• Journal of Internet Computing and Services
• /
• v.22 no.5
• /
• pp.69-77
• /
• 2021

The main channels of the financial industry are rapidly changing to mobile. In this environment, banks are focusing on information and communication technology to secure their competitiveness, and rapid innovation is being pursued especially in the payment settlement sector. In October 2019, Korea also introduced open banking services to accelerate the financial innovation, such as the open conversion of financial settlement networks and the expansion of the use of simple payments. In this paper, an empirical study was conducted on the effect of domestic open banking quality factors on usage intention. The service quality factors for open banking were classified into interface design, innovation, security, and data sharing, and the technology acceptance model (TAM) was used to verify whether it has a significant effect on perceived convenience, usefulness and intention to use. According to the analysis results, while innovation and security did not have a significant effect on convenience and usefulness, interface design and data sharing were found to have an effect on perceived convenience. The results would provide implications for some quality issues for companies seeking to introduce open banking services as well as for the related academic arena.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.545-558
• /
• 2021

Recently, Confidential computing plays an important role in next-generation cloud technology along with the development of trusted execution environments(TEEs), as it guarantees the trustworthiness of applications despite of untrusted nature of the cloud. Both academia and industry have actively proposed commercialized confidential computing solutions based on Intel SGX technology. However, the lack of clear criteria makes developers difficult to select a proper confidential computing framework among the possible options when implementing TEE-based cloud applications. In this paper, we derive baseline metrics that help to clarify the pros and cons of each framework through in-depth comparative analysis against existing confidential computing frameworks. Based on the comparison, we propose criteria to application developers for effectively selecting an appropriate confidential computing framework according to the design purpose of TEE-based applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.4
• /
• pp.3-11
• /
• 2004

The XML has been becoming a basis of the related application and industry standards with proliferation of electronic transactions on the web, and the standardization on XML Signature, which can be applied to the digital contents including XML objects from one or more sources, is in the progress through a joint effort of W3C(World Wide Web Consortium) and IETF(Internet Engineering Task Force). Along with this trend, the development of products implementing XML Signature has been growing, and the XML Signature products are required to implement the relevant standards correctly to guarantee the interoperability among different XML Signature products. In this paper, we propose a conformance testing method for testing the XML Signature products, which includes a testing procedure and test cases. The test cases were obtained through analysis of XML Signature standards. Finally we describe the design and uses of our XML Signature conformance testing tools which implements our testing method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.57-68
• /
• 2004

Recently, Radio Frequency Identification (RFID) systems stands in the spotlight of industry as a common and useful tool in manufacturing, supply chain management (SCM) and stock management. In the near future, low-cost RFID Electronic Product Code; (EPC) or smart-labels may be a practical replacement for optical barcodes on consumer items. However, manufacturing cheap and small RFID tags, and developing secure RFID authentication Protocols are problems which need to be solved. In spite of advances in semiconductor technology, computation and storage ability of the tag are so limited that it is difficult and too expensive to apply existing crypto-systems to RFID tags. Thus it is necessary to create a new protocol which would require less storage space and lower computation costs and that is secure in the RFID system's environments. In this paper, we propose a RFID authentication protocol that is secure against location tracking and spoofing attacks. Our protocol can be used as a practical solution for privacy protection because it requires less computations in database than the previous RFID authentication protocol.

• International Journal of Computer Science & Network Security
• /
• v.22 no.2
• /
• pp.159-166
• /
• 2022

Artificial Intelligence has stimulated every aspect of today's life. Human thinking quality is trying to be involved through digital tools in all research areas of the modern era. The education industry is also leveraging artificial intelligence magical power. Uses of digital technologies in pedagogical paradigms are being observed from the last century. The widespread involvement of artificial intelligence starts reshaping the educational landscape. Adaptive learning is an emerging pedagogical technique that uses computer-based algorithms, tools, and technologies for the learning process. These intelligent practices help at each learning curve stage, from content development to student's exam evaluation. The quality of information technology students and professionals training has also improved drastically with the involvement of artificial intelligence systems. In this paper, we will investigate adopted digital methods in the education sector so far. We will focus on intelligent techniques adopted for information technology students and professionals. Our literature review works on our proposed framework that entails four categories. These categories are communication between teacher and student, improved content design for computing course, evaluation of student's performance and intelligent agent. Our research will present the role of artificial intelligence in reshaping the educational process.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1103-1112
• /
• 2022

Blockchain technology is widespread in everyday life and various industry fields. It guarantees integrity and transparency between blockchain network participants through a distributed ledger. The smart contract is modifying and managing the distributed ledger, which is the most important component of guaranteeing integrity and transparency of blockchain network. Still, smart contracts are also a component of blockchain networks, it is disclosed to network participants transparently. For this reason, the vulnerability of smart contracts could be revealed easily. To mitigate this, various studies are leveraging TEE to guarantee the confidentiality of smart contracts. In existing studies, TEE provides confidentiality of smart contracts but guaranteeing the integrity of smart contracts is out of their scope. In this study, we provide not only the confidentiality of smart contracts but also their integrity, by guaranteeing the CFI of smart contracts within TEE.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1139-1150
• /
• 2022

With the rapid development of SW Industry, softwares are everywhere in our daily life. The number of vulnerabilities are also increasing with a large amount of newly developed code. Vulnerabilities can be exploited by hackers, resulting the disclosure of privacy and threats to the safety of property and life. In particular, since the large numbers of increasing code, manually analyzed by expert is not enough anymore. Machine learning has shown high performance in object identification or classification task. Vulnerability detection is also suitable for machine learning, as a reuslt, many studies tried to use RNN-based model to detect vulnerability. However, the RNN model is also has limitation that as the code is longer, the earlier can not be learned well. In this paper, we proposed a novel method which applied BERT to detect vulnerability. The accuracy was 97.5%, which increased by 1.5%, and the efficiency also increased by 69% than Vuldeepecker.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.2
• /
• pp.271-277
• /
• 2022

PBFT (Practical Byzantine Fault Tolerant) is a consensus algorithm that can achieve consensus by resolving unintentional and intentional faults in a distributed network environment and can guarantee high performance and absolute finality. However, as the size of the network increases, the network load also increases due to message broadcasting that repeatedly occurs during the consensus process. Due to the characteristics of the PBFT algorithm, it is suitable for small/private blockchain, but there is a limit to its application to large/public blockchain. Because PBFT affects the performance of blockchain networks, the industry should test whether PBFT is suitable for products and services, and academia needs a unified evaluation metric and technology for PBFT performance improvement research. In this paper, quantitative evaluation metrics and evaluation frameworks that can evaluate PBFT family consensus algorithms are studied. In addition, the throughput, latency, and fault tolerance of PBFT are evaluated using the proposed PBFT evaluation framework.

• Industry Promotion Research
• /
• v.6 no.2
• /
• pp.1-10
• /
• 2021

The content of the information age does not simply convey content but includes all the transactions that arise from its interaction. The types and forms of information being traded through this interaction are recognized differently from the contents that have been passed on to mankind so far by creating new meaningful content. Because the distribution of interactive content transcending the concept of time-to-time in the network environment is an important component of access to added value in the new world, unlike the content of simple concepts seen in the products of communication so far. In this study, the purpose of this study is to recognize the current status and problems of the Korean digital content industry and to seek ways to revitalize the Korean digital content industry to lead the global market in the future. Specifically, first, we want to learn about the concept of digital content. Second, we would like to look at the industrial trends of digital content at home and abroad. Third, we present a plan to streamline digital content. Fourth, derive research results and implications. In this work, the following results are derived: First, in order for Korea to enter a digital content powerhouse, each government department must first break away from the selfishness of the ministry and actively cooperate to efficiently establish and implement various policies. Second, e-books should be introduced just as current paper and CD-ROM titles are exempt from VAT, and security solutions, related technology development, and copyright issues should be urgently addressed to revitalize the market. Third, the demand for high-quality content should increase as information infrastructure such as high-speed information and communication networks and satellite broadcasting is established.

• Journal of Korea Multimedia Society
• /
• v.19 no.5
• /
• pp.856-864
• /
• 2016

Recently, HD transmission was commonplace in the case of the terrestrial broadcasting, furthermore, 4k UHD broadcasts are also being pilot and such as HD contents are common even in smart-phones. Like this, through both the content and audience are in the situation to take advantage of the HD mobile TV, only QVGA video contents are being transmitted in the terrestrial DMB broadcasting. In this paper, introduction plan of HD DMB service for activation of DMB industry will be described in terms of technical, institutional, and policy to overcome the limitations of such as DMB broadcasting. Due to the introduction of HD DMB, high quality contents will be provided to audience and the advertising revenue DMB broadcasters increased so that the market share of DMB in mobile broadcasting be recovered.