• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.6
• /
• pp.63-69
• /
• 2009

The decentralized and open characteristic of the internet, along with the mobility and portability of mobile communication, and the interactivity of the internet and mobile communications all have been grafted to enable the creation of wireless internet in our lives, bringing about a lot of change. However, existing system management software solutions show limitations in time and space, as well as problems such as uncertain error messages, and also difficulty providing swift assistance or real time emergency support. Therefore, a wireless remote control system has been designed and implemented in this thesis, which is capable of managing and monitoring remote systems using mobile communication devices (Mobile Phone, PDA, Smart Phone, Webpad) for realtime control. The implemented real time wireless remote control system provides remote server management functions, error or event message functions, log record functions, authentication function via mobile devices and system performance evaluation function classified by client transaction.

• Journal of KIISE:Information Networking
• /
• v.36 no.6
• /
• pp.552-557
• /
• 2009

One-time passwords are used just once and discarded, which makes it more secure than the repeatedly used conventional passwords. This paper proposes a challenge-response based one-time password generator on a user's mobile phone always carried with the user. The generator can provide an additional authentication for a user to issue a money transfer request within his Internet banking session on a PC. A currently used device for Internet banking generates a password that changes every 30 seconds or so, which allows a man-in-the-middle to use it for stealing money within the 30 seconds. Unlike such a device, the proposed generator resists against the man-in-the-middle attack by a novel challenge-response scheme, provides better accessability and protection against stolen devices. As the currently used devices do, it prevents any unauthorized transfer even if the victim's all other credentials are revealed through his PC infected with spyware such as a keyboard logger.

• The Journal of the Korea Contents Association
• /
• v.11 no.5
• /
• pp.481-488
• /
• 2011

Generally speaking, a document is a mutual promise between two parties and functions as a legally-binding trust for a transaction. A document should be produced on a mutual agreement basis, and its credibility shall be attained if the transparency of a document production is ensured. Therefore, sequence analysis of the procedures in a document production is very important for appraisal of a document. The purpose of this research is to distinguish sequence association between the erased carbon ingredients of a pencil and the ingredients left in a ball-point pen and thus suggest a method that determines whether mutual agreement was applied or not in signing an insurance policy. This method analyzes if the carbon ingredients of a pencil are left in the bottom section of a ball-point pen through infrared photography. If the carbon ingredients of a pencil are left in the bottom section of a pen, the pen shall absorb infrared rays and mark a dense concentration. This method applies a relatively simple infrared photography system and therefore shall be beneficial to a personal appraisal store.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.379-388
• /
• 2020

As the use of credit cards increases, security threats increase. In particular, despite being vulnerable to related crimes, such as fraudulent use of credit cards and theft of names, there are virtually no security procedures to authenticate the validity of user while paying with the credit card. In order to overcome these limitations of current credit card payments, we add a process of signing payment using a stylus pen with built-in acceleration sensor in the existing transaction method, and classifying and comparing the image of the signature and signature information measured by the sensor through the convolutional neural network. we propose a method to improve security in financial transactions by performing the user authentication process through the possession of the stylus pen and the characteristic values of the signature.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.7
• /
• pp.1060-1070
• /
• 2022

With the development of information technology, the size of the system has become larger and diversified, and the existing role-based access control has faced limitations. Blockchain technology is being used in various fields by presenting new solutions to existing security vulnerabilities. This paper suggests efficient role-based access control in a blockchain where the required gas and processing time vary depending on the access frequency and capacity of the storage. The proposed method redefines the role of reusable units, introduces a hierarchical structure that can efficiently reflect dynamic states to enhance efficiency and scalability, and includes user-centered authentication functions to enable cryptocurrency linkage. The proposed model was theoretically verified using Markov chain, implemented in Ethereum private network, and compared experiments on representative functions were conducted to verify the time and gas efficiency required for user addition and transaction registration. Based on this in the future, structural expansion and experiments are required in consideration of exception situations.

• International Commerce and Information Review
• /
• v.8 no.2
• /
• pp.101-117
• /
• 2006

"Online Alternative Dispute Resolution" can refer to the use of online methods of dispute resolution to resolve disputes arising either online or offline. The range of disputes covered by online ADR has been broad : from family law to internet domain name disputes : from small transaction to insurance disputes. Online and offline consumer disputes have been a major focus of online ADR sites. This article propsed that the mediator should explain the process and the mediator's role so as to forestall misunderstanding on that score. And mediators should consider including in either usual mediation agreements additional provisions applicable to communications by email. Online ADR sites should be designed 1) to provide a simple, easily understandable process, 2) to provide detailed information on process, cost and speed, 3) to enable users to move between online and offline processes, 4) to have authentication processes for parties and documents, 5) to have automatic translation system for language barriers. And Government should play an important role in assisting people to adapt technically and emotionally to new technology through information, training and ongoing support. The days of live online television-quality videoconferencing have not yet arrived. Until then, we must hone our skills with the written word.

• Journal of Korea Multimedia Society
• /
• v.18 no.11
• /
• pp.1342-1350
• /
• 2015

Due to rapid development of mobile device technologies, the mobile banking through Internet has become a major service of banking information systems as a security-critical information systems. Recently, lots of mobile banking information systems which handle personal and transaction information have been exposed to security threats in vulnerable security control and management processes, mainly software systems. Therefore, in this paper, we propose a process model for software security improvements in mobile banking information system by application of fault tree analysis(FTA) and failure modes and effects analysis(FMEA) on the most important activities such as 'user authentication' and 'access control' and 'virus detection and control' processes which security control and management of mobile banking information systems are very weak.

• Journal of Information Processing Systems
• /
• v.16 no.2
• /
• pp.301-317
• /
• 2020

An enterprise patch-management system (PMS) typically supplies a single point of failure (SPOF) of centralization structure. However, a Blockchain system offers features of decentralization, transaction integrity, user certification, and a smart chaincode. This study proposes a Hyperledger Fabric Blockchain-based distributed patch-management system and verifies its technological feasibility through prototyping, so that all participating users can be protected from various threats. In particular, by adopting a private chain for patch file set management, it is designed as a Blockchain system that can enhance security, log management, latest status supervision and monitoring functions. In addition, it uses a Hyperledger Fabric that owns a practical Byzantine fault tolerant consensus algorithm, and implements the functions of upload patch file set, download patch file set, and audit patch file history, which are major features of PMS, as a smart contract (chaincode), and verified this operation. The distributed ledger structure of Blockchain-based PMS can be a solution for distributor and client authentication and forgery problems, SPOF problem, and distribution record reliability problem. It not only presents an alternative to dealing with central management server loads and failures, but it also provides a higher level of security and availability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.8
• /
• pp.1472-1491
• /
• 2011

As used product transactions are currently on the rise, the demand for transactions of secondhand digital content will grow in the future; thus, learning to make secure transactions while avoiding cyber attacks becomes an important issue. In this paper, we combine the new buyer's secret key, the new buyer's watermark to embed in resold digital content, and the reseller's encrypted watermark, which can prove legal ownership of the reseller. Using the privacy homomorphism property of RSA and exponential calculus, the original seller of digital content can verify the legality of the reseller and the new buyer. We also reduced the load of encryption/decryption digital content using a partial encryption/decryption algorithm to make our protocol more efficient and practical. In the proposed protocol, the seller is not able to conduct piracy and easily frame any other innocent secondhand buyer when a case of piracy is found. In fact, piracy can be clearly traced using the privacy homomorphism property of RSA and the embedded watermark mechanism. Further, in the proposed protocol, the seller himself can trace the piracy using exponential calculus. Since it is unnecessary to trust third party participation, the conspiracy problem is resolved and the new buyer is not required to participate in the dispute. Moreover, the seller, reseller and new buyer can simultaneously benefit from the secondhand transaction.

• Journal of the Korea Society of Computer and Information
• /
• v.7 no.2
• /
• pp.124-129
• /
• 2002

Currently, image processing are used widely and have various types of characteristics with the applications of VOD(Video on demand), the web casting services, the video conference systems and virtual realities. Using the scene change, at every time of video image transitions, an editor can classify the video context and also require a function of in(Boxing insertion. Digital watermarking provides a solution to illegal copying of digital contents and has many other useful applications, including web broadcast monitoring, transaction tracking, authentication, copy control and device control. The Purpose of this thesis is to implement of nonlinear moving picture editor for the multiple watermarking. For the effective watermarking performance, this thesis considers the protection of image quality reduction and robustness for hiding information concurrently.