• Journal of Internet Computing and Services
• /
• v.7 no.1
• /
• pp.121-130
• /
• 2006

In next generation wireless networks, an application must be capable of rating service information in real-time and prior to initiation of the service it is necessary to check whether the end user's account provides coverage for the requested service. However, to provide prepaid services effectively, credit-control should have minimal latency. In an endeavor to support real-time credit-control for Mobile IPv6 (MIPv6), we design an implementation architecture model of credit-control authorization. The proposed integrated model combines a typical credit-control authorization procedure into the MIPv6 authentication procedure. We implement it on a single server for minimal latency. Thus, the server can perform credit-control authorization and MIPv6 authentication simultaneously. Implementation details are described as software blocks and units. In order to verify the feasibility of the proposed model. latency of credit-control authorization is measured according to various Extensible Authentication Protocol (EAP) authentication mechanisms. The performance results indicate that the proposed approach has considerably low latency compared with the existing separated models, in which credit-control authorization is separated from the MIPv6 authentication.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.76-79
• /
• 2007

RFID is issued as a core technology for Ubiquitous environment recently. Especially, Mobile RFID which is converged with RFID and wireless internet, provides new services to users, increased added-value to service providers. For commercial service of Mobile RFID, it needs an accounting service. The Diameter Base Protocol, mostly used for authentication, authorization, and accounting service, supports only deferred accounting service. For more variable accounting policy, Diameter Credit-Control Application which is capable of prepayment accounting, also should be considered. In this paper, a new accounting model with Diameter Credit-Control Application for Mobile RFID service is proposed.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2005.11a
• /
• pp.281-284
• /
• 2005

Kerberos is system that offer authorization in internet and authentication service. Can speak that put each server between client and user in distributed environment and is security system of symmetry height encryption base that offer authentication base mutually. Kerberos authentication is based entirely on the knowledge of passwords that are stored on the Kerberos Server. A user proves her identity to the Kerberos Server by demonstrating Knowledge of the key. The fact that the Kerberos Server has access to the user's decrypted password is a rwsult of the fact that Kerberos does not use public key cryptogrphy. It is a serious disadvantage of the Kerbercs System. The Server must be physically secure to prevent an attacker from stealing the Kerberos Server and learning all of the user passwords. Kerberos was designend so that the server can be stateless. The Kerberos Server simply answers requests from users and issues tickets. This study focused on designing a SIP procy for interworking with AAA server with respect to user authentication and Kerberos System. Kerberos is security system of encryption base that offer certification function mutually between client application element and server application element in distributed network environment. Kerberos provides service necessary to control whether is going to approve also so that certain client may access to certain server. This paper does Credit-Control Server's function in AAA system of Diameter base so that can include Accounting information that is connected to Rating inside certification information message in Rating process with Kerberos system.

• Proceedings of the KIEE Conference
• /
• 1987.07b
• /
• pp.1018-1021
• /
• 1987

This describes the standardization plan of data format (track 2) in magnetic stripe card and message format between terminal and host computer. The track 2's data format is composed of PAN and additional data based on ISO 3554. In the present social status of Korea, the VISA B message format is recommended.

• Journal of Information Technology Services
• /
• v.13 no.4
• /
• pp.245-254
• /
• 2014

Payment system is defined as the various contracts and operating facilities for the transfer of monetary value to clear the relationship between credit and debt. Payment systems essentially require the efficient and reliable operations. Card-based payment systems are developed practically and creatively in accordance with the progress of ICT. Especially in mobile environment with intelligent mobile devices such as smart-phones and tablets, a variety of payment services are provided. Existing card-based payment services are configured by the payment transaction initiated by the merchants card acceptance and then swiping into the CAT (Card Authorization Terminal) to begin the transaction. The merchant initiated payment services are now applied to the Wireless CAT (W-CAT) for mobile environment. That kind of payment services cause many problems such the illegal card information leaks and the lingering threat of W-CAT theft. Also, the use of many W-CATs increased cost to the merchant. In this paper, we propose the card holder initiated card payment system using the intelligent mobile devices in mobile environment for solving problems of the existing merchant initiated card payment system and coping effectively with the activation of a wireless data network and changes of information technology.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.3
• /
• pp.53-64
• /
• 2017

Korean Identification card or driver license is usually used to verify one's identity in Korea. These are also used as an adult certification. Since the form of these ID card is an analog and it needs to be checked with naked eyes, it might be used maliciously. Someone who's got someone else's ID card can do other things. Therefore, it must be reported rapidly when ID card is lost or stolen. The most serious problem might be occurred when they do not recognize and report the loss. They might suffer from pecuniary or mental damage such as opening a mobile phone service, providing loan or credit card, opening a personal checking account, etc. Thus, this study suggests and compares the ways of avoiding these problems. First, the most effective way is to send the authorization code via mobile phones in consideration of build-up period and cost. The person in charge of business processing department using ID card sends the authorization code via registered mobile phone. The owners submits it to the person and their identifications are confirmed. Next effective way is that the person in charge of business processing department using ID card sends text messages via registered mobile phone. Lastly, the most ineffective way is to introduce and implement the electronic ID card ultimately even though it is expensive and takes a long time to build up the system.

• 대한공업교육학회지
• /
• v.33 no.2
• /
• pp.26-43
• /
• 2008

The purpose of this study is to survey of specialists cognition to authorize credits for the same subjects in entering a department of the same area in college among technical high school graduates. Today with generalized college education, about 80% of technical high school graduates enter college. Therefore, authorization of credits for the same subjects is necessary to reduce educational waste in terms of articulation among technical high schools, junior colleges and universities. In this study, a survey was conducted with 100 specialists in technical education, including technical high school teachers, researchers, and professors at junior college or technical college in university, getting answers from 84 subjects (81.25%). The results of this research can be summarized as follows: First, it is valid to authorize credits for all practical subjects completed in technical high school when technical high school graduates enter the same department at college but most of junior college professor unsuitable response. Second, it is valid to authorize credits through its own prescribed test for the same subjects when technical high school graduates enter the same department of engineering at junior college or technical college in university but opposed 62.5% of junior college professor. Third, it is most of respondent valid to authorize credits for the same subjects if results of its own examination for authorization by university are at a fixed level or higher when technical high school graduates are admitted as a junior at the same department in technical college of university after graduation from the same department at junior college.

• Journal of Internet of Things and Convergence
• /
• v.9 no.2
• /
• pp.47-54
• /
• 2023

The MyData service makes anyone possible to apply the personal information for the personal credit management or the financial management by proactive managing his/her own information. The MyData means that the anyone is able to control or manage the its own information by changing from the company-oriented or the organization-oriented information to his/her own information. It is mandatory to develop the API G/W which transforms the different user format to the standard format to support the MyData service. This study is to design the API G/W for the MyData service and the designed API G/W supports the 4 major functions - Validation function, Throttling function, Authentication&Authorization function, Mediation function. The designed API G/W make it possible to support the safely and efficient MyData service by serving the various queries with the different formats.

• Journal of KIISE:Information Networking
• /
• v.35 no.4
• /
• pp.345-354
• /
• 2008

Recently, small-scale mobile network which is composed of many mobile devices in a man becomes popular. Also, Examples of large-scale mobile network can be thought access networks deployed on public transportation such as ships, trains and buses. To provide seamless mobility for mobile nodes in this mobile network, binding update messages must be exchanged frequently. However, it incurs network overhead increasingly and decreases energy efficiency of mobile router. If we try to reduce the number of the messages to cope with the problem, it may happen the security -related problems conversely Thus, mobile router needs a effective algorithm to update location information with low cost and to cover security problems. In this paper, mobility management scheme based on mobile router's mobility pattern is proposed. Whenever each mobile router leaves a visiting network, it records related information as moving log. And then it periodically computes mean resident time for all visited network, and saves them in the profile. If each mobile router moves into the visited network hereafter, the number of binding update messages can be reduced since current resident time may be expected based on the profile. At this time, of course, security problems can happen. The problems, however, are solved using key credit, which just sends some keys once. Through extensive experiments, bandwidth usages are measured to compare binding update messages in proposed scheme with that in existing scheme. From the results, we can reduce about 65% of mobility-management-related messages especially when mobile router stays more than 50 minutes in a network. Namely, the proposed scheme improves network usage and energy usage of mobile router by decreasing the number of messages and authorization procedure.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.41
• /
• pp.79-102
• /
• 2009

L/C transaction, the most important issue for the seller and the buyer is the theory of documentary transaction and the theory of strict compliance which are the principles of L/C transactions. According to the leading cases in England and America where the practice of L/C transactions was created and developed, the descriptions of the commodities specified on all the documents which are submitted based on an L/C, should be identical to the descriptions of commodities specified in the L/C. And further, many leading cases of L/C continuously repeat to emphasize strict compliance. However, the recent leading cases in and out of the country show that the principle of strict compliance is being weakened. The leading cases in America show two trends of weakening the principle of strict compliance. That is, on the contrary to strict compliance, tends to apply substantial compliance (which puts more value on the substance of the documents). These leading cases reflect the attitudes of the judicial and the legislative authorization that don't want to approve formal approach to the commercial law. Recently, the Supreme Court of Korea is giving a decision on the principle of strict compliance, "The documents attached to an L/C should strictly comply with the conditions in the L/C, but it doesn't mean that they should be perfectly identical without any mistake in words. In case the bank can understand through reasonable care that a small mistake in words is too trivial to give different meaning or to give damage to the conditions of the L/C, the documents are regarded to comply with the conditions of the L/C. However, the judgment should be based on whether the difference between the documents and the L/C can be admitted by the international standard bank transaction practice or not." This decision tells that the principle of strict compliance is quite much modified so application of this modification can't be ignored. However, from the viewpoint of the party who requests to open an L/C, there is a criticism that a bank's arbitrary judgement can be involved. Therefore, reviewing the original purpose of L/C transactions (activating international transactions), the principle of strict compliance may be thought old-fashioned because it emphasizes a form, but in reality, for prompt transaction and payment, the principle of strict compliance should be observed in L/C transactions. And further, if a legislative device is prepared to systematically compensate for several side-effects, the principle of strict compliance will improve dynamic flow of prompt and low-costly L/C transactions. On the other hand, it will be able to protect the interested parties.