• Journal of the Korea Institute of Information and Communication Engineering
• /
• 제21권7호
• /
• pp.1393-1400
• /
• 2017

As the number of smartphone users increases, vulnerability to privacy protection is increasing. This is because personal information is stored on various servers connected to the Internet and the user is authenticated using the same ID and password. Authentication methods such as OTP, FIDO, and PIN codes have been introduced to solve traditional authentication methods, but their use is limited for authentication that requires sharing with other users. In this paper, we propose the authentication method that is needed for the management of shared information such as hospitals and corporations. The proposed algorithm is an algorithm that can authenticate users in the same place in real time using smart phone IMEI, QR code, BLE, push message. We propose an authentication algorithm that can perform user authentication through mutual cooperation using a smart phone and can cancel realtime authentication. And we designed and implemented a mutual authentication system using proposed algorithm.

• Journal of Digital Convergence
• /
• 제18권7호
• /
• pp.123-133
• /
• 2020

The aim of this study is to scrutinize acceptance intentions of Korean users and influences of information security related factors on mobile payment services based on biometric authentication methods, like finger print authentication or face recognition authentication, by focusing on ApplePay. Unlike previous studies on user acceptance of mobile payment which lack considerations on information security related factors, this study employs the UTAUT with detailed information security factors to create a research model and PLS(Partial Least Squares) method to analyze the model. Based on the analysis, gaining trust on service through company's efforts on information protection, personal characteristics and trust on applied security technologies are important factors to Korean users along with social awareness and service infrastructures. The result of this study would be helpful to companies or organizations, which provide biometric-based mobile payment services, to understand needs of Korean consumers. Based on this study, further analysis is expected to find impacts of user experiences on same company's or competitors' products to acceptance intentions.

• The Journal of the Korea institute of electronic communication sciences
• /
• 제17권2호
• /
• pp.375-386
• /
• 2022

As information asset protection is recognized as an important management factor for organizations, organizations are increasing their investments in information security(IS) policies and technologies. However, strict application of IS may cause non-compliance behavior through IS stress on employees of the organization. Accordingly, this study suggests a mechanism by which employee stress affects IS compliance intentions through self-determination, and a method to reinforce IS compliance intentions through person-organization fit. We conducted an online survey of employees working at companies that adopted IS policies and tested hypotheses using 475 samples. First, as a result of analyzing the main effects of applying the structural equation model, role stress affected IS compliance intention through self-determination. Second, as a result of analyzing the moderating effect of applying Process 3.1, personal organization fit strengthened the relationship between self-determination and IS compliance intention. The research suggests a direction for achieving internal IS goals by confirming the influence of IS stress and behavioral causes of employees.

• Convergence Security Journal
• /
• 제23권3호
• /
• pp.13-20
• /
• 2023

This study conducted a digital forensic analysis of Signal and Telegram, two secure messengers widely used in the Android environment. As mobile messengers currently play an important role in daily life, data management and security within these apps have become very important issues. Signal and Telegram, among others, are secure messengers that are highly reliable among users, and they safely protect users' personal information based on encryption technology. However, much research is still needed on how to analyze these encrypted data. In order to solve these problems, in this study, an in-depth analysis was conducted on the message encryption of Signal and Telegram and the database structure and encryption method in Android devices. In the case of Signal, we were able to successfully decrypt encrypted messages that are difficult to access from the outside due to complex algorithms and confirm the contents. In addition, the database structure of the two messenger apps was analyzed in detail and the information was organized into a folder structure and file format that could be used at any time. It is expected that more accurate and detailed digital forensic analysis will be possible in the future by applying more advanced technology and methodology based on the analyzed information. It is expected that this research will help increase understanding of secure messengers such as Signal and Telegram, which will open up possibilities for use in various aspects such as personal information protection and crime prevention.

• Journal of Platform Technology
• /
• 제11권5호
• /
• pp.37-48
• /
• 2023

Since the announcement of the Financial Services Commission's 'Token Securities Issuance and Distribution System Improvement Plan' in February 2023, financial institutions, securities firms, and blockchain companies have been actively considering implementing IT platforms, but they are facing difficulties in selecting IT platforms for token securities because related legal regulations have not yet been clearly established. As a result, the need for rational and systematic criteria for the selection of blockchain-based token securities IT platforms has emerged, and this study explores and evaluates the key factors of token securities IT platform selection. Four factors were identified as the top-level factors, including 'maturity of the platform', 'operation and management of the platform', 'cost of introducing and maintaining the platform', and 'regulatory compliance for token securities', and 17 factors were identified as sub-level factors, including 'diversity', 'user authentication management', 'Adoption Costs', and 'financial regulations'. Among the 17 sub-factors, 'government financial regulation' and 'personal information protection' are selected as important factors, and the results of this study can help related organizations and financial companies make strategic decisions by providing systematic decision-making criteria for selecting token securities IT platforms.

• Korean Security Journal
• /
• 제24호
• /
• pp.147-170
• /
• 2010

This study is to present a improvement directions for the protection of industrial key technology. For the purpose of the study, the survey was carried out on the administrative security activity of 68 enterprises including Large companies, small-midium companies and public corporations. survey result on the 10 items of security policy, 10 items of personal management and 7 items of the assets management are as follows; First, stable foundation for the efficient implement of security policy is needed. Carrying a security policy into practice and continuous upgrade should be fulfilled with drawing-up of the policy. Also for the vitalization of security activity, arrangement of security organization and security manager are needed with mutual assistance in the company. Periodic security inspection should be practiced for the improvement of security level and security understanding. Second, the increase of investment for security job is needed for security invigoration. Securing cooperation channel with professional security facility such as National Intelligence Service, Korea internet & security agency, Information security consulting company, security research institute is needed, also security outsourcing could be considered as the method of above investment. Especially small-midium company is very vulnerable compared with Large company and public corporation in security management, so increase of government's budget for security support system is necessary. Third, human resource management is important, because the main cause of leak of confidential information is person. Regular education rate for new employee and staff members is relatively high, but the vitalization of security oath for staff members and the third party who access to key technology is necessary. Also access right to key information should be changed whenever access right changes. Reinforcement of management of resigned person such as security oath, the elimination of access right to key information and the deletion of account. is needed. Forth, the control and management of important asset including patent and design should be tightened. Classification of importance of asset and periodic inspection are necessary with the effects evaluation of leak of asset.

• Journal of Digital Convergence
• /
• 제16권9호
• /
• pp.133-145
• /
• 2018

This study was investigated the necessity and possibility of using block-chain technology in online used-goods trading platform. Current online used-goods trading platforms operate a safety trading system, but it is difficult to utilize due to relatively high commission rate. As a result, people mainly use the method of meeting and purchasing in person, which is a relatively costly method. This study discusses how to build a platform to solve or mitigate problems such as privacy, information distortion and omission, fraud, etc. In the platform proposed in this study, it is possible to solve the major fraud and personal information protection problems that may occur in the transaction proceeding by appropriately reflecting the types and characteristics of the block-chain technology. In future work, we will discuss legal framework and technology development plan to apply the proposed platform in this study.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• 제4권3호
• /
• pp.595-602
• /
• 2000

This paper is aimed at developing an location tracking system of mobile station based on currently available mobile communication network or mobile Phone and PCS(Personal Communication System). When the location tracking of mobile stations is in services, Emergency-119, all of crime investigation, effective urban traffic management and the safety protection of Alzheimer＇s patients can be available. In order to track the location of the mobile and base station, assumption in this paper is to use the statistic characteristics of LOS when modeling the standard noise in case that radio path is LNOS environment. The standard variation of the standard noise is $\pm150$. First, location is estimated by the positioning algorithms of TOA and TDOA and compared each other. Second, after canceling the standard noise by Kalman filter, location is estimated by the above two positioning algorithms. Finally, the location by the Kalman filter and two positioning algorithms is estimated by smoothing method. As a result, 2 dimensional average location error is imvoved by 51.2m in TOA and 34.8m in TDOA when Kalman filer and two positioning algorithms are used, compared with the two positioning algorithm used. And there is 3 more meter improvement after smoothing than Kalman filer and two positioning algorithms used.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 한국해양정보통신학회 2000년도 춘계종합학술대회
• /
• pp.167-172
• /
• 2000

This paper is aimed at developing an location tracking for mobile station employing currently available mobile communication network of cellular phone and PCS(Personal Communication System). When the location tracking of mobile stations is in services, the services such as Emergency-119, crime investigation, effective urban traffic management or the safety protection of Alzheimer's patients, ran be available. This paper is to track the mobile station in communication network in NLOS environment. To achieve reduction of the standard noise, Kalman filter is used. In terms of the distance, positions are located by using TOA and TDOA methods in the environment that removes NLOS bias in the measured data. And then smoothing method is used. to achieve reduction of the position error values

• Journal of Digital Convergence
• /
• 제17권7호
• /
• pp.285-292
• /
• 2019

With the popularization of PC, SNS and IoT, a lot of data is generated and the amount is increasing exponentially. Artificial neural network learning is a topic that attracts attention in many fields in recent years by using huge amounts of data. Artificial neural network learning has shown tremendous potential in speech recognition and image recognition, and is widely applied to a variety of complex areas such as medical diagnosis, artificial intelligence games, and face recognition. The results of artificial neural networks are accurate enough to surpass real human beings. Despite these many advantages, privacy problems still exist in artificial neural network learning. Learning data for artificial neural network learning includes various information including personal sensitive information, so that privacy can be exposed due to malicious attackers. There is a privacy risk that occurs when an attacker interferes with learning and degrades learning or attacks a model that has completed learning. In this paper, we analyze the attack method of the recently proposed neural network model and its privacy protection method.