• Korean Management Science Review
• /
• v.30 no.3
• /
• pp.33-54
• /
• 2013

The purpose of this study is to examine the relationships between Product Quality (Popularity, Playfulness) and Information Quality (Informativeness, Reliability), System Quality (Ease of Use, Security), Trust and Continuance Intention in Smart Phone Application Market. To identify these affecting relationships, the secondary data or past studies were collected and theoretically arranged. I made the theoretical proposed model to explain the relationships between the constructs, identify the operational definitions and 13 Hypotheses were established, there was executed the survey of 250 customers of Smart Phone Application Market. Using the collected data, previous performances to confirm the construct validity and internal consistency by Cronbach's a was executed and Partial Least Square Analysis to confirm the hypotheses in proposed model was conducted using the Smart-PLS Software. As the result of test that make the relations of used variables clear, we can get the conclusion as followings; First, Product Popularity has the positive effect on Informativeness, except reliability of Information. Second, it was significantly tested the effect on the Ease of use and Security by Product Playfulness. Third, Informativeness and Ease of Use, Security of App Store have the significantly positive effects on the Users' Trust directly. From the empirical test, I suggest the strategic advices in App Store Companies. To increase the Users' Continuance Intention or Loyalty, it would be developed that a variety of methods and ways to raise the Product Popularity and Playfulness, Informativeness, Ease of Use and Security of App Store. It is necessary for sticking the Users to raise the positive trust building and Continuance Intention.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.8
• /
• pp.2801-2808
• /
• 2010

The technology of WiBro, combining advantages of high speed internet and wireless internet provides the effectiveness and convenience provided by broadband and convergence. WiBro has developed due to supports of the related industries. The advancement of WiBro have created driving force for network advancement. WiBro is a niche market among high speed Internet, wireless LAN, Mobile phone, wireless internet. Through building relationship between market share and the existed telecommunication service, WiBro could improve the convenience of users. The security controls have to be built considering vulnerabilities of WiBro. Based on the study, the architecture of WiBro was suggested through reviewing the vulnerabilities and security controls in the wireless network and wire network. The appropriate security measures to be applied in the environment of WiBro. The outcomes of the study could improve the usage of WiBro.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.373-381
• /
• 2017

Currently, various types of user authentication methods based on public certificates are used in domestic financial transactions. Such an authorized certificate method has a problem that a different security module must be installed every time a user connects an individual financial company to a web server. Also, the financial company relying on this authentication method has a problem that a new security module should be additionally installed for each financial institution whenever a next generation authentication method such as biometric authentication is newly introduced. In order to solve these problems, we propose an integrated authentication system that handles user authentication on behalf of each financial institution in financial transactions, and proposes an integrated authentication protocol that handles secure user authentication between user and financial company web server. The new authentication protocol is a modified version of OAuth2.0 that increases security and efficiency. It is characterized by performing a challenge-response protocol with a pre-shared secret key between the authentication server and the financial company web server. This gives users a convenient and secure Single Sign-On (SSO) effect.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.11
• /
• pp.2341-2346
• /
• 2012

Voice phishing against the old or weak persons have used the methods which are social engineering in the object and financial structure and function. Until recently Voice phishing from Chaina caused economic devastation and the economic loss by phishing grows with the South Koreans in the whole. Korean government and public organizations involved have been strengthening protection system and a financial security devices. But it is not easy to verify how much effects of security measures are. In this paper I will study the economic loss caused by voice phishing and potential economic effects of security measures and security device reinforcements of the Republic of Korea. Direct costs are reported about 100 million dollars and potential economic effects of voice phinshing secure measures may be around 320 million dollars.

• Journal of Internet Computing and Services
• /
• v.8 no.6
• /
• pp.1-8
• /
• 2007

The Mobile Ad-hoc network does environmental information which an individual collects in nodes which are many as the kernel of the USN technology based on the radio communication. And it is the latest network description delivering critical data to the destination location desiring through a multi-hop. Recently, the Ad-hoc network relative technique development and service are activated. But the security function implementation including an authentication and encoding about the transmitted packets, and etc, is wirelessly the insufficient situation on the Ad-hoc network. This paper provides the security service of key exchange, key management. entity authentication, data enciphering, and etc on the Mobile Ad-hoc network. It implements with the Ad-hoc network security management server system design which processes the security protocol specialized in the Ad-hoc network and which it manages.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.902-905
• /
• 2005

In this paper we challenge the mobile node Authentication using Java Card authentication protocol in Ad-hoc network environment. Ad-hoc network is a collection of wireless mobile nodes without the support of a stationary infrastructure. and DSR routing protocol, which is one of famous mobile ad-hoc rooting protocols, has the following network path problem. this paper is the security structure that defined in a mobile network and security and watches all kinds of password related technology related to the existing authentication system. It looks up weakness point on security with a problem on the design that uses Ad-hoc based structure and transmission hierarchical security back of a mobile network, and a server-client holds for user authentication of an application level all and all, and it provides one counterproposal. Java Card Authentication of mobile node can possibly be applied to the area of M-Commerce, Wireless Security, and Ubiquitous Computing and so on.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1251-1259
• /
• 2017

One-time password has been proposed for the purpose of addressing the security problems of the simple password system: fixed passwords and pre-shared passwords. Since it employs the consecutive hash values after a root hash value is registered at the server, the security weakness of the fixed passwords has been addressed. However, it has a shortcoming of re-registering a new root hash value when the previous hash chain's hash values are exhausted. Even though several one-time password systems not requiring re-registration have been proposed, they all have several problems in terms of constraint conditions and efficiency. In this paper, we propose the one - time password scheme based on a hash chain that generates one - time passwords using only two cryptographic hash functions at each authentication and satisfies the existing constraints without re-registration, Security requirements and efficiency.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.1
• /
• pp.139-147
• /
• 2010

A remote user authentication scheme is a two-party protocol whereby an authentication server in a distributed system confirms the identity of a remote individual logging on to the server over an untrusted, open network. In 2005, Liao et al. proposed a remote user authentication scheme using a smart card, in which users can be authenticated anonymously. Recently, Yoon et al. have discovered some security flaws in Liao et al.'s authentication scheme and proposed an improved version of this scheme to fix the security flaws. In this article, we review the improved authentication scheme by Yoon et al. and provide a security analysis on the scheme. Our analysis shows that Yoon et al.'s scheme does not guarantee not only any kind of authentication, either server-to-user authentication or user-to-server authentication but also password security. The contribution of the current work is to demonstrate these by mounting two attacks, a server impersonation attack and a user impersonation attack, and an off-line dictionary attack on Yoon et al.'s scheme. In addition, we propose the enhanced authentication scheme that eliminates the security vulnerabilities of Yoon et al.'s scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.101-106
• /
• 2004

Recently, a network defense simulator becomes essential in studying cyber incidents because the cyber terror become more and more interesting. The network defense simulator is a tool to estimate damages and an effectiveness of a defense mechanism by modeling network intrusions and defense mechanisms. Using this tool, users can find efficient ways of preventing a cyber terror and recovering from the damage. Previous simulators start the simulation after entire scenario has made and been loaded to simulation engine. However, in this way it can't model human judgement and behavior, and it can't simulate the real cyber terror very well. In this paper, we have added a dynamic simulation component to our previous network security simulator. This component improved accurate modeling of network intrusions and defense behaviors. We have also proposed new modified architecture of the simulation system. Finally we have verified correct simulation results from stammer worn simulation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.525-536
• /
• 2012

This paper proposes methods of securing Smart Grid system against various types of cyber threats by separating AMI networks from the public network, the Internet, and providing an AMI specific authentication framework. Due to the fact that thousands and millions of AMI devices to be deployed would be directly or indirectly connected to the public network without any authentication procedures for access control, currently being developed AMI architectures could be widely exposed to considerable number of penetrating attacks. Furthermore, there have not been a sufficient number of researches on authentication frameworks with basis on the specific circumstances of AMI networking that should support varied authentication protocols among security associations and AMI linking devices. This work makes a proposal of isolating smart meters from HAN devices and the Internet and integrating network/application level authentication frameworks with an EAP-based authentication architecture. These approaches are beneficial to deploy AMI with security and efficiency.