• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.141-151
• /
• 2004

According to the improvemnent of electronic commerce, the requirements of security devices are becoming increasingly pervasive. The security API must design easily and securely to support a compatibility feature between security devices. It is chosen the PKCS #11 interface by RSA Labs that shows the compatibility and extensibility standards of many application product and implementation, and supported KCDSA mechanism which is a korean digital signature standard. And the PKCS #11 security API defines new key management function which provides more secure key management ability. We suggest the object attributes and templates of KCDSA private and public key object, generate and verify digital signature using KCDSA mechanism. The PKCS #11 supporting KCDSA mechanism is designed, implemented using C-Language, tested a performance, and analyzed the security and compatibiltiy feature.

• Journal of Information Technology Services
• /
• v.10 no.3
• /
• pp.179-188
• /
• 2011

Biometrics is one of promising future technologies within personal identification area, and its application stretches to other variety industry site. Therefore it is necessary to test whether these products are implemented in conformance withe the BioAPI international standard specification. This paper presents the specific construction and application examples of BioAPI v2.0 conformance test suite according to the method described in ISO/IEC 24709. The problems and experience that have been discovered in the construction are described. Three BSP products claiming conformance to BioAPI was tested by proposed the test methodology and tools.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.49 no.9
• /
• pp.370-378
• /
• 2012

This paper proposes a method of constructing of hybrid web-based smart learning system to operable in a variety of mobile devices. To do this, the proposed system is developed a learning system with standardized and enhanced functions. In the proposed method, API specifications based on the standard functionality of smart learning system are created. And then, by building the API provider on a legacy system an organic linkage between the legacy system and the smart learning system is guaranteed. A standard API method is applied to data integration between the PC-based learning system and the smart learning system. The smart learning system interacts with legacy learning systems though Json/XML data forms via the https protocol. As a result, the legacy system using the proposed method dose not require major modifications and changes for a smart learning service.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10a
• /
• pp.334-336
• /
• 2004

국내 전자상거래 제품과의 호환성과 확장성을 위하여 국내 전자서명 표준인 KCDSA(Korean Certificate-based Digital Signature Algorithm) 메커니즘을 PKCS(Public Key Cryptographic Standard) #11 암호 API(Application Programming Interface)에 기능을 추가한다. PKCS #11에서 정의한 키 관리(Hey Management) 함수의 입력 파라미터에 암호화할 키를 바로 입력하면 변조된 키를 전달할 수 있으므로, 본 논문에서는 안전한 키보호(Key Protection) 함수를 새로 정의하여 암호화할 키 대신 사용자 PIN(Personal Identification Number: 패스워드) 입력하여 사용자의 KCDSA 개인키와 공개키를 보다 더 안전하게 보관하고자 한다.

• Journal of the Korea Convergence Society
• /
• v.5 no.2
• /
• pp.1-6
• /
• 2014

Latest Smart TV is rapidly increasing in prevalence. Smart-TV can provide reserve-service, training-service, and game service to user. Smart-TV need standard API for user requested app to run it. In this case, the cracker can run Malicious apps or user-request contents to modify it by analysis of the vulnerability of the smart-TV platform. Therefore, we modify the extension API on Smart-TV to prevent hacking. Our proposed research method can support that device is illegal in Smart-TV device can prevent unauthorized access.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6A
• /
• pp.115-127
• /
• 2008

The Native API is a system call which can only be accessed with the authentication of the administrator. It can be used to detect a variety of malicious codes which can only be executed with the administrator's authority. Therefore, much research is being done on detection methods using the characteristics of the Native API. Most of these researches are being done by using supervised learning methods of machine learning. However, the classification standards of Anti-Virus companies do not reflect the characteristics of the Native API. As a result the population data used in the supervised learning methods are not accurate. Therefore, more research is needed on the topic of classification standards using the Native API for detection. This paper proposes a method for re-grouping malicious codes using fuzzy clustering methods with the Native API standard. The accuracy of the proposed re-grouping method uses machine learning to compare detection rates with previous classifying methods for evaluation.

• Journal of Internet of Things and Convergence
• /
• v.9 no.2
• /
• pp.47-54
• /
• 2023

The MyData service makes anyone possible to apply the personal information for the personal credit management or the financial management by proactive managing his/her own information. The MyData means that the anyone is able to control or manage the its own information by changing from the company-oriented or the organization-oriented information to his/her own information. It is mandatory to develop the API G/W which transforms the different user format to the standard format to support the MyData service. This study is to design the API G/W for the MyData service and the designed API G/W supports the 4 major functions - Validation function, Throttling function, Authentication&Authorization function, Mediation function. The designed API G/W make it possible to support the safely and efficient MyData service by serving the various queries with the different formats.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.621-624
• /
• 2002

최근 급속도로 발전하고 있는 생체인식 분야는 상업적인 활성화와 이에 따른 사용자의 신뢰성 확보를 위해 서로 다른 생체인식 제품들의 상호호환성과 상호연동성을 고려한 표준화된 생체인식 데이터 및 API에 대한 기술 개발을 하고 있으며, 이러한 생체 인식 기술의 표준화는 제품들의 호환성 측면에서 매우 중요하므로 생체 정보를 이용하는 모든 제품에 대하여 시스템과 소프트웨어에 대한 표준적합성 시험이 요구될 것이다. 이에 따라 본 연구에서는 생체인식시스템 응용 인터페이스 표준 규격인 BioAPI에 대하여 표준 적합성 시험도구를 개발하기 위하여 우선적으로 BioAPI 표준규격에서 명시하는 필수함수에 대한 표준적합성시험을 수행하였다.

• The KSFM Journal of Fluid Machinery
• /
• v.12 no.5
• /
• pp.47-53
• /
• 2009

A rotordynamic and detailed stability analysis in accordance with API 617 standard were performed with a turbo-compressor, which is one of key rotating machinery in refinery, petroleum, and power plants. The system is composed of rotor shaft, impeller, sleeve hub, balance drum, and coupling hub. The rotor system is supported by tilting pad bearings, which has 5 pads and pad on loading condition. The rotordynamic analysis specified by API 617 includes the critical speed map, mode shape analysis, Campbell diagram, unbalance response analysis, and stability analysis. In particular, the specifications of stability analysis consist of a Level 1 analysis that approximates the destabilizing effects of the labyrinth seals and aerodynamic excitations, and Level 2 analysis that includes a detailed labyrinth seal aerodynamic analysis. The results of a rotordynamic analysis and stability analysis can evaluate the operating compressor health and can be utilized as a guide of its maintenance, repair and trouble solution.

• Journal of Convergence for Information Technology
• /
• v.10 no.11
• /
• pp.40-46
• /
• 2020

Safe security technology is required for the startup ecosystem according to the construction and service of a joint open platform in the financial sector. Financial industry standard open API recommends that payment-related fintech companies develop/apply additional security technologies to protect core API authentication keys in the mutual authentication process. This study proposes an enhanced API security protocol using multiple channels. It was designed in consideration of the compatibility of heterogeneous platforms by further analyzing the problems and weaknesses of existing open API related research. I applied the method of concealment to remove the additional security channels into a single channel of the existing security protocols. As a result of the performance analysis, the two-way safety of the communication session of the multi-channel and the security of the man-in-the-middle attack of the enhanced authentication key were confirmed, and the computational performance of the delay time (less than 1 second) in the multi-session was confirmed.