• Current Optics and Photonics
• /
• v.6 no.5
• /
• pp.453-462
• /
• 2022

Blockchain technology provides a decentralized and peer-to-peer network, which has the advantages of transparency and immutability. In this paper, a novel secure authentication scheme applying digital holography to blockchain technology is proposed to protect privacy information in network nodes. The transactional information of the node is chained permanently and immutably in the blockchain to ensure network security. By designing a novel two-dimensional (2D) array data structure of the block, a proof of work (PoW) in the blockchain is executed through digital holography technology to verify true authentication and legal block linkage. A hash generated from the proposed algorithm reveals a random number of 2D array data. The real identity of each node in the network cannot be forged by a hacker's tampering because the privacy information of the node is encrypted using digital holography and stored in the blockchain. The reliability and feasibility of the proposed scheme are analyzed with the help of the research results, which evaluate the effectiveness of the proposed method. Forgery by a malicious node is impossible with the proposed method by rejecting a tampered transaction. The principal application is a secure anonymity system guaranteeing privacy information protection for handling of large information.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.200-202
• /
• 2017

To improve the security of OAuth 2.0 access token transportation and satisfy the challenge of resources constraint caused by the bearer token access mechanism of the OAuth 2.0, we proposed an extensional client authentication scheme that is based on the Proof-of-Possession (PoP) token mechanism. By improving the integrity of PoP token, we bind a PoP key of a public/private key pair to the PoP token. The authorization server and the resource server can authenticate the identity of the client by verifying whether the client has the possession of the PoP token. If the client can prove that it has a PoP key that matches the PoP token, then the identity of the client can be authenticated. This experimental evaluation can confirm that this scheme effectively dealing with the issue of client identity authentication and reduce resources consumption.

• International Commerce and Information Review
• /
• v.12 no.1
• /
• pp.35-54
• /
• 2010

This article explored the bank's responsibilities in electronic payment system between Korea and U.S.A. In order to complete my research object, I used Article 4A of the U.C.C. and EFTA of 1978 and by Electronic Financial Transaction Act of Korea as a analytic instruments. I also adapted America's various regulations to regulate concerned parties(banks). The system of this article is going to display as fellows; First, I presented recent trend and legal stabilities of electronic payment in this article. Second, I focuses on the allocation of risk of loss caused by ambiguous term in payment orders that do not express the subjective intention of the senders. I also did analyze the solution procession of error occurring in course of send of payment order. Third, In any action which involves a customers's liability for an unauthorized electronic fund transfer, the burden of proof is upon the financial institution to show that the electronic fund transfer was authorized. Forth, Customers have to report the error and unauthorized electronic fund transfer after awaring of it. Then bank will be liable for such a unauthorized electronic fund transfer. But If customer's failure to report, the bank has exemptions. Lastly, In order to prevent or detect the unauthorized electronic fund transfer, bank will agree with custom to establish a commercially reasonable security procedure, while bank has duties to notify in order to decrease the loss resulted from unauthorized payment order in korea law.

• Proceedings of the Korean Information Science Society Conference
• /
• 2010.11a
• /
• pp.101-106
• /
• 2010

As a part of preparing the sniffing attack, this routing method presented in this thesis decreases the risk rates of the leaking of information through separating valid data and transmitting by a multi-path. then data is transmitted from start node to destination node on distributed sensor network. The level of reduction in leaking of information by the sniffing attack is proved by experimental result thich compare the case described above with the case of transmitting whole data with the single path by simulation, and the algorithm for choosing the routing path is showed by proof of the theorem.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.4
• /
• pp.2292-2309
• /
• 2017

Ciphertext policy attribute-based encryption (CP-ABE) is a useful cryptographic technology for guaranteeing data confidentiality but also fine-grained access control. Typically, CP-ABE can be divided into two classes: small universe with polynomial attribute space and large universe with unbounded attribute space. Since the learning with errors over rings (R-LWE) assumption has characteristics of simple algebraic structure and simple calculations, based on R-LWE, we propose a small universe CP-ABE scheme to improve the efficiency of the scheme proposed by Zhang et al. (AsiaCCS 2012). On this basis, to achieve unbounded attribute space and improve the expression of attribute, we propose a large universe CP-ABE scheme with the help of a full-rank differences function. In this scheme, all polynomials in the R-LWE can be used as values of an attribute, and these values do not need to be enumerated at the setup phase. Different trapdoors are used to generate secret keys in the key generation and the security proof. Both proposed schemes are selectively secure in the standard model under R-LWE. Comparison with other schemes demonstrates that our schemes are simpler and more efficient. R-LWE can obtain greater efficiency, and unbounded attribute space means more flexibility, so our research is suitable in practices.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.1
• /
• pp.119-131
• /
• 2013

With the explosive growth of computer networks, many remote service providing servers and multi-server network architecture are provided and it is extremely inconvenient for users to remember numerous different identities and passwords. Therefore, it is important to provide a mechanism for a remote user to use single identity and password to access multi-server network architecture without repetitive registration and various multi-server authentication schemes have been proposed in recent years. Recently, Tsaur et al. proposed an efficient and secure smart card based user authentication and key agreement scheme for multi-server environments. They claimed that their scheme satisfies all of the requirements needed for achieving secure password authentication in multi-server environments and gives the formal proof on the execution of the proposed authenticated key agreement scheme. However, we find that Tsaur et al.'s scheme is still vulnerable to impersonation attack and many logged-in users' attack. We propose an extended scheme that not only removes the aforementioned weaknesses on their scheme but also achieves user anonymity for hiding login user's real identity. Compared with other previous related schemes, our proposed scheme keeps the efficiency and security and is more suitable for the practical applications.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.71
• /
• pp.217-243
• /
• 2016

As the rapid development of IT and the internet changed the trading method from the traditional offline transaction into the online e-Trading, the international documentation standards, the eUCP and the domestic laws and legislations have been established, adapting to the new e-Trading environment. This study was conducted to analyze the factors which affect the use of uTradeHub on the domestic trading companies and trade-related organizations and suggest how to activate e-Trading. To do this, classify the users into the enterprises and the trade-related organizations, set up the hypothesis of the study with the measurement variables of the user convenience, the new service, the system suitability and the legislation environment and carry out a survey targeting the trading companies and the trade-related offices to do an actual proof analysis. The analysis was performed by using the statistical program, SPSS IBM22.0, and the study hypothesis was tested by the multiple regression analysis methodology. The test result showed that the trading companies set a high value on the user convenience, the new service and the legislation environment of uTradeHub, meanwhile the trade-related organizations regarded the system security and reliability, the user convenience and the legislation environment as the major affecting factor on the use of uTradeHub.

• KIEAE Journal
• /
• v.9 no.5
• /
• pp.21-28
• /
• 2009

In apartment buildings, casualties, especially fatalities have occurred in balcony areas in fires if residents fail to escape to the main entrance. Potential consequences of a particular infrequent event should be considered. In attempting to design apartment buildings for fire safety, alternative escape methods such as vertical penetration could be considered. The purpose of this study is to investigate present building regulations regarding apartment buildings and examine pros and cons of the current escape method and alternative escape methods. Focus group interview was conducted to discuss problems of fire escape methods. In addition, questionnaires were distributed to field professionals working in architecture, construction and related industries. Among 500 questionnaires distributed, 192 questionnaires were collected. Usable 162 questionnaires were analyzed using SPSS 15. Regarding alternative fire escape methods, several concerns were mentioned. Safety, privacy, security, effectiveness of escape, water proof problems were raised. Based on the opinions, vertical penetration between apartment unit appeared more safe, secure, effective than horizontal penetration. However, both methods have its own pros and cons under specific contexts. Alternative escape methods need be considered for a selective options for residents in case of fire.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.4
• /
• pp.17-26
• /
• 2018

Connected car plays an important role on Intelligent Transport System (ITS). ITS is able to secure drivers' convenience and safety, however, the overall system can be threatened by hacking attempt. Blockchain is one strong candidate of the remedy to promote the security of the ITS network. However, there will be many challenges to adopt previously proposed blockchain technologies to ITS. This work presents a new ITS structure based on blockchain technology. Proposed scheme includes three major layers. The first layer is central manager which is initiated once to register a certain connected car. The third layer is RSU (Road Side Unit) layer which exploits PoS (Proof of Stake) for consortium blockchains and retains real-time information. In addition, this layer performs block expiration based on timers to maintain manageable block length. In the second layer, the generated blocks of the third layer without expiration are housed as private blockchains. We finally demonstrate possible merits of newly proposed scheme.

• Proceedings of the KIEE Conference
• /
• 2007.04a
• /
• pp.261-263
• /
• 2007

Authentication is a mechanism to establish proof of identities, the authentication process ensure that. Who a particular user is. Nowadays PC and laptop user authentication systems are always done once a hold until s explicitly revoked by the user, or asking the user to frequently reestablish his identity which encouraging him to disable authentication. Zero-Interaction Authentication (ZIA) provides solution to this problem. In ZIA,. a user wears a small authentication token that communicates with a laptop over a short-range, wireless link. ZIA combine authentication with a file encryption. Here we proposed a Laptop-user Authentication Based Mobile phone (LABM). In our model of authentication, a user uses his Bluetooth-enabled mobile phone, which work as an authentication token that provides the authentication for laptop over a Bluetooth wireless link, m the concept of transient authentication with our combining It with encryption file system. The user authenticate to the mobile phone infrequently. In turn, the mobile phone continuously authenticates to the laptop by means of the short-range, wireless link.