• The KIPS Transactions:PartD
• /
• v.10D no.3
• /
• pp.559-566
• /
• 2003

As cell phone and PDA have been in common use recently, there is a growing tendency to utilize the mobile terminals for M-Commerce. The information security and the receipt of e-trade are very important to support reliable digital transactions in wireless environment as in wired environment. Even though some work such as WML digital signature and WPKI has been studied for M-Commerce, there are several problems on the aspects of the functional limitation of the mobile terminals and the unsecure data transformation of WAP gateway. In this study we have designed and implemented a prototype system of issuing and verifying the electronic receipt that guarantees authentication, data integrity and non-repudiation for secure mobile e-commerce. Moreover, we have enhanced the system performance by letting the trusted independent server verify and manage the electronic receipt.

• The KIPS Transactions:PartC
• /
• v.10C no.3
• /
• pp.281-286
• /
• 2003

Nowadays, a patient's private medical data which is exposed to the outside world has a severe effect on not only the patient's private life but also his/her social activities and environment. So, it is important to securely protect the patient's private medical data from the illegal manipulation. This paper studies the method to store the electronic prescription information in an IC card. For that, an access control for users, such as a doctor, a nurse, a medical institute member, a pharmacy, a pharmacist, or a patient, is proposed to access the data stored in an IC card. The certificate is issued using the Crypto API of a certificate management model supported by Windows 2000. The public/private key is created by the Cryptographic Service Provider program, and the electronic prescription is signed using the digital signature. The proposed system, therefore, can improve the quality of medical services by securing the safety and integrity of the electronic prescription, stored in an IC card.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.12
• /
• pp.619-628
• /
• 2020

This study examined the experiences of users regarding their use of electronic informed consent in hospital. A qualitative descriptive study was conducted using focus groups and in-depth interviews with 30 Korean nurses and 27 patients. Data were collected from one university hospital. The responses were analyzed by qualitative content analysis. Most participants perceived the use of electronic informed consent as convenient and straightforward, as well as saving space and money. On the other hand, the participants stated that the system was unsatisfactory in part because of the occasional unexpected machinery error or malfunction. Some patients wished for function improvements related to the e-signature, making it more comparable to a handwritten signature, and the adjustability of the font size. The nurses wanted a wider implementation of electronic informed consent because it was not being used for all informed consent cases, resulting in confusion and an additional workload. For the use of an electronic informed consent system, it is important to minimize the inconvenience and to maximize the satisfaction of the users, including nurses and patients.

• Convergence Security Journal
• /
• v.8 no.2
• /
• pp.1-6
• /
• 2008

Designing efficient and secure electronic payment is important for M-Commerce. In this paper, we propose an efficient Micro-payment protocol that allows multiple transactions using ID-based public key encryption-system. The proposed payword system requires to generate authenticated key generated by Weil-pairing which uses an elliptic curve cryptosystem over finite field Fq for transactions. Therefore, it is more secure in known key attacks as well as man-in-the middle attacks.

• Journal of IKEEE
• /
• v.19 no.4
• /
• pp.610-616
• /
• 2015

In this paper, an electronic ID system satisfying security requirements of authentication certificate was designed using fingerprint recognition. The proposed electronic ID system generates a digital signature with forgery prevention, confidentiality, content integrity, and personal identification (=non-repudiation) using fingerprint information, and also encrypts, sends, and verify it. The proposed electronic ID system exploits fingerprint instead of user password, so it avoids leakage and hijacking. And it provides same legal force as conventional authentication certificate. The proposed electronic ID consists of 4 modules, i.e. HSM device, verification server, CA server, and RA client. Prototypes of all modules are designed and verified to have correct operation.

• International Commerce and Information Review
• /
• v.9 no.3
• /
• pp.305-320
• /
• 2007

With expanded use of B2B(between enterprises), B2G(between enterprises and government) and EDI(Electronic Data Interchange), and increased amount of available network information and information protection threat, as it was judged that security can not be perfectly assured only with security technology such as electronic signature/authorization and access control, Bayesian networks have been developed for protection of information. Therefore, this study speculates Bayesian networks system, centering on ERP(Enterprise Resource Planning). The Bayesian networks system is one of the methods to resolve uncertainty in electronic data interchange and is applied to overcome uncertainty of abnormal invasion detection in ERP. Bayesian networks are applied to construct profiling for system call and network data, and simulate against abnormal invasion detection. The host-based abnormal invasion detection system in electronic trade analyses system call, applies Bayesian probability values, and constructs normal behavior profile to detect abnormal behaviors. This study assumes before and after of delivery behavior of the electronic document through Bayesian probability value and expresses before and after of the delivery behavior or events based on Bayesian networks. Therefore, profiling process using Bayesian networks can be applied for abnormal invasion detection based on host and network. In respect to transmission and reception of electronic documents, we need further studies on standards that classify abnormal invasion of various patterns in ERP and evaluate them by Bayesian probability values, and on classification of B2B invasion pattern genealogy to effectively detect deformed abnormal invasion patterns.

• The Journal of Korean Association of Computer Education
• /
• v.7 no.5
• /
• pp.93-99
• /
• 2004

The most important technology in the electronic commerce based on Internet is to guarantee the security of trading information exchange. Many technologies are proposed as a standard to support this security problem. One of them is an XML (eXtensible Markup Language). This is used in various applications as the document standard for electronic commerce system. The XML security has become very important topic. In this paper an XML security model for web services based electronic commerce system to guarantee the secure exchange of trading information. To accomplish the security of XML, the differences of XML signature, XML encryption and XML key management scheme respect to the conventional system should be provided. The new architecture is proposed based on unique characteristics of XML. Especially the method to integrate the process management system need to the electronic commerce is proposed.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1994.11a
• /
• pp.51-66
• /
• 1994

A divisible off-line electronic cash system based on cut-and-choose has first been proposed by [OO91] and recently more efficient single term divisible cash system was presented in [EO94] which is based on Brand's scheme [Bra93]. In this paper, we present a different type of single term divisible electronic cash system which is more efficient than previously proposed systems such as [OO91], [YLR93], and [EO94] in the standpoint of the amount of communication, the number of modular multiplications required in the payment transactions, and the storage requirement in the withdrawal protocol. Our scheme is a modified version of [LL93], where the major improvement has been made in its withdrawal transaction to introduce untraceability and multi-spendability. We have borrowed the idea of the withdrawal protocol of our scheme from [EO94] with minor modifications. Transferability in our scheme allows only a finite number of transfer. Our scheme satisfies an the desirable properties of an electronic cash system such as untraceability, divisibility and transferability. In addition, we present a n-spendable cash. The basic idea of extension to multi-spendability has been borrowed from [Bra93] with minor modifications.

• Proceedings of the Korean Institute of Electrical and Electronic Material Engineers Conference
• /
• 2003.07a
• /
• pp.518-521
• /
• 2003

A new measurement system was developed by fault diagnosis system for traction motor using current signal analysis. The motor current signature analysis method is used for traction motor fault diagnosis. The diagnosis system program is constructed by artificial neural networks algorithm, those results from the program are used to train neural networks. The trained neural networks have the ability to compute adaptive results for non-trained inputs, and to calculate very fast due to original parallel structure of neural networks with high accuracy within destined tolerance. This system suggested that available test for checking, the probable extent of aging, and the rate of which aging is taking place.

• Journal of KIISE:Information Networking
• /
• v.30 no.2
• /
• pp.207-221
• /
• 2003

A hash chain is highly efficient, attractive structure to use in electronic cash. Previous systems using hash chain were, however, either credit-based vendor-specific cash or debit-based general-purpose cash which lacks efficiency due to double spending problem. In this paper, we propose a new divisible cash system using hash chain. This newly proposed cash is general-purpose, debit-based, anonymous, and offline. The efficiency of the system results from its capacity to pay variable amounts with no additional costs. A client always performs a single blind signature in the withdrawal phase, independent of the length of the chain. During payment, a client performs a single challenge-and-response or generates a single signature, independent of the amount paid. This system provides a new refund mechanism, which uses a refund ticket, that allows clients to refund the unspent part of the chain without revealing any connection to the spent part.