• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.55-62
• /
• 2006

It is growing to use the E-Commerce, recently However, if a cracking tool that detects e keyboard input is set up, users' input values and personal information could be taken away. This paper shows the design and implementation of security system that prevent the keyboard input information leaking. The ideas of thus paper are encrypting the keyboard input values with using the keyboard interrupt hooking, the browser embedding program's decrypting the values in case of need and decrypting all values in the web server. The own input control was developed for direct attacks to the browser, and that the values of password fields which are showed as *(asterisk character) won't be decrypted in the client PC is different from other commercial keyboard input security systems. Consequently, this paper shows the chance of realizing a lot safer customer information protective system than before.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.8B
• /
• pp.947-953
• /
• 2011

These days, a consistent and fatal attack attribute toward a database has proportionally evolved in the similar development form to that of security policy. Because of access control-based defensive techniques regarding information created in closed networks and attacks on a limited access pathway, cases of infringement of many systems and databases based on accumulated and learned attack patterns from the past are increasing. Therefore, the paper aims to separate attack information by its types based on a virtual infringement pattern system loaded with dualistic VM in order to ensure stability to limited certification and authority to access, to propose a system that blocks infringement through the intensive management of infringement pattern concerning attack networks, and to improve the mechanism for implementing a test that defends the final database, the optimal defensive techniques, and the security policies, through research.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.1
• /
• pp.33-40
• /
• 2007

RFID, a non-contact wireless identification technology is being noticed as a technology to alternate barcode system in distribution industry and general industry. Despite of merit of RFID, there are issues to be solved for practical use. One of them, which are most important, is resolution of user's information protection. RFID system without security function bears risk exposing personal data and user's privacy. In this paper, we propose mutual authentication protocol for RFID system in order to solve this security issue. This study aimed to protect user's privacy by providing dynamic ID for tag through authentication protocol safe from security threats. Information being transmitted between backend, reader and tag has no direct connection with ID of tag, and it conducts authentication process using one-way hash function, which prevents attacker's obtaining of tag information using information being transmitted.

• The KIPS Transactions:PartD
• /
• v.15D no.5
• /
• pp.721-732
• /
• 2008

The purpose of this study is to explore latent variables that affect users' satisfaction of mobile internet and to estimate a composite relationships among parameters. In order to examine causative significance between dependent variables and each of the independent variables, we redefined the variables, the quality of information, system and service derived from the DeLone and McLean's model. And we found out the new independent variables: security and service charge. Prior research adopted mainly TAM(Technology Acceptance Model) to investigate the user acceptance of information services or system. Therefore, it is significant that we developed our research model to appropriate on mobile internet's inherent nature and that focused on the important variables like service charge and security. In empirical approach, we surveyed 435 samples and conducted structural equation modeling and multi-regression analysis to estimate the regression parameters. The results of the study illustrated that our hypotheses covering the quality of information, system and service, security and service charge were supported.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.947-960
• /
• 2023

In Korea, traditional paper promissory notes are currently undergoing a transformation, being gradually replaced by electronic notes. This transformation is being steered under the Korea Financial Telecommunications Institute, a trusted authority. However, existing electronic systems have security vulnerabilities, including the risk of hacking and internal errors within the institute. To this end, we have defined a novel anonymous electronic promissory note system based on blockchain. We have constructed a concrete protocol and conducted security analysis of our protocol. Note that, in our protocol, every note information is committed so that the note remains undisclosed until the point of payment. Once the note information becomes public on the blockchain, it enables the detection of illicit activities, such as money laundering and tax evasion. Furthermore, our protocol incorporates a feature of split endorsement, which is a crucial functionality permitted by the Korean electronic note system. Consequently, our proposed protocol is suitable for practical applications in financial transactions.

• Information Systems Review
• /
• v.3 no.1
• /
• pp.19-30
• /
• 2001

With the e-business paradigm emerging, the website became a critical resource for most corporations. However, the amount of value creation through internet is still in question. This paper shows the result of an exploratory study on website assessment, following the tradition of Technology Acceptance Model (TAM). We viewed the intended usage as the value of the website and added such factors as playfulness, commitment, system quality, and information security as external variables of the model. Website types, visiting purposes, and the user system quality were included as moderators. The website value could differ depending on website types, purposes of the use and system quality. In the case of internet shopping malls, playfulness, compatibility, website quality were identified as key influencers, while for stock trading users, however, commitment and security factors are more important. In terms of user purposes, information search requires both the compatibility and the website quality. Also the website quality was strongly affected by the user system quality. In other words, any investment of upgrading the website system quality can be meaningless unless the user system quality is improved as well. For each variable considered, empirical results are discussed and practical implications are provided.

• International Journal of Computer Science & Network Security
• /
• v.23 no.6
• /
• pp.49-58
• /
• 2023

Renewable energy is not a new terminology. One of the fastest growing renewable energies is solar energy. The implementation of solar energy provides several advantages including the reduction of some of the environmental risks of fossil fuel consumption. This research elaborated the importance of the adaption of solar energy by developing a spatial decision support system (SDSS), while the Residential Solar Energy Adoption (RSEA) is an instantiation artifact in the form of an SDSS. As a GIS web-based application, RSEA allows stakeholders (e.g., utility companies, policymakers, service providers homeowners, and researchers) to navigate through locations on a map interactively. The maps highlight locations with high and low solar energy adoption potential that enables decision-makers (e.g., policymakers, solar firms, utility companies, and nonprofit organizations) to make decisions. A combined qualitative and quantitative methodological approach was used to evaluate the application's usability and user experience, and results affirmed the ability of the factors of utility, usefulness, and a positive user experience of the residential solar energy adoption of spatial decision support system (RSEA-SDSS). RSEA-SDSS in improving the decision-making process for potential various stakeholders, in utility, solar installations, policy making, and non-profit renewable energy domains.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.941-949
• /
• 2014

Demands for cloud computing service rapidly increased along with the expansion of supplying smart devices. Interest in cloud system has led to the question whether it is really safe. Due to the nature of cloud system, cloud service provider can get a user's private information and disclose it. There is a large range of opinion on this issue and recently many researchers are looking into fully homomorphic encryption as a solution for this problem. Fully homomorphic encryption can permit arbitrary computation on encrypted data. Many security threats will disappear by using fully homomorphic encryption, because fully homomorphic encryption keeps the confidentiality. In this paper, we research possible security threats in cloud computing service and study on the application method of fully homomorphic encryption for cloud computing system.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.675-682
• /
• 2003

Attackers collect vulnerabilities of a target computer system to intrude into it. And using several attack methods, they acquire root privilege. They steal and alter information in the computer system, or destroy the computer sysem. So far many intrusion detection systems and firewallshave been developed, but recently attackers go round these systems and intrude into a computer system . In this paper, we propose security kernel module to prevent attackers having acquired root privilege from doing illegal behaviors. It enhances administrator authentication with additional password, so prevents attackers from doing illegal behaviors such as modification of important files and installation of rootkits. It sends warning mail about sttacker's illegal behaviors to administrators by real time. So using information in the mail, they can estabilish new security policies.

• Journal of Digital Contents Society
• /
• v.9 no.1
• /
• pp.33-39
• /
• 2008

Mobile Ad Hoc Network is easy to be attacked because nodes are distributed not network based infrastructure. Intrusion detection system perceives the trust values of neighboring nodes and receives inspection on local security of nodes and observation ability. This study applied clustering mechanism to reduce overhead in intrusion detection. And, in order to measure the trust values, it associates the trust information cluster head received from member nodes with its own value and evaluates the trust of neighboring nodes. Secure data transmission is received by proposed concept because the trust of nodes on network is achieved accurately.