• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.61-76
• /
• 2002

To ensure PKI systems' reliability, the security for PKI systems evaluation is required. But, unfortunately, the systematic security evaluation and certification of PKI systems is insufficient. In Korea, Firewall and intrusion detection system's security evaluation and certification has been enforced, but research of PKI systems’ evaluation is insufficient. This paper provides a PKI system evaluation criteria. This paper specifies a 7 level of the functional and assurance security requirements for a PKI system. And this PKI system evaluation criteria provides a compatibility with CC(Common Criteria) and KISES(Korea Information Security Evaluation Systems).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.77-87
• /
• 2002

In the field of secure information systems including electronic commercials, public key infrastructure(PKI) is widely used for secure services. The more PKI domains are established, the more needs we required for cross-domain certifications. Furthermore, each country has many certificate authorities(CA) which requires more complex cross certification. We may need a fast algorithm in order to fad the possible certification paths. This will be more indispensible in the growing PKI systems. Thus, in this paper we design a high-speed certification path discovery algorithm and implement it. Also we investigate the feature of operation of the system.

• Proceedings of the Korean Institute of Intelligent Systems Conference
• /
• 2004.04a
• /
• pp.34-37
• /
• 2004

인터넷을 기반으로 하는 금융서비스를 제공함에 있어 보안성에 대한 필요성이 최근 들어 매우 중요시되어져가고 있으며, 이 분야에 대한 많은 연구가 진행되어 오고 있다. 국내 대부분의 은행 기관에서는 인터넷 뱅킹 서비스를 지원하고 있으나, 그 서비스 이용에 있어 윈도우 사용자에 국한되어 있는 실정이다. 본 논문에서는 리눅스 기반에서 보다 더 안전한 인터넷 뱅킹 서비스를 지원하기 위한 PKI 기반 기술을 제안한다.

• Journal of the Korean Society for Industrial and Applied Mathematics
• /
• v.10 no.1
• /
• pp.61-69
• /
• 2006

SSO (Single Sign On), which allows users to have an access to a various systems through a single authentication, has been receiving much attention from many enterprises due to the user convience through a single authentication and the recent security features based on PKI. An emerging authentication management system called EAM has further enhanced the efficiency and stability of the enterprise IT infrastructrure systems. In this article, the basic concept and characteristics of the existing SSO systems are analyzed and a new SSO model, based on PKI where authentication load is balanced via multiple circulators, is presented.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.5
• /
• pp.604-612
• /
• 2019

PKI Internet banking is used to have users register their public keys with the banking server together with the identity information, and verify the signature for both user and transaction authentications by using the registered public keys. Although the Blockchain-based financial systems such as Bitcoin adopt similar digital signature-based authentication scheme, there is no server that participants can register public keys with because they perform P2P payment transactions. The purpose of this paper is to identify the advantages and disadvantages of the Blockchain-based payment transactions by analyzing the differences between the most common PKI Internet banking and Blockchain payment systems. Based on the analysis, this paper suggests the issues that need to be enhanced from the aspects of architecture and security in order for Blockchain payment transaction systems to be applied universally.

• The KIPS Transactions:PartC
• /
• v.14C no.2
• /
• pp.123-128
• /
• 2007

Many service systems use Public Key Infrastructure (PKI) to protect the service. But there arc problems with the use of PKI. One of the problems is that some services would require a function instantaneously to check public kel certificate, but PKI does not satisfy such request. To solve the problem, Bouch et al. first proposed the concept of mediated RSA (mRSA). Then Gene Tsudik proposed 'weak' forward secure mRSA. In this paper, we analyze the weakness of these schemes and find the source of the vulnerabilitv. And we propose a new mRSA that is strong forward secure.

• Journal of Industrial Technology
• /
• v.21 no.B
• /
• pp.75-83
• /
• 2001

In the field of secure information systems including electronic commerces, public key infrastructure(PKI) is widely used for secure services. The more PKI domains are established, the more needs are required for cross-domain certifications. Furthermore, each country has many certificate authorities(CA) which require more complex cross certification: We may need a fast algorithm in order to find the possible certification paths. This will be more indispensible in the growing PKI systems. We designed and implemented the high-speed certification path discovery algorithm. Also, we investigated the feature of operation of the system.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.1
• /
• pp.51-58
• /
• 2013

This paper describes the design and implementation of the PKI-based EAI system which is used for delivery of sensitive personal information between business systems. For this purpose, we propose a key exchange protocol with some key process : Diffie-Hellman Schema is used to provide forward secrecy, public key-based digital signature is used for EAI Server authentication, data integrity. In addition, in order to minimize the performance impact on the overall EAI systems. The EAI server was designed simply to be used only as a gateway. This paper shows the implementation of Korea public key authentication algorithm standard and a symmetric encryption algorithm for data encryption.

• The Journal of Society for e-Business Studies
• /
• v.8 no.4
• /
• pp.167-181
• /
• 2003

The contents for multimedia are very activated along to revolution of Internet. So this fact allows the contents for multimedia to be commercialized. These contents , however, included much vulnerability that it is difficult to be commercialized because attackers easily reproduce that. Many developers want to use watermarking method as the technique to protect the contents for multimedia, but it is very vulnerable to use only one method. This paper proposes the Secure DRM system which protects the contents for multimedia using Public Key Infrastructure and steganography methods. The SDRM system is more powerful than general DRM systems in that it has the special feature of watermarking and steganography techniques. We can prevent the attackers from reproducing and stealing the contents illegally, and authenticating users through SDRM systems.

• Convergence Security Journal
• /
• v.11 no.6
• /
• pp.31-36
• /
• 2011

Cloud computing is a system which efficiently utilizes resources. In this paper, we propose 2-factor authentication system combing PKI, ID_PW and location information. The proposed method improve the security of hybrid cloud systems and manage resources more safely.