• Advances in environmental research
• /
• v.12 no.2
• /
• pp.113-122
• /
• 2023

Biometric authentication has become an essential part of modern-day security systems, especially in financial institutions like banks. A face recognition-based ATM is a biometric authentication system, that uses facial recognition technology to verify the identity of bank account holders during ATM transactions. This technology offers a secure and convenient alternative to traditional ATM transactions that rely on PIN numbers for verification. The proposed system captures users' pictures and compares it with the stored image in the bank's database to authenticate the transaction. The technology also offers additional benefits such as reducing the risk of fraud and theft, as well as speeding up the transaction process. However, privacy and data security concerns remain, and it is important for the banking sector to instrument solid security actions to protect customers' personal information. The proposed system consists of two stages: the first stage captures the user's facial image using a camera and performs pre-processing, including face detection and alignment. In the second stage, machine learning algorithms compare the pre-processed image with the stored image in the database. The results demonstrate the feasibility and effectiveness of using face recognition for ATM authentication, which can enhance the security of ATMs and reduce the risk of fraud.

• Journal of the Society of Disaster Information
• /
• v.17 no.2
• /
• pp.218-225
• /
• 2021

Purpose and Method: Financial field among the various changes due to the nationalization of fire fighting officials is the main point and to stably settle according to the purpose, improvement of special account for fire fighting officials is suggested by analyzing the facts and related acts. Results: To use the fire fighting project budget entirely in fire fire fighting project by the purpose of the installation of special account for fire fighting officials, dual budgeting standard for labor cost should be revised. In the reserve cost budgeting standard "Within 1/100 of the total budget rule" total budget includes the labor cost, as a result reserve cost budget will keep increase, so reserve cost budget should be fixed by the project budget instead of the total budget. Conclusion: To use the fire fighting budget by the purpose of the installation of special account for fire fighting officials, improvement on budgeting standard is necessary to increase quality of the fire service and stably operate the fire fighting organization.

• Korean Security Journal
• /
• no.12
• /
• pp.271-289
• /
• 2006

Private security industry in South Korea has rapidly been growing in recent years. However, such a rapid growth is being criticized for its focus on external results, which has produced a number of problems. The continued growth of private security industry can be only based upon substantive and qualitative development. In this aspect, it is necessary to consider the global trends of the private security industry, particularly the recent trends of the U. S. security industry which has led the global security industry. This is because the recent trends of the U. S. private security industry would guide the future direction of the private security industry in South Korea. The U. S. private security industry has been replacing the role of law enforcement agencies including the police, from crime prevention to investigation and disaster management, not to mention asset protection and loss prevention. The recent trends of the U. S. security industry appears to be summarized by such characteristics as variety, specialty, and integration, which might account for the structural problem of the private security industry in South Korea. In short, the substantive and qualitative development of the private security industry in South Korea should be accomplished by strengthening its specialty and integration, and also widening its variety.

• The Journal of Society for e-Business Studies
• /
• v.24 no.4
• /
• pp.79-107
• /
• 2019

Traditionally banks and other financial institutions use customers' accounts and information managed by them and provide payment services in dominant positions. Recently, EU amends Payment Services Directive to institutionally guarantee access to customers' accounts and use of account-related information even to third parties, which facilitates competition in financial markets and promotes innovation. However, this kind of change can increase potential security risks and therefore institutional responses from financial authorities are required so that all participants in financial markets can properly respond to security risks. In this study institutional responses to the security risks in the EU's new Payment Services Directive (PSD2) are analyzed, comparisons between this and domestic electronic financial regulations are analyzed, and implications for the direction of improving domestic electronic financial regulations will be suggested.

• Journal of Korea Multimedia Society
• /
• v.16 no.1
• /
• pp.87-99
• /
• 2013

The demands of IC card payment system has been increased according to the rapid advancement of the IT convergence application technologies. Recently IC card payment systems are in demands of the usage space at anytime and anywhere by developing the wireless communication technology and its related multimedia processing technology. Therefore the security of IC card payment system becomes more important and necessary. There are many fault analysis methods to evaluate the security and safety of information systems according to their characteristics and usages. However, the only assessment method to evaluate the security of information systems is not enough to analyse properly on account of the various types and characteristics of information systems by the progress of IT convergence and their applications. Therefore, this paper proposes an integrative method of the Fault Tree Analysis (FTA) and Fault Modes and Effect Analysis/Criticality (FMEA/C) based on criticality to evaluate and improve the security of IC card payment system as an illustration.

• KIPS Transactions on Software and Data Engineering
• /
• v.2 no.1
• /
• pp.7-18
• /
• 2013

These days, the teaching and learning system has been increasing for the rapid advancement of the information technologies. We can access education systems of good quality anytime, anywhere and we can use the individually personalized teaching and learning system depending on developing the wireless communication technology and the multimedia processing technology. The more the various systems develop, the more software security systems become important. There are a lot kind of fault analysis methods to evaluate software security systems. However, the only assessment method to evaluate software security system is not enough to analysis properly on account of the various types and characteristic of software systems by progressing information technology. Therefore, this paper proposes an integrative method of Fault Tree Analysis (FTA) and Fault Modes and Effect Analysis(FMEA) to evaluate the security of e-teaching and learning system as an illustration.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.332-338
• /
• 2021

Civil aviation cybersecurity challenges are global in nature and must be addressed using global best practices and the combined efforts of all stakeholders. This requires the development of comprehensive international strategies and detailed plans for their implementation, with appropriate resources. It is important to build such strategies on a common methodology that can be applied to civil aviation and other interrelated critical infrastructure sectors. The goal of the study was to determine the methodological basis for developing an international civil aviation cybersecurity strategy, taking into account existing experience in strategic planning at the level of international specialized organizations. The research was conducted using general scientific and theoretical research methods: observation, description, formalization, analysis, synthesis, generalization, explanation As a result of the study, it was established the specifics of the approach to formulating strategic goals in civil aviation cybersecurity programs in the documents of intergovernmental and international non-governmental organizations in the aviation sphere, generally based on a comprehensive vision of cybersecurity management. A comparative analysis of strategic priorities, objectives, and planned activities for their implementation revealed common characteristics based on a single methodological sense of cybersecurity as a symbiosis of five components: human capacity, processes, technologies, communications, and its regulatory support. It was found that additional branching and detailing of priority areas in the strategic documents of international civil aviation organizations (by the example of Cybersecurity Strategy and Cybersecurity Action Plan) does not always contribute to compliance with a unified methodological framework. It is argued that to develop an international civil aviation cybersecurity strategy, it is advisable to use the methodological basis of the Cyber Security Index.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.103-118
• /
• 2002

To provide the privacy of transmitted message over network the use of cryptographic system is increasing gradually. Because the security and reliability of the cryptographic system is totally rely on the key, the key management is the most important part of the cryptographic system. Although there are a lot of security products providing encryption, the security of the key exchange protocols used in the product are not mostly proved yet. Therefore, we have to study properties and operation of key agreement protocols based on elliptic curve in ANSI X9.63. furthermore, we analyze the security of their protocols under passive and active attacker models and propose the most suitable application field taking the feature of the protocols into account.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.797-808
• /
• 2012

In smart work environment, a company provides employees a flexible work environment for tele-working using mobile phone or portable devices. On the other hand, such environment are exposed to the risks which the attacker can intrude into computer systems or leak personal information of smart-workers' and gain a company's sensitive information. To reduce these risks, the security administrator needs to analyze the usage patterns of employees and detect abnormal behaviors by monitoring VPN(Virtual Private Network) access log. This paper proposes a decision support system that can notify the status by using visualization and similarity measure through clustering analysis. On average, 88.7% of abnormal event can be detected by this proposed method. With this proposed system, the security administrator can detect abnormal behaviors of the employees and prevent account theft.

• Journal of Internet of Things and Convergence
• /
• v.7 no.1
• /
• pp.1-7
• /
• 2021

The IoT market continues to expand and grow, but the security threat to IoT devices is also increasing. However, it is difficult to apply the security technology applied to the existing system to IoT devices that have a problem of resource limitation. Therefore, in this paper, we present a service that can improve the security of IoT devices by presenting authentication and lightweight cryptographic algorithms that can reduce the overhead of applying security features, taking into account the nature of resource limitations of IoT devices. We want to apply these service to home network IoT equipment to provide security. The authentication and lightweight cryptographic algorithm application protocols presented in this paper have secured the safety of the service through the use of LEA encryption algorithms and secret key generation by users, IoT devices and server in the IoT environment. Although there is no difference in speed from randomly generating secret keys in experiments, we verify that the problem of resource limitation of IoT devices can be solved by additionally not applying logic for secret key sharing to IoT devices.