• International Commerce and Information Review
• /
• v.1 no.2
• /
• pp.205-228
• /
• 1999

Intercompany online businesses can offer digital information to each company, and yet without legal verification business activities are less efficient. Just one single country cannot control this problem with its own EC law and now international cooperations are being required. Currently, International Regularization is the main agenda among the international organizations such as UNCITRAL, OECD and WTO and so on. Furthermore, most of the advanced nations, including the USA and EU, announce their fundamental strategies for the multilateral regularization in their favor. At the present stage, South Korea's Electronic Commerce law and Digital Signature law went into effect as from July 1, 1999, indicating that they can strike the keynote of the systematic infrastructure for the electronic commerce transactions in this country.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.05a
• /
• pp.540-543
• /
• 2020

본 논문에서는 대표적인 이미지 분류 모델인 CNN(Convolutional Neural Network)과 시간에 따른 이미지의 변화를 학습할 수 있는 LSTM(Long Short-Term Memory) 기반의 온라인 서명인식 모델을 제안한다. 실제로는 위조서명을 미리 구하기 어렵다는 사실을 고려해 서명검증 대상자가 아닌 타인의 진서명과 대상자의 일반 필기 데이터를 음의 데이터로서 학습에 사용하였다. 실험 결과, 전체 이미지 중 서명 부분의 비율에 따라 좋은 성능을 보이는 검증 모델이 다르며 Accuracy 성능지표를 통해 이 비율이 높거나 낮을 경우 CNN-LSTM 이, 중간일 경우 CNN 이 적합하다는 것을 확인하였다.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.43-53
• /
• 2019

Recently, a number of military intranet infiltrations suspected of North Korea have been discovered. There was a problem that a vulnerability could occur due to the modification of user authentication data that can access existing military information systems. In this paper, we applied mutual verification technique and API (Application Programming Interface) forgery / forgery blocking and obfuscation to solve the authentication weakness in web browsers that comply with FIDO (Fast IDentity Online) standard. In addition, user convenience is improved by implementing No-Plugin that does not require separate program installation. Performance tests show that most browsers perform about 0.1ms based on the RSA key generation rate. In addition, it proved that it can be used for commercialization by showing performance of less than 0.1 second even in the digital signature verification speed of the server. The service is expected to be useful for improving military information system security as an alternative to browser authentication by building a web secure storage.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.49-58
• /
• 2018

A certificate is a means to certify users by conducting the identification of the users, the prevention of forgery and alteration, and non-repudiation. Most people use an accredited certificate when they perform a task using online banking, and it is often used for the purpose of proving one's identity in issuing various certificates and making electronic payments in addition to online banking. At this time, the issued certificate exists in a file form on the disk, and it is possible to use the certificate issued in an existing device in a new device only if one copies it from the existing device. However, most certificate duplication methods are a method of duplication, entering an 8-16 digit verification code. This is inconvenient because one should enter the verification code and has a weakness that it is vulnerable to security issues. To solve this weakness, this study proposes a method for enhancing security certificate duplication in a multi-channel using TCP and BLE. The proposed method: 1) shares data can be mutually authenticated, using BLE Advertising data; and 2) encrypts the certificate with a symmetric key algorithm and delivers it after the certification of the device through an ECC-based electronic signature algorithm. As a result of the implementation of the proposed method in a mobile environment, it could defend against sniffing attacks, the area of security vulnerabilities in the existing methods and it was proven that it could increase security strength about $10^{41}$ times in an attempt of decoding through the method of substitution of brute force attack existing method.

• Information Systems Review
• /
• v.25 no.4
• /
• pp.47-65
• /
• 2023

In this paper, we investigate how the online voting system can be a trust-based system from a technical perspective. Under four principles of voting, we finely evaluate the existing belief that offline voting is safer and more reliable than online voting based on procedural processes, technical principles. Many studies have suggested the ideas for implementing online voting system, but they have not attempted to strictly examine the technologies of online voting system from the perspective of voting requirements, and usually verification has been insufficient in terms of practical acceptance. Therefore, this study aims to analyze how the technologies are utilized to meet the demanding requirements of voting based on the technologies proven in the field. In addition to general data encryption, online voting requires more technologies for preventing data manipulation and verifying voting results. Moreover, high degree of confidentiality is required because voting data should not be exposed not only to outsiders but also to managers or the system itself. To this end, the security techniques such as Blind Signature, Bit Delegation and Key Division are used. In the case of blockchain-based voting, Mixnet and Zero-Knowledge Proof are required to ensure anonymity. In this study, the current status of the online voting system is analyzed based on the field system that actually serves. This study will enhance our understanding on online voting security technologies and contribute to build a more trust-based voting mechanism.