사물인터넷융복합논문지 (Journal of Internet of Things and Convergence)

한국사물인터넷학회 (The Korea Internet of Things Society)
권호 표지
DOI QR코드

DOI QR Code

솔라나 블록체인을 이용한 키오스크 결제 데이터 보안 시스템 제안

Proposal of Kiosk Payment Security System using Public Blockchain

  • 김성헌 (백석대학교 컴퓨터공학부) ;
  • 강혁 (고려대학교 영상정보처리협동) ;
  • 이근호 (백석대학교 컴퓨터공학부)
  • Kim, Seong-Heon (Division of Computer Science and Engineering, Baekseok University) ;
  • Kang, hyeok (Program in Visual Information Processing, Korea University) ;
  • Lee, Keun-ho (Division of Computer Science and Engineering, Baekseok University)
  • 투고 : 2022.07.14
  • 심사 : 2022.08.24
  • 발행 : 2022.10.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

오늘날 결제 시스템이 무인화되면서 키오스크로 결제하는 방식으로 변화하고 있다. 이는 소비자가 화면 터치만으로 메뉴 선택 및 구매 제품 개수를 지정할 수 있어 결제가 편리하다는 장점을 가진다. 그러나 시스템 보안 측면에서 바라보면, 실재하는 키오스크 시스템은 다양한 취약점이 존재한다. 이는 관리자 계정을 탈취하여 시스템 권한을 획득하고, 악의적인 행위를 진행할 수 있다. 또한 결제 개수를 비정상적으로 증가하여 불필요한 자원을 낭비하고, 기기가 정상적인 작동이 불가하도록 진행되게 할 가능성이 존재하는 등 많은 보안 위협에 노출되어 있다. 따라서 본 논문에서는 solana 블록체인의 참여자의 어떠한 노드가 올바르지 않은 fork를 승인한다면, 투표한 노드들의 지분은 삭제된다는 점을 이용한다. 또한 블록체인의 특성상 거래내역을 참여자 모두 볼 수 있기 때문에, 프라이빗 블록체인을 통해 접근권한 부분을 분리해 두도록 하여, 키오스크 결제에 대한 취약점을 개선하는 시스템의 논문을 작성하고자 한다.

Today's payment systems are becoming unmanned and changing to a way of paying with kiosks. This has the advantage of convenient payment because consumers can select a menu and specify the number of products to be purchased with just a touch of the screen. However, from the point of view of system security, the actual kiosk system has various vulnerabilities. This can hijack the administrator account, gain system privileges, and perform malicious actions. In addition, it is exposed to a number of security threats, such as the possibility of wasting unnecessary resources by abnormally increasing the number of payments, and causing the device to fail to operate normally. Therefore, in this paper, if any node of a participant in the solana blockchain approves an incorrect fork, the stake of the voting nodes is deleted. Also, since all participants can see the transaction history due to the nature of the block chain, I intend to write a thesis on a system that improves the vulnerability of kiosk payments by separating the access rights through the private blockchain.

키워드

과제정보

본 논문은 2020년도 정부(교육부)의 재원으로 한국연구재단의 지원을 받아 수행된 기초연구사업임(NRF-2020R1I1A3069008)

참고문헌

  1. J.H.Hong, "Technology evaluation of blockchain technology and applicatbility to financial sector", Journal of Payment and Settlement Vol.13, No.1, pp221-168, 2021. https://doi.org/10.22898/KPSAKR.2021.13.1.221
  2. D.H.Sung, J.H.Jang, Y.J.Jun and Y.J.Kim, "A Study on Blockchain based Data Security Method", Korea IT Policy Management Assosciation, Vol.11, No.2, pp1207-1211, 2019.
  3. J.H.Hong, "Technology evaluation of blockchain technology and applicability to financial sector", Journal of Payment and Settlement, Vol.13, No.1, pp.221-255, 2021 https://doi.org/10.22898/KPSAKR.2021.13.1.221
  4. J.J.Kim, "A Study on Business Application of Payment System using BlockChain Technology", The e-Business Studies, Vol.29, No.6, pp.349-364, 2018.
  5. J.K.Park and E.J.Kim, "A Study on Adoption and Policy Direction of BlockChain Technology in Financial Industry", JITS Jounral of Information Technology Services, Vol.16, No.2, pp33-44, 2017.
  6. H.N.Choi, "A Study Application of Blockchain Platform to Trade Process based on Hyperledger Fabric", International Commerce and Information Review, Vol.23, No.2, pp.3-20, 2021.
  7. K.H.Lee, "A Scheme for Information Protection using Blockchain in IoT Environment", Journal of the Korean Association of Internet of Things, Vol.5, No.2, pp33-39, 2019.
  8. J.H.Kang, "A Study on consumer acceptance intention of unmanned order payment systems of foodservice companies", International Journal of Tourism and Hospitality Research Vol.32, No.21, pp152-168, 2018.
  9. H.J.Kim and J.M.Lee, "Consumers' Resistance and Continued Use Intention of Self-service Kiosk", Family and Environment Research, Vol.58, No.3, pp401-416, 2020. https://doi.org/10.6115/fer.2020.029
  10. H.S.Choi and Y.H.Cho, "A Study on the Improvement Directions of Mobile Simple Payment System Usage Status Point of View", KSDIM Korea Society of Digital Industry and Information management, Vol.15, No.4, pp51-62.
  11. Shinhan Card Co., Ltd, and Faymint Co., Ltd and Blockchain Factory. Credit virtual currency generation device and credit virtual currency management device. Kr Patent 1020190062800, filed November 29, 2017 and issued July 23, 2019.
  12. J.M.Chung, "The Issues of the Crytocurrency in Civil Law", Korean Civil Law Society, Vol.98, No.98, pp.3-36, 2022. https://doi.org/10.52554/kjcl.2022.98.3
  13. D.W.Ko, "Legal Analysis of a Crypto Asset in Korea", Korean Commercial Case Studies Association, .Vo1.31, No.4, pp291-318, 2018.
  14. S.H Choi, "[Tech Column] The era of unmanned devices is in full swing ① Security of unmanned devices exposed as defenseless ", security news, "https://www.boannews.com/media/view.asp?idx=94315", 2021.
  15. W.J.Ji, "A Security Vulnerability Analysis for Printer Kosks", Journal of the Korea Institute of Information Security and Cyptoology, Vo1.29, No.1, pp165-174, 2019.