DOI QR코드

DOI QR Code

A History Check System of Public Electronic Certificate using OCSP Service

OCSP 서비스를 이용한 공인인증서 사용이력 확인 시스템

Kim, Nam-Gon;Cho, Beom-Joon
김남곤;조범준

  • Received : 2015.12.31
  • Accepted : 2016.02.05
  • Published : 2016.03.31

Abstract

Public electronic certificates, as an important means for identification, have been used as the main economic transactions, including banking, e-government, e-commerce. identification. However, damage cases of certificates have been increased by Illegally issued and by hacking practices. Also the users have a difficult in ensuring that their certificates when and where to use. Therefore, the proposed system gives the organization code for the Institutions using OCSP services in advance, the organization code embedded in extensions of OCSP request message structure when institutions ask the validation of certificate to CA(Certificate Authority). Also, OCSP server can extract the organization code from OCSP request message, confirm the institution, and record it in certificate history management table of DB. In this paper, we presented a system that could determine the certificate history check using OCSP service, public electronic certificate validation service, and implemented to prevent and cope immediately with financial incidents.

Keywords

Public electronic certificate;Certificate history;Organization code;OCSP service

References

  1. J. H. Lee, "Legal study on the electronic signature and certification system in Korea," Ph. D. dissertation, Kyung Hee University, Seoul, 2012.
  2. M. Myers, et al. (1999, June). RFC 2560 - X.509 Internet public key infrastructure, online certificate status protocol-OCSP. [Online]. Available: https://www.packetizer.com/rfc/rfc2560/
  3. A. Arnes, "Public key certificate revocation schemes," Master thesis, Queen's University, Ontario, Canada. pp. 22-26, 2000.
  4. D. Cooper, et al. (2008, May). Internet X.509 public key Infrastructure certificate and certificate revocation list (CRL) profile. [Online] Available: https://datatracker.ietf.org/doc/rfc5280/
  5. Korea Internet & Security Agency [Internet]. Available: http://www.kisa.or.kr.
  6. K. J. Kim, and T. M. Chang, "A study on efficient CRI managing for certificate status validate in distributed OCSP," Journal of the Korea society of computer and information, vol. 13, no. 3, pp. 91-97, May 2008.
  7. Korea Financial Telecommunication & Clearings Institute [Internet]. Available: http://www.kftc.or.kr
  8. Y. G. Song, "Technology standardization, government intervention, and public electronic certificate in Korea," KDI Journal of Economic Policy, vol. 37, supplementary issue, pp. 3-32, March 2015.

Acknowledgement

Supported by : Chosun University