HTML5를 이용한 Non-ActiveX 인증 솔루션

Abstract

ActiveX and public certificate are used in most of financial institutions and public institutions for authentication policy. ActiveX, which is developed by MS(Microsoft) and available in IE(Internet Explorer), has been utilized to improve the web browser by using expansion tools such as DLL(Dynamic Linking Library) and OCX(Object Linking and Embedding Custom Control). However, it may cause three problems as follows: First, can be used only in IE of MS Windows. Therefore ActiveX has low generality and is not compatible even with another version of IE. Second, functions for available system access such as keyboard security can be exploited by malicious codes due to the vulnerabilities of ActiveX. Third, installing ActiveX indiscriminately can lower the speed and shutdown of the web browser. In this thesis, we introduce existing solutions which use the certificate without ActiveX, and propose our solution which makes up for the weak points of existing solutions by utilizing HTML5 and Javascript. Furthermore, we present the advantages of our solution compared to the ActiveX and existing solutions.