• The KIPS Transactions:PartD
• /
• v.9D no.6
• /
• pp.1043-1054
• /
• 2002

This paper intends to suggest a XML-based secure E-Procurement system using Unified Modeling Language(UML), as an application system for domestic automobile industry. Applying UML methodology, which is Component-based Development (CBD), we analyzed the workflow on procurement operation of automobile industry and implemented a prototype of efficient E-Procurement system for automobile industry, by developing XML/EDI and XML signature. Also, on this paper, object-oriented CBD is employed to minimize the risk of life cycle and reuse software as mentioned to limitation of information engineering methodology. It enables the interoperability with ERP (Enterprise Resource Planning) as corporate legacy system. This system proposes a solution to apply analysis and design of workflow, component development, interoperability with corporate information system, and XML signature for integrity and authentication of electronic documents in other system so far.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.3
• /
• pp.943-950
• /
• 2010

A secure entrance system is complicated because it should have various functions like monitoring, logging, tracing, authentication, authorization, staff locating, managing staff enter-and-leave, and gate control. In this paper, we built and applied a secure entrance system for a domestic nuclear plant using Aspect Oriented Programming(AOP) and design pattern. Using AOP has an advantage of clearly distinguishing the role for each functional module because building a system separated independently from the system's business logic and security logic is possible. It can manage system alternation flexibility by frequent change of external environment, building a more flexible system based on increased code reuse, efficient functioning is possible which is an original advantage of AOP. Using design pattern enables to design by structuring the complicated problems that arise in general software development. Therefore, the safety of the system can also be guaranteed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.11B
• /
• pp.1005-1016
• /
• 2006

As the increment usage of Internet, the security systems's importance is emphasized. The current Internet Key Exchange protocol(IKE) which has been used for key exchange of security system, was pointed out a problem of efficiency and stability. In this research, we try to resolve those problems, and evaluate the newly designed Key Exchange protocol in the IPsec interaction test bed system environment. In this research we implemented the new Key Exchange Protocol as a recommendation of RFC proposal, so as to resolve the problem which was pointed out the key exchange complexity and the speed of authentication process. We also designed the defense mechanism against the Denial of Service attack. We improved the key exchange speed as a result of simplification of complex key exchange phase, and increased efficiency as a result of reuse the preexistence state value when it's renegotiated.

• Journal of Korean Library and Information Science Society
• /
• v.54 no.2
• /
• pp.89-110
• /
• 2023

A data repository is being used as a tool for sharing and preserving research data. This study was conducted to investigate the current status of data repositories and to propose methods for obtaining Coretrustseal certification. In order to achieve the purpose of the study, the current status of data repositories in the field of Geoscience was investigated at re3data.org, and 10 best practices that obtained Coretrustseal certification were analyzed among the repositories. First, as a result of identifying the current status of repositories, the United States, Germany, and Canada accounted for 66% of the total repositories by country, and in the case of CTS certification, the proportion of the United States, Europe, and Germany was 58%. Next, as a way to secure CTS certification, necessary details and requirements in terms of data policy, organizational infrastructure, and technical infrastructure were presented. It is hoped that the results of this study will be helpful in establishing and operating domestic data repositories and obtaining CTS certification.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.10
• /
• pp.421-428
• /
• 2017

The need for various approaches to non-face-to-face identification technology for registering and authenticating users online is being required because of the growth of online financial services and the rapid development of financial technology. In general, non-face-to-face approaches can be exposed to a greater number of threats than face-to-face approaches. Therefore, identification policies and technologies to verify users by using various factors and channels are being studied in order to complement the risks and to be more reliable non-face-to-face identification methods. One of these new approaches is to collect and verify a large number of personal information of user. Therefore, we propose a big-data based non-face-to-face Identity Proofing method that verifies identity on online based on various and large amount of information of user. The proposed method also provides an identification information management scheme that collects and verifies only the user information required for the identity verification level required by the service. In addition, we propose an identity information sharing model that can provide the information to other service providers so that user can reuse verified identity information. Finally, we prove by implementing a system that verifies and manages only the identity assurance level required by the service through the enhanced user verification in the non-face-to-face identity proofing process.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.4
• /
• pp.975-983
• /
• 1998

In these days, information communication systems are based on both open distributed computing technologies and object-oriented techniques like inheritance, encapsulation and object reuse to support various system configuration and application. As information systems are interconnected through unsecure networks, the need for the secure information exchange is more critical than before. In this paper, we have designed and implemented a transparent CORBA-basce Security infrastructure with authentication, security context association, access control and security information management to support a secure applications in distributed object environment. SESAME Ver. 4 was adopted as an external security service to manage user privilege attributes and to distribute keys for data encryption, decryption and integrity. Using filter and transformer with an interface to Object Request Broker, it provides a transparent security service to applications. The filter objects are special classes that allow additional parameters to be inserted into messages before they are sent and removed just after they are received. The transformer objects are special classes that allow direct access to the byte stream of every messages for encryption and decryption before it is sent and just after it is received. This study is to implement the access control interceptor(ACI) and the secure invocation interceptor(SII) of secure ORB defined in CORBA using filter and transformer.