• Asia pacific journal of information systems
• /
• v.8 no.3
• /
• pp.147-163
• /
• 1998

Advances in information and telecommunications technology are producing unprecedented shifts in the way businesses conduct their business, Today, electronic commerce is becoming pervasive due to, in large part, the widespread use of Internet and Worldwide Web. One element that plays an important role in shaping the success of electronic commerce is the electronic payment system. Deficiency in its reliability and security may lead to unwanted outcomes, including economic losses and customer dissatisfaction. By far, numerous forms of electronic payment systems have been introduced in the virtual marketplace. However, there exists little research that has focused on the characteristics of the electronic payment systems such that they may be compared with one another. This article is aimed at providing a framework for comparative analysis of electronic payment systems, examining the characteristics of the individual payment systems, and suggesting a choice strategy which enables a firm to select an appropriate payment system suited to their business needs. The framework classifies electronic payment systems into four categories including electronic cash, electronic checks, credit cards, and smart cards, and it can be employed in planning for an electronic commerce system.

• Journal of information and communication convergence engineering
• /
• v.8 no.4
• /
• pp.433-436
• /
• 2010

In this paper, we presented a ciphering method whose target data is any kind of digital bit-stream. It uses a chaotic system as the main encrypting tool, MISR (Multi-Input Signature Register), and shift-and-rotation function, all of which are exclusive-ORed with the plaintext. Also, it incorporates a cipher text feedback mode such that part of the previously ciphered data is fed back to encrypt the current data. The encryption block size and the amount of feedback data are different at each ciphering operation. Experimental results with the image/video date showed that this method has enough speed and encryption effect with negligible latency time. Thus, we are expecting it to have various application areas that need high speed stream ciphering with high security level.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.4C
• /
• pp.290-296
• /
• 2012

In this paper, we propose a practical authentication system based on Wireless Body Area Networks(WBAN) for U-healthcare medical information environments. The proposed authentication system is based on symmetric cryptosystem such as AES and is designed to not only provide security such as data secrecy, data authentication, data integrity, but also prevent replay attack by adopting timestamp technique and perform secure authentication between sensor node, master node, base-station, and medical server.

• Annual Conference of KIPS
• /
• 2015.10a
• /
• pp.878-879
• /
• 2015

어플리케이션 구동 시에 화면에 표시되는 데이터는 보안 알고리즘이 적용되지 않은 채로 사용자 및 악의적인 해커들에게 노출된다. 본 논문에서는 악의적인 사용자가 화면을 캡쳐하여 이미지 파일로 저장하거나 디지털카메라로 화면에 노출된 정보의 사진을 찍었을 때 중요 데이터가 유출되지 않도록 화면 출력 이미지를 디지털 영상 처리 기법을 이용하여 변조한다. 사용자가 육안으로 볼 때에는 데이터를 식별할 수 있도록 화면 주사율에 맞추어 변조된 영상에 대한 보완 영상을 번걸아 출력한다.

• Annual Conference of KIPS
• /
• 2013.05a
• /
• pp.636-639
• /
• 2013

With the development and rapid growth of cloud computing, lots of application services based on cloud computing have been developed. In addition, cloud-based DRM systems have been developed to support those services' copyright and privacy protection. In this paper, we propose a new cloud-based user-friendly DRM system, which allows users to execute the same contents bought at most n times at any devices with license enforcement, which checks the validation of licenses before every execution, having no smart card, which has to carry a smart card reader that seems troublesome to a user, and providing the copyright and privacy protection.

• Journal of the Institute of Electronics Engineers of Korea TE
• /
• v.37 no.4
• /
• pp.1-10
• /
• 2000

In this paper, an educational-purposed tree-type telecommunication network using the switching system, and the wired and radio transmission systems which are applied is implemented. Also, the proper training method for the network such as the digital full electronic switching training, the networking experiment, the optical transmission experiment, is developed to robust the adaptation ability to the actual various environment of telecommunication network of the trainers. The technical information such as the technical manuals, the user manuals and the maintenance skill reports are collected and database using Oracle DB system for the effective educational use.

• Journal of Multimedia Information System
• /
• v.6 no.4
• /
• pp.271-282
• /
• 2019

There is a description that you cannot manage what you do not measure. The Korea Ministry of National Defense (MND) is conducting evaluations in various fields to obtain meaningful effects from IT investments, and views that the evaluation of the defense informatization sector is divided into defense informatization policy evaluation and defense informatization project evaluation. The defense informatization level evaluation can measure the informatization level of MND and the armed forces or organizations. Since the evaluation system being studied to measure the level of defense informatization is composed mainly of qualitative metrics, it is necessary to reconstruct it based on quantitative metrics that can guarantee objectivity. In addition, for managing the level of change by evaluation objects, the evaluation system should be designed with a focus on homeostasis of metrics so that it can be measured periodically. Moreover, metrics need to be promoted in terms of performance against targets. To this end, this study proposes to measure the level of defense informatization by dividing it into defense information network, computer systems, interoperability and standardization, information security, information environment, and information system use, and suggests their metrics.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.05a
• /
• pp.631-634
• /
• 2002

Video conference system has guided swiftness of information transmission and business processing taking away time and manufacturing drug of space that is happened that long-distance gather and talk. But, leakage of important meeting content, peculation etc., in that execute video-conferences can happen. Therefore, research about video conference system of safety is progressing under secure superhigh speed information communication fetters. This treatise studied about techniques to encipher videotex to prevent variation and outward flow of burn information, peculation etc., except general encryption notation such as user certification to have drawn problem about stability of general video conference system, and is used present as countermeasure about here. Used improved Vernam's encryption techniques to encrypt videotex.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39C no.4
• /
• pp.362-369
• /
• 2014

A railway SCADA system is a control systems that provide the trains with the electricity. A railway SCADA system sends commands to the RTUs(remote terminal unit) and then it gathers status information of the field devices in the RTUs or controls field devices connected with the RTUs. The RTU can controls input output modules directly, gathers the status information of the field devices connected with it, and send the information to the control center. In this way, a railway SCADA system monitors and controls the electricity power for running trains. The cyber attackers may use some vulnerabilities in the railway SCADA system software to attack critical infrastructures. The vulnerabilities might be created in the railway software development process. Therefore it need to detect and remove the vulnerabilities in the control system. In this paper we propose a new control protocol fuzzing method to detect the vulnerabilities in the DNP3 protocol based application running on VxWorks in RTU(Remote Terminal Unit) that is a component of the centralized traffic control system for railway. Debug-channel based fuzzing method is required to obtain process status information from the VxWorks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.4
• /
• pp.800-806
• /
• 2015

WAVE(Wireless Access in Vehicular Environments) system is wireless communication technology that vehicle sends and receives packets between vehicles or between vehicles and infrastructure in a high-speed mobile environment. In this study, we have designed and implemented a CRL(Certificate Revocation List) download protocol that is used to verify certificate revocation status of the other party when the vehicles communicate with WAVE system. This protocol operates over UDP. And to support security features, also, ECDSA(Elliptic Curve Digital Signature Algorithm) is used for mutual authentication and ECIES(Elliptic Curve Integrated Encryption Scheme) is used to ensure the confidentiality. Moreover, this protocol ensures the integrity of data by adding MAC(Message Authentication Code) to the end of packet and support the error and flow control mechanisms.