• International Journal of Internet, Broadcasting and Communication
• /
• v.8 no.1
• /
• pp.7-18
• /
• 2016

Several authentication methods have been developed to make use of tokens in the mobile networks and smart payment systems. Token used in smart payment system is genearated in place of Primary Account Number. The use of token in each payment transaction is advantageous because the token authentication prevents enemy from intercepting credit card number over the network. Existing token authentication methods work together with the cryptogram, which is computed using the shared key that is provisioned by the token service provider. Long lifetime and repeated use of shared key cause potential brawback related to its vulnerability against the brute-force attack. This paper proposes a per-transaction shared key mechanism, where the per-transaction key is agreed between the mobile device and token service provider for each smart payment transaction. From server viewpoint, per-transaction key list is easy to handle because the per-transaction key has short lifetime below a couple of seconds and the server does not need to maintain the state for the mobile device. We analyze the optimum size of the per-transaction shared key which satisfy the requirements for transaction latency and security strength for secure payment transactions.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.6
• /
• pp.37-42
• /
• 2015

In this paper, we propose malware database in mobile memory for realtime malware URL detection and we support realtime malware URL detection engine, that is control the web service for more secure mobile service. Recently, mobile malware is on the rise and to be new threat on mobile environment. In particular the mobile characteristics, the damage of malware is more important, because it leads to monetary damages for the user. There are many researches in cybercriminals prevention and malware detection, but it is still insufficient. Additionally we propose the method for prevention Smishing within SMS, MMS. In the near future, mobile venders must build the secure mobile environment with fundamental measures based on our research.

• Journal of Convergence Society for SMB
• /
• v.5 no.4
• /
• pp.25-30
• /
• 2015

Recently, interest in Fin-Tech, a compound word of finance and technology, has been increased. However, Fin-Tech that is a mixture of finance and IT is exposed in terms of security. In this paper, we propose a method to solve the security-related problem that occurs in the financial sector where the Fin-Tech is used. Proposed method found out different problems of services which are provided by companies through a variety of financial sectors and described a method to facilitate the security service. In particular, proposed method presents a service plan to secure safety and to minimize the damage. Also, proposed method set an objective to stabilize financial services based on analyzed result after analyzing the problems of existing FinTech security services.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.839-842
• /
• 2005

As various mobile technologies, sensor technologies, and remote control technologies are growing and quality of life is enhanced, researches and developments on home network are actively on going. Currently, some network service providers and construction corporations are going to provide home network service, but neither secure nor efficient, So, in this paper, we propose a security framework for providing various secure user authentication mechanisms and efficiently controlling services in home network. Namely, we are going to provide active home network security services with home gateway-based security policy, which locates on the gateway of each home.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.2
• /
• pp.587-608
• /
• 2022

The European Union recently established the General Data Protection Regulation (GDPR) for secure data use and personal information protection. Inspired by this, South Korea revised their Personal Information Protection Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, and the Credit Information Use and Protection Act, collectively known as the "Three Data Bills," which prescribe safe personal information use based on pseudonymous data processing. Based on these bills, the personal data store (PDS) has received attention because it utilizes the MyData service, which actively manages and controls personal information based on the approval of individuals, and it practically ensures their rights to informational self-determination. Various types of PDS models have been developed by several countries (e.g., the US, Europe, and Japan) and global platform firms. The South Korean government has now initiated MyData service projects for personal information use in the financial field, focusing on personal credit information management. There is also a need to verify the efficacy of this service in diverse fields (e.g., medical). However, despite the increased attention, existing MyData models and frameworks do not satisfy security requirements of ensured traceability, transparency, and distributed authentication for personal information use. This study analyzes primary PDS models and compares them to an internationally standardized framework for personal information security with guidelines on MyData so that a proper PDS model can be proposed for South Korea.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.2
• /
• pp.105-114
• /
• 2013

Expansion and growth of body information monitoring service based on WBAN technology speeds up technological evolution in bio-signal detection and measurement, real time monitoring of vital sign and telemedicine control. It is essential for taking action against such technological evolution that newest technology trend and standardization issue should be included in designing and materializing body-information monitoring system strategically to secure preceding technology and to preoccupy market. This paper investigates and analyzes technological trend & issues, and suggests task to take action technologically.

• Journal of Korean Library and Information Science Society
• /
• v.35 no.1
• /
• pp.187-213
• /
• 2004

Nowadays changes of financial environment are internalization, generalization and autonomous system. The most importance in a struggle for existence is to secure a customer. The purpose of this study is to analyze whether information on financial service accounts have fully offered over internet, which information consumers needed in buying financial service accounts and whether consumer have satisfied with offered information Through this, to enhance the efficiency of financial information offered to consumer over internet and to explore the consumer demanding information model by finding the problems of offering financial information. The specific purpose of this study me following; 1. to investigate the actual situation which consumers behaviour of information providing and choosing about financial accounts items on internet. 2. to analyze the relationship between the level of consumer information need about financial information and rotated variables. 3. to analyze the relationship between the level of consumer information satisfaction about financial information over internet and related variables. 4. to analyze the new information financial service and contents. 5. to analyze the informatic information and financial service accounts.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.999-1008
• /
• 2004

The Jini system provides an infrastructure to facilitate a programmer to develop distributed systems. As one of the Jini services, JavaSpare has been used as a repository which is accessible publicly in the Java distributed environment. Although JavaSpace could give a useful method for saving and sharing java object, it would not be applicable to develop a distributed system requiring access securities for the objects because JavaSpare does not support secure access control. In this paper, we present a secure JavaSpare service based on Jini2.0 named SeureJS, which strengthens the security weakness of JavaSpare. The system consists of ObjectStore to store Java objects, AccessManager to control access of ObjectStore and KeyManager to manage public keys.

• Journal of Communications and Networks
• /
• v.14 no.6
• /
• pp.597-605
• /
• 2012

With the smart grid coming near, wide-area supervisory control and data acquisition (SCADA) becomes more and more important. However, traditional SCADA systems are not suitable for the openness and distribution requirements of smart grid. Distributed SCADA services should be openly composable and secure. Event-driven methodology makes service collaborations more real-time and flexible because of the space, time and control decoupling of event producer and consumer, which gives us an appropriate foundation. Our SCADA services are constructed and integrated based on distributed events in this paper. Unfortunately, an event-driven SCADA service does not know who consumes its events, and consumers do not know who produces the events either. In this environment, a SCADA service cannot directly control access because of anonymous and multicast interactions. In this paper, a distributed security framework is proposed to protect not only service operations but also data contents in smart grid environments. Finally, a security implementation scheme is given for SCADA services.

• Proceedings of the Korean Society of Surveying, Geodesy, Photogrammetry, and Cartography Conference
• /
• 2006.04a
• /
• pp.111-118
• /
• 2006

The LBS (Location Based Service) location information is the element which is important decides the application of form service, Recently the location accuracy with the method which applies the wireless Internet DGPS improved inside 1 meter Like this. application of the LBS which corresponds In the location accuracy which Improves accurate the Location Information output system development which is accurate stands is essential. In this study which it sees it used 1:5000 digital map MS visual 6.0 Active X controls of the country geography intelligence Personnel and it developed the location information output module of web browser base. The location information output system which is developed it will be able to secure the convenient characteristic of precision and visual program of the digital map simultaneously and the maximum anger of LBS application is expected.