- Volume 20 Issue 2
Though, thanks to NPKI(National Public Key Infrastructure), the Korean secure Internet transaction environment has been rapidly grown in the last decade, it also faces with several problems, which need to be solved in near future, mainly resulted from the lack of openness and compatability of the NPKI-based environment which is operating in a closed way. It is believed that those problems of the NPKI can be solved when it is implemented to be based on the SSL/TLS, an international standard for web-based secure Internet transactions. The transition to the SSL/TLS-based NPKI needs to be performed so that the advantages of current NPKI are well maintained. The purpose of this paper is to comparatively analyze the NPKI and the SSL/TLS so as to give basic idea of implementing the current NPKI to be based on the SSL/TLS. The analysis will show not only how the SSL/TLS-based NPKI can improve current NPKI but also how the advantages of current NPKI can be maintained by the SSL/TLS-based NPKI.
Public Certificate;NPKI;SSL/TLS;Secure Internet Transaction
- RFC 5280, Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, IETF, May 2008.
- Y. K. Song, "Lessons of Public Certificate-related Debates and A Policy-direction Proposal for Future Digital Transactions," KDI FOCUS, no 51, March 2015.
- Financial Security Institute, "A Management Guide for Financial Part Encryption Technologies," Jan. 2010.
- Y. J. Maeng, D. O. Shin, S. H. Kim, D. H. Nyang, and M. K. Lee, "A Vulnerability Analysis of MITB in Online Banking Transactions in Korea," Internet and Information Security, vol 1, no. 2, pp. 101-118, Nov. 2010.
- Financial Services Commission, "Integrated Solutions for Enhancement of Financial Transaction Security," Press Release, July 2013.
- H. S. Kim, J. H. Huh, and R. Anderson, "On the Security of Internet Banking in South Korea," Oxford Univ. Computing Laboratory, CS-RR-10-01, Oct. 2010.
- RFC 5246, The Transport Layer Security(TLS) Protocol Version 1.2, IETF, Aug. 2008.
- S. Kiljan, K. Simoens, D. D. Cock, M. V. Eekelen, and H. Vranken, "Technical Report : Security of Online Banking Systems," Technical Report of Open Universiteit, Feb. 2014.
- CA/Browser Forum, Guidelines For The Issuance And Management Of Extended Validation Certificates Version 1.5.5, March 2015.
- Wikipedia, Forward Secrecy[Internet]. Available : https://en.wikipedia.org/wiki/Forward_secrecy.
- X.1156, Non-repudiation Framework based on One-Time Password, ITU-T, June 2013.