• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.2
• /
• pp.377-387
• /
• 2009

Digital signatures not only provide a way of guaranteeing the integrity of data but also establish the identity of the signer. However, basic digital signature format which contains only the signature of the signer does not guarantee the correctness of its creation time, and it can not remain valid over long periods. This paper proposes a system which integrates timestamp service into digital signatures. The system provides online services for the creation and verification of long term digital signatures which can give the guarantee of the correctness of their creation times and can be proved to be valid over long periods. The proposed system can be used in the various areas such as e-commerce contracts, document archival services, and invoice applications, which requires long term digital signatures. The proposed system is tested with the KRISS timestamp service system.

• The Korean Journal of Archival Studies
• /
• no.78
• /
• pp.79-151
• /
• 2023

The purpose of this study is to analyze the current state of long-term preservation policy for electronic records in Korea and to present future tasks. Although the current electronic record long-term preservation policy is not clearly codified, it can be said to consist of technical elements such as digital signature, hash, preservation format, and long-term preservation package. Each technological element was considered in order, and the limitations of the current policy and technology in the changing digital environment were analyzed and alternatives were presented.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2012.07a
• /
• pp.195-197
• /
• 2012

전자서명의 장기검증이란 서명에 사용된 인증서의 유효기간이 지난 오랜 후에 서명을 검증하고자 하는 문제이다. RFC3126에서는 전자서명의 장기검증을 가능하게 하기 위해 타임스탬프기관(TSA)에 대한 신뢰를 바탕으로 전자서명에 타임스탬프(TS)를 부가하여 장기검증포맷으로 변환하여 저장하는 방법을 제시하고 있는데 TSA의 인증서도 유효기간을 가지기 때문에 시간이 지날수록 새로운 TS를 계속 부가해야 한다는 단점이 있다. 한편 과거에 사용했던 인증서 및 CRL등의 인증체계 자체를 보존하고 인증해주기 위한 메커니즘은 인증체계의 연속성을 보장하기 위해 매우 중요하다고 볼 수 있는데, 현재의 공개키기반구조(PKI) 메커니즘에는 특별히 정의되어 있지 않다. 인증체계의 장기검증을 위해 RFC3126[1]의 방법론을 적용하는 것은 여러 가지 측면에서 효율적인 방법이 아니다. 이 논문에서는 인증체계의 과거역사를 보존하고 보증해주기 위한 새로운 방법을 제시하는데, 인증기관이 자신의 인증서를 갱신하는 경우 자신이 운영했던 과거의 인증역사에 대해 봉인을 하고 책임있는 사후서비스를 하도록 하며, 현재의 인증서에 과거역사에 대한 명시적인 인증을 포함하도록 하는 것이다. 이러한 방법은 기존의 인증체계와 함께 이용될 수 있고 인증체계의 연속성을 보장하는데 큰 역할을 하게 되며 전자서명 장기검증에도 유용하게 이용될 수 있음을 보인다.

• Journal of Korea Multimedia Society
• /
• v.8 no.11
• /
• pp.1462-1471
• /
• 2005

Recently, the medical image has been digitized by the development of computer science and digitization of the medical devices. There are needs for database service of the medical image and long term storage because of the construction of PACS(picture archiving and communication system) following DICOM(digital imaging communications in medicine) standards, telemedicine, and et al. However, it also caused some kinds of problems, such as illegal reproduction of medical image, proprietary rights and data authentication. In this paper, we propose the new digital watermarking technique for medical image based on public key encryption algorithm for integrity verification. It prevents illegal forgery that can be caused after transmitting medical image data remotely. The watermark is the value of bit-plane in wavelet transform of the original image for certification method of integrity verification. We proposed the embedding regions are randomly chosen considering ROI, and a digital signature is made using hash function of MD5 which input is a secret key. The experimental results show that the watermark embedded by the proposed algorithm can survive successfully in image processing operations and that the watermark's invisibility is good.

• Journal of the Korean BIBLIA Society for library and Information Science
• /
• v.16 no.2
• /
• pp.43-59
• /
• 2005

Traditional paper records have to be preserved in the original form to ensure the authenticity. On the other hand. electronic records have to be continuously changed in content itself or metadata to be preserved in long-term period, so the proof of the legality of each change made so far and the proof of the protection against all the illegal changes are the essential. to ensure these requirements. We need some functions including the authentication of original captured records. the protection of records against the loss or forgery, the authentication of preserved records, and the treatment of authentication-failed records. This paper explains the fragility of authenticity for electronic records, identifies the functions needed, suggests the implementation idea, and describes the overall management polity for electronic records to ensure the authenticity.