• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.8
• /
• pp.1466-1477
• /
• 2016

Public key infrastructure(PKI), principle technology of the certificate, is a security technology providing functions such as identification, non-repudiation, and anti-forgery of electronic documents on the Internet. Our government and financial organizations use PKI authentication using ActiveX to prevent security accident on the Internet service. However, like ActiveX, plug-in technology is vulnerable to security and inconvenience since it is only serviceable to certain browser. Therefore, the research on HTML5 authentication system has been conducted actively. Recently, domestic bank introduced PKI authentication complying with web standard for the first time. However, it still has inconvenience to register a certification on each website because of same origin policy of web storage. This paper proposes the certificate based SSO protocol that complying with web standard to provide user authentication using certificate on several sites by going around same origin policy and its security proof.

• Journal of Information Technology Services
• /
• v.9 no.1
• /
• pp.43-56
• /
• 2010

With the improvement of the Information Technology and the change of the business environment, the dependency of business on the Information Technology shows sharply increase. The Information Technology, however, is centered on the support of the technology viewpoint and thus the influence and effect of Information Technology on the business is hardly analyzed. The information system, therefore, requires not only technology-centric support management but service-oriented and systematic introduction of Information Technology Service Management(ITSM). The domestic ITSM market is currently expanding into variety of industries like finance, telecommunication, manufacturing and public service and at the same time the consequent reconstruction process of information system is continuously under way so as to qualify for the ISO 20000 certification. Especially the public organizations rapidly adopt the ITSM, in order to improve the quality of public service together with a goal of realizing the electronic government and of managerial innovation. The existing ITSM still, however, shows the tendency of depending only on the system construction and the management on the visible requirements whereas the overall process is not likely being improved. Hence, this study suggests, focusing on the life cycle of service, the model of ITSM based on Information Technology Infrastructure Library(ITIL) v3 which is appropriate for the public service. We expect, as stated in this study, that our ITSM model shall be widely accepted to the public agencies who promote the advance campaign by setting up the ITSM or reconstructing the existing process.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.4
• /
• pp.165-170
• /
• 2020

In the rapidly growing new and renewable ESS parts and materials market, there is a limit for domestic SMEs to cope with the rapidly changing global new and renewable ESS market. There is a growing need to build a new and renewable ESS convergence commercialization support center. Therefore, through the establishment of a new and renewable ESS convergence professional evaluation center base, performance evaluation and standardization of new and renewable ESS products enhance product reliability. And By securing the reliability of new and renewable ESS, it is possible to promote domestic supply business and export activation. In addition, by supporting domestic research institutes and manufacturers to enhance their development capabilities and strengthen their competitiveness, and shortening the test cost and testing period according to the total-test evaluation system, it is possible anti-spill effect can be expected. Therefore, in this paper, we intend to study the establishment of a test certification center beyond the level of developed countries that can establish standardization for performance evaluation and demonstration.

• The Journal of Society for e-Business Studies
• /
• v.16 no.4
• /
• pp.1-16
• /
• 2011

A digital certificate mandated by the Electronic Signature Act has become familiar in our daily lives as 95% of the economically active population hold certificates. Due to upgrades to 256 bit level security that have become effective recently, the security and reliability of digital certificates are expected to increase. Digital certificates based on Public Key Infrastructure (PKI) have been known as "no big problem," but the possibility of password exposure in cases of leaked digital certificates still exists. To minimize this vulnerability, various existing studies have introduced alternative password methods, expansion of certificate storage media, and multiple certification methods. These methods perform enhanced functions but also have limitations including the fact that the secureness of passwords is not guaranteed. This study suggests an alternative method for enhancing the level of password secureness as a way to improve password security. This new method improves security management and enhances the convenience of using digital technologies. The results may be used for developing digital certificate related security technologies and research in the future.

• Journal of Venture Innovation
• /
• v.2 no.1
• /
• pp.13-21
• /
• 2019

In LTE environment, which is 4th generation mobile communication systems, there is concern about private information exposure by transmitting initial identifier in plain text. This paper suggest mutual authentication protocol, which uses one-time password utilizing challenge-response and AES-based Milenage key generation algorithm, as solution for safe initial identification communication, preventing unique identification information leaking. Milenage key generation algorithm has been used in LTE Security protocol for generating Cipher key, Integrity key, Message Authentication Code. Performance analysis evaluates the suitability of LTE Security protocol and LTE network by comparing LTE Security protocol with proposed protocol about algorithm operation count and Latency.Thus, this paper figures out initial identification communication's weak points of currently used LTE security protocol and complements in accordance with traditional protocol. So, it can be applied for traditional LTE communication on account of providing additional confidentiality to initial identifier.

• Convergence Security Journal
• /
• v.5 no.1
• /
• pp.19-27
• /
• 2005

This paper presents the content regarding electronic medical examination chart and data processing for efficient medical examination and fast treatment by realizing remote medical examination system of mutual conversation type among 3 parties(patient, doctor, pharmacist) on internet base, and establishment of database enabled system integration for efficient data processing in both on-line and off-line mode by interconnecting ASP and SQL on IIS 4.0 web server, consultation between patient and doctor, medical examination on off-line mode, transmission of prescription sheet to the pharmacist designated by patient, preparation of medicine, semieternal storage of medical examination data owing to storage and check of medical examination data, more accurate medical examination and prescription using this medical examination data by patient and doctor, and so on. And, data processing between doctor and pharmacist is differently performed based on class such as general member and charge member, and service access right pursuant to this is endowed, so that certification of each member must follow by all means.

• Journal of Convergence for Information Technology
• /
• v.11 no.12
• /
• pp.22-29
• /
• 2021

COVID-19, which has spread around the world, is also affecting local economic industries such as the domestic tourism industry and the service industry. In particular, the quality of life is threatened as safety prevention rules related to infectious diseases such as social distancing have been regularized. The purpose of this study is to analyze the impact on safety quarantine on users of the summer festival at Songho Beach in Haenam, a summer resort. In addition, it protrudes through big data surveys, demographic analysis, and technology analysis on the management of users who have changed in the COVID-19 era. It is expected to be a reference material by utilizing practical data on users in the future. In addition, this study is significant that it has been reviewed for safety and satisfaction for tourists using the summer beach festival through quarantine management using ICT technology in the COVID-19 situation, and needs to be used as good guidelines and examples for this study in the future.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.8
• /
• pp.181-189
• /
• 2019

An aircraft power distribution device distributes and controls the power generated by the generator and provides overcurrent protection. There are many defect phenomena that make AC power distribution impossible during flight, which poses a problem in because some electronic equipment cannot be operated. We describe a process of deriving the root cause of defects by using vibration testing equipment to simulate the vibration conditions during aircraft flight, which result in defects. The results show that the cause of the defect is internal wiring damage caused by the vibration of the contactor of the AC power distribution device. Therefore, the shape of the contactor was improved to solve this problem. We also improved the test procedure by performing defect detection tests using vibration testing equipment to detect a faulty contactor. As a result of the improvements, a component certification test and flight test proved that the defect phenomena of the AC electrical master box were improved.

• Journal of Environmental Analysis, Health and Toxicology
• /
• v.21 no.4
• /
• pp.209-219
• /
• 2018

In the areas of RoHS, WEEE, ELV and REACH, reinforcement of environmental regulations against harmful substances is a global trend not only in EC but also in all over the world. In the fields of Korea's major export products such as material parts, electrical and electronic products and automobile parts, we are responding to these regulations consistently. To develop reference material for analyzing lead and cadmium in paints, the candidate materials were produced through the screening process which separated shapes and sizes. To secure the traceability of the candidate materials produced, the characteristics and uncertainties are estimated by ICP-AES analysis using the primary reference material. The short-term and long-term stabilities also are evaluated in parallel. In order to calculate the final certification value of the candidate material, the verification were carried out by the performance evaluation through the comparison among the KOLAS (Korea Laboratory Accreditation Scheme) laboratories, and the CRM was produced in accordance with ISO Guide 35. The certified values and uncertainties of Pb and Cd of the final paint standard, determined according to the joint analysis among laboratories, are Pb [($191.4{\pm}3.1$) mg/kg, ($944.1{\pm}5.6$) mg/kg] and Cd [($45.0{\pm}2.6$) mg/kg, ($225.5{\pm}3.5$) mg/kg]. These standard materials were developed to enhance the reliability of measurement analysis, including the validity and traceability of measurement results. Also it is expected that the CRM will be used as QCM (quality control material) for the product design and the process monitoring, so that regulation and management of hazardous heavy metals can be systematically implemented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.7 no.2
• /
• pp.107-122
• /
• 1997

Most of the currently used electronic mail system has the threat of security such as illegal leak of message, forgery, uncertain identity, denial of sending and receiving, and so forth. The security for this system is not satisfied yet, thus we explore these problems. In this thesis, we implement the security services for internet mail system which cover the weakness for traditional mail system. This system provides not only security services which PEM and PGP provides (i.e message confidentiality, message integrity, originator authentication, non-repudiation of origin), but also message replay prevention. and non-denial of recipient using certification of contents. In addition, this system increases security of the digital signature by signing with signature block formatting on the creation of it. And it increases security of the digital enveloping by encrypting with encryption block formatting of message encryption key.