• 대한공업교육학회지
• /
• v.30 no.2
• /
• pp.3-11
• /
• 2005

The purpose of this study is to measure the level of the key competencies of industrial high school students and to use it as the basic material so as to improve the key competencies. The subject was 359 industrial high school students(boys: 244, girls: 115) in Seoul, Daejeon, Gwangju, and Busan. The instrument used to measure the key competencies is that developed by Cheol-Young Jeong, which was partly revised with the help of a group of experts. The results of this study showed some of skills were below an average of 3.0, which were writting skill(M=2.85) and speaking skill(M=2.96) in communication skills, logical thinking(M=2.98) in problem solving skills, leadership skill(M=2.88) in interpersonal skills, and self-improvement skill(M=2.96) and the spirit of public service(M=2.93) in self-management and self-improvement skills. But technology skills were above an average of 3.0. And it appeared that technology skills(P=.023) depended on having a certificate or not, and so did communication skills(P=.020) and problem solving skills(P=.034) on the types of a course(employment or entrance into a college). So, to strengthen the key competencies which appeared below an average of 3.0 in this study, not only does the curriculum of industrial high schools need to be reorganized, but systematic strengthening program of key competencies should also be developed.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.3-8
• /
• 2015

Most mobile cloud computing system use public key cryptography to provide data security and mutual authentication. A variant of traditional public key technologies called Identity-Based Cryptography(IBC) has recently received considerable attention. The certificate-free approach of IBC may well match the dynamic qualities of cloud environment. But, there is a need for a lightweight secure framework that provides security with minimum processing overhead on mobile devices. In this paper, we propose to use hierarchical ID-Based Encryption in mobile cloud computing. It is suitable for a mobile network since it can reduce the workload of root Public Key Generators by delegating the privilege of user authentication and private key generation. The Identity-Based Encryption and Identity-Based Signature are also proposed and an ID-Based Authentication scheme is presented to secure data processing. The proposed scheme is designed by one-way hash functions and XOR operations, thus has low computation costs for mobile users.

• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.69-76
• /
• 2010

public certification is some kind of electric ID which can prove the valid user, based on open KEY. usually it had been used in the field of government complaint, e-commerce, financial. but recently it expands the its use range through computerization of work process of diversity fields such as e-sports, property, medical industry. because of this reason, importance for user certificate process is gradually rose. The purpose of this paper is looking at the method for user certification of public certificates and draw a way for enforce the user certification process by Vulnerability Analysis. To draw the alternative we study the Authentication Principle and policy structure of public certification system by researching references, has drew the limitation for policy of certification. we provide the guideline to enforce the user certification through conclusion which has been drew from previous step.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1281-1293
• /
• 2017

In 2001, Boneh and Franklin proposed Identity-Based Encryption(IBE) that does not require a certificate like Public Key Infrastructure(PKI) by using user's Identity as a public key. However, IBE has a key escrow problem because the Private Key Generator(PKG), who is a trusted authority, generates a secret key of every user. Also, it does not support efficient revocation when the user's secret key is exposed or the system needs to revoke the user. Therefore, in order to use IBE as PKI that currently used, it is necessary to solve the key escrow problem and the revocation problem. In this paper, to solve those two problems, we suggest Accountable Authority Revocable IBE(A-RIBE) based on Accountable Authority IBE that mitigates the key escrow problem and Revocable IBE that solves the revocation problem. Also, we define the security model suitable foe A-RIBE, and analyze the principle of designing A-RIBE according to based A-IBE and RIBE and their advantage and disadvantage.

• Journal of Digital Contents Society
• /
• v.14 no.1
• /
• pp.81-88
• /
• 2013

The increase of the smartphone users has popularized the mobile payment and the mobile credit card users are rapidly getting increased. The mobile credit cards that currently used provide its users with the service through downloading mobile credit card information into USIM. The mobile credit card saved in USIM has the minimized information for the security and is based on PKI. However certificate-based payment system has a complicated procedure and costs a lot of money to manage the certificates and CRL(Certificate Revocation List). Furthermore, It can be a obstacle to develop local e-commerce in Korea because it is hard for foreigners to use them. We propose the secure and efficient mobile credit card payment protocol based on certificateless signcryption which solve the problem of certificate use.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.10
• /
• pp.4250-4267
• /
• 2015

Although many revocable group signature schemes has been proposed in vehicular ad hoc networks (VANETs), the existing schemes suffer from long computation delay on revocation that they cannot adapt to the dynamic VANETs. Based on Chinese remainder theorem and Schnorr signature algorithm, this paper proposes an efficient revocable group signature scheme in VANETs. In the proposed scheme, it only need to update the corresponding group public key when a member quits the group, and in the meanwhile the key pairs of unchanged group members are not influenced. Furthermore, this scheme can achieve privacy protection by making use of blind certificates. Before joining to the VANETs, users register at local trusted agencies (LTAs) with their ID cards to obtain blind certificates. The blind certificate will be submitted to road-side units (RSUs) to verify the legality of users. Thus, the real identities of users can be protected. In addition, if there is a dispute, users can combine to submit open applications to RSUs against a disputed member. And LTAs can determine the real identity of the disputed member. Moreover, since the key pairs employed by a user are different in different groups, attackers are not able to track the movement of users with the obtained public keys in a group. Furthermore, performance analysis shows that proposed scheme has less computation cost than existing schemes.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.9
• /
• pp.2903-2912
• /
• 2000

The paper is a design and implementation of the Hybrid Messaging System as integrating electronic mail system and common mail system based on PKI(Public Key Infrastructure), A user writes mail through Web Browser and sends the mail to Web Server. CGHCommon Gateway Interface) program sends the mail that was received through the Web Sever to Post Office Electronic Mail Server using SMTP(SimpleMail Transfer Protocol), The End Process program of the Hybrid Messaging System in a Post Office fetches the mail from the Post Office Electronic Mail Server using POP3 (Post Office Protocol 3), prints it and deliver it to recipients, Also, the Hybrid Messaging System is able to sign the mail with a sign private key that the Certificate Authority publics for users and encrypts the mail with a public key of the Post Office Web Server.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.42 no.11
• /
• pp.35-44
• /
• 2005

In Mobile IP protocol, because a mobile node still uses its home IP address even though it moves to foreign network from home network, authentication among mobile node, foreign network and home network is critical issue. Many researches about this issue have been based on shared secret, for example mobile node and home agent authenticate each other with pre-shared symmetry key. And they missed several security issues such as replay attack. Although public key scheme could be applied to this issue easily, since the public key cryptography is computationally complicated, it still has the problem that it is not practical to realistic environment. In this paper, we describe several security issues in Mobile IP protocol. And we propose new Mobile IP authentication protocol that is applicable to realistic environment using public key algorithm based on certificate. It has scalability for mobile nodes and is applicable to the original Mobile IP protocol without any change. Finally we prove security of the proposed protocol and that it might not affect performance of the original Mobile IP protocol.

• Journal of Internet Computing and Services
• /
• v.6 no.5
• /
• pp.27-43
• /
• 2005

EAP provides authentication for each entity based on IEEE Std 802.1x Wireless lAN and RADIUS/DIAMETER protocol, and it uses certificate, dual scheme(e.g., password and token) with the authentication method. The password-based authentication scheme for authenticated key exchange is the most widely-used user authentication method due to various advantages, such as human-memorable simplicity, convenience, mobility, A specific hardware device is also unnecessary, This paper discusses user authentication via public networks and proposes the Split Password-based Authenticated Key Exchange (SPAKE), which is ideal for both authenticating users and exchanging session keys when using a subsequent secure communication over untrusted network, And then we provides EAP authentication framework EAP-SPAKE by using it.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.2C
• /
• pp.348-353
• /
• 2004

Development of an efficient and secure payment system is prerequisite for the construction of electronic payment mechanism in mobile environment. Since current PayWord protocol system generates vendor's certificate for each transaction, it requires lot of operation for transaction. In this paper, we use a session key generated by ID-based tripartite Key agreement protocol which use an Elliptic Curve Cryptosystem over finite field $F_{q}$ for transactions. Therefore, our protocol reduces algorithm operations. In particular, proposed protocol using ID-based public key cryptosystem has the advantages over the existing systems in speed and it is more secure in Man-in-the-middle attacks and Forward secrecy.