• 정보보호학회논문지
• /
• 제16권3호
• /
• pp.129-141
• /
• 2006

본 논문은 BioAPI(Biometric Application Programming Interface) v2.0 기반의 BSP(Biometric Service Provider) 표준 적합성 시험 도구의 설계 및 구현을 목적으로 한다. 제안한 BioAPI 적합성 시험 도구는 프레임워크(Framework) 없이 독립적으로 BSP를 시험할 수 있으며, 향후 XML 형태의 Test Assertion을 이용할 수 있도록 테스트 스케줄링 툴을 구현하였다. 또한 적합성시험 도구를 검증하기 위해 상용 지문 인식 검증(verification) 및 식별(identification) BSP를 이용하여 실험을 수행하였다. 이에 따라 BioAPI v2.0을 기반으로 한 BSP들이 요구사항에 적합하게 개발되었는지를 판단 할 수 있었다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제16권2호
• /
• pp.445-466
• /
• 2022

As everything linking to the internet, people can subscribe to various services from a service provider to facilitate their lives through the Internet of Things (IoT). An obligatory thing for the service provider is that they should push the service data safely and timely to multiple IoT terminal devices regularly after the IoT devices accomplishing the service subscription. In order to control the service message received by the legal devices as while as keep the confidentiality of the data, the public key encryption algorithm is utilized. While the existing public encryption algorithms for push service are too complicated for IoT devices, and almost of the current subscription schemes based on push mode are relying on centralized organization which may suffer from centralized entity corruption or single point of failure. To address these issues, we design a secure subscription-push service scheme based on blockchain and edge computing in this article, which is decentralized with secure architecture for the subscription and push of service. Furthermore, inspired by broadcast encryption and multicast encryption, a new encryption algorithm is designed to manage the permissions of IoT devices together with smart contract, and to protect the confidentiality of push messages, which is suitable for IoT devices. The edge computing nodes, in the new system architecture, maintain the blockchain to ensure the impartiality and traceability of service subscriptions and push messages, meanwhile undertake some calculations for IoT devices with limited computing power. The legalities of subscription services are guaranteed by verifying subscription tags on the smart contract. Lastly, the analysis indicates that the scheme is reliable, and the proposed encryption algorithm is safe and efficient.

• Journal of Korea Trade
• /
• 제27권1호
• /
• pp.192-210
• /
• 2023

Purpose - Vietnam has the fastest growing digital economy in Southeast Asia and is emerging as a critical overseas market for Korean banks in the post-COVID-19 era. Accordingly, many Korean banks entered the Vietnamese market to overcome the limitations of the saturated domestic financial market and create new revenue sources. This study examined the current status of digital finance in Vietnam and the cases of Korean banks that have succeeded in the Vietnamese market. Then, importance-performance analysis (IPA) was conducted on local customers, managers and staff members of Korean banks in Vietnam. Design/methodology - In this study, we analyzed the importance and satisfaction factors of mobile banking app usage in Vietnam through IPA. In particular, we identified the differences between the two groups by considering the viewpoint of customers who use mobile banking apps and that of managers and staff members who provide mobile banking services. Findings - The IPA results from the customer group and managers and staff members group were generally similar, but differences were observed in Ease of Use (Technology), Innovativeness (Organization), and Increase in Revenue (Economic). In the case of the customer group, Ease of Use (Technology) is located in the second quadrant, which shows low satisfaction compared to high importance. However, in the managers and staff members group, Ease of Use (Technology) is located in the first quadrant, which indicates high importance and high satisfaction. This difference in perception can cause complaints from local customers; thus, it is necessary to change the perception of the technological aspect for ease of use of mobile banking apps in consideration of the customer's position. In addition, it is necessary to allocate the resources invested in the Innovativeness (Organization) and Increase in Revenue (Economic) to Ease of Use (Technology). Originality/value - In this study, based on the HOTE framework, factors for using mobile banking apps were derived, and IPA was conducted targeting local customers (app user) and managers and staff members (app provider) of Korean banks in Vietnam. Through this, we presented the results of empirical analysis that can help Korean banks efficiently utilize limited resources and budgets.

• Asian Journal of Innovation and Policy
• /
• 제6권1호
• /
• pp.23-44
• /
• 2017

This study explores how the technology commercialization process leads to either success or failure after transfer from PROs to SMEs by conducting a binomial logistic regression analysis. We found that the more additional development a firm implements on the transferred technology, the more likely the commercialization is to fail. The higher number of alternative technology and bigger market risk are associated with a greater likelihood of failure. On the other hand, the existence of complementary technology, the degree of cooperation with the technology provider, the size of the target market, the willingness of the CEO, and the funding availability are known to have positive effects on the success of technology commercialization. In addition, the case studies we conducted from the sample companies demonstrated that "market uncertainty," "technological issues depending on the technology-specific characteristics," and "a lack of funding capability" are some of the causes for failure of technology commercialization.

• 한국IT서비스학회지
• /
• 제5권3호
• /
• pp.151-163
• /
• 2006

The purpose of this research was to examine the factors that affect colleges that play an important role in technology commercialization as technology provider, and enterprises as technology user engaging in technology transfer commercialization by dividing it into strategic resource factor. And this study was also intended to present a strategic meaning and perspective relative to colleges and enterprises as well. To do this, those factors that have influences on technology transfer commercialization were elicited through investigation of literatures, and classified into strategic resource factors to suit research purpose, and based on these information, research hypothesis and research model were established and designed. Research results improved that some enterprises among benefited from technology transfer.

• 한국방재학회 논문집
• /
• 제10권5호
• /
• pp.97-108
• /
• 2010

최근 재난양상의 다양화, 규모의 대형화 추세에 따라 신속하고 효율적인 재난예방과 대응을 위해 소방산업 첨단기기와 신기술의 중요성 및 역할이 날로 증대하고 있고, 소방산업 시장규모 역시 11조원, 종사자수도 10만 명을 상회하는 국가중요산업이지만 대부분 중소기업으로 타 산업에 비해 낙후성을 면치 못하고 있다. 따라서 본 연구에서는 우리나라 소방산업의 특성을 면밀히 분석, 소방산업의 특성을 고려한 금융공제시스템의 연구모형을 이론적으로 체계화하고 그 육성방안을 마련하여 소방산업 금융공제시스템을 이용하는 소방사업자들에게 자주적인 경제활동과 소방산업 발전에 기여하고자 한다.

• Journal of Information Processing Systems
• /
• 제14권5호
• /
• pp.1087-1101
• /
• 2018

As cloud computing has become a widespread technology, malicious attackers can obtain the private information of users that has leaked from the service provider in the outsourced databases. To resolve the problem, it is necessary to encrypt the database prior to outsourcing it to the service provider. However, the most existing data encryption schemes cannot process a query without decrypting the encrypted databases. Moreover, because the amount of the data is large, it takes too much time to decrypt all the data. For this, Programmable Order-Preserving Secure Index Scheme (POPIS) was proposed to hide the original data while performing query processing without decryption. However, POPIS is weak to both order matching attacks and data count attacks. To overcome the limitations, we propose a group order-preserving data encryption scheme (GOPES) that can support efficient query processing over the encrypted data. Since GOPES can preserve the order of each data group by generating the signatures of the encrypted data, it can provide a high degree of data privacy protection. Finally, it is shown that GOPES is better than the existing POPIS, with respect to both order matching attacks and data count attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권9호
• /
• pp.2405-2423
• /
• 2012

In a traditional Single Sign-On (SSO) scheme, the user and the Service Providers (SPs) have given their trust to the Identity Provider (IdP) or Authentication Service Provider (ASP) for the authentication and correct assertion. However, we still need a better solution for the local/native true SSO to gain user confidence, whereby the trusted entity must play the role of the ASP between distinct SPs. This technical gap has been filled by Trusted Computing (TC), where the remote attestation approach introduced by the Trusted Computing Group (TCG) is to attest whether the remote platform integrity is indeed trusted or not. In this paper, we demonstrate a Trustworthy Mutual Attestation (TMutualA) protocol as a proof of concept implementation for a local true SSO using the Integrity Measurement Architecture (IMA) with the Trusted Platform Module (TPM). In our proposed protocol, firstly, the user and SP platform integrity are checked (i.e., hardware and software integrity state verification) before allowing access to a protected resource sited at the SP and releasing a user authentication token to the SP. We evaluated the performance of the proposed TMutualA protocol, in particular, the client and server attestation time and the round trip of the mutual attestation time.

• 디지털산업정보학회논문지
• /
• 제4권1호
• /
• pp.71-87
• /
• 2008

In order to survive in a competitive environment, many companies are taking much interest in building IT infrastructure and are investing in that area. But, despite of all the interest and investments, many companies are unsatisfied and confused because of the lack of guidance and understandings of IT infrastructure. Therefore the purpose of this study is to prove that the level of IT usage is different according to organizational characteristics and industrial categories, and to give a guideline to companies' planning on newly building IT infrastructure. In conclusion, companies newly planning on building IT infrastructure should consider the amount of information technology functional uses according to the organizational characteristics and industrial category and they follow the below guidelines. On building the IT infrastructure the organization having the characteristics of formalization should consider and provide the standardization function first. The companies having the characteristics of decentralization should consider and provider firstly the application and communication function. And the companies having the characteristics of specialization should consider and provider the security function.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제4권2호
• /
• pp.154-173
• /
• 2010

Database outsourcing is unavoidable in the near future. In the scenario of data stream outsourcing, the data owner continuously publishes the latest data and associated authentication information through a service provider. Clients may register queries to the service provider and verify the result's correctness, utilizing the additional authentication information. Research on On-line Stream Analytics (OLSA) is motivated by extending the data cube technology for higher multi-level abstraction on the low-level-abstracted data streams. Existing work on OLSA fails to consider the issue of database outsourcing, while previous work on stream authentication does not support OLSA. To close this gap and solve the problem of OLSA query authentication while outsourcing data streams, we propose MDAHRB and MDAHB, two multi-dimensional authentication approaches. They are based on the general data model for OLSA, the stream cube. First, we improve the data structure of the H-tree, which is used to store the stream cube. Then, we design and implement two authentication schemes based on the improved H-trees, the HRB- and HB-trees, in accordance with the main stream query authentication framework for database outsourcing. Along with a cost models analysis, consistent with state-of-the-art cost metrics, an experimental evaluation is performed on a real data set. It exhibits that both MDAHRB and MDAHB are feasible for authenticating OLSA queries, while MDAHRB is more scalable.