• Journal of the Korean Society for Library and Information Science
• /
• v.55 no.1
• /
• pp.493-519
• /
• 2021

The purpose of this study is to propose a plan to implement the comprehensive linking system centered on identifiers in order to provide seamless academic information services to researchers. To achieve this goal, interviews were conducted with 17 researchers from five centers and one secretariat belonging to KISTI. The contents of the interview are about the establishment and management status of the identifier of the academic information service DB. As a result of the interview, it was found that the identification rate for identifiers such as KOI was high in the case of domestic articles DB, but the identification rate for global identifiers such as ORCID was low in the case of foreign articles DB except for DOI. To solve this problem, this study proposes the council for joint use of a comprehensive linking system to build the comprehensive linking system model centered on identifiers. The joint use council will be organized around domestic academic information distribution institutions, and the council is expected to discover and implement new services through ID linkage by collecting foreign identifiers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.139-144
• /
• 2007

Due to the increasing use of Internet and spread of ubiquitous environment the security of private information became an important issue. For this reason, many suggestions have been made in order to protect the privacy of users. In the study of authentication system using a smart card which is one of the methods for protecting private information, the main idea is to offer user anonymity. In 2004, Das et al. suggested an authentication system that guarantees anonymity by using a dynamic ID for the first time. However, this scheme couldn't guarantee complete anonymity as the identity of the user became revealed at log-in phase. In 2005, Chien at al. suggested a authentication system that guarantees anonymity, but this was only safe to the outsider(attacker). In this paper, we propose a scheme that enables the mutual authentication between the user and the sewer by using a smart card. For the protection of the user privacy, we suggest an efficient user authentication system that guarantees perfect anonymity to both the outsider and remote server.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1417-1420
• /
• 2008

본 연구에서는 서비스를 제공하는 각 서버들을 위협에서 보호하고 통합적으로 관리하기 위해 내장 IDS기반의 통합 보안관리 시스템을 개발하였다. IDS 서버를 외부망과 단절시킴으로써 IDS 서버에 대한 위협 자체를 원천적으로 차단하였고, 관리 대상 서버들에 에이전트를 탑재하여 탑재된 에이전트가 서버의 시스템 자원 및 네트워크 트래픽, 위협이 되는 패킷들의 자세한 정보를 수집, 분석하여 관리서버로 전송한다. 관리 프로그램은 비동기식의 X-Internet기술을 도입한 Adobe Flex를 사용한 웹 어플리케이션으로 개발하여 어떤 플랫폼에서도 접속하여 관리자의 역할을 수행할 수 있도록 하였다. 이와 같은 관리 프로그램을 통하여 대상 서버들의 시스템 자원 및 네트워크 트래픽들을 효율적으로 파악할 수 있고 IDS에서 탐지한 위협을 탐지 및 차단이 가능하도록 구현하였다.

• Convergence Security Journal
• /
• v.5 no.1
• /
• pp.29-34
• /
• 2005

Internet becomes absolutely necessary tools due to rapid progress of information technology. Educational correspondence about an age of information demand is focused on a learner and remote education based on information technology WBI(Web Based Instruction) is a formation that remotly educate a learner using web, possible mutual reaction between instructor and learner, submit various studying material, has a good point to overcome spatial restriction. Internal and external standardization working is accelerated and recently XML security studies are activated using XML which is next generation web standard document format. In this paper, we propose multi-Certification of agent system using XML digital signature to satisfy security requirement.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2006.05a
• /
• pp.986-989
• /
• 2006

앞으로의 네트워크는 Convergence와 Integrate라는 키워드를 기반으로 IP 중심의 통합된 망으로 발전되고 있다. IP 중심의 망은 각각의 다양한 access 기술을 포함하며, voice, multimedia, 그리고 새롭게 정의되는 서비스가 모두 제공될 수 있어야 한다. 따라서 점차 인터넷을 중심으로 하는 하나의 통합된 망의 형태로 진화 될 것이다 이러한 차세대 네트워크상의 단말은 소형화, 지능화, 그리고 이동성을 지니고 있으며, 다양한 access 기술을 사용하기 위한 multiple 인터페이스를 가진 멀티호밍 환경에 놓여있다. 따라서 이 네트워크는 기본적으로 이동성과 멀티호밍을 지원해야 하는 것이다. 그러나 현재 인터넷의 핵심인 Internet Protocol 구조는 이를 지원하지 못한다. 현재 IP 주소는 최종 단말의 식별자 (Identifier)와 단말의 위치 식별자 (locator)의 의미를 함께 사용하고 있어, 통신 중인 단말이 이동하면 IP 주소도 변경되어 통신 중인 세션이 끊기는 문제가 발생한다. 멀티호밍 환경에서도 역시 통신 중인 노드들의 경로를 바꾸게 되면 세션이 끊기게 되는 문제가 발생한다. 본 논문은 이와 같은 린 구조의 근본적인 문제를 해결하기 위해 Identifier와 locator를 분리하며, 단순하게 단말에 스택으로 존재하는 L3SHIM을 소개하고, 모든 단말에 이 기능이 지원되었을 때 기존의 인터넷 프로토콜의 확장과 인터넷의 구조에 어떤 영향을 줄 수 있는지에 대해 선행 연구를 하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.3-10
• /
• 2007

In this paper, we show that the status certificate-based encryption(SCBE) scheme proposed at ICISC 2004 and the certificateless signature(CLS) scheme proposed at EUC workshops 2006 are insecure. Both schemes are claimed that an adversary has no advantage if it controls only one of two participants making a cryptographic key such as a decryption key in SCBE or a signing key in CLS. But we will show that an adversary considered in the security model of each scheme can generate a valid cryptographic key by replacing the public key of a user.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.3
• /
• pp.1428-1438
• /
• 2013

Services take place in Internet environment, a formation of the trust relationship between user and service provider for services. Different authentication schemes such as using Certificate of Public Key Infrastructure authentication and using ID/PW for a simple user authentication have been proposed for trust relationship. In addition, in the case of electronic financial transactions, transaction integrity and non-repudiation features are provided. These services are provided in Internet environment, use various measures to ensure service safety. However, it was difficult to prevent attacks using existing security technology because of emergence of MITB attack that manipulate the memory area of the Web browser and social engineering attacks such as phishing/pharming, requires application of new security technologies became. In this paper, we propose a concept of smart secure-pad, and utilize it safely formed a trust relationship between user and service provider, a model has been proposed to ensure safety of data transmission. Proposed model's security evaluation results show security against to MITB attack and phishing/pharming that can't be prevent attack using existing security technology. In addition, service provider can easily apply the model in safe environment can provide Internet service using provided representative services applying the proposed model.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.5B
• /
• pp.429-436
• /
• 2011

The G-PON is an efficient solution to implement the FTTH and have GEM frame to accomodate various protocols like Ethernet frames, IP packets, and TDM signals. Above all, the Ethernet is one of the most widely used 2nd layer protocol in the campus, the subscriber access, and the carrier service. So G-PON system has to provide an Ethernet interface with top priority. In this paper, we implement a gigabit Ethernet adapter based on Ethernet over GEM in the ITU-T G.984.3 to accommodate Ethernet protocol in the G-PON TC chip. The adapter maps each Ethernet frame to a single or multiple GEM frames and has several functions including generation of the GEM header, encapsulation of frames and the SAR. In particular, the adapter have converter (LUT) MAC address to port-ID which is a key to identify logical connections though it is not defined in specification but important. We implement the adapter with a FPGA and verify the functions of segmentation and reassembling, MAC address learning, and throughput with the logic analyzer and the Ethernet analyzer.

• KIPS Transactions on Software and Data Engineering
• /
• v.9 no.11
• /
• pp.351-356
• /
• 2020

With the spread of COVID-19 infections, the need for next-generation learning management system for undact education is rapidly increasing, and the Ministry of Education is planning future education through the establishment of fourth-generation NEIS. If the fourth-generation NEIS System is well utilized, there are advantages such as providing personalized education services and activating the use of educational data, but a solution to the illegal access problem in an access control environment where strict authorization is difficult due to various user rights. In this paper, we propose a blockchain-based access control audit system for next-generation learning management. Sensitive personal information is encrypted and stored using the proposed system, and when the auditor performs an audit later, a secret key for decryption is issued to ensure auditing. In addition, in order to prevent modification and deletion of stored log information, log information was stored in the blockchain to ensure stability. In this paper, a hierarchical ID-based encryption and a private blockchain are used so that higher-level institutions such as the Ministry of Education can hierarchically manage the access rights of each institution.

• The KIPS Transactions:PartC
• /
• v.19C no.1
• /
• pp.9-18
• /
• 2012

In 2010, Pedro et al. proposed RFID distance bounding protocol based on WSBC cryptographic puzzle. This paper points out that Pedro et al.'s protocol not only is vulnerable to tag privacy invasion attack and location tracking attack because an attacker can easily obtain the secret key(ID) of a legal tag from the intercepted messages between the reader and the tag, but also requires heavy computation by performing symmetric key operations of the resource limited passive tag and many communication rounds between the reader and the tag. Moreover, to resolve the security weakness and the computation/communication efficiency problems, this paper also present a new RFID distance bounding protocol based on WSBC cryptographic puzzle that can provide strong security and high efficiency. As a result, the proposed protocol not only provides computational and communicational efficiency because it requires secure one-way hash function for the passive tag and it reduces communication rounds, but also provides strong security because both tag and reader use secure one-way hash function to protect their exchanging messages.