• Journal of Digital Convergence
• /
• v.14 no.9
• /
• pp.287-299
• /
• 2016

The electronic transactions over the Internet are growing across the world recently. There have been a lot of identity theft incidents during these online transactions nowaday. Therefore, a high level of identity proofing shall be carried out when using online services to deal with these matter. To prevent this kind of incident, i-PIN was introduced in Korea, which is used as an Internet Personal Identification Number. The i-PIN is designated to provide an online identification of the Internet users. As such, the unique identification numbers are provided to the internet service providers. This paper is to analyze the capabilities that the i-PIN provides, to propose the assurance security model for i-PIN. Furthermore, the security analysis results are presented. The result of this paper can be applicable to improve the applicabilities of the i-PIN.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.551-554
• /
• 2006

보안 침해사고시 수집된 디지털 증거를 법적 증거로써 제출하기 위해 신뢰성이 확보되어야한다. 이를 위한 디지털 증거 무결성 보증 기법들중 MDC를 사용한 디지털 증거 무결성 보증 기법은 MDC값을 공격자가 위조 변조 할 수 있다는 단점이 있다. 또 PKI를 이용한 공증 방식은 기존의 증거 수집 시스템을 수정해야 하는 단점과 새로 시스템을 도입하기 위한 비용이 많이 드는 단점이 있다. 따라서 본 논문에서 제안하는 디지털 증거 보호 기법은 Diffie-Hellman(DH) 키 교환 알고리즘을 이용하여 생성된 비밀키와 디지털 증거 수집 대상 시스템(Collecotion System-CS)의 하드웨어 정보($HW_{CS}$)로 디지털 증거(D), 디지털 증거에 대한 해쉬값(H(D))과 타임스탬프(Time)를 암호화해서 디지털 증거에 대한 기밀성, 인증 및 무결성을 보증하는 기법을 제안하였다.

• Journal of Advanced Navigation Technology
• /
• v.14 no.2
• /
• pp.247-252
• /
• 2010

According to IT technology has evolved, a lot of information are moving through network. The correct internet users can obtain useful information. But incorrect users expose information and cause various damage for malicious purpose. To solve this problem, various information security products are being developed. For development of secure information security product, the development process should be secure. Also evaluation system is being used about product evaluation and security module for the assurance of secure product. In this paper, we proposed assurance system for secure development of information security product. Therefore this paper proposed more secure product development and assurance scheme.

• The KIPS Transactions:PartD
• /
• v.11D no.5
• /
• pp.1105-1122
• /
• 2004

The organization and company's effort to improve software qualify contributes to the increase of software productivity and quality in some sense. However, it has not been a solution of root causes. This result is caused not because of people or technology, but process in-stitutionalization. Recently SQA (Software Quality Assurance), which provide mechanism to make sure that the software development process and products follow the assigned requirements, plan and standards, is applied to achieve the quality improvements. Several standards and models are developed for SQA activities. However, those standards and mode]s are written in form and do not provide information related to the detailed procedures, methods and outputs. Therefore, the organizations that want to adopt those models or standards have to put a lot of effort to acquire the knowledge about the models and to set up SQA Process that is tailored to meet organization's goal and objectives. In this research, we developed SQA support package to support the organization to develop their SQA process in more convenient and systematic ways. With this package, the organizations can establish SQA Process by tailoring those features necessary to reflect organization's characteristics. We expect this package contribute the organizations in a way that it reduce the effort and cost for establishing SQA process.

• Communications of the Korean Institute of Information Scientists and Engineers
• /
• v.18 no.1
• /
• pp.53-61
• /
• 2000

• Korea Information Processing Society Review
• /
• v.14 no.6
• /
• pp.72-82
• /
• 2007

• The KIPS Transactions:PartD
• /
• v.14D no.3 s.113
• /
• pp.319-328
• /
• 2007

As the coverage of Web services become wider and the number of implementation cases is growing, the importance of applying the Web services quality model to real world is increased. For maintaining the level of Web services qualify, it should be required to study on assurance method of Web services qualify level. Assurance for Web services, which is newly proposed by OASIS TC, means the totality of activities for managing the quality level of them. For managing Web service quality, Web service associates could usually use SLA(Service Level Agreement) method in which a service consumer contracts for some service level with a service provider and gives for penalty or pays incentives according to the result of evaluation of services. But, there are some difficulties in applying SLA to Web services, because Web services have publicity, multiple users, and 3rd party for management. So, we need a new assurance method for Web service by considering the characteristics of Web services. This paper provides the new concept of committed assurance level for Web services. This concept can be defined as the set of maximum level of quality expected by each user, which provide the consistent view of Web service quality. This paper presents the method for duality associates to preserve some quality level of Web service by using this concept.

• 한국벤처창업학회:학술대회논문집
• /
• 2019.11a
• /
• pp.153-155
• /
• 2019

최근 국내 외를 불문하고 IT기술의 비약적인 발전에 따라 금융분야에서도 금융과 기술이 결합된 새로운 형태의 금융서비스가 다양하게 개발되고 있다. 그러나, 개인금융시장의 비약적 발전에도 불구하고, 기업금융시장에서의 핀테크 활용은 아직까지 미미한 실정이다. 기업 신용평가는 재무제표 위주의 정태적(static) 과거 정보 위주로 이루어지고 있어 업력이 짧고 규모가 영세한 중소기업의 금융접근에 제약이 존재한다. 또한, 중소기업의 인력이 부족한 상황에서 모든 거래를 일일이 금융기관을 방문하여 처리해야 하는 불편함도 애로사항으로 파악되었다. 이러한 한계를 해소하기 위해 신용보증기금은 빅데이터 활용과 비대면 채널에 주목하였다. 본 보고서는 신용보증기금이 빅데이터와 비대면 채널을 활용하여 중소기업의 금융접근성을 향상시킨 사례에 대하여 소개하고자 한다. 첫 번째로, 신보는 기존에 활용되지 못한 동태적(dynamic) 빅데이터를 활용하여 기업의 현재 새로운 신용평가모형을 개발하였다. 두 번째로, 신보는 중소기업의 금융거래 편의성 향상을 위해 비대면 금융업무 플랫폼을 도입하였다. 신보는 이를, 데이터 수집이 체계적이고 정교해야 하며, 중소기업 관련 데이터가 공유되어야 한다는 정책적 시사점을 발견하였다. 이러한 정책적 시사점을 바탕으로 신보는 이제 기업 데이터 뱅크(Data Bank)로서의 역할을 도모하고 있으며, 더 나은 기업정보 생태계를 구현하고자 한다. 이를 통해 신보의 신기술을 활용한 중소기업 금융접근성 제고 사례가 핀테크를 활용한 공공기관의 금융정책 수립에 유용한 사례가 될 수 있을 것으로 기대한다.

• Journal of the Korea Society of Computer and Information
• /
• v.6 no.3
• /
• pp.152-161
• /
• 2001

Zipper manufacturing belongs to the small and medium industry. And it requires very accurate process and perfect quality control. In addition it is necessary to assure customers zipper qualify to explore new market. TQC as well as integration of existing quality control techniques for accurate and perfect processing should be implemented to assure product quality. To implement TQC zipper firms should invest in education programs for employees. Y zipper firm has succeeded in implementing the education program for TQC and Quality Circle and achieved the perfect quality control and quality assurance of products.

• The KIPS Transactions:PartD
• /
• v.11D no.4
• /
• pp.917-928
• /
• 2004

Common Criteria as ISO/IEC 15408 is used to assure and evaluate IT system security. As the Prime class of security assurance requirement, CM Configuration Management needs the more principled quality activities and practices for developer must be supported. So in this paper, we propose the well-defined CM method as guideline for TOE developer based on Process model including common criteria and develop the CMPET a quantitative process evaluating tool for CM using checklist. It can support useful process analyzing data to developer, evaluator and user.