• Management & Information Systems Review
• /
• v.12
• /
• pp.1-15
• /
• 2003

As a rapid development of electronic commerce transactions in these days, the security and private protection problems became more important matters under the electronic transaction base. Because electronic transaction using electronic documents be carried without direct person to person meeting, there can be the possibility to use other's identity illegally without notice, and very hard to verify authenticity of transaction as well. In addition, it is very hard to find out that the electronic documents on the process of submitting is forged documents or not, and also have much difficulty in maintaining transmitting secret. Therefore, to solve such problems on electronic commerce transactions and electronic documents, the digital signature and certification system with cryptography skill is inevitably necessary. As the wide use of digital signature together with beginning of digital government and financial transaction, not only the issuance of electronic certification, but certification market came to gradually expand. In Korea, after enacting digital signature act in 1999, the act contents were expanded to the wide range of contents complying with global standards from the end of 2001 to April, 2002, including the new clause of certification problems. And the act was put into operation now. Therefore, in this paper, we'd like to suggest development scheme through the investigation on electronic certification related problems, such as, concepts, procedures, service conditions here and abroad.

• Annual Conference of KIPS
• /
• 2006.05a
• /
• pp.939-942
• /
• 2006

웹 서비스는 오늘날의 인터넷 환경에서 분산되어있고, 이질적인 시스템들 간에 상호운용을 제공하는 새로운 소프트웨어 시스템의 형태이다. 이러한 환경에 있어서 보안은 가장 중요한 이슈 중 하나이다. 공격자는 아무런 인증 없이 사용자의 비밀정보를 노출시킬 수도 있다. 더구나 유비쿼터스 환경에서 사용자들은 웹 서비스를 이용하기 위해 반드시 그들 대신 서비스를 처리할 에이전트들에게 그들의 권한 모두를 혹은 그 중 일부분을 일시적으로 위임해야만 한다. 이것은 사용자의 비밀정보가 에이전트들을 통해 외부에 노출되는 결과를 초례한다. 본 논문에서는 유비쿼터스 환경에서의 안전한 웹 서비스를 위한 위임모델을 제시한다. 우리는 에이전트를 통한 비밀정보의 노출을 막고 서비스의 기밀성과 단언정보의 무결성을 제공하기 위해 XML암호화와 XML전자서명 방식을 이용한다. 그리고 XACML 기반의 웹 서비스 관리 서버를 통해 웹 서비스 제공자들과의 서비스정책의 상호운용을 수행한다. 우리는 역시 멀티 에이전트들 간의 위임을 통해 웹 서비스 제공자들에게 전달될 위임 단언을 정의하기 위해 SAML을 확장 시킨다.

• Journal of the Korean BIBLIA Society for library and Information Science
• /
• v.16 no.2
• /
• pp.43-59
• /
• 2005

Traditional paper records have to be preserved in the original form to ensure the authenticity. On the other hand. electronic records have to be continuously changed in content itself or metadata to be preserved in long-term period, so the proof of the legality of each change made so far and the proof of the protection against all the illegal changes are the essential. to ensure these requirements. We need some functions including the authentication of original captured records. the protection of records against the loss or forgery, the authentication of preserved records, and the treatment of authentication-failed records. This paper explains the fragility of authenticity for electronic records, identifies the functions needed, suggests the implementation idea, and describes the overall management polity for electronic records to ensure the authenticity.

• Journal of KIISE
• /
• v.41 no.11
• /
• pp.885-891
• /
• 2014

A hash function is an essential cryptographic algorithm primitive that is used to provide integrity to many applications such as message authentication codes and digital signatures. In this paper, we introduce a concept and test method for a Cryptographic Algorithm Validation Program (CAVP). Also, we design an SHA-3 CAVP program and implement an SHA-3 algorithm in 16bit-UICC. Finally, we compare the efficiency of SHA-3 with SHA-2 and evaluate the exellence of the SHA-3 algorithm.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.551-556
• /
• 2001

The ESES system has been developed to supply a digital signature function, an encryption function, and a library of cryptographic primitives and algorithm for securing an XML document and the existing non-XML documents that are exchanged in the electronic commerce. In this paper, we will introduce the overview of ESES system and explain how the ESES processes to offer security services Finally we\`ll conclude our talk by presenting the summary and further works.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.15
• /
• pp.211-238
• /
• 2001

This article discusses and analyses several issues regarding to the Electronic Signature and the Electronic Certification. The objects of the analyse are the each paragraphs of the Korean Electronic Signature Act of 1999 and that of the Korean Electronic Transaction Basic Act of 1999 in comparing to the paragraphs of the Electronic Signatures in Global and National Commerce Act' (E-Sign) of 2000, U.S.A. and that of the Draft UNCITRAL Model Law on Electronic Signature of 2000. The main issues discussed herein are the scope of the electronic signature, the definition of the electronic signature, permission of services to the non-authorized certification service providers, the effect of the electronic signature, the liability of the concerning parties of the electronic signature including liability of the certification service providers, that of the subscribers and that of the relying parties. This paper also discusses the problems of the possibility of issuing the electronic negotiable commercial papers, the validity of the electronic signatures done by electronic agents, the authority certificate, mutual certification of the foreign certification service providers, the permission of the electronic notary service, the problems of the consumer protection and the possibility of issuing electronic insurance policy, etc. The writer concludes by suggesting some measures that will activate the use of electronic signatures under the korean circumstances.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.6 no.4
• /
• pp.624-631
• /
• 2002

In this paper, an effective digital watermarking method for copyright protection of binary image data is proposed. First a binary image is grouped into feature regions which has geometrical features and general one. The watermark for authentication is embedded in general regions in order to preserve geometrical features regions. We have used run-length code and special runs for grouping feature regions and general one. For invisibility of watermark, we have embedded the watermark considering transition sensitivity of each pixel in general regions. The proposed method is applied some binary image such as character, signature, seal, and fingerprint image to evaluate performance. By the experimental results, the proposed method preserve feature regions of original image and have higher invisibility of watermarks.

• Convergence Security Journal
• /
• v.9 no.2
• /
• pp.23-32
• /
• 2009

CeDA (Certified e-Document Authority) was adopted in March 2005. It is possible to register/store/send/receive/transfer/revoke e-documents by using trusted third party, CeDA. It is important to store not only e-documents of users but also logs produced by CeDA. Thus all logs must be electronically signed using certificate of CeDA. But management of electronically signed logs is difficult. In this paper, the method which can be applicable to authenticate all logs of CeDA using "Hash Tree" is present.

• Journal of Digital Convergence
• /
• v.10 no.4
• /
• pp.243-250
• /
• 2012

This study proposes new protocol protecting patients' personal record more safely as well as solving medical dispute smoothly by storing the record not into a computer server in hospitals but into the National Health Insurance Corporation computer server. The new protocol for electronic medical record is designed using RSA public key algorithm and DSA digital signature. In addition, electronic medical record systems are built up with more safety and reliability through certificate authority. The proposed medical information systems can strengthen trust between doctors and patients. If medical malpractice occurs, the systems can also provide evidence. Furthermore, the systems can be helpful to reduce medical accidents. The systems could be also utilized efficiently in various applied areas.

• Journal of Arbitration Studies
• /
• v.23 no.2
• /
• pp.141-164
• /
• 2013

The current Korean Arbitration Act (KAA) ${\S}37(2)$ requires that a formal copy of an arbitral award or a duly certified copy thereof and the original arbitration agreement or a duly certified copy thereof be produced for the recognition and enforcement of a arbitral award. But as the KAA provides that the recognition and enforcement of a foreign arbitral award to which the New York Convention applies shall be granted in accordance with the Convention, the duly authenticated original award should be produced instead of a formal copy in that case. The provision on the documents to produce for the recognition and enforcement of an arbitral award is set to establish a reasonable and transparent standard and to facilitate the recognition and enforcement of awards by prohibiting parochial refusal of the recognition and enforcement on the grounds of formalities. Therefore it is necessary to simplify those documents according to the internationally acknowledged standard. It would be desirable to amend KAA ${\S}37(2)$ to require only "the original arbitral award or a copy thereof" without authentication or certification and a translation into Korean without any condition, adopting the 2006 amendment to the UNCITRAL Model Law on International Commercial Arbitration.