• Journal of Digital Convergence
• /
• v.15 no.3
• /
• pp.175-180
• /
• 2017

In accordance with the development of IT industry worldwide, software industry has also grown tremendously, and it is exerting influence on the general society starting from daily life to financial organizations and public institutions. However, various security threats that can inflict serious threat to provided services in proportion to the growing software industry, have also greatly increased. In this thesis, we suggest a smart fuzzing system combined with black box and white box testing that can effectively detectxdistinguish software vulnerability which take up a large portion of the security incidents in application programs.

• Journal of Korea Society of Industrial Information Systems
• /
• v.16 no.4
• /
• pp.53-65
• /
• 2011

As the Information and Communication Technologies continue to advance, some sensitive services (e.g. e-commerce, on-line financial service, and etc.) have spread rapidly. Accordingly, ensuring the safety of the sensitive service itself using personal Information as well as the protection of personal Information Is becoming very important. In addition, with the popularization of smart phone and the universalized use of wireless Internet, many services that have been provided on the basis of the conventional wired network are increasingly propagating to wired and wireless converged network environment. These changes in the network environment requires new paradigm for the pursuit of safe and stable communication. In this paper, we propose seamless and secure service framework that can facilitate a sustainable secure connection between the user terminal and the sensitive service system by using both the personal and network Information. The proposed service framework is capable of isolating the source of authorized use by a third party of the personal Information as far as the user terminal is not lost, although some personal Information is disclosed. Besides, it can provide a seamless and safe service environment even if the access network is changed by relocation of terminals in the heterogeneous mobile network environment.

• Management & Information Systems Review
• /
• v.39 no.2
• /
• pp.39-60
• /
• 2020

Block chain technology is one of the core elements for realizing the 4^th industrial revolution, and many efforts have been made by government and companies to provide services based on block chain technology. In this study we analyzed the benefits of block chain technology for EVMS and designed EVMS block chain platform with increased data security and work efficiency for project management data, which are important assets in monitoring progress, foreseeing future events, and managing post-completion. We did the case studies on the benefits of block chain technology and then conducted the survey study on security, reliability, and efficiency of block chain technology, targeting 18 block chain experts and project developers. And then, we interviewed EVMS system operator on the compatibility between block chain technology and EVM Systems. The result of the case studies showed that block chain technology can be applied to financial, logistic, medical, and public services to simplify the insurance claim process and to improve reliability by distributing transaction data storage and applying security·encryption features. Also, our research on the characteristics and necessity of block chain technology in EVMS revealed the improvability of security, reliability, and efficiency of management and distribution of EVMS data. Finally, we designed a network model, a block structure, and a consensus algorithm model and combined them to construct a conceptual block chain model for EVM system. This study has the following contribution. First, we reviewed that the block chain technology is suitable for application in the defense sector and proposed a conceptual model. Second, the effect that can be obtained by applying block chain technology to EVMS was derived, and the possibility of improving the existing business process was derived.

• Review of KIISC
• /
• v.26 no.4
• /
• pp.41-46
• /
• 2016

전통적으로 바이오인식기술은 출입국심사(전자여권, 승무원 승객 신원확인), 출입통제(도어락, 출입통제 근태관리), 행정(무인민원발급, 전자조달), 사회복지(미아찾기, 복지기금관리), 의료(원격의료, 의료진 환자 신원확인), 정보통신(휴대폰 PC 인터넷 인증), 금융(온라인 뱅킹, ATM 현금인출) 등 다방면에서 폭넓게 보급되어 실생활에서 널리 활용되고 있다. [그림1]은 신체적 특징(Physiological biometrics)과 행동적 특징(Behavioral biometrics)을 이용한 사용자 인증기술인 바이오인식기술의 유형과 함께 각 기술별 보안취약점(괄호 안 빨강색글자)을 나타내고 있다. 최근 들어, 모바일 지급결제서비스 ATM 인출기 인터넷전문은행 등과 같은 핀테크 분야에서 비대면 인증기술로 바이오인식기술이 각광을 받기 시작했다. 한편, 가짜지문 등 기존의 신체적 특징을 이용한 바이오인식기술의 위변조 위협에 대한 우려 존재함에 따라 뇌파 심전도 근전도 맥박 등 살아있는 사람의 행동적(신체의 기능적) 특징을 이용한 생체신호를 이용하여 비대면 인증기술로서 활용하기 위하여 주요 선진국에서 차세대 바이오인식 기술개발이 가속화되고 있는 추세이다.[1] 또한, 이러한 생체신호는 최근에 삼성전자, LG전자, 애플 등에서 스마트워치를 통해 심장박동수를 측정하고 스마트폰을 통하여 모바일 지급결제, 헬스케어 등과 같은 IoT 모바일 융복합 응용서비스에 활용될 전망이다. 본고에서는 뇌파 심전도(심박수)와 같은 생체신호를 측정하는 스마트워치 밴드형 의복형 또는 패치형태의 웨어러블 디바이스와 같은 생체신호센서, 생체신호 인증기술 및 관련표준화 동향을 고찰해 보기로 한다. 국내외 관련기술과 표준화 동향을 면밀히 분석하여 지난 2015년 5월29일에 발족한 국내외 전문가그룹인 KISA"모바일 생체신호 인증기술 표준연구회"(이하 KISA 표준연구회)가 구심점이 되어 한국형 생체신호를 이용한 차세대 텔레바이오인식기술에 대한 연구개발과 국내외 표준화 추진에 박차를 가할 계획이다.

• Journal of Advanced Navigation Technology
• /
• v.15 no.4
• /
• pp.655-663
• /
• 2011

Recently, with improvement of internet service technology, web service has been affecting the environment for computing user. Not only current events, economics, game, entertainment, but also personal financial system is processed by web pages through internet. When data transmission is implemented on the internet, webpage acquire text form code and transform them to DOM information, and then shows processed display to user by web browser. However, those information are not only easily accessed by diversified route, but also easily deformed by intentional purpose. Furthermore, it is also possible to acquire logon information of users and certification information by detouring security mechanism. Therefore, this dissertation propose the method to verify integrity of web contents by using BHO which is one of the Add-On program based on MS Internet Explorer platform which is one of major web browser program designed by MicroSoft to detect any action of webpage deformation.

• Journal of Digital Convergence
• /
• v.13 no.9
• /
• pp.89-98
• /
• 2015

To celebrate the convergence era, Park Geun-Hye government has adhered to the principle sets out to secure revenue no tax increase due to the underground economy legalization, etc. Recently due to the tax deduction policies such as cash receipts and credit card is like getting better transparency on income. However, focusing on the self-employed Evaded income scale is increasing steadily. For the underground economy legalization, it has the plan to increase the transparency of the capital market due to the strengthening of the cash receipt system and the mobile payment market. The purpose of this study is that it hopes the domestic mobile payment market is expanding for the underground economy legalization. To this end, domestic financial companies are hoping to develop a variety of additional services. And the mobile payments market is hoping to gain the trust our customers due to safety and security, etc. As a result the underground economy is expected to disappear naturally.

• Journal of Practical Engineering Education
• /
• v.16 no.3_spc
• /
• pp.327-332
• /
• 2024

The spread of smart phones provides users with a variety of services, making their lives more convenient. In particular, financial transactions can be easily made online after user authentication using a smart phone. Users easily access the service by authenticating using a PIN, but this makes them vulnerable to social engineering attacks such as spying or recording. We aim to increase security against social engineering attacks by applying the authentication method including imaginary numbers when entering a password at the door lock to smart phones. Door locks perform PIN authentication within the terminal, but in smart phones, PIN authentication is handled by the server, so there is a problem in transmitting PIN information safely. Through the proposed technique, multiple PINs containing imaginary numbers are generated and transmitted as processed values such as hash values, thereby ensuring the stability of transmission and enabling safe user authentication through a technique that allows the PIN to be entered without exposure.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.8 no.6
• /
• pp.835-844
• /
• 2018

Recently, as the number of smartphone users has been increasing worldwide, various services such as electronic payment, internet use, and financial settlement are being used as a smartphone. In addition, researches for home appliance control and automobile control using smartphone are conducted. As such, smartphone users can enjoy a more convenient life, but by hacking smartphones, tapping texts and conversations on smartphones, tracking location through spy apps, DDoS attacks using smartphones, and malicious apps When a message is received at a specific telephone number when using a micropayment, the corresponding text message is transmitted to a remote server, thereby increasing the risk of leakage of personal information and the like. Therefore, in this paper, we define the risk factors of the smartphone that are caused by the internal and external environmental, physical, contents (apps) of the smartphone through the smartphone that we use in real life, We propose a method to check vulnerability of smartphone security solution such as CC evaluation and the most effective response technique for each risk of smartphone by defining the technique.

• Information Systems Review
• /
• v.7 no.2
• /
• pp.229-255
• /
• 2005

The Korea Development Bank promoted a total outsourcing for IT operation in 1999 for the first time in the banking industry. The Korea Development Bank became the center of public attention because the most banks were unwilling to take an outsourcing with external sources for the reason of financial operation accidents, securities, and threats of strikes. After the introduction of the total IT outsourcing, the Korea Development Bank has continuously diagnosed the problems of the IT outsourcing and adopted various proper complements for the enhancement of the IT outsourcing. As the result of the enhancement, the IT outsourcing of the Korea Development Bank marched into the joint liability operation period after going through the outsourcing operation period and the co-operation period. The joint liability operation which is the most leading outsourcing system which is adopted by the Korea Development Bank for the first time in the banking industry. Through the joint liability operation, the Korea Development Bank could accept the most up-to-date IT, concentrate internal manpower on the core capability, and secure flexibility of manpower. Also, the bank changed the relationship between the bank and the external sources from the one-sided relationship between a producers and a consumer to the joint liability relationship on which both sides are responsible for the operation, and could integrate the internal capacity with the professional know-how of the external IT outsourcing company. In this paper, we testified the soundness and validity for the worries of banks about the total IT outsourcing with external sources. And, we arranged the advantages and outcomes of the total IT outsourcing with external sources compared to the IT outsourcing with internal sources. Moreover, we expect that we can improve the closed financial IT outsourcing industry structure and raise the world competitive power of domestic IT outsourcing companies by correcting wrong ideas on the IT outsourcing with external sources.

• Journal of Service Research and Studies
• /
• v.5 no.2
• /
• pp.15-24
• /
• 2015

The trade balance for the information and communications technology (ICT) industries in 2014 have reached 863 hundred million dollars as the main export products such as smart phone and semi-conductor increase, since the ICT industries have played an important role in economic growth in Korea. Until now, the consistent supporting of government and investment of company have been doing with the growth of ICT industries, as a result, Korea marked as the first in the UN electronic government preparing index, and rank 12 in the network preparing index through the policy of national information and basic plan of inter-industry convergence. However, as the unstable international economic circumstances, ICT industries is faced with the stagnation, and then preemptive development of products and services for ICT convergence industries is needed to continually get definite ICT Korea image. In this paper, the ICT convergence industry is analyzed and forecasted. In specific, the international and domestic market for cloud, 3D convergence, and internet of things is diagnosed. The market for ICT convergence industries is predicted to be 3.6 trillion dollar in the world, and 110 trillion won in domestic. From the analytical results for technology and services development, the preemptive supporting of the technology development and policy for the internet of things and 3D convergence industries is required. In addition to, through the future forecasting by socio-tech matrix method, the policy supporting for the ICT convergence area of healthcare, fintech, artificial intelligence, body platform, and human security is needed.