• 한국IT서비스학회지
• /
• 제23권2호
• /
• pp.83-97
• /
• 2024

This study was conducted to examine the effect of institutional mechanisms on customers' trust and continuous purchase intention in open market platforms, The research frame was expanded by setting institutional situations into positive and negative areas in order to examine the relationship between institutional mechanisms and trust in multiple dimensions. The results of this study confirmed that the feedback system, dispute resolution, and intermediary trust factors affect trust in positive areas, and dispute resolution, information security, and intermediary trust affect buyer trust in negative areas. For the relationship between trust and repurchase intention, it was confirmed that if the institutional situation is positive, trust leads to repurchase intention, and in negative areas, trust does not lead to repurchase intention. The results of this study show that institutional mechanisms are a key factor in building trust in online platforms according to institutional circumstances and play a role in offsetting trust in platforms in negative areas.

• 한국정보보호학회:학술대회논문집
• /
• 한국정보보호학회 1998년도 종합학술발표회논문집
• /
• pp.303-314
• /
• 1998

전자상거래는 인터넷과 같이 보안성이 취약한 개방형 통신망에서 이루어지기 때문에 거래 주체간에 발생하는 거래 정보의 보호를 위하여 기밀성, 무결성, 부인봉쇄 및 인증 등의 정보보호 서비스가 제공되어야 한다. 이러한 문제를 해결하기 위하여 암호 알고리듬 및 전자서명 등이 사용되고 있다 본 논문에서는 전자상거래 절차를 분석하고 상거래 주체간에 발생하는 정보에 대한 위험요소를 주체별로 분석하여 정보보호 문제를 해결하기 위한 정보보호 메커니즘의 체계적 적용 방안을 제안하고자 한다.

• 정보보호학회지
• /
• 제25권4호
• /
• pp.18-31
• /
• 2015

ISO/IEC JTC1/SC27/WG2 (Information technology - Security techniques - Cryptography & Security Mechanisms, 이하 줄여서 'SC27/WG2'로 표시)은 암호학을 중심으로 기술적인 정보보호 기법들을 표준화하는 기구이며, 그 역사 및 상세 소개는 같은 호에 송정환 교수가 할 것으로 알고, 본인은 SC27/WG2에서 다루는 디지털서명과 실체 인증에 관한 표준들에 대해 모든 내용을 구체적으로 소개하는 것 보다는 기법의 분류 및 찾아 볼 수 있도록 참고문헌을 소개하겠다.

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2007년도 추계종합학술대회
• /
• pp.717-720
• /
• 2007

With the convergence of mobile devices and the Internet ubiquitous computing promises to revolutionalize the way that we access services and run application. However, ubiquitous computing environments, in particular, mobile and wireless environments interfaced with the Internet, currently possess security vulnerabilities that are ripe for attack from cyber-threats. Thus, this paper discusses the Limitation of current security mechanisms in ubiquitous computing environments

• 한국통신학회논문지
• /
• 제31권6B호
• /
• pp.551-560
• /
• 2006

무선 개인 네트워크(Wireless Personal Area Network: WPAN)에서 보안은 최근 무선 환경이 가지고 있는 기본적인 단점들을 극복하기 위한 중요한 이슈 중 하나이다. IEEE 802.15 등 WPAN 표준들에는 몇몇 보안 관련 기본 메커니즘이 정의되어 있지만 아직 해결해야 할 문제들이 남아있다. 고속 WPAN 기술 중 하나인 Koinonia는 무선으로 근거리 디바이스들을 연결하여 10Mbps 정도의 고속 통신을 하기 위해 개발되었다. Koinonia WPAN의 피코넷(piconet)은 하나의 마스터(Master)와 하나 이상의 슬레이브(Slave)로 구성되며, 이와 같이 구성된 피코넷에서 기기 간 안전한 데이터 전송을 보장하기위한 보안 관련 내용은 정의되어 있지 않다. 따라서 본 연구에서는 Koinonia의 피코넷 내 기기 간 통신시 안전한 데이터 통신을 위한 대칭/비대칭 키 기반의 키 생성 및 분배, 인증 및 보안방법을 제안하고 성능을 분석한다. 보안 요구 분석을 기반으로 Koinonia WPAN의 보안 요구에 만족함을 알 수 있다.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2013년도 춘계학술대회
• /
• pp.288-289
• /
• 2013

An integrated security mechanism is one of the key challenges in the open wireless network architecture because of the diversity of the wireless network in open wireless network and the unique security mechanism used in each one of these networks. Optimized security protocols and mechanisms are employed for the high performance and security. Finally, a challenge in the near future will converge the integration of Open Ubiquitous Sensor Network (OUSN) with security protocols for applying the their applications. We analysed unique network-centric features and security mechanism of various heterogeneous wireless networks.

• 융합보안논문지
• /
• 제11권1호
• /
• pp.33-38
• /
• 2011

현재 IEEE 802.11표준은 AP와 STA사이의 인증 및 보안 메커니즘이 취약하다고 많이 알려져 있다. 따라서, IEEE는 RSN(Robust Security Network)을 802.11에 대한 보안 아키텍처를 제안했다. RSN은 접근제어와, 인증, 그리고 키 관리 기반으로 IEEE 802.1X 표준을 사용한다. 본 논문에서는 IEEE 802.1X 또는, 802.11이 결합된 몇 가지 모델에 대한 취약점을 제시하고, 세션가로채기 또는 MiM(Man-in the-Middle)공격에 대응 할 수 있는 STA와 AP간의 접근제어, 인증 메커니즘을 설계하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권2호
• /
• pp.580-599
• /
• 2021

Software-Defined Networking (SDN) has three key features: separation of control and forwarding, centralized control, and network programmability. While improving network management flexibility, SDN has many security issues. This paper systemizes the security threats of SDN using spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE) model to understand the current security status of SDN. First, we introduce the network architecture and data flow of SDN. Second, we analyze security threats of the six types given in the STRIDE model, aiming to reveal the vulnerability mechanisms and assess the attack surface. Then, we briefly describe the corresponding defense technologies. Finally, we summarize the work of this paper and discuss the trends of SDN security research.

• International Journal of Computer Science & Network Security
• /
• 제21권6호
• /
• pp.294-303
• /
• 2021

VANET is an upcoming technology with an encouraging prospect as well as great challenges, specifically in its security. This paper intends to survey such probable attacks and the correlating detection mechanisms that are introduced in the literature. Accordingly, administering security and protecting the owner's privacy has become a primary argument in VANETs. To furnish stronger security and preserve privacy, one should recognize the various probable attacks on the network and the essence of their behavior. This paper presents a comprehensive survey on diversified attacks and the recommended unfolding by the various researchers which concentrate on security services and the corresponding countermeasures to make VANET communications more secure.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권5호
• /
• pp.2427-2445
• /
• 2016

In contrast to traditional "store-and-forward" routing mechanisms, network coding offers an elegant solution for achieving maximum network throughput. The core idea is that intermediate network nodes linearly combine received data packets so that the destination nodes can decode original files from some authenticated packets. Although network coding has many advantages, especially in wireless sensor network and peer-to-peer network, the encoding mechanism of intermediate nodes also results in some additional security issues. For a powerful adversary who can control arbitrary number of malicious network nodes and can eavesdrop on the entire network, cryptographic signature schemes provide undeniable authentication mechanisms for network nodes. However, with the development of quantum technologies, some existing network coding signature schemes based on some traditional number-theoretic primitives vulnerable to quantum cryptanalysis. In this paper we first present an efficient network coding signature scheme in the standard model using lattice theory, which can be viewed as the most promising tool for designing post-quantum cryptographic protocols. In the security proof, we propose a new method for generating a random lattice and the corresponding trapdoor, which may be used in other cryptographic protocols. Our scheme has many advantages, such as supporting multi-source networks, low computational complexity and low communication overhead.