-
公开(公告)号:KR1020040013403A
公开(公告)日:2004-02-14
申请号:KR1020020046308
申请日:2002-08-06
Applicant: 한국전자통신연구원
Abstract: PURPOSE: A system and a method for the credit card based payment on the wireless Internet are provided to offer security between terminals to online goods/service purchase using the wireless Internet, which is used on any protocol such as the WAP(Wireless Application Protocol), the ME(Mobile Explorer), and the I-Mode. CONSTITUTION: A mobile gateway(102) connects a wireless and a wired communication network section. A wireless terminal(100) is connected to the wireless Internet network through the mobile gateway, and transmits/receives the information data for using various goods/service provided from goods/service providing servers connected to the wireless Internet network. A value added service provider(104) requests a payment process to a payment gateway(108) and provides the goods/service depending on a processing result after certifying a user. A certificate authority(106) certifies the users requesting the goods/service by connecting to the value added service provider. The payment gateway processes the payment information applied from the value added service provider by linking an external credit card company, and provides the payment processing result to the user through the value added service provider.
Abstract translation: 目的:提供在无线因特网上用于基于信用卡的支付的系统和方法,以在终端之间提供使用无线因特网的在线商品/服务购买之间的安全性,所述无线因特网在诸如WAP(无线应用协议) ,ME(Mobile Explorer)和I-Mode。 构成:移动网关(102)连接无线和有线通信网络部分。 无线终端(100)通过移动网关连接到无线因特网,并且发送/接收用于使用从连接到无线因特网的商品/服务提供服务器提供的各种商品/服务的信息数据。 增值服务提供商(104)向支付网关(108)请求支付处理,并且在验证用户之后根据处理结果提供商品/服务。 认证机构(106)通过连接到增值服务提供商来证明请求商品/服务的用户。 支付网关通过连接外部信用卡公司来处理从增值服务提供商应用的支付信息,并通过增值服务提供商向用户提供支付处理结果。
-
公开(公告)号:KR1020030052510A
公开(公告)日:2003-06-27
申请号:KR1020010082496
申请日:2001-12-21
Applicant: 한국전자통신연구원
IPC: G06F17/00
Abstract: PURPOSE: A system for installing an application program for mobile client through a wireless Internet and a method thereof are provided to install an application program in the mobile client safely by attaching an electronic signature of a reliable application issuer using a public key encoding technique in a Java platform, distributing a certificate capable of confirming the signature, thereby verifying an integrity of the application program for an authentication of a program code. CONSTITUTION: A contents provider(400) creates an application program file(600) for a mobile client(300). The application server(200) receives an issued certificate from a certification authority(100), possesses a private key for a signature corresponded to the certificate, and creates a specification file(500) of the signed application program. The mobile client(300) downloads the signed application program from the application server(200), verifies an electronic signature, and installs the application program. The specification file(500) of the application program is divided into an application program specification portion and an application program signature portion.
Abstract translation: 目的:提供一种用于通过无线因特网安装用于移动客户端的应用程序的系统及其方法,以通过使用公共密钥编码技术附加可靠应用发行者的电子签名来安全地在移动客户端中安装应用程序 Java平台,分发能够确认签名的证书,从而验证用于程序代码认证的应用程序的完整性。 构成:内容提供商(400)为移动客户端(300)创建应用程序文件(600)。 应用服务器(200)从认证机构(100)接收发行的证书,拥有与证书对应的签名的专用密钥,并创建签名的应用程序的规范文件(500)。 移动客户端(300)从应用服务器(200)下载签名的应用程序,验证电子签名,并安装应用程序。 应用程序的规范文件(500)被分成应用程序指定部分和应用程序签名部分。
-
公开(公告)号:KR100367094B1
公开(公告)日:2003-01-06
申请号:KR1019990046091
申请日:1999-10-22
Applicant: 한국전자통신연구원
IPC: G06Q30/06 , H04N21/6334
Abstract: PURPOSE: The method for distributing the computer program via the on-line is provided to prevent the computer program from duplicating after the on-line distribution, to promote the sale of the computer program via the e-commerce, and to raise the price competition of the computer program good. CONSTITUTION: The method comprises the following steps. The purchaser obtains the PK(Public Key) Authentication of the on-line distribution system from the directory service system of the PKI(Public Key Infrastructure)(S10). The purchaser sends the purchasing information and the purchaser's information(a user's authentication) to the on-line distribution system, and requests the purchase of the desired computer program(S11). The on-line distribution system checks the purchaser's authentication and the purchasing information(S12), and sends the purchase-confirmed message to the purchaser(S13). The purchaser checks the message, pays the bill(S14), and sends the payment information to the on-line distribution system(S15). The on-line distribution system creates the UDP(User Dependant Part), encrypted by the PK of the purchaser, to the computer program(S16). The software package and the receipt are sent to the purchaser(S17). The purchaser installs the computer program to the own computer(S18).
Abstract translation: 目的:通过在线分发计算机程序的方法是为了防止计算机程序在在线分发后复制,通过电子商务促进计算机程序的销售,并提高价格竞争力 的电脑程序很好。 构成:该方法包括以下步骤。 购买者从PKI(公钥基础设施)的目录服务系统获得在线分发系统的PK(公钥)认证(S10)。 购买者将购买信息和购买者信息(用户的认证)发送到在线分配系统,并请求购买期望的计算机程序(S11)。 在线分配系统检查购买者的认证和购买信息(S12),并将购买确认的消息发送给购买者(S13)。 购买者检查消息并支付帐单(S14),并将支付信息发送到在线分配系统(S15)。 在线分配系统创建由购买者的PK加密的UDP(用户相关部分)到计算机程序(S16)。 软件包和收据被发送给购买者(S17)。 购买者将计算机程序安装到自己的计算机上(S18)。
-
公开(公告)号:KR1020010047752A
公开(公告)日:2001-06-15
申请号:KR1019990052111
申请日:1999-11-23
Applicant: 한국전자통신연구원
IPC: G06F15/02
Abstract: PURPOSE: A method for notarizing an electronic document using an electronic signature and a time stamp is provided to confirm an owner and a notarizing time with respect to an electric document of a user by a notarizing institution. CONSTITUTION: After a notarizing institution system is initialized, a notarizing institution system manager drives a notarizing institution initialization module. A notarizing institution program creates a pair of keys for a cryptogram and a signature to be used in the notarizing institution(S201). Two published notarizing keys out of the created two kinds of key pair are registrated in the notarizing institution system in an off-line method(S202). The notarizing institution system manager confirms a user notarizing request receipt, a requesting waiting management, a notarizing requesting process, a notarizing proof process, and a normally install or not of a sub program providing visual information(S203). For a synchronization of the notarizing institution, visual information of the notarizing institution is adjusted based on visual information of the notarizing institution by making a public institution visual information providing module refer to a visual information providing module of the notarizing institution system once after initially driving a visual information providing module so that the visual information providing module is synchronized the public institution visual information providing module and may maintain an identifying visual information(S204).
Abstract translation: 目的:提供使用电子签名和时间戳公证电子文件的方法,以向公证机构确认用户的电子文档的所有者和公证时间。 规定:公证机构体系初步化后,公证机构系统经理推动公证机构初始化模块。 公证机构计划在公证机构中创建密钥和签名的一对密钥(S201)。 所建立的两种密钥对中的两个公证公证密钥在公证机构系统中以离线方式登记(S202)。 公证机构系统经理确认用户公证请求收据,请求等待管理,公证请求处理,公证证明处理,以及正常安装或不安装提供视觉信息的子程序(S203)。 为了公证机构的同步,公证机构的视觉信息根据公证机构的视觉信息进行调整,使得公共机构视觉信息提供模块在最初驾驶之后参考公证机构系统的视觉信息提供模块 视觉信息提供模块,使得视觉信息提供模块与公共机构视觉信息提供模块同步,并且可以维护识别视觉信息(S204)。
-
Patent Agency Ranking
公开(公告)号:KR1020010038208A
公开(公告)日:2001-05-15
申请号:KR1019990046092
申请日:1999-10-22
Applicant: 한국전자통신연구원
IPC: G06F15/00
Abstract: PURPOSE: A certificate authority data management method is provided to manage an application, a generation, a distribution, an update and a cancellation of a public key certificate in a certificate authority. CONSTITUTION: The method comprises steps of allowing a user to input a name, a mail address and a secret code on an application form of a public key certificate(S201), a user system generating a key pair and a session key, and storing the private key in a diskette(S202), the user system generating an electronic signature document by allowing the user to sign by using the private key and coding the electronic signature document(S203, S204), the user system generating an electronic envelope by decoding the session key with a public key(S205), a certificate authority receiving the public key certificate application form and decoding the coded document(S211), the certificate authority checking the user and the level of the certificate(S212), the certificate authority generating a user public key certificate by signing the application form with the private key of the certificate authority(S213), the certificate authority storing the user public key certificate in a temporary database(S214), the user checking the notification transmitted by the certificate authority(S221), the user accessing the certificate authority and transmitting the name, the mail address and the user code(S222), the certificate authority checking the identification of the user by using the transmitted data(S231) and the certificate authority transmitting the public key certificate for signature, and the public key certificate for coding, the public key certificate for coding of a management server and a certificate revocation list(S232).
Abstract translation: 目的:提供证书颁发机构数据管理方法来管理证书颁发机构中的公钥证书的应用程序,生成,分发,更新和取消。 方案:该方法包括以下步骤:允许用户在公钥证书申请表(S201),生成密钥对和会话密钥的用户系统中输入姓名,邮件地址和密码,并存储 私钥(S202),用户系统通过允许用户通过使用私钥进行签名并对电子签名文件进行编码来生成电子签名文档(S203,S204),用户系统通过解码来生成电子信封 会话密钥(S205),接收公开密钥证明书申请表的认证机构并对编码文档进行解码(S211),检查用户的认证机构和证书的级别(S212),证书颁发机构生成 用户公开密钥证书,通过使用认证机构的私钥(S213)签名申请表,证书颁发机构将用户公钥证书存储在临时数据库(S214)中, 用户检查认证机构发送的通知(S221),访问认证机构的用户和发送姓名,邮件地址和用户代码(S222),通过使用发送的数据来检查用户的标识的认证机构 (S231)以及发送用于签名的公钥证书的认证机构,以及用于编码的公钥证书,管理服务器的编码用公钥证书和证书撤销列表(S232)。
-
公开(公告)号:KR1020000056570A
公开(公告)日:2000-09-15
申请号:KR1019990006016
申请日:1999-02-24
Applicant: 한국전자통신연구원
Abstract: PURPOSE: An electronic identity card is complicated to manage because of problems such as private life protection, reliability, and security. So a method to manage the electronic identity card(ID card) for an electronic commerce is provided to guarantee more sure security and convenience for application, issue, receipt, search, store, and update of the electronic ID card. CONSTITUTION: A method for application, issue, and reception of the ID card in an electronic ID card managing system including a user system, an authentication center, and a directory service comprises three steps. In the first step, the user system transmits the ID card issuing application after encoding that. In the second step, the authentication center issues the ID card after decoding the issuing application and confirming the contents. In the third step the user system receives the electronic ID card.
Abstract translation: 目的:电子身份证由于私人生活保障,可靠性和安全性等问题而难以管理。 因此,提供管理电子商务的电子身份证(身份证)的方法,以确保电子身份证的应用,发布,接收,搜索,存储和更新更加确保安全性和便利性。 构成:在包括用户系统,认证中心和目录服务的电子ID卡管理系统中应用,发行和接收ID卡的方法包括三个步骤。 在第一步中,用户系统在编码之后发送ID卡发行应用程序。 在第二步中,验证中心在对发行应用进行解码并发出内容后发出ID卡。 在第三步中,用户系统接收电子身份证。
-
公开(公告)号:KR1020000038071A
公开(公告)日:2000-07-05
申请号:KR1019980052933
申请日:1998-12-03
Applicant: 한국전자통신연구원
CPC classification number: G06F21/604 , G06F21/62
Abstract: PURPOSE: A method for decrypting an encrypted electronic text is provided to recover the encrypted electronic text without help of an electronic text possessor caused by a national security and the possessor's accident, in a procedure using by encrypting electronic text for an office security or a private security. CONSTITUTION: A method for decrypting an encrypted electronic text contains processes. The first process is to initialize a system recovering the encrypted electronic text. In the second process, a transmitter generates a session key to the encrypted electronic text, and then a partial key based on the generated session key. The third process is to generate key recovery information by encrypting each partial session key, and transmit an electronic text message including the information to the transmitter. The fourth process is to recover an encrypted electronic text message by deciding either a recovery procedure according to a procedure determined by a recovery policy, or a recovering procedure which a receiver can not translates an encryption text.
Abstract translation: 目的:提供一种用于解密加密的电子文本的方法,以在通过加密电子文本进行办公室安全或私人的程序中,在没有由国家安全和所有者事故引起的电子文本拥有者的帮助下恢复加密的电子文本 安全。 构成:解密加密的电子文本的方法包含过程。 第一个过程是初始化恢复加密电子文本的系统。 在第二过程中,发射机生成对加密电子文本的会话密钥,然后基于生成的会话密钥生成部分密钥。 第三个过程是通过加密每个部分会话密钥来生成密钥恢复信息,并将包括该信息的电子文本消息发送到发射机。 第四个过程是通过根据由恢复策略确定的过程来确定恢复过程或接收者不能翻译加密文本的恢复过程来恢复加密的电子文本消息。
-
公开(公告)号:KR100243384B1
公开(公告)日:2000-02-01
申请号:KR1019970046851
申请日:1997-09-11
Applicant: 한국전자통신연구원
IPC: H04L9/32
Abstract: 본 발명은 인터넷 기반의 인증국 시스템을 접속하는 사용자가 인증 정보 입력 시 고의로 예외 문자를 이용하여 인증국 시스템에 피해를 입히는 보안 위협을 방지하도록 고의성 불량 사용자를 검색하는 방법과 시스템에 관한 것으로, 악의를 가진 불량 사용자에 의한 인터넷 인증국 시스템의 보안 취약성 문제를 해결하고자 인증국 사용자의 인증국 접속 요청 정보(인증국 주소)입력시와, 인증 정보(인증서 등록, 변경, 취소, 확인) 입력시 발생할 수 있는 보안 공격이 되는 예외 문자 입력을 사전에 여과시키는 기술적인 방법과 인증국 시스템에 접속 요청 시 그리고 인증 정보 입력 시 입력 내용을 검색하여 보안 공격을 일으키는 특수 문자의 확인 시 요청한 작업을 거부하고, 입력자 신원을 확보할 수 있는 방법을 통하여 인증국 시스템의 보안 취약성을 � ��완시키는 것을 특징으로 한다.
-
公开(公告)号:KR1019990025289A
公开(公告)日:1999-04-06
申请号:KR1019970046851
申请日:1997-09-11
Applicant: 한국전자통신연구원
IPC: H04L9/32
Abstract: 본 발명은 인터넷 기반의 인증국 시스템을 접속하는 사용자가 인증 정보 입력 시 고의로 예외 문자를 이용하여 인증국 시스템에 피해를 입히는 보안 위협을 방지하도록 고의성 불량 사용자를 검색하는 방법과 시스템에 관한 것으로, 악의를 가진 불량 사용자에 의한 인터넷 인증국 시스템의 보안 취약성 문제를 해결하고자 인증국 사용자의 인증국 접속 요청 정보(인증국 주소)입력시와, 인증 정보(인증서 등록, 변경, 취소, 확인) 입력시 발생할 수 있는 보안 공격이 되는 예외 문자 입력을 사전에 여과시키는 기술적인 방법과 인증국 시스템에 접속 요청 시 그리고 인증 정보 입력 시 입력 내용을 검색하여 보안 공격을 일으키는 특수 문자의 확인 시 요청한 작업을 거부하고, 입력자 신원을 확보할 수 있는 방법을 통하여 인증국 시스템의 보안 취약성을 � ��완시키는 것을 특징으로 한다.
-
-
-
-
-
-
-
-
Search Results
39
records
(took 0.023 seconds)
