• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2061-2064
• /
• 2003

PKI(Public Key Infrastructure)기반의 발전으로 인터넷뱅킹, 증권거래시스템, 전자메일, 전자입찰, 전자민원 등 신원확인이 요구되는 어플리케이션에 전자서명과 암호가 적용되고 있다. 각 어플리케이션은 라이브러리를 호출하여 전자서명과 검증, 암호와 복호를 수행한다. PKI기반의 어플리케이션 개발자는 상이한 인증, 암호API(Application Programming Interface)를 호출해야 하며, 이는 프로그램의 복잡도를 증가시킨다. 개발언어와 환경에 따라서 상의한 라이브러리를 사용해야 한다. 제안하는 PKI 에이전트는 개발언어와 어플리케이션에 독립적으로 인증, 암호기능을 수행하고 견과만을 리턴한다. 따라서 어플리케이션은 인증과 암호가 필요한 시점에 검증 에이전트를 호출하게 됨으로써 프로그램의 복잡도를 줄이고 어플리케이션의 안정성을 향상시킨다.

• The Journal of Information Systems
• /
• v.19 no.4
• /
• pp.111-136
• /
• 2010

This study examined the difference in the usage of internet banking users between Korea and China. This model tests various theoretical research hypotheses relating to internet banking, The Unified Theory of Acceptance and Use of Technology(UTAUT). The factors influencing on the use intention of Internet banking have been classified as performance expectancy, effort expectancy, social influence and facilitating conditions. The proposed model was empirically tested using data collected from a survey of internet banking users in Korea and China. The model is used by SPSS 15.0 and AMOS 7.0 for analysis on the sample collected from 272 respondents. The result of hypothesis testing are as follows. First, performance expectancy and social influence positively influence use intention of internet banking user both Korea and China. Second, facilitating conditions only positively influence on the usage of internet banking users in Korea. On the other side, effort expectancy do not influence the use intention of internet banking users in both two countries. The results of study will provide practical implications on the internet banking in Korea and China.

• Proceedings of the Korea Association of Information Systems Conference
• /
• 2003.05a
• /
• pp.93-105
• /
• 2003

Although, recently, studies on Internet banking users' behavior have been frequently found in some academic journals, most of them have ignored security anxiety which may be considered as important factors influencing usages of Internet banking. We propose an research model for Internet banking users which is an extended version of the Technology Acceptance Model(TAM) by adding new variable, security anxiety. For empirical support of our model, we survey for 298 samples and analyze it by structured equation model(SEM). In result, our proposed model is proved as a valid one in which all hypotheses except one are accepted and the values of model fitness are relatively high.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.99-113
• /
• 2003

As a research on PKI(Public Key Infrastructure) is being very popular, the study relating to certificate status and path validation is being grown with aim to reduce an overhead of the protocol and to provide an efficient operation. But in spite of a lot of related research there is still almost no protocol that we can use for real-time based client-server environment with large scale like internet banking. In this paper, we shows that the existing standards or protocols are not suitable to be used for such a real-time based client-server environment with large scale, and then proposes an efficient certificate status and path validation system.

• Management & Information Systems Review
• /
• v.31 no.1
• /
• pp.149-165
• /
• 2012

Nowadays due to the development of IT, hacking has become a major issue and importance of information system security is rapidly increasing. This research focuses on problems of training system security experts within Korea by analysing university's management information system curriculum and proposes an alternative way to solve this problem. The result of this research is the following. First, reformation of university's curriculum for successfully training system security experts is crucial. Second, theories that was learned in university courses need to be coherent to the actual work that the system security experts do in the field. Lastly, advanced IT countries like the US and Japan have already made standards on training system auditors and reinforced it with laws. Therefore Korea should establish a formal standard system like the other IT industry advanced countries.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.6 no.2
• /
• pp.207-213
• /
• 2002

Fingerprint has the characteristics that do not change with time and is unique to an individual. And fingerprint identification is considered the best choice for most biometric applications because of its accuracy, speed, reliability, non-intrusive interfaces and cost-effectiveness. In this paper, we applies fingerprint Identification to web site login to raise the quality of personal identification when we use e-commerce, internet banking, stock dealings, shopping mali, etc. The system implemented in this paper consists of embedded module to carry out fingerprint identification, web server and web site. Existing system carries out fingerprint identification in the web server, but the system Implemented in this paper carries out it in client. Therefore the loads of server are reduced and the confidence of internet service is improved because login is forbidden without fingerprint identification success.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.48 no.3
• /
• pp.91-101
• /
• 2011

Internet is becoming increasingly popular due to the rapid development of information and communication technology. There has been a convenient social activities such as the mutual exchange of information, e-commerce, internet banking, etc. through cyberspace on a computer. However, by using the convenience of the internet, the personal IDs(identity card, driving license, passport, student ID, etc.) represented by the electronic media are exposed on the internet frequently. Therefore, this study propose a feature extraction method to analyze the characteristics of image files containing personal information and a image retrieval method to find the images using the extracted features. The proposed method selects the feature information from color, texture, and shape of the images, and the images as searched by similarity analysis between feature information. The result which it experiments from the image which it acquires from the web-based image DB and correct image retrieval rate is 89%, the computing time per frame is 0.17 seconds. The proposed method can be efficiently apply a system to search the image files containing personal information and to determine the criteria of exposure of personal information.

• Journal of Digital Contents Society
• /
• v.6 no.1
• /
• pp.19-24
• /
• 2005

Mobile service is able to offer the elastic service to anyone regardless of the place and the tin. With this characteristics, the ubiquitous service could be also provided even to the place which the access was limited with the existing line service, which could improve the mutual connection and could result in the service extension Mobile communication companies, which realized the limit of sale only by telephone conversation, have made an effort to develop wireless internet with concentration as its alternation. Especially concentrating their effort both to the development of distinctive and various contents and to tin development of system for mobile service such as the mobile banking, mobile game and etc., they have done their best to secure the number of the people using the wireless internet. This study is to propose the electronic account system based on the mobile as a case study of contents production for such a mobile service. This system has its advantage to perform the financial management immediately when the income and outcome happen without limitation of the time and space. The information could be stored, searched and modified by using of the mobile phone for this system was made up for the weak point of the financial management for wired internet.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.951-958
• /
• 2004

Nowadays NGN is developed for supporting the e-Commerce, Internet trading, e-Government, e-mail, virtual-life and multimedia. Internet gives us the benefit of remote access to the information but causes the attacks that can break server and modify information. Since 2000 Nimda, Code Red Virus and DSoS attacks are spreaded in Internet. This attack programs make tremendous traffic packets on the Internet. In this paper, we designed and developed the Bandwidth Controller in the gateway systems against the bandwidth saturation attacks. This Bandwidth con-troller is implemented in hardware chipset(FPGA) Virtex II Pro which is produced by Xilinx and acts as a policing function. We reference the TBF(Token Bucket Filter) in Linux Kernel 2.4 and implemented this function in HDL(Hardware Description Language) Verilog. This HDL code is synthesized in hardware chipset and performs the gigabit traffic in real time. This policing function can throttle the traffic at the rate of band width controlling policy in bps speed.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.49-58
• /
• 2018

A certificate is a means to certify users by conducting the identification of the users, the prevention of forgery and alteration, and non-repudiation. Most people use an accredited certificate when they perform a task using online banking, and it is often used for the purpose of proving one's identity in issuing various certificates and making electronic payments in addition to online banking. At this time, the issued certificate exists in a file form on the disk, and it is possible to use the certificate issued in an existing device in a new device only if one copies it from the existing device. However, most certificate duplication methods are a method of duplication, entering an 8-16 digit verification code. This is inconvenient because one should enter the verification code and has a weakness that it is vulnerable to security issues. To solve this weakness, this study proposes a method for enhancing security certificate duplication in a multi-channel using TCP and BLE. The proposed method: 1) shares data can be mutually authenticated, using BLE Advertising data; and 2) encrypts the certificate with a symmetric key algorithm and delivers it after the certification of the device through an ECC-based electronic signature algorithm. As a result of the implementation of the proposed method in a mobile environment, it could defend against sniffing attacks, the area of security vulnerabilities in the existing methods and it was proven that it could increase security strength about $10^{41}$ times in an attempt of decoding through the method of substitution of brute force attack existing method.