• Title/Summary/Keyword: CA(Certification Authority)

Search Result 22, Processing Time 0.014 seconds

Privacy-Enhanced Subject Identification method Embedded in X.509 Certificate (X.509 인증서에 포함된 프라이버시 보호기능을 가진 개인 식별 방법)

  • Lee, Jae-Il;Park, Jong-Wook;Kim, Seung-Joo;Song, Joo-Seok
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.16 no.5
    • /
    • pp.59-66
    • /
    • 2006

  • A Certification Authority issues X.509 public key certificates to bind a public key to a subject. The subject is specified through one or more subject names in the 'subject' or 'subjectAltName' fields of a certificate. In reality, however, there are individuals that have the same or similar names. This ambiguity can be resolved by including a 'permanent identifier' in all certificates issued to the same subject, which is unique across multiple CAs. But, a person's unique identifier is regarded as a sensitive personal data. Such an identifier cannot simply be included as part of the subject field, since its disclosure may lead to misuse. We present a new method for secure and accurate user authentication through the PEPSI included in the standard certificate extension of a X.509 certificate. The PEPSI can be served not only for user authentication but also for the user anonymity without divulging personal information.

  • https://doi.org/10.13089/JKIISC.2006.16.5.59 인용 PDF KSCI HTML

A Design and Implementation of Secure Electronic Bidding System (인터넷 기반 전자입찰시스템의 보안 설계 및 구현)

  • 윤선희
    • Journal of the Korea Computer Industry Society
    • /
    • v.3 no.7
    • /
    • pp.861-870
    • /
    • 2002

  • The area of business applications in the internet are extended enormously in result of fast development of computing and communication technologies, increase of internet use, and use of intranet/extranet in enterprise information system. Widely spread the use of the internet, there are various applications for Business to Business (B to B) or Business to Customer(B to C) model that are based on the intranet or extranet. This paper designed and implemented the Web-based Electronic Bidding System for Business to Business (B to B) model. The technical issues of electronic bidding system in the internet are involved in the connection between web client and server, electronic data interchange for the contract document, and security solution during the bidding and contracting processes. The web-based electronic bidding system in this paper is implemented using Java applet and servlet as a connection interface for web client and sewer, XML/EDI-based documents for a bid and a contract, and bidding server and notary server for enhancing the security using PKI(Public Key Infrastructure)-based public key cryptography, digital signature and Certification Authority (CA).

  • PDF