• Smart Media Journal
• /
• v.10 no.1
• /
• pp.88-98
• /
• 2021

As blockchain technology has emerged as a security issue for IoT, technology which integrates block chain into IoT is being studied. In this paper is a research concerning token-based IoT service access control technology for data sharing, which propose a possessor focused data sharing technic by using the permissioned blockchain. To share IoT health data, a Hyperledger Fabric Network consisting of three organizations was designed to provide a way to share data by applying different access control policies centered on device owners for different services. In the proposed system, the device owner issues access control tokens with different security levels applied to the participants in the organization, and the token issue information is shared through the distributed ledger of the HFN. In IoT, it is possible to lightweight the access control processing of IoT devices by granting tokens to service requesters who request access to data. Furthmore, by sharing token issuance information among network participants using HFN, the integrity of the token is guaranteed and all network participants can trust the token. The device owners can trust that their data is being used within their authorized rights, and control the collection and use of data.

• Information Systems Review
• /
• v.20 no.1
• /
• pp.61-80
• /
• 2018

Individuals often receive smishing campaigns (mobile phishing messages), which they treat as spam. Thus, firms should understand how their customers distinguish their promotion messages from smishing. However, only a few studies examined this important issue. The present study employs the elaboration likelihood model to develop research hypotheses on the relationship between message cue and message credibility. The message cue in this study is classified as content cue, which is found in the content of promotion messages, and as leakage cue, which is found in peripheral information in the message. Leakage cue includes orthography (inclusion of special characters)and an abbreviated link sent by a faithless sender. We also propose that contextualization has a moderating effect on the relationship between content cue and credibility. We conducted a survey experiment to examine the effect of message cues on message credibility in the context of respondents receiving discount coupons through mobile messages. The result of data analysis based on 166 responses suggests that leakage cue had a negative effect on message credibility. A message with defective content cue has a marginally negative effect on message credibility. In particular, defective content cue in a high-contextual message has a strong negative impact on message credibility. This effect was not observed in low-contextual messages. Moreover, message credibility is significantly low regardless of the degree of contextualization if there is a leakage cue in the message. Our findings suggest that mobile promotion messages should be customized for message receivers and should have no leakage cues.

• Journal of KIISE:Computer Systems and Theory
• /
• v.30 no.2
• /
• pp.78-92
• /
• 2003

In related to mobile communication environment, many researchers have studied problems concerning current locations of mobile users and exposure of their movements in the privacy aspect so far [1,2,3,4,5,6,7,8,9]. Among them, Kesdogan and Pfitzmann [3,6] proposed effective solutions using temporary pseudonym identification, called TP(Temporary Pseudonym ) to solve them. After that, Kesdogan et al. proposed an improved method protecting mobile users from some types of attacks of network providers in [8]. However, among their methods, in particular the method, attaching the other new device (so-called Reachability Manager) to system against active attack of network providers, is alterative rather than practical and is not clear. Moreover, it requires the other cost and overhead. Therefore we propose a practical method against active attack of network providers without attaching new device in original environments. The basie idea of proposed method is to protect a fraud act of network provider as a inside user by exchanging a secret information, which only users and network providers know, via network provider between mobile user and the trusted third party (so-called Trust Device). Moreover, we introduce a new payment protocol which applied our method.

• Journal of Digital Convergence
• /
• v.13 no.5
• /
• pp.213-218
• /
• 2015

In parallel with evolving information communication technology, M2M(Machine-to-Machine) industry has implemented multi-functional and high-performance systems, and made great strides with IoT(Internet of Things) and IoE(Internet of Everything). Authentication, confidentiality, anonymity, non-repudiation, data reliability, connectionless and traceability are prerequisites for communication security. Yet, the wireless transmission section in M2M communication is exposed to intruders' attacks. Any security issues attributable to M2M wireless communication protocols may lead to serious concerns including system faults, information leakage and privacy challenges. Therefore, mutual authentication and security are key components of protocol design. Recently, secure communication protocols have been regarded as highly important and explored as such. The present paper draws on hash function, random numbers, secret keys and session keys to design a secure communication protocol. Also, this paper tests the proposed protocol with a formal verification tool, Casper/FDR, to demonstrate its security against a range of intruders' attacks. In brief, the proposed protocol meets the security requirements, addressing the challenges without any problems.

• The Journal of Society for e-Business Studies
• /
• v.19 no.4
• /
• pp.135-150
• /
• 2014

As the collection and use of personal information increases, the accidents that abuse and leak personal information are continuously increasing. The nation has established new laws and strengthened related laws for the prevention of the mass leakage of personal information and the secondary damage due to the leaked personal information. The nation also established the guidelines that need to be implemented by the institutions handling personal information for the safety of the personal information. For the efficient implementation of guidelines under the limited time and resources, it is necessary to establish the priorities between guidelines. This paper compares the relative importance of the guidelines by AHP (Analytic Hierarchy Process) technique. We performed the analysis on two expert groups, the group of consultants working in information security consulting company and the group of information security staffs handling personal information directly in the company. We compared the differences between groups and recommended the relative importances of the guidelines.

• Journal of Information Management
• /
• v.40 no.1
• /
• pp.69-86
• /
• 2009

The biggest paradigm of the latest telecommunications is ubiquitous computing. It is a technology basis to realize ubiquitous society that would affect social, economical and cultural industries with positive influence. However, there is a simultaneous concern that the approach to ubiquitous society may violate one's privacy. Therefore, the existence of legal and technological regulation would be the biggest obstacle in further RFID technology and industry dissemination. Also, in business side, they must invest with enormous expense and technology if technological method is only approached for the solution. As in the research, 8 RFID applications, application process and inspection items and 85 appraisal list of "An impact assessment for the privacy protection in RFID applications" developed by P. K. Han(2006), will be used as an indicator to measure RFID privacy impact assessment. In addition, it is to develop RFID privacy impact assessment index by applying objective data with survey of applied specialists. This would provide a data with feasibility and reliability to RFID related companies and able to utilize policy making on RFID private data. In addition, it is expected to contribute as an efficiency tool for individual data to build basis of ubiquitous society.

• Journal of the Korean Applied Science and Technology
• /
• v.39 no.5
• /
• pp.692-700
• /
• 2022

In this study, the effect of e-service quality of O2O cosmetic delivery service app on satisfaction and loyalty was investigated. To this end, a total of 210 questionnaires were collected and frequency analysis, exploratory factor analysis, reliability analysis, correlation analysis, and regression analysis were performed using the statistical package SPSS 25.0. The main results are as follows. Efficiency, order fulfillment, system availability, and privacy, which are components of O2O cosmetic delivery service app e-service quality, all had a significant effect on satisfaction and loyalty. Also, satisfaction was found to have a significant effect on loyalty. In order to increase the number of consumers who use the O2O cosmetic delivery service app, it is necessary to increase the availability and efficiency of the system, which has the greatest impact on satisfaction and loyalty. To this end, it is necessary to provide a comfortable environment without interruption and fast access while using the O2O cosmetic delivery service app, and to build a system so that it can be used efficiently.