• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.133-140
• /
• 2011

Password-based authentication is the protocol that two entities share a password in advance and use the password as the basic of authentication. Password authentication schemes are divided into weak-password and strong-password authentication scheme. SPAS protocol, one of the strong-password authentication scheme, was proposed for secure against DoS attack. However it has vulnerability of the replay attack. In this paper, we analyze the vulnerability to the replay attack in SPAS protocol. Then we also propose an Improved-Strong Password Authentication Scheme (I-SPAS) with secure against the replay attack.

• Proceedings of the CALSEC Conference
• /
• 1999.07b
• /
• pp.491-500
• /
• 1999

Recent increase of commercial network Integration to World Wide Web(WWW) shifts an ordinary commerce to electronic environment. This draws more people to examine re-assurance of their secure transaction. This study investigates current status of security methodology for Electronic Payment System and extracts important axis of security level for electronic payment. Using these axis as security evaluation criteria, the research proposes a security matrix which consists of four different level of security granularity, hence allowing evaluation of a nation-wide credit card based payment system. Feasible usage of this matrix contributes to security analysis of the electronic system as whole, hence providing better secured electronic environment.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.137-142
• /
• 2002

When the Common Criteria(CC) for security system evaluation was put up, and the coming into the CCRA is promoted, the interest to the Evaluation Assurance Level(EAL) is greatly increasing. In this paper, via the comparison between the evaluation level of the exiting process evaluation criteria and the EAL of CC, the characteristics of the EAL of the CC are noted.

• Journal of Appropriate Technology
• /
• v.7 no.2
• /
• pp.172-187
• /
• 2021

In remote villages without access to modern IT technology, simple devices such as smartcards can be used to carry out business transactions. These devices typically store multiple business applications from multiple vendors. Although devices must prevent malicious or accidental security breaches among the applications, a secure communication channel between two applications from different vendors is often required. In this paper, first, we propose a method of establishing secure communication channels between applications in embedded operating systems that run on multi-applet smart cards. Second, we enforce the high assurance using an intransitive noninterference security policy. Thirdly, we formalize the method through the Z language and create the formal specification of the proposed secure system. Finally, we verify its correctness using Rushby's unwinding theorem.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2005.11a
• /
• pp.165-168
• /
• 2005

The objects, which can be personal digital assistants, electronic rings, doors or even clothes, offer embedded chips with computation facilities and are generally called artifacts. I later realized that this was not so the real problem is actually authentication. Recent results indicate scalability problems for flat ad hoc networks. Sensor network achieves function that handle surrounding information perception through sensor and sensed information to network that is consisted of sensor nodes of large number. Research about new access control techniques and height administration techniques need authentication information persons' certification assurance level classification in sensor network environment which become necessary different view base with authentication information at node for application of AAA technology in USN environment that must do authentication process using information that is collected from various sensor mountings. So, get base authentication information in sensor type and present weight grant model by security strength about authentication information through information who draw. In this paper collected information of sensor nodes model who give weight drawing security reinforcement as authentication information by purpose present be going to. and Must be able to can grasp special quality of each sensor appliances in various side and use this and decide authentication assurance level for value estimation as authentication information elements. Therefore, do to define item that can evaluate Authentication information elements thus and give simple authentication assurance level value accordingly because applying weight. Present model who give authentication assurance level value and weight for quotation according to security strength.

• Journal of Digital Convergence
• /
• v.14 no.9
• /
• pp.287-299
• /
• 2016

The electronic transactions over the Internet are growing across the world recently. There have been a lot of identity theft incidents during these online transactions nowaday. Therefore, a high level of identity proofing shall be carried out when using online services to deal with these matter. To prevent this kind of incident, i-PIN was introduced in Korea, which is used as an Internet Personal Identification Number. The i-PIN is designated to provide an online identification of the Internet users. As such, the unique identification numbers are provided to the internet service providers. This paper is to analyze the capabilities that the i-PIN provides, to propose the assurance security model for i-PIN. Furthermore, the security analysis results are presented. The result of this paper can be applicable to improve the applicabilities of the i-PIN.

• International Journal of Computer Science & Network Security
• /
• v.23 no.11
• /
• pp.142-148
• /
• 2023

The National Agency for Quality Assurance in Higher Education plays a crucial role in education in Ukraine, as an independent entity creates and ensures quality standards of higher education, which allow to properly implement the educational policy of the state, develop the economy and society as a whole.The purpose of the article: to reveal the crucial role of the National Agency for Quality Assurance in Higher Education to create quality management of higher education institutions, to show its mechanism as an independent entity that creates and ensures quality standards of higher education. and society as a whole. The mission of the National Agency for Quality Assurance in Higher Education is to become a catalyst for positive changes in higher education and the formation of a culture of its quality. The strategic goals of the National Agency are implemented in three main areas: the quality of educational services, recognition of the quality of scientific results, ensuring the systemic impact of the National Agency. The National Agency for Quality Assurance in Higher Education exercises various powers, which can be divided into: regulatory, analytical, accreditation, control, communication.The effectiveness of the work of the National Agency for Quality Assurance in Higher Education for 2020 has been proved. The results of a survey conducted by 183 higher education institutions of Ukraine conducted by the National Agency for Quality Assurance in Higher Education are shown. Emphasis was placed on the development of "Recommendations of the National Agency for Quality Assurance in Higher Education regarding the introduction of an internal quality assurance system." The international activity and international recognition of the National Agency for Quality Assurance in Higher Education are shown.

• Journal of Korean Society for Quality Management
• /
• v.35 no.4
• /
• pp.78-88
• /
• 2007

This paper is to investigate the relationship between international marketing and service quality, and the moderating effect of gender in that relationship. The data to make an empirical analysis were gathered from 269 workers in telecommunication sector. Multiple regression analysis revealed that (1) education was positively related with tangibility, reliability, responsiveness, empathy, assurance, and (2) internal communication was positively related with tangibility, reliability, responsiveness, assurance, and (3) delegation of authority was positively related with assurance. Hierarchical multiple regression analysis revealed that (4) compensation was more positively related with reliability in woman, and (5) employment security was more positively related with assurance in man.

• Proceedings of the Korean Society for Quality Management Conference
• /
• 2007.04a
• /
• pp.439-443
• /
• 2007

This paper is to investigate the relationship between international marketing and service quality, and the moderating effect of gender in that relationship. The data to make an empirical analysis were gathered from 269 workers in telecommunication sector. Multiple regression analysis revealed that (1) education was positively related with tangibility, reliability, responsiveness, empathy, assurance, and (2) internal communication was positively related with tangibility, reliability, responsiveness, assurance, and (3) delegation of authority was positively related with assurance. Hierarchical multiple regression analysis revealed that (4) compensation was more positively related with reliability in woman, and (5) employment security was more positively related with assurance in man.

• Journal of Korea Society of Industrial Information Systems
• /
• v.21 no.6
• /
• pp.109-123
• /
• 2016

This study investigates the importance of government's support for logistics security assurance through certification programs. First, the study analyzed priorities among the requirements of logistics firms through Analytic Hierarchy Process(AHP) and Quality Function Deployment(QFD) approaches. For this process we invited 21 logistics experts to assess the relationships between logistic firms' requirements and government policies regarding logistics security using the house of quality, a set of matrices of QFD. The results of this phase of the study revealed the priorities of logistics firms' goals regarding the diffusion of the government security certification program as follows: integrated logistics security systems(40.3%), strengthening government support systems(32.4%), and operational effectiveness of logistics security certification(27.2%). Second, a relative weights applied QFD method based on AHP was applied to determined the expected outcome of the logistics security certification program. The results indicated as follows: productivity improvement(28.4%), improved level of service(26.7%), logistics cost reduction(21.6%), advanced information systems(19.7%), and improved environmental protection(3.6%). The results of this study provide new insights concerning logistics firms' requirements for supply chain security and the importance of government's support policies through logistics security certification programs.