• The KIPS Transactions:PartC
• /
• v.9C no.3
• /
• pp.351-358
• /
• 2002

Recently, personal business styles have been rapidly changed into e-business due to the rapid progress and deployment of Internet. As a result of the change, new and safe ways of payment such as electronic wallet, electronic money and electronic check have been developed and introduced. In this paper a secure and user-friendly payment method is addressed. One of most important reasons why newly developed safe payment methods are not widely used in e-business is lack of convenience for the users. On the other hand credit card based payment, which is traditional one, is the most prevailing due to the user-friendliness. However this payment also has some problem in sense of security. In this paper, we design and implement a secure credit card-based payment system using one-time credit information. The main features are "payment information must be new", "can use the old credit system", and "do not require client software".

• The Journal of Information Technology
• /
• v.3 no.3
• /
• pp.77-88
• /
• 2000

Electronic Commerce increased rapidly according to the growing popularity of Internet. but payment system are not changed. Now main payment system of electronic commerce are credit card and cyber banking system. Then credit card has some problems safety, privacy etc, and cyber banking system has some problem also. We need new payment system to Electronic Commerce. The merit of electronic money are more capacity, more secure, more reliable, quick and easy to update, secure off-line processing, enabling technology etc than credit card and cyber banking system. And so many countries began using experiment of electronic money and our country began July KOEX building. But it has some problems (standardization, safety of payment, etc). Therefor we must make nile about electronic money in order to standardization and safety of payment. After then electronic money are used widely in electronic commerce.

• Journal of KIISE:Computing Practices and Letters
• /
• v.10 no.4
• /
• pp.319-327
• /
• 2004

This paper describes implementations and test results of Elliptic Curve Cryptography (ECC) and Elliptic Curve KCDSA(ECKCDSA) algorithms based on Java card. 163-Bit ECC guarantees as secure as 1024-Bit Rivest-Shamir-Adleman (RSA) public key algorithm, which has been frequently used until now. According to our test results, 163-bit ECC processing time is about five times fast compared with 1024-bit RSA and amount of resource usages of ECC is smaller than RSA. Therefore, ECC is more appropriate for use on secure devices such as smart cards and wireless devices with constrained computational power consumption and small memory resources.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.10a
• /
• pp.773-776
• /
• 2000

최근 인터넷 전자상거래 시스템상에서 전송되는 개인 정보들을 안전하게 관리하기 위한 방법으로서 휴대가 가능한 스마트카드 시스템이 주목을 받고 있다. 현재 다양한 COS 를 탑재한 스마트카드 시스템들이 존재하고 있으나 강력한 보안 기능 및 다중 응용프로그램 환경을 제공하는 MULTOS 기반 시스템과 JVM 기반 JavaCard 시스템으로 서서히 양분되어 가고 있는 추세이다. 본 논문에서는 JavaCard 시스템을 대상으로 하는 Java Toolkit의 설계 및 구현에 대하여 설명한다. 개발된 Toolkit은 PKI 및 암호 처리 기술을 바탕으로 스마트카드, 사용자 시스템 및 서비스 제공자 시스템간의 정보교환을 위한 Java API를 제공함으로써 안전한 인터넷 전자상거래 응용 및 다양한 정보보호 시스템 개발을 위한 기반을 제공한다.

• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.205-210
• /
• 2021

In this paper, the possibility of using a contactless smart card as a cache for geocaching is analyzed. Geocaching is an outdoor game in which players search for hidden boxes, or caches based on geographical coordinates. The problems with this game are the possibility of players cheating and the need to maintain the caches. And then there is the problem of the ignorant public accidentally discovering a cache and considering it an explosive device. This paper proposes a concept for a possible solution to the above problems by replacing the boxes with conventional contactless smart cards. Also, this concept makes geocaching more attractive by using various games. This paper proposes a system architecture as well as the cryptographic protocol required for secure communication between the player's smartphone and the card.

• Journal of Korea Society of Industrial Information Systems
• /
• v.16 no.1
• /
• pp.9-19
• /
• 2011

Secure and efficient authentication schemes over insecure networks have been a very important issue with the rapid development of networking technologies. Wang et al. proposed a remote user authentication scheme using smart cards. However, recently, Chen et al. pointed out that their scheme is vulnerable to the impersonation attack and the parallel session attack, and they proposed an enhanced authentication scheme. Chen et al. claimed that their scheme is secure against the various attacks. However, we have found that their scheme cannot resist the parallel attack and the stolen smart card attack. Therefore, in this paper, we show the security flaws in Chen et al.'s scheme and propose an improved remote user authentication scheme using tamper-resistant smart cards to solve the problem of Chen et al.'s scheme. We also analyze our scheme in terms of security and performance.

• Journal of Korea Multimedia Society
• /
• v.20 no.3
• /
• pp.500-510
• /
• 2017

Recently Lee et al. proposed an improved symmetric key-based remote user authentication scheme to eliminate the security weaknesses of Kumari et al.'s scheme. They hence claimed that their scheme is secure to various well-known attacks. However, we found that Lee et al.'s scheme is still insecure against outsider attack, smart card stolen and off-line password guessing attack. To overcome these security vulnerabilities, we propose an enhanced authentication scheme with key-agreement which is based on the fuzzy-extractor. Furthermore, we prove that the proposed scheme is more secure, and that it serves to gratify all of the required security properties. Finally, we compare the performance and functionality of the proposed scheme with those of previous schemes.

• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.73-78
• /
• 2024

COVID-19 pandemic outbreak increased the use of Internet of Medical Things (IoMT), but the existing IoMT solutions are not free from attacks. This paper proposes a secure and resilient framework for IoMT, it computes the risk using Risk Impact Parameters (RIP) and Risk is also calculated based upon the Threat Events in the Internet of Medical Things (IoMT). UICC (Universal Integrated Circuit Card) and TPM (Trusted Platform Module) are used to ensure security in IoMT. PILAR Risk Management Tool is used to perform qualitative and quantitative risk analysis. It is designed to support the risk management process along long periods, providing incremental analysis as the safeguards improve.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.2
• /
• pp.49-60
• /
• 1999

IC 카드의 하드웨어적인 제약으로 대부분의 IC 카드는 대칭키 알고리즘을 사용하고 있지만 IC 카드 하드웨어 제조 기술의 발전으로 앞으로는 보안성이 우수한 비대 칭키 알고리즘이 많이 사용될 것이다. 그리고 IC 카드의 가장 큰 제약적 중 하나는 메모리 용량의 한계이다. 따라서 보안상 안전하면서도 메모리를 적게 사용하는 IC 카드 운영체제의 구현을 중요한 문제이다. 그래서 본 논문에서는 다양한 종류의 키 알고리즘을 수용할 수 있는 키 파일 탐색 기법을 제안하였다. 또한 데이터 파일 헤더에 잠금 필드를 삽입하여 보안성을 향상시켰으며 메모리 사용량을 줄일 수 있도록 데이터 파일 헤더만을 이용한 파일 탐색 기법과 자유 공간 탐색 기법을 제안하였다. Because of the evolution of IC card hardware fabrication technologies IC card will be able to accept asymmetric key encryption algorithm in the future. One of the most restrictive points of IC card is memory capacity. Therefore it is an important problem to design a secure IC card operating system using memory in small. In this paper we proposed a key file search mechanism using a key length field inserted in a key file header structure. The key file search mechanism makes IC card execute any key-based encryption algorithm. In addition we proposed inserting a lock field in data file header structure. The lock field intensifies the security of a data file. Finally we proposed a data file search mechanism and free space search mechanism using only data file header. The file system using these mechanisms spends smaller memory than that using a file description table and record of unallocated space.

• Journal of Convergence Society for SMB
• /
• v.5 no.2
• /
• pp.33-38
• /
• 2015

The damage to the security is increasing as public key-based ISP secure payment service is used in online banking payment system. Security technology aspect to ISP secure payment security has no special problems. But, security damage that occurs due to the simplicity of the payment system is a problem. In this paper, we propose response and plan for ISP secure payment service to minimize the damage that occurs due to the simplicity of a security settlement system. Proposed scheme is applicable to various billing systems such as secure payments, online payment, mobile payment, credit card. Proposed scheme is characterized in that can stably support the capabilities of the new billing system. Also, proposed scheme is to analyze the various security threats arising from the payment of the financial services and to describe response and plan technology.