• Journal of Industrial Technology
• /
• v.22 no.A
• /
• pp.95-100
• /
• 2002

When the wireless PKI is applied to 3G/4G mobile network which requires mutual authentication among all entities, the wired PKI procedure is not feasible for validating visited network's certifications because of the wireless environmental limitations. Also, if we depend on WAP based PKI, we cannot support confidence about certification validation since the information offered from visited network is not authenticated. Therefore, in this paper we consider various and unique characteristics of mobile environment for certification validation at 3G/4G mobile networks based on wireless PKI and then propose two certification validation procedures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.61-76
• /
• 2002

To ensure PKI systems' reliability, the security for PKI systems evaluation is required. But, unfortunately, the systematic security evaluation and certification of PKI systems is insufficient. In Korea, Firewall and intrusion detection system's security evaluation and certification has been enforced, but research of PKI systems’ evaluation is insufficient. This paper provides a PKI system evaluation criteria. This paper specifies a 7 level of the functional and assurance security requirements for a PKI system. And this PKI system evaluation criteria provides a compatibility with CC(Common Criteria) and KISES(Korea Information Security Evaluation Systems).

• The Journal of Society for e-Business Studies
• /
• v.4 no.2
• /
• pp.23-40
• /
• 1999

Nowadays, major application of public key certification technology based on PKI(Public Key Infrastructure) is electronic commerce. Public key certification technology may include various sub-technologies such as key recovery, secret sharing, certificate/key management, and directory system technology. This thesis discusses PKI-based certification authority technology for electronic commerce on the Internet.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.77-87
• /
• 2002

In the field of secure information systems including electronic commercials, public key infrastructure(PKI) is widely used for secure services. The more PKI domains are established, the more needs we required for cross-domain certifications. Furthermore, each country has many certificate authorities(CA) which requires more complex cross certification. We may need a fast algorithm in order to fad the possible certification paths. This will be more indispensible in the growing PKI systems. Thus, in this paper we design a high-speed certification path discovery algorithm and implement it. Also we investigate the feature of operation of the system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.1
• /
• pp.142-147
• /
• 2006

As computers and networks become popular, distributing information on the Internet is common in our daily life. In the past, e-mail has been the primary choice of exchanging information, but instant messengers are gaining popularity abroad and domestically because of their nature of getting immediate reponses. However a instant messenger services have the exposure of data on internet but clients use them without recognizing their exposure. It's like phone tapping. The coding technology using Public Key Cryptosystem has developed the public key infrastructure to be able to do the services of Access-control, Authentication, Confidentiality, Integrity. and Non-repudiation with internet. It is a thesis that suggests the certification protocol in a instant messenger using PKI(Public Key Infrastructure) for secure communication.

• Journal of Industrial Technology
• /
• v.21 no.B
• /
• pp.75-83
• /
• 2001

In the field of secure information systems including electronic commerces, public key infrastructure(PKI) is widely used for secure services. The more PKI domains are established, the more needs are required for cross-domain certifications. Furthermore, each country has many certificate authorities(CA) which require more complex cross certification: We may need a fast algorithm in order to find the possible certification paths. This will be more indispensible in the growing PKI systems. We designed and implemented the high-speed certification path discovery algorithm. Also, we investigated the feature of operation of the system.

• Proceedings of the CALSEC Conference
• /
• 2001.08a
• /
• pp.155-163
• /
• 2001

There are cases that revoke the certification because of disclosure of private key, deprivation of qualification and the expiration of a term of validity based on PKI. So, a user have to confirm the public key whether valid or invalid in the certification. There are many method such as CRL, Delta-CRL, OCSP for the cert-validation of certification. But these method many problems which are overload traffic on network and the CRL server because of processing for cert-validation of certification. In this paper we proposed the realtime cert-validation of certification method which solved problems that are data integrity by different time between transmission and receiving for CRL, and overload traffic on network and the CRL server based on DARC.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.167-172
• /
• 2003

무선 단말기에서 인터넷 서비스를 제공하기 위한 인터넷 접속 프로토콜이 등장함에 따라 무선 인터넷 사용의 편리성과 특성에 대한 인식이 급속한 속도로 확산되고 있다. 무선 인터넷에서 전자상거래를 비롯한 데이터 서비스가 성공적으로 제공되기 위해서는 반드시 해결되어야 할 요소가 보안이다. 무선 인터넷의 안전한 전자상거래 서비스를 제공하기 위해서는 통신정보에 대한 기밀성, 개체인증 등의 정보보호를 위한 기능과 부인방지 기능 등을 제공해야 한다. 공개키 기반구조 (Public Key Infrastructure, PKI)는 사용자에게 정보보호기능과 부인방지 기능을 제공한다. 본 논문에서는 무선 인터넷 환경에 적용 가능한 공개키 기반구조 적용 모델을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.11b
• /
• pp.913-916
• /
• 2002

정보보호 핵심 기반 구조인 PKI는 인증서 검증에 따르는 클라이언트의 부담 및 CRL의 적시성 부재와 관리 문제, 또한 각각의 환경에 따라 구축된 PKI 도메인 간의 상호 연동 등 해결해야 할 문제점들이 있다. ETRI/VA는 클라이언트의 인증서 검증을 대신하여 클라이언트의 부담을 줄이고, 인증서의 상태 검증의 적시성 및 OCSP를 사용함으로써 CRL의 문제점을 해결하며, PKI 상호연동을 지원 및 도메인간의 인증서 정책을 중앙집중 관리함으로써 기존 PKI의 문제점들을 제거할 수 있다 본 논문에서는 이러한 ETRI/VA의 각 모듈 및 프로토콜에 대하여 간략히 소개하고 ETRI/VA의 인증서 검증 방법을 설명하였다.

• Journal of information and communication convergence engineering
• /
• v.7 no.3
• /
• pp.330-334
• /
• 2009

Most security solutions and middleware on home network consider internet users as approaching subject. It is unrealistic where the most subjects are mobile users who want to control home network devices. Therefore minor and fast certification structures are needed to control other devices with mobile device that has lower computing capacity. To solve the above problems, this paper wants to build safe certification frame work for internet and mobile users to control household devices safely. New certification structure is proposed to get out of heavy certification structure like PKI and to minimize encrypting and decrypting operation by compounding session key and public key.