|
 |
|
 |
'KSignWPKI(Wireless
PKI)' provides perfect security infrastructure on fast
changing wireless communication environment by enabling
CA service through mobile phones, PDAs and other handheld
devices.With complying wireless communication standard
protocols such as WAP and MME, 'KSignWPKI' provides
safe and fast CA service over the wireless communication
devices in spite of their limited technical capabilities. |
|
|
 |
Wireless Internet
communication is vastly common these days and more people
are using wireless Internet applications and link to
M-Commerce (e.g. mobile banking, mobile stock trading,
mobile auction service), so there has been more eagerness
to verify identity of service users. At work, more businesses
and enterprises are lively engaging with wireless Internet
enterprise applications to improve working environment
for employees by letting them with safe access to enterprise
network at free location, and to provide customers with
fast and easy of mobile access to service.
Especially, since wireless Internet communication uses
open-air access, it is must to have complete security
in full measurement. To meet these security needs, 'KSignWPKI'
provides secure wireless communication environment by
complying cryptography and digital signature technology.
Therefore, enterprises with 'KSignWPKI' can transact
confidential and important information without disclosing
it during transaction over the open-air, and 'KSignWPKI'
will report any alteration during data transactions,
so the users can have secure service environment too.
As a wireless PKI solution, 'KSignWPKI' provides perfect
security fundamentals on rapidly developing wireless
communication environment that enabling digital certification
service on mobile phone, PDA and other mobile devices.'KSignWPKI'
provides fast and safe digital certification service
on comparatively limited powered wireless end-user devices
by enabling various PKI technologies on wireless communication
environment.
Any disputes caused for denying service record engaged
with M-Commerce transaction can be absolutely prevented
as using digital signature provided by the 'KSignWPKI'
|
|
|
 |
 |
KSignWPKI Components
|
CA (Certification Authority) |
|
RA (Registration Authority) |
|
KGS(Key Generation System) |
|
LRA(Local Registration Authority) |
|
Web Server, Directory Server, Mail Server(Storage) |
|
OCSP(Online Certificate Status Protocol) |
|
TSA(Time Stamp Authority) |
(1) KSignWPKI CA :
the system to issue and administrate digital certificate
|
|
Provide WTLS digital certificate issuance
and administration to content provider(CP) |
|
Provide X.509 v3 format digital certificate issuance
and administration function to end-user mobile device |
|
Provide trust between sender and receiver by
constructing secure communication channel through
digital certificate-based key distribution. |
|
Various security services (e.g. data authentication,
non-repudiation) will be provided to clients (e.g.
end-users, CP) |
(2) KSignWPKI RA : the system to register user information
|
|
Verify user identity, register user
information and authorize issuance |
|
Register, modify or delete user information |
(3) KsignWPKI KGS : the system to generate certificate
request form and key
|
|
Generate public key pair (ECDSA, RSA)
for KSignWPKI CA |
|
Issue certificate issuance request form (support
PKCS#10, RFC2511) to issue certificate |
(4) KSignWPKI
Client (for device)
|
|
Support certificate verification modules
and Accredit CA certificate administration modules |
|
Provide APIs to verify, generate digital signature
and support CP and E2E security services |
|
Issue, reissue, update, revoke and suspend certificate |
5) KSignWPKI Client(for CP)
|
|
Support mobile devices and E2E security
service |
|
Certificate management (e.g. WTLS certificate
issuance request, suspension request) |
|
Support certificate verification modules and
Accredited CA certificate administration modules
|
|
Provide APIs to verify, generate digital signature
and support certificate to revoke WTLS certificate |
|
|
|
 |
(1) Applied
wire/wireless-integrated security foundations
|
|
Provide certificate management including
certificate issuance and other functions for mobile
telecom's users |
|
Support wire/wireless integrated certificate
management for each algorithm. |
(2) International Interoperability
|
|
Applied PKCS and international standard
suggested by IETF PKIX |
|
Provide effective service on limited wireless
communication environment following to WAP Spec. |
(3) Provide same level of
security as in wireline environment
|
|
Support best-suited security algorithm
for mobile phones, PDAs and other mobile devices
|
| |
- Hash algorithm : SHA-1, SHA, MD2/4/5, etc
- Symmetric algorithm : Triple DES, SEED, etc
- Asymmetric algorithm : RSA, ECDSA,ECC, etc |
|
Provided best-suited crypto libraries for mobile
environment |
|
Minimize dysfunctions caused due providing security
service on wireless communication environment. |
(4) Support
various service environments
|
|
Support WTLS Short-lived certificate
mechanism |
|
Support CRL, Delta CRL, OCSP to verify certificate |
|
Support wireless Internet protocols such as WAP(Wireless
Application Protocol) and
ME(Mobile Explorer) |
KSignWPKI IN USE
KSIGN was one of the very first companies to develop
and introduce commercialized wireless PKI system. KSIGN
constructed wire/wireless Root CA for Korea Information
Security Agency as well. Such Public Licensed CAs, Korea
Information Certificate Authority and Korea Financial
Telecommunications & Clearings Institute have also
deployed wire/wireless CA with KSIGN's 'KSignPKI/KSignWPKI'.
LG Telecom and SheCA, Shanghai have selected KSignWPKI
for their eCommerce/mCommerce business operation. It
is no doubt that KSIGN is the leader of wireless communication
security provider for eCommerce/mCommerce.
'KSignWPKI' provides secure wireless Internet transaction
environment enabling trusted mobile Internet banking,
mobile stock trading, mobile auction, information retrieval,
email service and of course, safer eCommerce.
KSIGN supports various types of end-user wireless/wire
access devices (e.g. mobile phone, PDA, PC) and help
to construct effective and safe network environment
by supporting mixture of various crypto algorithms.
'KSignWPKI' can interoperate with various PKI application
products such as Data Validation and Certificate Server
(DVCS), Key Management Infrastructure(KMI), Extranet
Access Management(EAM), PKI-based Conditional Access
System(CAS), Data Encryption Solution(SWAT), Application
Security Toolkit (KSignCASE) and other several PKI products.
|
|
|
|
|
Server |
| |
- Operating System: Minimum Sun Solaris 2.5/2.6
- System: Minimum Ultra10 (Recommended)
- Memory: Minimum 512 MB (Recommended)
- HDD: Minimum 20M (Requested)
- Smart card reader and smart card: CA server use |
|
Client |
| |
- Operating System: MS Windows9X/NT/2000
- System: Minimum Intel Pentium 200MHz (Recommended)
- Memory: Minimum 32 MB (Recommended)
- HDD: Minimum 10MB
- Video: Minimum SVGA (Recommended)
- Smart card and smart card reader: for PC |
|
Installation Requirement |
| |
- Following software must be installed in advance before
installing KSignWPKI 2.0
- WEB Server: Apache web server 1.2/1.3
- Netscape browser: Minimum 4.6/4.7
- Directory Server: Netscape directroy server or Aphlion
directory server
- Data Base: Minimum Oracle 8.1.6 |
|
|
|
|
