• Title/Summary/Keyword: Security Card

Search Result 481, Processing Time 0.023 seconds

Design of JavaCard with enhanced Public Key Cryptograhy and Its performance Evaluation (비대칭키 암호 알고리즘을 고속으로 수행하는 자바카드 구현 및 성능 평가)

  • 김호원;최용재;김무섭;박영수
    • Proceedings of the IEEK Conference
    • /
    • 2001.06c
    • /
    • pp.55-58
    • /
    • 2001
  • In this paper, we present the development of a JavaCard for public key crypto algorithms and its performance evaluation. To make a high performance for the public key crypto algorithm such as RSA and ECC on a JavaCard, we have implemented a crypto coprocessor in hardware and ported it to the card operating system and virtual machine environments. The performance of the public key crypto algorithms on the JavaCard shows that our JavaCard is suitable for If card applications which needs high performance and high level of security.

  • PDF

The Design and Implementation of Web Agents for vCard Service in Mobile Enviromnent (모바일 환경에서 vCard 서비스를 위한 웹 에이전트의 설계 및 구현)

  • Yun, Se-Mi;Jo, Ik-Seong
    • The KIPS Transactions:PartD
    • /
    • v.9D no.3
    • /
    • pp.477-486
    • /
    • 2002
  • vCard that is the electronic business card automates the exchange of personal information typically found on a traditional business card. vCard information contains not only simple text, but also graphics and multimedia data like pictures, company logos, Web addresses, and so on. This paper describes the design and implementation of Web-based vCard agent system for exchanging vCard, an electronic business card and searching another user's vCard in mobile phone environment. In today's business environment, such as that this information is typically exchanged on business cards. Our web agent system in this paper connect web server which provide vCard service and search, edit vCard information displayed by web browser of mobile phone and exchange vCard with another user through internet. Considering characteristics of wireless devices that have limited storage space, It also saves constructed XML documents that include user's informations in a web server and solves the security problem by exchanging not personal data or XML but encrypted directory name where XML document exits as exchanging vcard.

A study on high performance Java virtual machine for smart card (스마트카드용 고성능 자바가상기계에 대한 연구)

  • Jung, Min-Soo
    • Journal of the Korean Data and Information Science Society
    • /
    • v.20 no.1
    • /
    • pp.125-137
    • /
    • 2009
  • Smart card has a small sized micro computer chip. This chip contains processor, RAM, ROM, clock, bus system and crypto-co-processor. Hence it is more expensive, complicated and secure chip compared with RFID tag. The main application area of smart card is e-banking and secure communications. There are two kinds of smart card platforms; open platform and closed one. Java card is the most popular open platform because of its security, platform independency, fast developing cycle. However, the speed of Java card is slower than other ones, hence there have been hot research topics to improve the performance of Java card. In this paper, we propose an efficient transaction buffer management to improve the performance of Java card. The experimental result shows the advantage of our method.

  • PDF

Developing the Test Module of LSAM for $Hipass^{PLUS}$ Card System (하이패스플러스카드 시스템을 위한 LSAM시험 및 모듈 개발)

  • Lee Ki-Han;Yoon Hyun-Tak;Kim Jae-Uoong;Lee Seung-Hwan
    • The Journal of The Korea Institute of Intelligent Transport Systems
    • /
    • v.3 no.1 s.4
    • /
    • pp.1-12
    • /
    • 2004
  • Recently, the Korea Highway Company is replacing their prepaid plastic cards with a smart card, called $Hipass^{PLUS}$ Card. In order to use $Hipass^{PLUS}$Card in the prepaid payment system, LSAM, which is to store the value into $Hipass^{PLUS}$ Card is needed. LSAM is also responsible to store or retrieve the value from PPSAM. For the safety of Korea Highway electronic payment system, the functionality and security of LSAM should be faultless. This paper developed a test module including the test method, the test checklist, and the test procedure. The test module examines the functionality and security of loading the value from PPSAM to LSAM, retrieving the value from LSAM to PPSAM, and loading the value from LSAM to $Hipass^{PLUS}$ Card. The test module contains the method and the procedure to test the standard items by the test checklists. The test items and test checklists of LSAM was selected under the provision of the specification of Korea Highway Company and ISO standard. The test module evaluates the functionality, the security and the compatibility of LSAM. After the evaluation test of LSAM using the test module, LSAM satisfied the characteristics of the functionality, security, and compatibility.

  • PDF

Comparative Analysis of ViSCa Platform-based Mobile Payment Service with other Cases (스마트카드 가상화(ViSCa) 플랫폼 기반 모바일 결제 서비스 제안 및 타 사례와의 비교분석)

  • Lee, June-Yeop;Lee, Kyoung-Jun
    • Journal of Intelligence and Information Systems
    • /
    • v.20 no.2
    • /
    • pp.163-178
    • /
    • 2014
  • Following research proposes "Virtualization of Smart Cards (ViSCa)" which is a security system that aims to provide a multi-device platform for the deployment of services that require a strong security protocol, both for the access & authentication and execution of its applications and focuses on analyzing Virtualization of Smart Cards (ViSCa) platform-based mobile payment service by comparing with other similar cases. At the present day, the appearance of new ICT, the diffusion of new user devices (such as smartphones, tablet PC, and so on) and the growth of internet penetration rate are creating many world-shaking services yet in the most of these applications' private information has to be shared, which means that security breaches and illegal access to that information are real threats that have to be solved. Also mobile payment service is, one of the innovative services, has same issues which are real threats for users because mobile payment service sometimes requires user identification, an authentication procedure and confidential data sharing. Thus, an extra layer of security is needed in their communication and execution protocols. The Virtualization of Smart Cards (ViSCa), concept is a holistic approach and centralized management for a security system that pursues to provide a ubiquitous multi-device platform for the arrangement of mobile payment services that demand a powerful security protocol, both for the access & authentication and execution of its applications. In this sense, Virtualization of Smart Cards (ViSCa) offers full interoperability and full access from any user device without any loss of security. The concept prevents possible attacks by third parties, guaranteeing the confidentiality of personal data, bank accounts or private financial information. The Virtualization of Smart Cards (ViSCa) concept is split in two different phases: the execution of the user authentication protocol on the user device and the cloud architecture that executes the secure application. Thus, the secure service access is guaranteed at anytime, anywhere and through any device supporting previously required security mechanisms. The security level is improved by using virtualization technology in the cloud. This virtualization technology is used terminal virtualization to virtualize smart card hardware and thrive to manage virtualized smart cards as a whole, through mobile cloud technology in Virtualization of Smart Cards (ViSCa) platform-based mobile payment service. This entire process is referred to as Smart Card as a Service (SCaaS). Virtualization of Smart Cards (ViSCa) platform-based mobile payment service virtualizes smart card, which is used as payment mean, and loads it in to the mobile cloud. Authentication takes place through application and helps log on to mobile cloud and chooses one of virtualized smart card as a payment method. To decide the scope of the research, which is comparing Virtualization of Smart Cards (ViSCa) platform-based mobile payment service with other similar cases, we categorized the prior researches' mobile payment service groups into distinct feature and service type. Both groups store credit card's data in the mobile device and settle the payment process at the offline market. By the location where the electronic financial transaction information (data) is stored, the groups can be categorized into two main service types. First is "App Method" which loads the data in the server connected to the application. Second "Mobile Card Method" stores its data in the Integrated Circuit (IC) chip, which holds financial transaction data, which is inbuilt in the mobile device secure element (SE). Through prior researches on accept factors of mobile payment service and its market environment, we came up with six key factors of comparative analysis which are economic, generality, security, convenience(ease of use), applicability and efficiency. Within the chosen group, we compared and analyzed the selected cases and Virtualization of Smart Cards (ViSCa) platform-based mobile payment service.

Development of T-commerce Processing Payment Module Using IC Credit Card(EMV) (IC신용카드(EMV)를 이용한 T-커머스 결제처리 모듈 개발)

  • Choi, Byoung-Kyu;Lee, Dong-Bok;Kim, Byung-Kon;Heu, Shin
    • The KIPS Transactions:PartA
    • /
    • v.19A no.1
    • /
    • pp.51-60
    • /
    • 2012
  • IC(Integrated circuits)card, generally be named smard card, embedded MPU(Micro Processor Unit) of small-size, memory, EEPROM, Card Operating System(COS) and security algorithm. The IC card is used in almost all industry such as a finance(credit, bank, stock etc.), a traffic, a communication, a medical, a electronic passport, a membership management and etc. Recently, a application field of IC card is on the increase by method for payments of T-commerce, as T-commerce is becoming a new growth engine of the broadcating industry by trend of broadcasting and telecommunication convergence, smart mechanization of TV. For example, we can pay in IC credit card(or IC cash card) on T-Commerce. or we can be provided TV banking service in IC cash card such as ATM. However, so far, T-commerce payment services have weakness in security such as storage and disclosure of card information as well as dropping sharply about custom ease because of taking advantage of card information input method using remote control. To solve this problem, This paper developed processing payment module for implementing TV electronic payment system using IC credit card payment standard, EMV.

Analysis to a Remote User Authentication Scheme Using Smart Cards (스마트 카드를 이용한 사용자 인증 스킴의 안전성 분석)

  • An, Young-Hwa;Lee, Kang-Ho
    • Journal of the Korea Society of Computer and Information
    • /
    • v.14 no.3
    • /
    • pp.133-138
    • /
    • 2009
  • Recently Lin et al. proposed the remote user authentication scheme using smart cards. But the proposed scheme has not been satisfied security requirements considering in the user authentication scheme using the password based smart card. In this paper, we showed that he can get the user's password using the off-line password guessing attack on the scheme when the adversary steals the user's smart card and extracts the information in the smart card. Also, we proposed the seven security requirements for evaluating remote user authentication schemes using smart card. As a result of analysis, in Lin et al's scheme we have found the deficiencies of security requirements. So we suggest the improved scheme, the mutual authentication scheme that does not store the user's password verifier in server and can authenticate each other at the same time between the user and server.

A Study On The Optimization of Java Class File under Java Card Platform (자바카드 플랫폼상에서 자바 클래스 파일의 최적화 연구)

  • 김도우;정민수
    • Journal of Korea Multimedia Society
    • /
    • v.6 no.7
    • /
    • pp.1200-1208
    • /
    • 2003
  • Java Card technology allows us to run Java applications on smart cards and other memory-constrained devices. Java Card technology supports high security, portability and ability of storing and managing multiple applications. However, constrained memory resources of the Java Card Platform hinder wide deployment of the Java Card applications. Therefore, in this paper we propose a bytecode optimization algorithm to use the memory of a Java Card efficiently. Our algorithm can reduce the size of the bytecode by sharing the memory of the parameters of the catch clause in the try-catch-finally sentence.

  • PDF

A Survey of Fraud Detection Research based on Transaction Analysis and Data Mining Technique (결제로그 분석 및 데이터 마이닝을 이용한 이상거래 탐지 연구 조사)

  • Jeong, Seong Hoon;Kim, Hana;Shin, Youngsang;Lee, Taejin;Kim, Huy Kang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.6
    • /
    • pp.1525-1540
    • /
    • 2015
  • Due to a rapid advancement in the electronic commerce technology, the payment method varies from cash to electronic settlement such as credit card, mobile payment and mobile application card. Therefore, financial fraud is increasing notably for a purpose of personal gain. In response, financial companies are building the FDS (Fraud Detection System) to protect consumers from fraudulent transactions. The one of the goals of FDS is identifying the fraudulent transaction with high accuracy by analyzing transaction data and personal information in real-time. Data mining techniques are providing great aid in financial accounting fraud detection, so it have been applied most extensively to provide primary solutions to the problems. In this paper, we try to provide an overview of the research on data mining based fraud detection. Also, we classify researches under few criteria such as data set, data mining algorithm and viewpoint of research.

A Security Analysis of a Timestamp-based User Authentication Scheme with Smart Card (스마트 카드를 이용한 타임스탬프 기반의 사용자 인증 스킴의 안전성 분석)

  • Mun, Jongho;Won, Dongho
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2015.01a
    • /
    • pp.263-265
    • /
    • 2015
  • 안전하지 않은 네트워크에서 정당한 사용자를 인증하여 접근을 허가하는 사용자 인증 기법은 매우 중요한 기술이다. 스마트카드를 이용한 사용자 인증 기법은 연산의 효율성과 사용의 편리성, 저장 공간 등의 이유로 최근까지 많은 연구가 진행되고 있다. Huang 등은 Awasthi 등이 제안한 기법의 취약점을 개선하고 연산 효율성 및 편리성을 증대시킨 새로운 기법을 제안하였다. 그러나 Huang 등이 제안한 기법 역시 비밀키가 노출되고 위장 공격, 서비스 거부 공격 등에 취약하다는 것이 확인되었다. 본 논문에서는 Huang 등이 제안한 기법을 살펴보고 안전성을 분석한다.

  • PDF