• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.6
• /
• pp.3865-3871
• /
• 2014

The U-health service provides medical services with patients anytime or anywhere and is defined as the service that combines information and communication technology with health and medical service. However, it causes some troubles, such as the disclosure of patients' medical information or data spills (personal information extrusion). Moreover, it has the weak point of the security threats associated with data based on existing wire-wireless systems because it conducts data transmission and reception through the network. Therefore, this paper suggests a safe personal information management system by designing integrated certification schema that will help compensate for the weaknesses of the U-health service. In the proposal, the protocols for user information, certification between medical institution and users, data communication encryption & decryption, and user information disuse were designed by applying the ID-Based Encryption, and analyzed such existing systems and PKI Based-based communication process, securely and safely.

• Journal of Korea Multimedia Society
• /
• v.8 no.7
• /
• pp.974-987
• /
• 2005

As the ad hoc networks have been received a great deal of attention to not only the military but also the industry applications, some security mechanisms are required for implementing a practical ad hoc application. In this paper, we propose a security architecture in ad hoc networks for the purpose of supporting ID-based public key cryptosystems because of the advantage that ID-based schemes require less complex infrastructure compared with the traditional public key cryptosystems. We assume a trusted key generation center which only issues a private key derived from IDs of every nodes in the system setup phase, and use NIL(Node ID List) and NRL(Node Revocation List) in order to distribute the information about IDs used as public keys in our system. Furthermore, we propose a collaborative status checking mechanism that is performed by nodes themselves not by a central server in ad-hoc network to check the validity of the IDs.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.7
• /
• pp.861-870
• /
• 2002

The area of business applications in the internet are extended enormously in result of fast development of computing and communication technologies, increase of internet use, and use of intranet/extranet in enterprise information system. Widely spread the use of the internet, there are various applications for Business to Business (B to B) or Business to Customer(B to C) model that are based on the intranet or extranet. This paper designed and implemented the Web-based Electronic Bidding System for Business to Business (B to B) model. The technical issues of electronic bidding system in the internet are involved in the connection between web client and server, electronic data interchange for the contract document, and security solution during the bidding and contracting processes. The web-based electronic bidding system in this paper is implemented using Java applet and servlet as a connection interface for web client and sewer, XML/EDI-based documents for a bid and a contract, and bidding server and notary server for enhancing the security using PKI(Public Key Infrastructure)-based public key cryptography, digital signature and Certification Authority (CA).

• Journal of Digital Convergence
• /
• v.10 no.2
• /
• pp.161-169
• /
• 2012

It requires a lot of costs and manpower to manage the election system. The electronic voting scheme is needed to make the election system to be economic and fair. Especially, wide spread use of smart phones and wireless networks makes the mobile voting is of major concern. In mobile voting scheme, a smart phone user can vote regardless of the places. In this paper, the mobile voting scheme is proposed where candidates can guarantee fairness of the election system. We analyze mobile voting requirements and create the mobile ID which has legal binding forces and PKI based digital signature keys. In the proposed scheme, a voter's ballot is signed by all candidates using undeniable multi-signature scheme. During the counting stage, the multi-signature on the ballot is not verified without help of all candidates.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.3 no.4
• /
• pp.319-324
• /
• 2002

The Integration of agent technology and security technology is needed to many application areas like electronic commerce. This paper suggests a model of extended multi-agent engine which supports privacy, integrity, authentication and non-repudiation on agent communication. Each agent which is developed with the agent engine is composed of agent engine layer and agent application layer. We describe and use the concepts self-to-self messages, secure communication channel, and distinction of KQML messages in agent application layer and messages in agent engine layer. The suggested agent engine provides an agent communication language which is extended to enable secure communication between agents without any modifications or restrictions to content layer and message layer of KQML. Also, in the model of our multi-agent engine, secure communication is expressed and processed transparently on the agent communication language.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.1
• /
• pp.49-56
• /
• 2004

With the growing usage of the networks, the users in the Internet uses some kinds of web server. They confused that each web server uses the different user ID and passwords. To solve these problems, SSO (Single Sign-On) solution is introduced. We presents the modeling methods which are efficiently constructed the network management models. We constructed the intrusion detection systems and firewalls using the SSO. This architecture is efficient to manage the network usage and control. SSO solution designed on the small scale Intranet. CA server in the 550 that depends on PKI (Public Key Infrastructure) is used to issue the certificates. SHTTP based on SSL (Secure Socket Layer) is used to protect the data between certificate server and the intranet users.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.267-270
• /
• 2013

Hacking damage is increasing year by year in the Internet payment service credit card applying the digital signature method of PKI-based first domestic, secure payment, was 180 million won in 2012. Revenues have soared for phishing that Smishing using smartphone after entering 2013. Hacking accident to the secure payment system using Smishing has occurred took over personal information and financial direct damage. In this paper, we analyzed for Smishing, to prevent the damage of secure payment using Smishing to study the hacking attack of secure payment. In addition, it would be studies to allow through the smartphone, online payment safer and more convenient.

• Journal of Korean Society of Archives and Records Management
• /
• v.3 no.1
• /
• pp.141-158
• /
• 2003

This paper examines new phenomenon and transformation that arise from the expansion of knowledge-based economy, envisions the meaning of e-government through comparing traditional administration with new governance, formulates the e-government model, and presents a direction for next e-government for the conclusion. These new phenomenon include a transformation to product and service convergence model, cyber sovereignty dilemma, privacy and information security threats, and various others. Also, there is a gradual transformation from government-oriented administrative approach to a new governance model that strengthens the role of NGO. And, e-government must work together to realize this new governance ideology. New e-government must be transformed where government and citizens can implement and manage e-government together. Therefore, expanding applications of Public Key Infrastructure (PKI) technologies, promotion of e-Democracy, and improvement of user interface to improve usability must be emphasized.

• Proceedings of the Korea Contents Association Conference
• /
• 2008.05a
• /
• pp.473-476
• /
• 2008

Mobile network environments are the environments where mobile devices are distributed invisible in our daily lives so that we can conventionally use mobile services at any time and any place. But, Mobile devices has a many security vulnerabilities caused by lower computing of devices and security problem of wireless network. So in this paper, PKI structure is proposed to minimize encrypting and decrypting operation by compounding session key and public key on WIPI environment. Proposed secure authentication system based on korean standard cryptography algorithm will give a more firmness in mobile network and support a more secure service for mobile academic information service that KISTI future plan.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.2
• /
• pp.371-378
• /
• 2004

As an agent is applied into various fields, it is suggested as the paradigm of new application technology in the area of computer communication. However, the mobile agent brines the problem of security on an agent due to mobility. This study proposals the mobile agent protection protocol framework for more effective protection and safety. The designed Framework of protocol uses the public ky, the private key and the digital signature in PKI environment based on JAVA. This is the mechanism accomplishing safely the work of an agent by tracking the pattern of execution and the mobility plan through the VS(verification server). This also secures the suity and the flawlessness of an agent through the VS guaranteeing safety from malicious attacks.