• Informatization Policy
• /
• v.28 no.3
• /
• pp.49-72
• /
• 2021

This study analyzes the major content, significances, and future outlook of Three Data Acts amendment enacted in August 2020 in South Korea, with the focus on their impact on the financial and data industries. It seems that the revision of the Credit Information Act will enable the specification of a business which had previously only been regulated as the business of credit inquiry, and also enable the domestic data industry to activate the MyData industry, data trading and platforms, and specify data pseudonymization and trading procedures. For the rational and efficient implementation of the amendments to the Three Data Acts, the Personal Information Protection Committee must be as transparent and lawful in its activities as possible, and fairness must be guaranteed. Even in the utilization of personal information, the development or complementation of the related data processing technologies is essential, and clear data processing methods and areas must be regulated. Furthermore, the amendments must be supported with guarantees and the systematization of a fair competitive system in the data market, stricter regulations on penalties for illegal acts related to data, establishment and strengthening of the related security systems, and reinforcement of the system of cooperation for data transfer.

• Journal of the Korea Convergence Society
• /
• v.10 no.7
• /
• pp.7-14
• /
• 2019

Users who use smartphone can using knowledge-based authentication, possession-based authentication, biometric-based authentication, and token-based authentication in order to access rights to systems requiring authentication. However, desktop computer users use method only ID and password, which are knowledge-based authentication factors, due to limitations of authentication devices, despite various authentication methods. In this paper, we designed and implemented a raspberry pi based authentication system that provides multiple authentication method of a user's desired type. The implementation system uses knowledge-based authentication, possessive-based authentication, biometric-based authentication, and token-based authentication. The proposed system can provide a security function that can be used by SMEs, which is difficult to hire a security officer due to the economic burden. The implemented system can be used not only for personal use but also for enterprise, and it can be applied to various fields such as finance and game.

• Journal of Intelligence and Information Systems
• /
• v.18 no.4
• /
• pp.79-95
• /
• 2012

As credit loan products significantly increase in most financial institutions, the number of fraudulent transactions is also growing rapidly. Therefore, to manage the financial risks successfully, the financial institutions should reinforce the qualifications for a loan and augment the ability to detect a credit loan fraud proactively. In the process of building a classification model to detect credit loan frauds, utility from classification results (i.e., benefits from correct prediction and costs from incorrect prediction) is more important than the accuracy rate of classification. The objective of this paper is to propose a new approach to building a classification model for detecting credit loan fraud based on an individual-level utility. Experimental results show that the model comes up with higher utility than the fraud detection models which do not take into account the individual-level utility concept. Also, it is shown that the individual-level utility computed by the model is more accurate than the mean-level utility computed by other models, in both opportunity utility and cash flow perspectives. We provide diverse views on the experimental results from both perspectives.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.975-985
• /
• 2014

As financial transactions with a smartphone has become increasing, a myriad of security threats have emerged against smartphones. Among the many types of security threats, Smishing has evolved to be more sophisticated and diverse in design. Therefore, financial institutions have recommended that users doesn't install applications with setting of "Unknown sources" in the system settings menu and install application which detects Smishing. Unfortunately, these kind of methods come with their own limitations and they have not been very effective in handling Smishing. In this paper, we propose a systematic method to detect Smishing, in which the RIL(Radio Interface Layer) collects a text message received and then, checks if message databases stores text message in order to determine whether Smishing malware has been installed on the system. If found, a system call (also known as a hook) is used to block the outgoing text message generated by the malware. This scheme was found to be effective in preventing Smishing as found in our implementation.

• Korea Trade Review
• /
• v.48 no.3
• /
• pp.243-262
• /
• 2023

This study provides a systematic review of smart trade contracts, examining the research trends and theoretical background of utilizing smart contracts and blockchain technology for the digitalization and automation of trade contracts. Smart trade contracts are a concept that applies the automated contract system based on blockchain to trade-related transactions. The study analyzes the technical and legal challenges and proposes solutions. The technical aspect covers the development of smart contract platforms, scalability and performance improvements of blockchain networks, and security and privacy concerns. The legal aspect addresses the legal enforceability of smart contracts, automatic execution of contract conditions, and the responsibilities and obligations of contract parties. Smart trade contracts have been found to have applications in various industries such as international trade, supply chain management, finance, insurance, and energy, contributing to the ease of trade finance, efficiency of supply chains, and business model innovation. However, challenges remain in terms of legal regulations, interaction with existing legal frameworks, and technological aspects. Further research is needed, including empirical studies, business model innovation, resolution of legal issues, security and privacy considerations, standardization and collaboration, and user experience studies to address these challenges and explore additional aspects of smart trade contracts.

• Information Systems Review
• /
• v.25 no.4
• /
• pp.205-231
• /
• 2023

The Information Security Management System (ISMS) is a protection procedure and process that keeps information assets confidential, flawless, and available at any time. ISMS-P in Korea and ISO/IEC 27001 overseas are the most representative ISMS certification systems. In this paper, in order to understand the relationship between ISMS certification and organizational characteristics, data were collected from Korea Internet & Security Agency (KISA), Ministry of Science and ICT, Information Security Disclosure System (ISDS), Financial Supervisory Service, Data Analysis, Retrieval and Transfer System (DART), and probit regression analysis was performed. In the probit analysis, the relationship with four independent variables was confirmed for three cases: ISMS-P acquisition, ISO/IEC 27001 acquisition, and both ISMS-P and ISO/IEC 27001 acquisition. As a result of the analysis, it was found that companies that acquired both ISMS-P and ISO/IEC 27001 had a positive correlation with the total number of employees and a negative correlation with business history. In addition, the improvement direction of the ISMS-P certification system and information security disclosure system could also be confirmed.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.6
• /
• pp.910-915
• /
• 2018

The precise time, which is an essential element of the Global Navigation Satellite System (GNSS), such as US GPS, GLONASS in Russia, Galileo in Europe, and Beidou in China, is an important foundation for various economic activities around the world. Communication systems, power grids, IoT, Cloud computing and financial networks operate based on the precise time not only for the operating principles, but also for the synchronization and operational efficiency between tasks. In this paper, we introduce the Atomium software for the first time in South Korea. Atomium was developed by ORB in Belgium to calculate the clock error(clock solution) with GNSS signal observation data based on PPP method. The observation data is provided by Korea Research Institute of Standards and Science(KRISS). The results of MJD57106 with Atomium software are presented.

• 정보화사회
• /
• s.184
• /
• pp.28-39
• /
• 2007

IT산업은 항상 끊임없는 '혁신'을 통해서만 성장의 자양분을 얻는다. 기술적 또는 개념적 진보가 없다면 IT산업은 당연히 산업으로서의 존재가치가 없다. 그렇다면 2007년, 한국의 IT시장을 주도할 '10대 핵심 IT기술'들은 어떤 것들일까. 국내 통신 및 네트워크, 솔루션 업계가 가장 관심 있게 지켜보는 IT기술등 중 10개를 선별했다. 10대 IT기술에 포함된 것들 중에는 개념적으로는 10년전부터 출현해 알려져 있지만, 그동안 단순히 개념에 머물렀을 뿐 아직 상용화가 안 된 것들도 일부 포함돼 있다. 참신성보다는 실질적인 의미와 중요성에 무게들 둔 때문이다. 2007년에 주목할 만한 10대 IT기술로는 먼저 'IP 멀티미디어 서브시스템(IMS)이 꼽힌다. 유무선을 비롯한 다양한 네트워크를 자연스럽게 연결해주고 여러 서비스들의 다양한 조합이 가능해 고객맞춤형서비스를 가능하게 하는 '멀티미디어 멀티캐스트 컨트롤(MMC)도 10대 IT기술에 포함됐다. 이와 함께 100Mbps 초고속 인터넷 서비스를 가능하게 하는 ETTH (Ethernet To The Home), 차세대 보안이슈인 네트워크접근제어(NAC), 금융회사나 이동통신회사의 상품개발을 신속하게 지원하는 '프로덕트 팩토리', 하드웨어시스템의 최적화를 보장한 가상화 및 ILM, 컴퓨팅산업을 한 단계 이상 진화시킬 쿼드코어 CPU, 소프트웨어 시장의 새로운 패러다임인 SOA(서비스지향아키텍처), 본격적인 시장 확산이 기대되는 전자태그(RFID), IT거버넌스의 열기로 급부상하고 있는 ITAM(IT자산관리) 등도 올해 주목할 10대 IT기술 반열에 올랐다.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.355-359
• /
• 2008

와이브로(WiBro), 3G 무선인터넷(HSDPA), 3G LTE 등과 같은 와이어리스 브로드밴드(Wireless Broand) 기술이 점차 성숙됨에 따라 이들 망을 활용한 다양한 무선인터넷 서비스를 제공하려는 사업자들이 증가하고 있다. 기존의 WLAN, 2G/3G 회선망에서의 제한된 이동성 및 네트워크 전송 속도를 개선한 와이어리스 브로드밴드 서비스 시장은 국내에서도 2006년부터 WiBro 및 HSDPA가 사용됨에 따라 사업자간의 경쟁도 본격화되고 있다. 이러한 환경 속에서 사업자들은 신속하고 편리한 서비스 개통과 스마트폰, USB모뎀, 노트북, UMPC, PMP등 다양한 단말들의 펌웨어 업그레이드, A/S 처리 방안에 대해 고심을 하고 있으며, 이들 문제점은 막대한 비용과 고객 민원을 야기시키는 요인이기도 하다. 따라서 경제적인 관리비용으로 동적인 서비스/펌웨어 업그레이드 및 A/S에 대한 고객 만족도를 높이기 위한 단말 원격 관리 필요성이 절실히 요구된다. WiBro 단말의 안전하고 효율적으로 관리하기 위해서는 단말과 기지국사이의 무선구간에 대한 보안(security)을 강화시켜 줄 수 있으면서 이동성(mobility)을 고려한 OMA DM프로토콜을 이용하는 것이 적합하다. 또한, WiBro에서 가입자 인증을 채택하고 있는 UICC의 관리를 위해서 3GPP에서 정의하는 SMS/MMS기반의 또는 BIP(Bear Independent Protocol)기반의 OTA기술을 병행하여 사용하여야 한다. 본 논문에서는 Wi-MAX단말 관리를 위한 OTA Provisioning 규격으로 OMA DM과 TR069이 WiMAX 단말을 위하여 어떻게 적용하도록 규정하고 있는지를 살펴본다. 특히, WiBro 가입자 인증뿐만 아니라 폰북, DRM, 금융서비스 등 다양한 부가 서비스를 위하여 사용되는 UICC의 원격관리를 위한 관리 요소들을 정의, 설계하고 이를 바탕으로 구현된 KTUICC OTA Provisioning시스템을 소개한다.

• Proceedings of the Korean Institute Of Construction Engineering and Management
• /
• autumn
• /
• pp.515-518
• /
• 2002

KM(Knowledge Management) is factor more paradigm of period than survival factor. Stewart, Sveiby etc., a scholar was Present to definition, knowledge classification and measurement method. KMS(Knowledge Management System) was made by scholar theory. But, it is hardly adapt to construction industry. Because it is have property that construction industry have one product, recieve-industry etc. Therefore, we must knowledge classification and measurement method that property of construction industry. So, we can effectively manage to knowledge of construction industry. And, knowledge of construction industry will evaluate according to property. Measure method of construction company will find through benchmarking that measure method of construction company is analyze to case.