• Journal of Digital Convergence
• /
• v.12 no.2
• /
• pp.335-341
• /
• 2014

To play the networked video contents in a client's mobile device in real time, the contents should be delivered to it by the contents server with streaming technology. Generally, in a server-client based commerce model, the server is in charge of both the authentication of the paid customer and distribution of the contents. The drawback of it is that if the customers' requests go on growing rapidly, the service quality would be degraded results from the problems of overloaded server or restricted network bandwidth. On the contrary, in P2P based networks, more and more the demand for service increasing, the service quality is upgraded since a customer can act as a server. But, in the P2P based network, there are too many servers to manage, it's possible to distribute illegal contents because the P2P protocol cannot control distributed servers. Thus, it's not suitable for commercial purposes. In this paper, the dymanic group authentication scheme is proposed which is suited to P2P based applications. The proposed scheme consists of group based key generation, key update, signature generation and verification protocols. It can control the seeder's state whether the seeder is joining or leaving the network, and it can be applied to hybrid P2P based commerce model where sales transactions are covered by the index server and the contents are distributed by the P2P protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.743-755
• /
• 2013

In recent years, the malicious apps with malicious code in normal apps are increasingly redistributed in Android market, which may incur various problems such as the leakage of authentication information and transaction information and fraudulent transactions when banking apps to process the financial transactions are exposed to such attacks. Thus the financial authorities established the laws and regulations as an countermeasures against those problems and domestic banks provide the integrity verification functions in their banking apps, yet its reliability has not been verified because the studies of the safety of the corresponding functions have seldom been conducted. Thus this study suggests the vulnerabilities of the integrity verification functions of banking apps by using Android reverse engineering analysis techniques. In case the suggested vulnerabilities are exploited, the integrity verification functions of banking apps are likely to be bypassed, which will facilitate malicious code inserting attacks through repackaging and its risk is very high as proved in a test of this study. Furthermore this study suggests the specific solutions to those vulnerabilities, which will contribute to improving the security level of smartphone financial transaction environment against the application forgery attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1087-1101
• /
• 2013

Most people are connected to Social Network Services (SNS) through smart devices. Social Network Services are tools that transport information fast and easily. It does not care where he or she comes from. A lot of information circulates and is shared on Social Network Services. but Social Network Services faults are magnified and becoming a serious issue. For instance, malicious users generate multiple IDs easily on Facebook and he can use personal information of others on purpose, because most people tend to undoubtedly accept friend requests. In this paper, we have specified research scope to Facebook, which is one of most popular Social Network Services in the world. We propose a way of minimizing the number of malicious actions on Facebook from malignant users and malicious bots by setting criteria and applying reputation system.

• Journal of Service Research and Studies
• /
• v.13 no.1
• /
• pp.127-143
• /
• 2023

Currently, the domestic traditional market has not escaped the swamp of stagnation that began in the early 2000s despite various projects promoted by many related players such as the central government and local governments. In order to overcome the crisis faced by the traditional market, various R&Ds have recently been conducted on how to build a smart traditional market that combines information and communication technologies such as big data analysis, artificial intelligence, and the Internet of Things. This study analyzes various previous studies, users of traditional markets, and application cases of ICT technology in foreign traditional markets since 2012 and proposes a model to build a smart traditional market using ICT technology based on the analysis. The model proposed in this study includes building a traditional market metaverse that can interact with visitors, certifying visits to traditional markets through digital signage with NFC technology, improving accuracy of fire detection functions using IoT and AI technology, developing smartphone apps for market launch information and event notification, and an e-commerce system. If a smart traditional market platform is implemented and operated based on the smart traditional market platform model presented in this study, it will not only draw interest in the traditional market to MZ generation and foreigners, but also contribute to revitalizing the traditional market in the future.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.49 no.9
• /
• pp.215-224
• /
• 2012

Using password on system is easy to build and shorten the access time to authorize user, which is high in use for vary system that requires users' authorization. Many input device are able to perform the password system easily, such as PC, smart-phone, tablet PC, etc. Beside the high usability of password, physical attack occurs when user put their password on the device, known as Shoulder Surfing attack. It used to be formed in numbers, characters or mix of different kinds, but new kind of password arose. Exploiting image or making scenarios are those kinds which are able to reflect users' intentions. Not many estimation exists for new password, so there's need to be standard for those new password for highlighting usability and accessability. In this paper, we propose password system with simple image and switching key-board to test statistical method to estimate usability on the password.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.11
• /
• pp.5506-5511
• /
• 2012

u-Wellness is widely applicable to individuals and medical service providers such as hospitals and it includes u-fitness and video health counselling services at the side of the provider and stress management, obesity management, and the amount of exercise at the side of the individual. In this paper, we design and implement a smart health care system which uses the authentication device to identify an individual and the user's smart phone. Our system records and manages the amount of exercise on the basis of the prescription of health care professionals through the exercise equipment and Wi-Fi communication. Therefore, our system helps user do optimized amount of exercise through the health care professional's prescription. And our system quantifies the results of the measurement of body fat measuring machines and experts to build the database and automatically schedule.

• International Commerce and Information Review
• /
• v.19 no.1
• /
• pp.99-126
• /
• 2017

The Indonesian e-commerce market has grown significantly due to sustained economic growth, middle class growth, rapid increase in Internet and SNS users, and increase in accessibility of mobile broadband services. In particular, consumers' online shopping through mobile and SNS has been increasing rapidly based on the expansion of the popularity of smart phone devices. This research suggested the strategies for expanding exports of Indonesia through e-commerce platform to the Korean firms, with deep analysis of the current status and features, problems, cases, and implications etc. of Indonesia's e-commerce market. As an export expansion strategy utilizing Indonesia's e-commerce platform, this study showed the Korean firms have to build a local online distribution network, establish a logistics & delivery and payment system, acquire Halal certification for Muslim market, carry out the in-depth market research, actively implement Hanryu marketing strategy, develop a creative product, set up market segmentation strategies, and develop SNS mobile marketing.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.9
• /
• pp.1955-1964
• /
• 2011

With fast deployment of high-speed networks and various online services, the demand for massive content distribution is also growing fast. An approach that is increasingly visible in communication research community and in industry domain is peer-to-peer (P2P) networks. The P2P swarming technique enables a content distribution system to achieve higher throughput, avoid server or network overload, and be more resilient to failure and traffic fluctuation. Moreover, as a P2P-based architecture pushed the computing and bandwidth cost toward the network edge, it allows scalability to support a large number of subscribers on a global scale, while imposing little demand for equipment on the content providers. However, the P2P swarming burdens message exchange overheads on the system. In this paper, we propose a new protocol which provides confidentiality, authentication, integrity, and access control to P2P swarming. We implemented a prototype of our protocol on Android smart phone platform. We believe our approach can be straightforwardly adapted to existing commercial P2P content distribution systems with modest modifications to current implementations.

• The Journal of the Korea Contents Association
• /
• v.14 no.12
• /
• pp.565-573
• /
• 2014

We have various e-commerce like on-line banking, stock trading, shopping using a PC or SmartPhone. In e-commerce, two parties use the certificate for identification and non-repudiation but, the attack on the certificate user steadily has been increasing since 2005. The most of hacking is stealing the public certificate and private key files. After hacking, the stolen public certificate and private key file is used on e-commerce to fraud. Generally, the private key file is encrypted and saved only with the user's password, and an encrypted private key file can be used after decrypted with user password. If a password is exposed to hackers, hacker decrypt the encrypted private key file, and uses it. For this reason, the hacker attacks user equipment in a various way like installing Trojan's horse to take over the user's certificate and private key file. In this paper, I propose the management method to secure private key of PKI using One Time Password certification technique. As a result, even if the encrypted private key file is exposed outside, the user's private key is kept safely.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.241-244
• /
• 2013

These days wireless network devices (smartphones, tablet PC, laptop) are being utilized more frequently. In line with the increasing number of users of a wireless network, the usage of wireless access points is also increasing. Nowadays as nationwide wireless network services being made available, wireless networks are increasingly being used due to the lower costs of building faster and affordable private or carrier networks. However wireless security is not keeping up with this development. Many use open networks where anyone can join, meanwhile for those using wireless security protocols there is the problem of managing the password. In this paper, we analyze the problems of trying to build a user authentication system using an access point and the RADIUS server.