• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.913-916
• /
• 2005

정부의 민원서비스등 다양한 용도로 개방 환경에 생체인식시스템이 구축될 수 있는 가능성이 많아졌다. 본 고에서는 생체인식시스템이 구축될 때 발생할 수 있는 취약점을 정의 해 보고 이를 해결하기 위한 기술적 가이드라인을 제시한다. 한번 유출된 생체정보에 대한 피해의 심각성이 크기 때문에, 가능한 모든 공격에 대해서 강인성(Robust)을 가져야 하는 반면에 생체정보 변형에 따른 복잡성은 성능에 현격한 저하가 없어야 한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.808-810
• /
• 2003

정보보호 기능을 필요로 하는 각종 응용분야에서 다양한 보안 API가 사용되고 있다. 그러나 이러한 표준은 서로 호환성을 가지고 사용될 수 있는 것이 아니라 애플리케이션의 적용환경이나 프로그래밍 언어에 따라서 개발자가 선택적으로 이용해야 하는 단정을 가지고 있다. 이를 해결하기 위하여 정보보호 서비스컴포넌트 표준화를 진행하고 있으며 표준안의 유효성을 검증하기 위하여 비밀성, 무결성 컴포넌트 인터페이스를 통한 SSL(Secure Sockets Layer)을 구현하였다. 구현된 SSL은 TCP/IP 위에 하나의 단계를 추가하여 보안 알고리즘을 구현하는 것처럼 실제 컴포넌트간에 RMI(Remote Method Invocation)로 통신을 할 때, 각각 하위 수준의 SSL 컴포넌트를 이용하는 구조이다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.69-76
• /
• 2003

현 시대는 유형적인 물질 보다 무형적인 정보의 가치가 중요시되고 있다. 특히 소프트웨어의 불법 복제는 정보화 시대의 가장 큰 역기능으로 작용할 뿐 아니라 국가 신용도를 평가하는 중요한 항목으로 자리 매김하고 있다. 그러나 기존의 상용화된 소프트웨어 불법복제 방지 제품들은 복제방지 기술이 미약하여 쉽게 락이 크랙 되어 복제방지의 기능을 발휘 할 수 없는 것들이 대부분을 차지하고 있다. 본 논문에서 제안하는 복제방지 전용 칩을 사용하여 하나의 락으로 여러 소프트웨어를 동시에 보호하는 기능뿐만 아니라 IBM PC 호환기종의 USB 인터페이스를 가지는 정보 보안 모듈의 설계한다.

• Journal of Digital Convergence
• /
• v.14 no.8
• /
• pp.163-175
• /
• 2016

The purpose of this study is to provide an efficient internal control system formation incentives for company and to confirm empirically usefulness of the internal accounting control system for financial institutions by analyzing whether the internal control vulnerabilities of companies related significantly to the classification and assessment of soundness of financial institutions. Empirical analysis covered KOSPI, KOSDAQ listed companies and unlisted companies with more than 100 billion won of assets which have trading performance with "K" financial institution from 2008 until 2013. Whereas non-internal control vulnerability reporting companies by the internal control of financial reporting received average credit rating of BBB on average, reporting companies received CCC rating. And statistically significantly, non-reporting companies are classified as "normal" and reporting companies are classified as "precautionary loan" when it comes to asset quality classification rating. Therefore, reported information of internal control vulnerability reduced the credibility of the financial data, which causes low credit ratings for companies and suggests financial institutions save additional allowance for asset insolvency prevention and require high interest rates. It is a major contribution of this study that vulnerability reporting of internal control in accordance with the internal control of financial reporting can be used as information significant for the evaluation of financial institutions on corporate soundness.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1549-1560
• /
• 2015

For the past few years, personal information breach incidents, great and small, occurred constantly. Accordingly, the Personal Information Protection related Ordinances are enacted and amended persistently, and the information security products also keep advancing and developing in the same way. There are the certification systems such as Common Criteria Evaluation and Validation(CC) and Korea Cryptographic Module Validation Program(KCMVP) for the information security products. These are also strictly carried out. This paper analyzes and categorizes the 5 Personal Information Protection related Ordinances in the aspects of technical protection measures by using key words. Here are the 5 related ordinances; 'the Personal Information Protection Act', 'the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc', 'the Act on the Protection, Use, Etc, of Location Information', 'the Use and Protection of Credit Information Act', and 'the Electronic Financial Transactions Act.' Moreover, this study analyzes the association between the technical protection measures in the 5 relevant laws and the information security products that are obtaining the CC Evaluation & Validation(CC) and the products that are now produced at KISIA's member companies.

• Asia-Pacific Journal of Business Venturing and Entrepreneurship
• /
• v.13 no.3
• /
• pp.125-140
• /
• 2018

According to statistics, it is shown that domestic SMEs rely on bank loans for the majority of fund procurement. From financial information shortage (Thin file) that does not provide information necessary for credit evaluation from banks such as financial statements. In order to overcome these problems, recently, in alternative finance such as P2P, using differentiated information such as demographics, trading information and the like utilizing Fintech instead of existing financial information, small funds A new credit evaluation method has been expanding to provide SMEs with small amounts of money. In this paradigm of environmental change, in this research, credit evaluation which can expand fund supply to SMEs by utilizing big data based on trade area information such as sales fluctuation, location conditions etc. In this research, we try to find such a solution. By analyzing empirically the big data generated in the trade area, we verify the effectiveness as a credit evaluation factor and try to derive the main parameters necessary for the business performance evaluation of the founder of SMEs. In this research, for 17,116 material businesses in Seoul City that operate the service industry from 2009 to February 2018, we collect trade area information generated for each business location from Big Data specialized company NICE Zini Data Co., Ltd.. We collected and analyzed the data on the locations and commercial areas of the facilities that were difficult to obtain from SMEs and analyzed the data that affected the Corporate financial Distress. It is possible to refer to the variable of the existing unused big data and to confirm the possibility of utilizing it for efficient financial support for SMEs, This is to ensure that commercial lenders, even in general commercial banks, are made to be more prominent in one sector of the financing of SMEs. In this research, it is not the traditional financial information about raising fund of SMEs who have basically the problem of information asymmetry, but a trade area analysis variable is derived, and this variable is evaluated by credit evaluation There is differentiation of research in that it verified through analysis of big data from Trading-area whether or not there is an effect on.

• International Commerce and Information Review
• /
• v.15 no.2
• /
• pp.429-455
• /
• 2013

This paper investigates the extent and scope of electronization of Letter of Credit and examines the obstacles in the course of electronization of Letter of Credit. For this purpose, this paper adopts two track methodologies. First, we study the electronization of Letter of Credit in the macro perspective. It means that we analyze the scope and the extent of electronization of electronic Letter of Credit in the national economy as a whole. Second, we utilize the case study approach to examine the electronization of Letter of Credit in micro perspective. In other words we examine individual commercial banks in Korea. For this purpose, we analyze the data from two commercial banks out of four largest domestic banks in Korea. For example, we select two commercial banks in Korea and ask current status of electronization of Letter of Credit, i.e, the utilization of EDI L/C, e-L/C, and e-B/L. A major finding of our study is that the extent of electronization is not negligible in micro perspective as well as in macro perspective. In micro perspective, two commercial banks utilize EDI letter of credit in a critical sense. On the other hand, they seldom uses e-L/C and e-B/L in international transaction. This study shows that major bottlenecks for the electronization of Letter of Credit are pessimistic perception of SME entrepreneurs toward the electronization of Letter of Credit and the high costs of system building. We conclude that unlike superficial perception, there is a considerable progress toward the electronization of Letter of Credit in micro perspective.

• Journal of Digital Contents Society
• /
• v.4 no.1
• /
• pp.1-10
• /
• 2003

This research focuses on the system design of a service method for a customized electronic card on the internet. It develops the system which covers from the input stage of the credit information including a credit card number, a debit card number, and a bank account number, through the process of decision for issuing the customized electronic card and for the payment of business transaction, to the payment stage. Users are allowed to make their own customized card depending on their situations by choosing a limit of balance, a number of usage, expiration date, recharge, and, anonymity of electronic card on the internet. These characteristics enhances convenience and security of card users. In addition, user's financial damage can be minimized when a credit card is lost by any reason.

• Information Systems Review
• /
• v.8 no.3
• /
• pp.65-80
• /
• 2006

This paper proposes a new infrastructure that supports divisible card payment where a combination of multiple credit cards can be used for a single purchase. The divisible card payment infrastructure modifies the existing payment system in two ways. First, the V-Card Manager(VCM) is added to the merchant side to handle the divisible card approval process from respective credit-card issuers. Second, the V-Card Agent(VA) is added to the customer side and generates a customized divisible card, called V-Card, based on the customer's preferences. This paper provides a customizing card payment method that supports divisible payments based on profits and preferences of customers.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.41 no.5
• /
• pp.25-32
• /
• 2004

An anti-fraud system that utilizes association rules of fraud as well as AFS (Anti Fraud System) for credit card payments in e-commerce is proposed. The association rules are found by applying the data mining algorithm to millions of transaction records that have been generated as a result of orders on goods through the Internet. When a customer begins to process an order by using transaction components of a secure messaging protocol, the degree of risk for the transaction is assessed by using the found rules. More credit information will be requested or the transaction is rejected if it is interpreted as risky.