• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.827-835
• /
• 2022

In order to use online financial services, user authentication technology is necessary. Password check through keyboard typing is the most common technique. However, since it became known that key stokes on the keyboard can be intercepted easily, many Internet banking services and easy payment services have adopted the virtual keyboard. However, contrary to the expectation that the virtual keyboard will be safe, there is a risk that key strokes on the virtual keyboard can be leaked. In this paper, we analyzed the possibility of password leaking on the virtual keyboard and presented a password leaking method using mouse event hooking and screen capture in PC operating system. In addition, we inspected the possibility of password leak attacks on several famous Korea Internet banking websites and simple payment services, and as a result, we verified that the password input method through the virtual keyboard in the PC operating system is not secure.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.8
• /
• pp.2124-2139
• /
• 2023

In this article, the authors focus on the use of smart CCTV, a combnation of biometric recognition technology and AI algorithms. In fact, the advancements in relevant technologies brought a significant increase in the use of biometric information - fingerprint, retina, iris or facial recognition - across diverse sectors. Both the public and private sectors, with the developments of biometric technology, widely adopt and use an individual's biometric information for different reasons. For instance, smartphone users highly count on biometric technolgies for the purpose of security. Public and private orgazanitions control an access to confidential information-controlling facilities with biometric technology. Biometric infomration is known to be unique and immutable in the course of one's life. Given the uniquness and immutability, it turned out to be as reliable means for the purpose of authentication and verification. However, the use of biometric information comes with cost, posing a privacy issue. Once it is leaked, there is little chance to recover damages resulting from unauthorized uses. The governments across the country fully understand the threat to privacy rights with the use of biometric information and AI. The EU and the United States amended their data protection laws to regulate it. South Korea aligned with them. Yet, the authors point out that Korean data aprotection law still requires more improvements to minimize a concern over privacy rights arising from the wide use of biometric information. In particular, the authors stress that it is necessary to amend Section (2) of Article 23 of PIPA to reflect the concern by changing the basis for permitting the processing of sensitive information from 'the Statutes' to 'the Acts'.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.649-651
• /
• 2021

In recent years, O2O services for real estate sales are widely distributed in web platforms and apps. This allows sellers, buyers, and real estate brokers to quickly and conveniently conduct real estate sales and charter contracts. However, in the O2O-based real estate sales information system, it wastes time and money for real estate buyers due to the posting of fake information, partial correction of the sales information, and intentional non-posting of the sales information. Therefore, we propose a method of detecting the false or not of real estate property information that can occur on the web platform, and design and implement a proposal system for this. To this end, we propose a method of detecting personal identity and property information based on DID, a distributed identity authentication protocol. The false real estate sales information detection system proposed by us can determine the existence of real estate sales information, partially correct the false sales information, or prove whether or not intentionally unpublished in three steps.

• Korean Journal of Agricultural and Forest Meteorology
• /
• v.25 no.2
• /
• pp.99-107
• /
• 2023

Recently, the abnormal weather events and crop damages occurred frequently likely due to climate change. The importance of meteorological data in agricultural research is increasing. Researchers can download weather observation data by accessing the websites provided by the KMA (Korea Meteorological Administration) and the RDA (Rural Development Administration). However, there is a disadvantage that multiple inquiry work is required when a large amount of meteorological data needs to be received. It is inefficient for each researcher to store and manage the data needed for research on an independent local computer in order to avoid this work. In addition, even if all the data were downloaded, additional work is required to find and open several files for research. In this study, data collected by the KMA and RDA were uploaded to GitHub, a remote storage service, and a package was created that allows easy access to weather data using Python. Through this, we propose a method to increase the accessibility and usability of meteorological data for agricultural personnel by adopting a method that allows anyone to take data without an additional authentication process.

• Journal of Korea Entertainment Industry Association
• /
• v.13 no.6
• /
• pp.69-77
• /
• 2019

Among the many factors that threaten the improvement of public health and quality of life, the proportion of fine dust is not so small, and the kinds and causes of the dust are also diversified. However, the domestic measuring instrument is in the initial stage and the certification system is insignificant. Recognizing the threat of fine dust for a long time, the United States has established a protocol of measurement standards and measurement methods and applied the developed fine dust measuring device authentication system. Through this system, the United States is leading the world's fine dust industry, technology and market. The EPA, FRM and FEM of the fine dust-related protocol were analyzed to reduce the harmful effects of repeated fine dust every year. In addition, light scattering method and spectroscopy method which can measure in real time by measuring method were examined, and the types and characteristics of fine dust measuring instrument of international certification level were analyzed. Finally, development and service plan of the domestic fine dust measuring instrument are presented.

• Journal of Korea Society of Industrial Information Systems
• /
• v.29 no.1
• /
• pp.77-89
• /
• 2024

This paper presents an unmanned store management system that can provide inventory management and theft prevention for displayed products using a small camera that can monitor the shelves of sold products in small and medium-sized stores. This system is a service solution that integrates object recognition, real-time communication, security management, access management, and mobile authentication. The proposed system uses a custom YOLOv5-x model to recognize objects on the display, measure quantities in real time, and support real-time data communication with servers through Raspberry Pie. In addition, the number of objects in the database and the object recognition results are compared to detect suspected theft situations and provide burial images at the time of theft. The proposed unmanned store solution is expected to improve the efficiency of small and medium-sized unmanned store operations and contribute to responding to theft.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.991-994
• /
• 2007

최근 컴퓨터 기술의 발전과 네트워크의 개방화 그리고 무선 모바일 통신 기술의 비약적인 보급으로 인하여 컴퓨팅 환경을 이루고 있는 각종 장치(PC, 모바일 단말, 저장장치, 네트워크 기기 등)가 다양한 형태의 보안 위협에 노출되어 데이터의 유실, 조작, 유출되어 금전적인 피해를 입거나 프라이버시 침해를 받고 있다. 이러한 문제를 근본적으로 해소하기 위하여 설립된 TCG(Trusted Computing Group)는 세계적인 IT 핵심기업들을 중심으로 구성된 비영리 단체로서 PC 혹은 모바일 기기 등의 단말과 서버 장비 그리고 저장 장치 및 네트워크로 구성된 컴퓨팅 환경에서 보안성 향상 및 데이터의 신뢰성을 제고하기 위하여 TPM(Trusted Platform Module)이라는 반도체 칩을 신뢰의 기반(root of trust)으로 한 신뢰 플랫폼을 제안하고 있다. 한편 SaaS(Software as a Service)는 패키지 형태의 소프트웨어를 네트워크 서비스 형태로 바꾸어 사용량에 비례한 요금제로 과금하는 방식을 채택하고 사용자가 온디맨드로 요청한 서비스를 적시에 제공하는 기술로 최근 전세계적으로 각광을 받고 있다. 이때 다양한 컴퓨팅 환경 안의 사용자에게 높은 신뢰성과 보안성 그리고 연속성을 갖는 SaaS 서비스를 제공하고 데이터의 무결성 및 비밀유지와 정확한 서비스 사용시간을 기록하고 업로드하는 기능들을 제공하는 SaaS 플랫폼은 TPM기반의 신뢰컴퓨팅 기술을 통하여 쉽게 구현될 수 있다. 본 논문에서는 일시적으로 네트워크와 차단된 상태의 PC 혹은 모바일 단말에서도 위의 조건들을 만족하는 SaaS 서비스를 지원하는 신뢰 플랫폼이 가져야 할 기능들에 대하여 분석-도출한 후 그러한 기능들을 제공하는 컴포넌트로 구성된 신뢰형 SaaS 사용자 플랫폼을 설계하였다.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.5
• /
• pp.67-74
• /
• 2024

As the number of coffee shops increases, many people are studying or working at coffee shops. Coffee shop operators have been required to analyze customer visits due to customer turnover and profit problems. Methods such as image analysis, QR code authentication, and Bluetooth beacon have been proposed for these statistics and analysis. However, it is difficult to use due to problems such as invasion of privacy and low accuracy. Therefore, in this study, to solve these problem and provide more accurate in-store congestion information, we propose a crowding measurement method of coffee shop using high frequency signal. There is an advantage in that a high frequency signal replaces the Bluetooth signal, and the transmission range of the signal is limited to the store, thereby increasing the accuracy of the method. To verify the performance of the proposed system, we conducted a comparative experiment with a Bluetooth based system, and as a result, the proposed method showed lower misrecognition rate. Thus, the proposed method will be an effective useful service for providing information on crowding at coffee shops and processing statistics.

• Asia pacific journal of information systems
• /
• v.29 no.2
• /
• pp.308-327
• /
• 2019

The concept of sharing economy has received rich attention in recent years. As a typical type of business model in the sharing economy, online short rent has been paid attention by both industry and academia. In this study, we find trust to be a critical determinant to the success of online short rent platforms. Based on three dimensions of trust theory, i.e., ability, benevolence and integrity, we investigate the factors influencing tenant' willingness to participate in online short rent. We further examine the extent to which trust can influence the number of sales and comments of rooms listed at online short-term rent platforms, which can represent tenant' willingness to participate in the sharing economy. The results show that the trust dimensions represented by a landlord's personal characteristics have significant positive correlations with the number of sales and comments. For example, the real name authentication and the sesame score can represent the trust integrity; online replay ratio and the average confirmation time representing the trust sincerity, and the order acceptance ratio representing the trust ability. On this basis, we proposed some recommendations for both platforms and landlords. For example, the landlords can improve the tenants' trust by authenticating his/her real name, replying actively and timely. For platforms, when they make housing list ranking rules, they can take the landlord's personal attributes that may affect trust into consideration. Moreover, platforms can also allow landlords to supply value-added services to improve service quality and ultimately promote the virtuous circle of the platform ecosphere. Through conducting the empirical research on a particular application of the sharing economy, we aim to fill the research gap of this field in China and provide theoretical and practical contributions to the future development of online short rent.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.4
• /
• pp.975-983
• /
• 1998

In these days, information communication systems are based on both open distributed computing technologies and object-oriented techniques like inheritance, encapsulation and object reuse to support various system configuration and application. As information systems are interconnected through unsecure networks, the need for the secure information exchange is more critical than before. In this paper, we have designed and implemented a transparent CORBA-basce Security infrastructure with authentication, security context association, access control and security information management to support a secure applications in distributed object environment. SESAME Ver. 4 was adopted as an external security service to manage user privilege attributes and to distribute keys for data encryption, decryption and integrity. Using filter and transformer with an interface to Object Request Broker, it provides a transparent security service to applications. The filter objects are special classes that allow additional parameters to be inserted into messages before they are sent and removed just after they are received. The transformer objects are special classes that allow direct access to the byte stream of every messages for encryption and decryption before it is sent and just after it is received. This study is to implement the access control interceptor(ACI) and the secure invocation interceptor(SII) of secure ORB defined in CORBA using filter and transformer.