• The Journal of Society for e-Business Studies
• /
• v.12 no.1
• /
• pp.89-97
• /
• 2007

Recently, a large number of authentication schemes based on smart cards have been proposed, using the thinking of OTP (one-time password) to withstand replay attack. Unfortunately, if these schemes implement on PCs instead of smart cards, most of themcannot withstand impersonation attack and Stolen-Verifier attack since the data on PCs is easy to read and steal. In this paper, a secure authentication scheme based on a security key and a renewable token is proposed to implement on PCs. A comparison with other schemes demonstrates the proposed scheme has following merits: (1) Withstanding Stolen-Verifier attack (2) Withstanding Impersonation attack (3) Providing mutual authentication; (4) Easy to construct secure session keys.

• Convergence Security Journal
• /
• v.15 no.3_2
• /
• pp.77-82
• /
• 2015

IT convergence has been approached from national strategic dimension with an aim to drive forward technology development and industrial advancement in other fields by taking the IT to the next advanced level, and has been the focus of intensive investment of research resources. Against this backdrop, IT convergence has emerged as a cutting-edge convergence industry that helps spur development of new growth engine being pushed forward at inter-ministerial level, as well as help turn the mainstay industries into high value-added industries and create new IT industry. Health-related convergence services have shifted its focus towards the exercise/sports and rehabilitation-oriented entertainment experiential industry away from conventional disease prevention and control-centric treatment/therapy technology industry. Thus, this study was intended to examine the trends of IT convergence technological development related to health exercise and present recommendation on the future course for development of major technologies and advancement of convergence industry, given the importance assigned to IT convergence.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.582-585
• /
• 2017

본 논문에서는 구글 드라이브, 드롭박스 등 여러 회사에서 제공하고 있는 클라우드들을 하나의 플랫폼으로 통합하여 체계적이고 효율적으로 관리할 수 있는 시스템을 제안한다. 또한 해당 시스템을 통한 파일 업로드 및 다운로드를 진행할 경우, 파일을 여러 개의 패킷으로 분할하여 등록 된 클라우드에 각각 저장함으로써, 사용자의 데이터를 안전하게 보호할 수 있는 환경을 구축하고자 한다. 이를 위해 활용된 오픈 API와 독자적으로 구축한 파일 시스템에 대해 설명하고, 실제 구현한 소프트웨어가 정상적으로 작동하는지 실험을 통해 검증하고자 한다. 최근 클라우드 보안 문제가 대두되는 시점에서 제안한 시스템이 향후 데이터를 보호하기 위한 기술로 활용될 수 있기를 기대한다.

• The Journal of Korean Association of Computer Education
• /
• v.7 no.4
• /
• pp.61-66
• /
• 2004

Electronic commerce that use Mobile Phone according as the radio Internet develops rapidly and performance of Mobile Phone develops is activated. It is said that electronic commerce that use these Mobile Phone is M-Commerce. Also, the most important controversial point is data security or an user certification technology at these electronic commerce, there are research reactor WPKI and WTLS about this technology. However, when transmit message again after sign electronic documents in Mobile Phone, if do not encrypt, danger exists to be exposed to outside. Therefore, in this paper, designed system to encipher document that handle and handles user certification applying XML electronic sign technique in Mobile environment. Prevent of XML electronic sign in Mobile environment through this paper, and can stave off danger from outside by enciphering electronic sign document.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.51-56
• /
• 2008

A combination of VPNs and dial-up access, such as DSL and Cable, usually provides the cost-effective solution as the substitution of private networks on high-cost leased line. The business demand for high availability has increased with VPN spreading. This paper presents the schemes for a high availability of network access and a load balancing of network traffic in VPN gateways by using multiple links or multihoming capability based on active-active approach. The high availability and load balancing of network links can be achieved by duplicating external network access into multiple independent links. This can provide a continuous network connection to internal users even if one of the links is failed. Moreover, it can provide twice network bandwidth by distributing the traffic into the links. Static and dynamic algorithms are proposed as the load balancing algorithms.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2016.01a
• /
• pp.167-168
• /
• 2016

2015년 대한민국을 관통하는 키워드 중 하나가 O2O (Online to Offline)이다. 대기업과 중소기업까지 O2O를 전면에 내세우고 새로운 비즈니스를 모색하는 기업들이 확대되고 있다. O2O 비즈니스 기업들의 업종도 모바일 메신저, 포털을 비롯한 인터넷 사업자, 통신사업자, 모바일 기기 제조사, 전자상거래 기업과 같은 정보통신기술(ICT) 관련 기업부터 유통기업까지 다양하다. 본 연구를 위하여 2014.5~2015.5 1년 간 여자대학생 92명의 '모바일 쇼핑 금융서비스 이용 현황' 조사를 실시하였다. 조사 결과, 상품정보검색(96.7%), 구매(88%), 주문 배송(77.2%), 할인 프로모션정보(62%) 등 모바일 쇼핑을 하였고, 모바일금융 서비스로는 하루에 1번정도 (20.4%), 월1~3회(20.4%), 1주 3~4회(16.3%), 이용 안하는 경우(24.5%)로 조사 되었다. 모바일 금융서비스를 이용하지 못하는 이유로는 개인정보보안 및 해킹우려(39%), 이용/결제 과정의 불편함(25.8%) 등 이었으며, 국내 O2O 플랫폼이 제공하는 서비스는 쇼핑부터 결제까지 완결적인 구조로 보완할 부분이 필수적이다.

• Convergence Security Journal
• /
• v.12 no.2
• /
• pp.13-21
• /
• 2012

The purpose of this study is to profile actual conditions of personal information protection systems operated in overseas countries and examine major considerations of personal information that security service providers must know in the capacity of privacy information processor, so that it may contribute to preventing potential occurrence of any legal disputes in advance. Particularly, this study further seeks to describe fundamental idea and principle of said Personal Information Protection Act; enhancement of various safety measures (e.g. collection/use of privacy data, processing of sensitive information/personal ID information, and encryption of privacy information); restrictions on installation/operation of video data processing devices; and penal regulations as a means of countermeasure against leakage of personal information, while proposing possible solutions to cope with these matters. Using cases among foreign countries for this study.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.8
• /
• pp.2060-2069
• /
• 1997

Information processing using computer in generalized in the office automation. In spite of to be integrate and concise form of document through computer network, signature of document with hand have processed as ever. The security on document flow out severely unjust by reason of increment inverse function of computer. Because of revelation secret of enterprise result from unjust outflow, lots of loss of self-enterprise is occured. In this paper, we used efficiently document using the method, electronic approval system with encryption, for the resolving above problems. Also we persue maintenance of security for the important document and process document signature rapidly. Finally, we design and implementation of electronic approval system that take one's share of function between server and client using to be transformed Vernam's encryption technique in stored document.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1483-1490
• /
• 2017

Wearable devices need a host device to be paired with because of connectivity, functionality and ease personalization. There should be frequent update and backup processes between the paired devices even without user's consciousness. Due to pairing process, user-specific data are copied from smartphone and transferred to paired smartwatch. We focus on what happens in smartwatch because of pairing process. We perform an experiment study by observing and extracting data from smartwatch under real world usage phases. With a survey of user awareness on smartwatch regarding security and privacy, moreover, we suggest risk assessment on smartwatch in five levels, particularly considering pairing process based on security and privacy.

• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.2
• /
• pp.39-46
• /
• 2021

Damages by malware have recently been increasing. Conventional signature-based antivirus solutions are helplessly vulnerable to unprecedented new threats such as Zero-day attack and ransomware. Despite that, many enterprises have retained signature-based antivirus solutions as part of the multiple endpoints security strategy. They do recognize the problem. This paper proposes a solution using the blockchain and deep learning technologies as the next-generation antivirus solution. It uses the antivirus software that updates through an existing DB server to supplement the detection unit and organizes the blockchain instead of the DB for deep learning using various samples and forms to increase the detection rate of new malware and falsified malware.