• Journal of Arbitration Studies
• /
• v.9 no.1
• /
• pp.367-390
• /
• 1999

The basic requirements for conducting electronic commerce include confidentiality, integrity, authentication and authorization. Cryptographic algorithms, make possible use of powerful authentication and encryption methods. Cryptographic techniques offer essential types of services for electronic commerce : authentication, non-repudiation. The oldest form of key-based cryptography is called secret-key or symmetric encryption. Public-key systems offer some advantages. The public key pair can be rapidly distributed. We don't have to send a copy of your public key to all the respondents. Fast cryptographic algorithms for generating message digests are known as one-way hash function. In order to use public-key cryptography, we need to generate a public key and a private key. We could use e-mail to send public key to all the correspondents. A better, trusted way of distributing public keys is to use a certification authority. A certification authority will accept our public key, along with some proof of identity, and serve as a repository of digital certificates. The digital certificate acts like an electronic driver's license. The Korea government is trying to set up the Public Key Infrastructure for certificate authorities. Both governments and the international business community must involve archiving keys with trusted third parties within a key management infrastructure. The archived keys would be managed, secured by governments under due process of law and strict accountability. It is important that all the nations continue efforts to develop an escrowed key in frastructure based on voluntary use and international standards and agreements.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.12
• /
• pp.6152-6168
• /
• 2017

Recently, the biometric-based authentication systems such as FIDO (Fast Identity Online) are increased in mobile computing environments. The biometric-based authentication systems are performed on the mobile devices with the battery, the improving energy efficiency is important issue. In the case, the size of images (i.e., face, fingerprint, iris, and etc.) affects both recognition accuracy and energy consumption, and hence the tradeoff analysis between the both recognition accuracy and energy consumption is necessary. In this paper, we propose an energy-efficient way to authenticate based on biometric information with tradeoff analysis between the both recognition accuracy and energy consumption in multimedia IoT (Internet of Things) transmission environments. We select the facial information among biometric information, and especially consider the multicore-based mobile devices. Based on our experimental results, we prove that the proposed approach can enhance the energy efficiency of GABOR+LBP+GRAY VALUE, GABOR+LBP, GABOR, and LBP by factors of 6.8, 3.6, 3.6, and 2.4 over the baseline, respectively, while satisfying user's face recognition accuracy.

• Journal of Korea Multimedia Society
• /
• v.14 no.8
• /
• pp.1029-1040
• /
• 2011

Electronic identity (e-ID) card based on smartcard is a representative identity credential for on-line and off-line personal identification. The e-ID card can store the personal identity information securely, so that the information can be accessed fast, automated identity verification and used to determine the cardholder's authorization to access protected resources. Due to such features of an e-ID card, the number of government organizations and corporate enterprises that consider using e-ID card for identity management is increasing. In this paper, we present an authentication framework for access control system using e-ID cards by discussing the threat environment and security requirement against e-ID card. Specifically, to accomplish our purpose, we consider the Personal Identity Verification system as our target model.

• ETRI Journal
• /
• v.19 no.3
• /
• pp.186-201
• /
• 1997

In this paper, a home location register (HLR) for CDMA mobile communication system (CMS) is introduced. It stores the mobile station (MS) subscribers locations and supplementary service information. Call processing procedures for HLR are developed to receive and store subscriber's location coming from mobile exchange (MX) during the location registration, and to transfer subscriber's location and supplementary service information to the MX during the mobile-terminated call setup. For fast call processing by increasing database access speed, a memory-resident database management system is devised. For Easy and secure HLR operation, administration and maintenance functions and overload control mechanisms are implemented. Designed HLR hardware platform is expandable and flexible enough to reallocated software blocks to any subsystems within the platform. It is configurable according to the size of subscribers. An authentication center (AC) is developed on the same platform. It screens the qualified MS from the unqualified. The calls to and from the unqualified MS are rejected in CMS. To authenticate the MS, the AC generates a new authentication parameter called "AUTHR" using shared secret data (SSD) and compared it with the other AUTHR received from the MS. The MC also generates and stores seed keys called "A-keys" which are used to generate SSDs. The HLR requirements, the AC requirements, software architecture, hardware platform, and test results are discussed.

• The KIPS Transactions:PartC
• /
• v.9C no.1
• /
• pp.17-20
• /
• 2002

IMT-2000 technologies are divided 3G packet data system that using mobile IP and GPRS that based on the GSM networks. These technologies Push introduce mobile IP to support seamless roaming. In mobile If environments, use AAA server such as RADIUS or DIAMETER to provide authentication service for dial-up computers. This factor is important for mobile nodes. Mobile If require strong authentication between mobile nodes and home agents. We propose application of AAA protocols for smooth handoff mechanism in IMT-2000 environments.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.603-605
• /
• 2014

With a fast progress of medical information technology, there are many ongoing studies on utilization and integration of medical information in medical industries. But for now, the integration of medical information is a heavy burden to medical facilities since they have to change their systems in general. So the studies tend to introduce EMR system in a cloud base. The centralized system can have a lot of problems that exposure to health information in a cloud environment. This paper proposes a method for integration and authentication of medical information using broker agent in multi-cloud environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.582-596
• /
• 2019

Considering that the existing Long Term Evolution is not suitable for the fast and frequent handovers of high-speed trains, this paper proposes a relay-assisted handover mechanism to solve the problems of long handover authentication time and vulnerable to security attacks. It can achieve mutual authentication for train-ground wireless communication, and data transmission is consistent with one-time pad at the same time. The security analysis, efficiency analysis and simulation results show that the proposed mechanism not only realizes the forward security and resists many common attacks, but also effectively reduces the computational overhead of train antenna during the secure handover process. When the running speed of a train is lower than 500km/h, the handover delay is generally lower than 50ms and the handover outage probability is less than 1.8%. When the running speed of a train is 350km/h, the throughput is higher than 16.4mbps in the process of handover. Therefore, the secure handover mechanism can improve the handover performance of high-speed trains.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.97-106
• /
• 2003

The important factor in Public-Key Infrastructure is the authentication to correspondent. We receive the digital certificate for authentication between each other, and then we check the existence of validity on the certificate by Certification Revocation List(CRL). But, To use CRL is the scheme used in offline status. So, it is impossible to refer to the latest information and the CRL scheme which is used after downloading is variously unsuitable to getting bigger of the CRL size as time goes on. Therefore, we prefer OCSP(Online Certificate Status Protocol) used in online to CRL used in offline. Consequently, we propose the scheme which provides the request of fast verification in case of requesting the verification on the certificate by owning the same update information to Certificate Registry and distributed OCSP.

• Journal of the Korea Convergence Society
• /
• v.4 no.1
• /
• pp.27-31
• /
• 2013

The fast-paced development in the field of wireless charger based on M2M, which is available anytime and anywhere, is being underway in accordance with the development of IT technology. Wireless charger technology in M2M has various security threats because it is based on wireless network. The purpose of this paper is to examine the threats of authentication and payment attacks based on wireless network attacks, and to propose the response technique that fit the situation of the wireless charger service by modifying the existing detecting authentication and payment through wireless charger.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.906-909
• /
• 2005

There are two reasons that the remote medical is newly embossed. One is the development of the info-communications technology that is possible to the remote diagnosis. Another is changing the thinking about the new medical services for the offerers and consumers. Therefore, we suggest the WPKI mobile-environmental remote diagnosis system. The system could apply more efficient connetion with the very fast developing diagnosis and medical treatment.