• International Commerce and Information Review
• /
• v.2 no.1
• /
• pp.149-158
• /
• 2000

[ $\Box$ ]무역업계는 인터넷의 발전에 따라 급속히 사이버화 하고 있는 무역환경에 적극적으로 대응하기 위해 사이버무역의 도입과 활성화를 위한 움직임을 급속히 확대하고 있는 것으로 나타났다. - 조사대상업체의 절반이 넘는(51.8%) 업체들이 자사제품 홍보, 거래선 발굴, 오퍼 및 거래협상 둥 각종 무역업무에 인터넷을 이용하고 있는 것으로 나타났다. - 그러나 무역업계의 사이버무역 활용은 아직 초기단계 수준으로, 이용업체의 절반이상(57.3%)은 작년(1999년) 이후에 처음으로 사이버무역을 시작하였으며 사이버무역에 의한 수출비중도 10% 미만(1999년: 8.8%)의 낮은 수준인 것으로 조사되었다. - 반면, 향후 무역업계의 사이버무역 도입 확대와 수출비중 증가는 가속화될 것으로 나타나, 2000년에는 사이버무역 비중이 전년보다 두 배 이상 늘어난 18.7%에 달할 것으로 예상되었으며, 특히 중소기업의 경우 사이버무역 비중이 상대적으로 대기업보다 커질 것으로 전망되었다. $\Box$ 무역업계가 사이버무역을 도입하는 이유로는 "해외시장 개척효과" 때문이라는 응답이 가장 많았으며, 다음으로 "수출업무 신속화률 통한 인건비 절감"과 "광고비의 절약" 등의 효과를 염두에 두고 있는 것으로 나타났다. - 따라서 여러 수출단계 중에서도 "해외거래선 발굴"， "해외시장정보의 수집", "자사 제품의 해외 홍보" 등 주로 시장개척과 마케팅단계에서 사이버무역이 가장 많이 활용되고 성과도 큰 것으로 나타났다. - 시장개척과 마케팅을 위하여 약 40%의 무역업체가 무역거래 알선 사이트를 이용하고 있으며 특히 중소기업의 활용이 두드러진 것으로 파악되었다. - 반면, 사이버무역 활동이 애로를 겪고 있는 수출단계로는 "대금결제, 물류 유통", "신용조회", "거래계약 체결" 등의 순으로 조사되었는데, 이는 국제적 인증제도의 미비, 신용조사에 대한 공신력 부족 둥이 주된 요인인 것으로 분석되었다. $\Box$ 한편, 무역업계는 사이버무역의 필요성과 활용성과에 대해 긍정적인 인식을 갖고 있으나, 사이버무역을 활성화하는데 필요한 인프라로서 사이버 무역 전문인력이나 인터넷 통신환경 등은 아직 만족할 만한 수준이 못 되는 것으로 조사되었다. - 사이버인력 부문에서는 무역업무 종사자 중 인터넷 활용직원의 비율이 50%가 되지 않는 업체가 전체의 절반을 넘고 있으며, 특히 중소기업의 인터넷 활용 직원의 비율이 대기업에 비해 낮은 것으로 나타났다. - 향후 무역업체가 10명의 무역인력을 채용한다고 가정할 경우, 평균 4.5명을 사이버무역 전문인력으로 채용할 계획이라고 밝히고 있으며, 중소기업(4.7명)이 대기업(3.4명)보다 사이버무역 전문인력에 대한 수요가 더 큰 것으로 나타나 이에 대한 대책이 시급한 것으로 파악되었다. - 인터넷 전용선 설치비율도 전체적으로 40%대에 그치고 있으며, 특히 중소기업의 경우 전용선 이용비율(38.5%)이 대기업(80%)의 절반에도 못미치는 열악한 수준에 있어 중소기업의 사이버 무역이용에 하나의 걸림돌이 되고 있는 것으로 조사되었다. $\Box$ 사이버 무역활성화를 위해 가장 시급한 과제로는 "사이버무역 전문인력 확충을 위한 체계적 교육 및 훈련제공"과 "사이버무역 관련법규 및 제도의 마련"으로 나타나, - 정부나 유관기관이 앞장서서 사이버무역 관련 교육프로그램의 개발, 자격시험제도의 도입 등과 아울러 대외무역법 둥 관련법률 및 제도를 정비해 줄 것을 무역업계에서 기대하는 것으로 지적되었다.

• The Journal of Information Technology
• /
• v.6 no.4
• /
• pp.147-162
• /
• 2003

The technique of information-communication rapidly developed has made it possible for us to do business through Internet. Electronic commerce was increased rapidly by the explosive development of the inter and communication revolution. E-Commerce has created a fundamentally new way of conduction and will change drastically accepted ways of doing business. Normally international trade has been formulated in a way that exporters and importers meet face-to-face and contract and pay by letter of credits. For the global electronic commerce to vitalized, the outstanding matters should encourage the creation of infrastructure of information security and new models in the field of electronic payment systems, electronic commerce agreement for remedy, adapting electronic date interchange in transport documents and negotiability of electronic bills of lading. The payment systems such as electronic fund transfers, tradecard system and electronic letters of credits issued by SWIFT system permit the parties concerned(sellers, buyers ad service providers) to settle payment electronically. Still they are many limitations for complete international electronic transactions. The following measures have to be taken to vitalize electronic trade transactions. It is needed to acquire information security such as authenticity, integrity, non-repudiation and confidentiality. All kinds of documents need to be replaced by electronic date exchange and the legal structure of international convention, national law for electronic payment systems have to be completed. Also a detailed guide of the banking operation and developing rules for electronic letters of credits need to be provided to adopt eUCP rules for the electronic presentation of documents.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1243-1257
• /
• 2019

With the emergence of the IoT environment, various smart devices provide consumers with the convenience and various services. However, as security threats such as invasion of privacy have been reported, the importance of security issues in the IoT environment has emerged, and in particular, the security problem of key management has been discussed, and the PUF has been discussed as a countermeasure. In relation to the key management problem, a protocol using MIPUF has been proposed for the security problem of the group key management system. The system can be applied to lightweight IoT environments and the safety of the PUF ensures the safety of the entire system. However, in some processes, it shows vulnerabilities in terms of safety and efficiency of operation. This paper improves the existing protocol by adding authentication for members, ensuring data independence, reducing unnecessary operations, and increasing the efficiency of database searches. Safety analysis is performed for a specific attack and efficiency analysis results are presented by comparing the computational quantities. Through this, this paper shows that the reliability of data can be improved and our proposed method is lighter than existing protocol.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.151-164
• /
• 2009

The importance of sensor networks as a base of ubiquitous computing realization is being highlighted, and espicially the security is recognized as an important research isuue, because of their characteristics.Several efforts are underway to provide security services in sensor networks, but most of them are preventive approaches based on cryptography. However, sensor nodes are extremely vulnerable to capture or key compromise. To ensure the security of the network, it is critical to develop security Intrusion Detection System (IDS) that can survive malicious attacks from "insiders" who have access to keying materials or the full control of some nodes, taking their charateristics into consideration. In this perper, we design a distributed and adaptive IDS architecture on sensor networks, respecting both of energy efficiency and IDS efficiency. Utilizing a modified HEED algorithm, a clustering algorithm, distributed IDS nodes (dIDS) are selected according to node's residual energy and degree. Then the monitoring results of dIDSswith detection codes are transferred to dIDSs in next round, in order to perform consecutive and integrated IDS process and urgent report are sent through high priority messages. With the simulation we show that the superiorities of our architecture in the the efficiency, overhead, and detection capability view, in comparison with a recent existent research, adaptive IDS.

• Journal of Information Management
• /
• v.43 no.1
• /
• pp.63-87
• /
• 2012

This study aims to analyse the actual condition of the ebook services and propose the improvements of ebook services for children in the Korean public library. For this purpose, the current condition of the ebook services in the public libraries were analyzed and categorized by three criteria. Secondly, the ebook use analysis was conducted using PCs and mobile devices in terms of access to ebook library site, searching method, contents type and viewer, lending process, and user help. As a result of the analysis, several issues such as the difficulty in access to ebook site, the complexity of setting and usage depending on the file format, the insufficient user guide, the relatively lower quality service than the commercial's, and the lack of retrieval functions specialized for the ebook were presented. The improvement plan for the ebook services, especially for children in the public library was suggested.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.2
• /
• pp.37-48
• /
• 1999

The Internet has been used as the academic researching purposes. Nowadays accordance with improving and being familiar with the World-Wide Web Many people are giving it a try to use the Internet as commerce markets. The noticeable example of internet-based use of the commerce is the Internet shopping mall. Using the WWW companies exhibit their products and users select the ones and take the payment for ones in the on-line Increasing the the Internet shopping mall there needs to be the countermeasure that companies and clients must verify each other. In this paper there are explained the development credit authentication system of the Internet shopping mall and the construction of the trusted environment clients can use Internet shopping mall. That is to develop the credit authentication system the credit-rating of Internet shopping mall can be sent securely and easily to clients and the information of credit-ranting cannot be eavesdropped.

• Smart Media Journal
• /
• v.11 no.3
• /
• pp.54-61
• /
• 2022

With the increase in the types of information systems managed by public institutions and companies, a security certification system is being implemented in Korea to quickly respond to vulnerabilities that may arise due to insufficient security checks. The korea security evaluation system, such as ISMS-P, performs a systematic security evaluation for each category by dividing the categories for technical inspection items. NIST in the United States has developed SCAP that can create security checklists and automate vulnerability checks, and the security checklists used for SCAP can be written in OVAL. Each manufacturer prepares a security check list and shares it through the SCAP community, but it's difficult to use it in Korea because it is not categorized according to the korea security evaluation system. Therefore, in this paper, we present a mechanism to categorize the OVAL definition, which is an inspection item written in OVAL, to apply SCAP to the korea security evaluation system. It was shown that 189 out of 230 items of the Red Hat 8 STIG file could be applied to the korea security evaluation system, and the statistics of the categorized Redhat definition file could be analyzed to confirm the trend of system vulnerabilities by category.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.33-40
• /
• 2021

Automatic Speech Recognition(ASR) is a technology that analyzes human speech sound into speech signals and then automatically converts them into character strings that can be understandable by human. Speech recognition technology has evolved from the basic level of recognizing a single word to the advanced level of recognizing sentences consisting of multiple words. In real-time voice conversation, the high recognition rate improves the convenience of natural information delivery and expands the scope of voice-based applications. On the other hand, with the active application of speech recognition technology, concerns about related cyber attacks and threats are also increasing. According to the existing studies, researches on the technology development itself, such as the design of the Automatic Speaker Verification(ASV) technique and improvement of accuracy, are being actively conducted. However, there are not many analysis studies of attacks and threats in depth and variety. In this study, we propose a cyber attack model that bypasses voice authentication by simply manipulating voice frequency and voice speed for AI voice recognition service equipped with automated identification technology and analyze cyber threats by conducting extensive experiments on the automated identification system of commercial smartphones. Through this, we intend to inform the seriousness of the related cyber threats and raise interests in research on effective countermeasures.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.4
• /
• pp.583-590
• /
• 2021

This study was attempted to identify the current status of education of gerontological nursing at nursing colleges across the country and to check whether 19 senior nursing competencies suggested by the American Association of Nursing Colleges are reflected in the courses. The subjects of this study were 198 nursing education institutions accredited by KABONE, and each university's website, department homepage, university handbook, admission-related information, curriculum table, and syllabus were collected and analyzed through an internet search engine. The collected syllabus and the most recent curriculum table of the elderly nursing course were checked and analyzed using SPSS 23.0. The current status of gerontological nursing management was presented by calculating the frequency and percentage, and the educational contents presented in the syllabus were analyzed based on 19 geriatric nursing competencies presented by AACN. 185 institutions (93.43%) operated the geriatric nursing subjects, 98 institutions (49.49%) offered theory subject, and 84 institutions (42.42%) offered both theory and practice. In the case of compulsory majors, 52.92% had the most, 27.84% for the first semester of the 4th year, and 53.54% for 2 credits. As a result of analyzing the lesson plan, communication-related educational competency was included in 40% of cases. As AACN gerontological nursing competency 'effective information provision ability for the elderly', 'ethical and non-coercive decision-making', 'care without restraint', 'safe and effective transition across levels of care' was not included in the education content. In conclusion, gerontological nursing education has been focused on disease, and effective information provision capabilities including communication with the elderly need to be reflected.

• Journal of Internet Computing and Services
• /
• v.23 no.5
• /
• pp.69-78
• /
• 2022

As the use of Internet of Things (IoT) devices has expanded, digital forensics coverage of the National Police Agency has expanded to smart home areas. Accordingly, most of the existing studies conducted to acquire smart home platform data were mainly conducted to analyze local data of mobile devices and analyze network perspectives. However, meaningful data for evidence analysis is mainly stored on cloud storage on smart home platforms. Therefore, in this paper, we study how to acquire stored in the cloud in a Hey Home Air environment by extracting accessToken of user accounts through a cookie database of browsers such as Microsoft Edge, Google Chrome, Mozilia Firefox, and Opera, which are recorded on a PC when users use the Hey Home app-based "Hey Home Square" service. In this paper, the it was configured with smart temperature and humidity sensors, smart door sensors, and smart motion sensors, and artifacts such as temperature and humidity data by date and place, device list used, and motion detection records were collected. Information such as temperature and humidity at the time of the incident can be seen from the results of the artifact analysis and can be used in the forensic investigation process. In addition, the cloud data acquisition method using OpenAPI proposed in this paper excludes the possibility of modulation during the data collection process and uses the API method, so it follows the principle of integrity and reproducibility, which are the principles of digital forensics.