000 certificates and are located in Pusan ${\cdot}$ Kyungnam district of Korea. The analysis is based on the audit results from ISO 9000 for seven steel outfit firms during last three years. We find out major requirements of ISO 9000 and investigate statistical relationship among major requirements, types of data, and groups of firms by using a statistical package, SAS. Recommendations regarding add-on requirements are suggested to install an efficient QMS in Korean steel outfit firms.

• Journal of Korean Society for Quality Management
• /
• v.32 no.4
• /
• pp.78-91
• /
• 2004

The ISO 9000 Follow-up Management Practices (FMP) as an integrated area including training, QM systems, management commitment, customer focus, communication and related issues are examined. A sample of 191 small and medium-sized firms data from mail survey is analyzed by the SPSSWIN. A model of FMP including three factors (Systems, Training, and Customer Focus) is introduced. In this paper, a focus is laid on the comparison between ISO 9000:1994 vs. ISO 9000:2000 or 05 9000 certificates and between groups classified by the time length after certification, and on regression relationships between FMP level and business performance. The result shows that the difference of FMP level is significant between two versions and between groups. Quality level and system satisfaction are influenced significantly by the three factors.