한국컴퓨터정보학회논문지 (Journal of the Korea Society of Computer and Information)

  • 제17권7호
  • /
  • Pages.117-128
  • /
  • 2012
  • /
  • 1598-849X(pISSN)
  • /
  • 2383-9945(eISSN)
한국컴퓨터정보학회 (Korean Society of Computer Information)
권호 표지
DOI QR코드

DOI QR Code

i-PIN 서비스를 활용한 인증 서비스 구현

Implementation of Personal Certification Using i-PIN Service

  • 김현주 (단국대학교 전자전기공학부) ;
  • 신인철 (단국대학교 전자전기공학부) ;
  • 이수종 (협성대학교 컴퓨터공학과)
  • Kim, Hyun-Joo (Department of Electronics and Electrical Engineering, Dankook University) ;
  • Shin, In-Chul (Department of Electronics and Electrical Engineering, Dankook University) ;
  • Lee, Soo-Jung (School of Computer Engineering, Hyupsung University)
  • 투고 : 2012.03.09
  • 심사 : 2012.05.04
  • 발행 : 2012.07.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

기존 인터넷 웹 사이트에서는 개인을 식별하는 방법으로 주민등록번호를 사용해 왔다. 그러나 인터넷에서의 주민등록번호 사용은 개인정보 유출 위험을 증가시키는 주요인이 되고 있다. 현재 정부에서는 인터넷에서 주민등록번호 수집과 개인정보 유출을 방지하고자 다양한 정보 보호 서비스를 권장하고 있다. 이 중 인터넷상에서 주민등록번호 사용을 최소화를 위해 권장하는 서비스가 i-PIN 서비스이다. 그러나 i-PIN은 인터넷에서주민등록번호 수집을 대체 할 수는 있으나, 개인을 식별하는 유일한 키로 사용하기에는 한계점이 있다. 본 논문에서는 i-PIN을 개인인증서로 사용하여 인터넷 웹 시스템 접속 시 본인을 인증하는 웹 시스템 구성을 제안한다. 또한, i-PIN 서비스가 웹 시스템과 연계되어 개인인증서로 사용 시의 실용성과 안정성을 성능평가로 확인하였다. 그러나 i-PIN 서비스는 i-PIN 제공 본인확인기관에 장애가 발생되면 서비스 지원이 불가능해 진다. 이 불편을 해결하고자 i-PIN 본인확인기관의 장애 대처 방안도 제안한다.

Recently IT infrastructure plays a central role in the base of the society. However, use of personal registration number on internet sites has become a major factor increasing danger of leaking of personal information. Currently, the government is recommending various information protection services in order to prevent the collection of personal registration numbers and leaking of personal information on the internet. Among them, i-PIN service is the one recommended for minimal use of personal registration numbers on the internet. Although i-PIN can be used as a way to substitute personal registration numbers on the internet, there are certain limitations in using i-PIN as the only key to recognize individuals. This study proposes organization of web system in which self certification can be conducted using i-PIN as a tool for personal certification. Also its usability and stability have been verified through performance test when i-PIN service is linked with web service and used as personal certificate. But i-PIN service is unavailable if obstacles occur in providers of i-PIN self certification. To settle this inconvenience, the study also proposes how to cope with such obstacles.

키워드

참고문헌

  1. J.Y. Hwang, "Variation of the ubiquitous environment protection of information and response strategies Facts", Korea Internet Security Agency, 2008.
  2. "Social security number on the Internet as a means of protection available technology certificate", Korea Information Certificate Authority Inc, pp. 13-14, 40-42, 2010. 09.
  3. Digital daily, http://www.ddaily.net/news/news_view.php?uid=79077
  4. Daejonilbo, http://www.daejonilbo.com/news/newsitem.asp?pk_no=960693
  5. Y.S. Cho, S.H. Jin, "Overview and Comparison of Internet Identity Management System", Electronics and Telecommunications Trends 22(3), pp. 137, 2007. 6.
  6. K.S. Min, "Spread dissemination as an alternative to social security numbers required i-PIN", Korea Press Foundation Newspapers and Broadcast, pp. 168, 2008. 05.
  7. Ministry Public Administration And Security Public i-PIN Service, http://www.g-pin.go.kr/
  8. Y.D. Yun, "Social Security replaces public i-PIN Service", Korea Regional Economic Research Institute, pp. 46 49, 2008, 11.
  9. In-Yong Jang, "Proposal for promoting i-PIN service by analyzing problems and offering alternatives", Soonchunhyang University, pp. 34-36 42-46, 2009.
  10. "i-PIN 2.0 Introduce Manual", Korea Communications Commission, Korea Internet Security Agency, 2009, 7.
  11. "i-PIN Policy Briefing And [Personal information, technical, and managerial safeguards standards] Reform hearings" Source Book, Korea Internet Security Agency, 2009.
  12. Kwang-Jin Park, "Number of residents(i-PIN) for the development of technical standards and service frameworks", Korea Institute of Information Security, pp. 20-26, 2008.
  13. "2009 Survey on state of Information Security ", Korea Internet Security Agency, pp. 122-125, 2010
  14. "Survey on the usage and satisfaction of i-PIN", Korea Internet Security Agency, A research paper , 2007.
  15. Younsung Choi, Yunho Lee, Seungjoo Kim, Dongho Won, "Security Analysis on the Implementation Vulnerabilities of I-PIN", Korea Institute of Information Security, pp. 148-149, 40, 2007. 4.
  16. "Framework for internet-Personal Identification Number Service", TTAS.KO-12.0054, TTA Standard, pp. 4-7, 2007.
  17. C.J. JUNG, Personal identification number from the Internet service and Standard, Korea Internet Security Agency, pp. 75-78, TTA Journal 2008.
  18. SangHwan Park, "Secure Korean-SSN Alternative Information Service", Korea University 2006.
  19. SangHwan Park, "Secure Korean-SSN Alternative Information Service", Korea University 2006.
  20. "Duplicated Joining Verification Information for i-PIN Service", TTAK.KO-12.0038, TTAK.KO-12.0038/R1, TTAStandard, pp. 7-9, 2008.
  21. Young-Hyun Lee, "A Study of Personal Identification Method for Preventing Personal Privacy Information Leakage", Seoul National University of Technology, pp. 19-20, 2009.
  22. Young-Ho Seo:Jong-Hyeon Kim:Young-Jin Jung:Dong-wook Kim, "ITC-CSCC 2000 PROCEEDINGS V.1 - VLSI Design & Applications 1", ITFIND , 2007. 07.
  23. Shuo Bai, "IWAP2001: First International Workshop for Asian PKI-PKI in China", ITFIND , 2001.10.
  24. Tae-Jin Yun, "Improved RFID Mutual Authentication Protocol using One-Time Pad and One-Time Random Number Based on AES Algorithm ", Korea Science Computer Institute, pp. 164, 2011. 11.