• Journal of Digital Convergence
• /
• v.12 no.8
• /
• pp.289-294
• /
• 2014

Recently, the various web service and applications are provided to the user. As to these service, because of providing the service to the authenticated user, the user undergoes the inconvenience of performing the authentication with the service especially every time. The OAuth(Open Authorization) protocol which acquires the access privilege in which 3rd Party application is limited on the web service in order to resolve this inconvenience appeared. This OAuth protocol provides the service which is convenient and flexible to the user but has the security vulnerability about the authorization acquisition. Therefore, we propose the method that analyze the security vulnerability which it can be generated in the OAuth 2.0 protocol and secure user authority authentication method.

• Journal of Internet Computing and Services
• /
• v.18 no.2
• /
• pp.1-11
• /
• 2017

There are two kinds of wireless network access to a certain place by using smart devices - 1) open (anonymous) - access and 2) user-authorized access. The open-access is a non-authorization connection method which does not need to require Smart device's user authorized information. It means open-access use only user's SSID (Service Set Identifier) information to access the wireless AP devices following public wireless network standard. This access mechanism is not suitable to use all of public wireless networks because users have to get all wireless network information around them. As a result, huge data for smart devices should be one of the most critical overload problems for them. Secondly, the user-authorized access method uses wireless network information (SSID and password) chosen by the users. So, the users have to remember and use the network access information data manually whenever accessing the network. Like open-access, this access method also has the operational and inconvenient problem for the users - manually inputting access information whenever connecting to the network. To overcome this problem in both schemes, we propose two improved wireless network access methods: 1) the implementation of automatic AP connection mechanism using user-authorization and iBeacon messages, and 2) SSID registration form for public wireless networks.

• Proceedings of the CALSEC Conference
• /
• 2005.03a
• /
• pp.62-67
• /
• 2005

In traditional approach, enterprise-wide consistent security policy enforcement for applications is very difficult task. Therefore, industry is now moving towards new unified enterprise application security concept that consist of centralized authentication and authorization mechanism. The eXtensible Access Control Markup Language (XACML); an XML-based standard defined by OASIS, is most suitable choice which can support centralized, role based, context aware access control mechanism. It is designed to provide universal standard for writing authorization policies and access control request/response language for managing access to the resources. This paper includes a brief overview on XACML and discusses its benefits, limitations and a data flow process. We propose a new generic access control architecture that supports enterprise wide centralized application level access control mechanism using XACML. The other benefits which can be achieved through this architecture are, reduce adnministration cost and complexity, support of heterogeneous computing platforms, centralized monitoring system, automatic fail over, scalability and availability, open standard based solution and secure communication.

• Journal of Internet Computing and Services
• /
• v.16 no.1
• /
• pp.21-28
• /
• 2015

Currently there are wide variety of web services and applications available for users. Such services restrict access to only authorized users, and therefore its users often need to go through the inconvenience of getting an authentication from each service every time. To resolve of such inconvenience, a third party application with OAuth(Open Authorization) protocol that can provide restricted access to different web services has appeared. OAuth protocol provides applicable and flexible services to its users, but is exposed to reply attack, phishing attack, impersonation attack. Therefore we propose method that after authentication Access Token can be issued by using the E-mail authentication. In proposed method, regular user authentication success rate is high when value is 5 minutes. However, in the case of the attacker, the probability which can be gotten certificated is not more than the user contrast 0.3% within 5 minutes.

• Journal of Convergence for Information Technology
• /
• v.10 no.11
• /
• pp.40-46
• /
• 2020

Safe security technology is required for the startup ecosystem according to the construction and service of a joint open platform in the financial sector. Financial industry standard open API recommends that payment-related fintech companies develop/apply additional security technologies to protect core API authentication keys in the mutual authentication process. This study proposes an enhanced API security protocol using multiple channels. It was designed in consideration of the compatibility of heterogeneous platforms by further analyzing the problems and weaknesses of existing open API related research. I applied the method of concealment to remove the additional security channels into a single channel of the existing security protocols. As a result of the performance analysis, the two-way safety of the communication session of the multi-channel and the security of the man-in-the-middle attack of the enhanced authentication key were confirmed, and the computational performance of the delay time (less than 1 second) in the multi-session was confirmed.

• Journal of information and communication convergence engineering
• /
• v.9 no.5
• /
• pp.562-566
• /
• 2011

As telecommunication technologies in telemedicine services are developed, the expeditious development of wireless and mobile networks has stimulated wide applications of mobile electronic healthcare systems. However, security is an essential system requirement since many patients have privacy concerns when it comes to releasing their personal information over the open wireless channels. Due to the invisible feature of mobile signals, hackers have easier access to hospital networks than wired network systems. This may result in several security incidents unless security protocols are well prepared. In this paper, we analyzed authentication and authorization procedures for healthcare system architecture to apply secure M-health systems in the hospital environment. From the analyses, we estimate optimal requirements as a countermeasure to its vulnerabilities.

• Journal of Korean Academy of Nursing
• /
• v.33 no.3
• /
• pp.395-404
• /
• 2003

Purpose: To make a contribution to raising the quality of nursing and home healthcare services through reviewing the present state of home healthcare nurse specialist training institutions and education programs and creating concrete measures to establish high-quality education courses. Method: International comparative study of accreditation criteria and curriculum in home healthcare nurse specialist program. Result: The Authorization Standards of home healthcare nurse training institutions consists of 8 items, 23 evaluation criteria and 72 evaluation indexes. Proposal to develop a specialist training program: Curriculum. Modify and complement a present homecare nurse education program. Curriculum I. Designate two forms of certification. The first certification has been granted the authority to serve as a manager and open a home healthcare agency to nurses having masters degrees and clinical experience for five years. The second certification is allowed to perform general home healthcare after having completed a short term training course. Currculum 2. To meet increasing demands, granting a certification to perform home healthcare to registered nurses having clinical experience of more than three years. Conclusion: These results can be utilized in the home healthcare educational program for raising the quality of nurses and home healthcare services.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.111-118
• /
• 2021

Banking systems are sensitive to data privacy since users' data, if not well protected, may be used to perform fake transactions. Blockchains, public and private, are frequently used in such systems thanks to their efficiency and high security. Public blockchains fail to fully protect users' data, despite their power in the accuracy of the transactions. The private blockchain is better used to protect the privacy of the sensitive data. They are not open and they apply authorization to login into the blockchain. However, they have a lower security compared to public blockchain. We propose in this paper a hybrid public-private architecture that profits from network virtualization. The main novelty of this proposal is the use of network virtualization that helps to reduce the complexity and efficiency of the computations. Simulations have been conducted to evaluate the performance of the proposed solution. Findings prove the efficiency of the scheme in reducing complexity and enhancing data privacy by guarantee high security. The contribution conducted by this proposal is that the results are verified by the centralized controller that ensures a correct validation of the resulted blockchains. In addition, computation complexity is to be reduced by profiting from the cooperation performed by the virtual agents.

• Korea Trade Review
• /
• v.45 no.2
• /
• pp.177-189
• /
• 2020

The dispute settlement mechanism of the World Trade Organization (WTO) is in great peril. The Appellate Body has ceased to function last December as the United States has blocked the appointment of new Appellate Body members since 2017. The focus of this study is on the examination of US's discontent on the Appellate Body and various efforts to reform the Appellate Body. In a recent report, the US Trade Representative raises its concerns on the Appellate Body including 90 days mandatory deadline, transitional rules for outgoing Appellate Body members, scope of appeal, advisory opinions, precedent, recommendation, and overreach without offering any viable solutions. Some of WTO members and experts proposed several Appellate Body reform measures but agreement between WTO members is unlikely in a foreseeable future. Alternative dispute settlement mechanisms should be seriously considered such as interim appeal arbitration arrangements, separate dispute settlement mechanisms for trade remedies, unilateral retaliatory measures without WTO authorization. Rules-based multilateral dispute settlement system is imperative to small open economies like Korea. The Korean government should actively participate in Appellate Body reform discussions with other WTO members to keep the WTO dispute settlement system from collapsing.

• Journal of The Korean Society of Agricultural Engineers
• /
• v.58 no.2
• /
• pp.21-29
• /
• 2016

This study conducted a basic design of system and interface which provide both of spatial and non-spatial data for water hazard information management. This helps to decide directions of the future integrated water hazard information platform and possible technical examinations of the web-based system for the realization of the prototype. For user friendly system, this study did a survey to investigate the data format, service environment, image processing level and visualization type that users prefer. Also, authorization range was set up by type of the user group. In the water hazard information platform, the data and analysis algorithm were classified by the fields. Furthermore, the platform was consisted with six block systems according to the function and the interface and designed to flexibly mount or modify the additional functions. For a basic design of the data exchange method and protocols, a prototype was constructed by using the spatial information web service technology. The portal service system to visualize and provide spatial data was designed by the WMS/WFS type of OGC standard interface and the FTP/HTTP interface type through open source GIS software for server environment.