• Journal of Convergence Society for SMB
• /
• v.6 no.2
• /
• pp.19-24
• /
• 2016

A Study on the Information Security System of Fin-Tech Business In traditional electronic commerce, there have not been severe issues of trading information through documents in paper or the closed EDI. The scale of e-commerce has increased as internet develops, however, turning to the online e-commerce, which caused a number of issues such as authentication, information forgery, and non-repudiation between the parties. To prevent conflicts from such troubles and perform the post management, security technologies are applied throughout the process of e-commerce, certificates intervening. Lately, meanwhile, FinTech has been creating a sensation around the mobile payment service. Incidents of information leakage from card corporations and hackings imply the need of securing safety of the financial service. Development and evolution of FinTech industry must be accompanied by information protection. Therefore, this research aims to inquire into the information security system of leading FinTech company in a foreign country.

• The KIPS Transactions:PartD
• /
• v.9D no.6
• /
• pp.1043-1054
• /
• 2002

This paper intends to suggest a XML-based secure E-Procurement system using Unified Modeling Language(UML), as an application system for domestic automobile industry. Applying UML methodology, which is Component-based Development (CBD), we analyzed the workflow on procurement operation of automobile industry and implemented a prototype of efficient E-Procurement system for automobile industry, by developing XML/EDI and XML signature. Also, on this paper, object-oriented CBD is employed to minimize the risk of life cycle and reuse software as mentioned to limitation of information engineering methodology. It enables the interoperability with ERP (Enterprise Resource Planning) as corporate legacy system. This system proposes a solution to apply analysis and design of workflow, component development, interoperability with corporate information system, and XML signature for integrity and authentication of electronic documents in other system so far.

• Journal of Digital Convergence
• /
• v.18 no.3
• /
• pp.1-12
• /
• 2020

The purpose of this study is to explore the trend of blockchain technology through analysis of patents and news articles using text mining, and to suggest the blockchain policy agenda by grasping social interests. For this purpose, 327 blockchain-related patent abstracts in Korea and 5,941 full-text online news articles were collected and preprocessed. 12 patent topics and 19 news topics were extracted with latent dirichlet allocation topic modeling. Analysis of patents showed that topics related to authentication and transaction accounted were largely predominant. Analysis of news articles showed that social interests are mainly concerned with cryptocurrency. Policy agendas were then derived for blockchain development. This study demonstrates the efficient and objective use of an automated technique for the analysis of large text documents. Additionally, specific policy agendas are proposed in this study which can inform future policy-making processes.

• Journal of Korea Society of Industrial Information Systems
• /
• v.13 no.2
• /
• pp.88-99
• /
• 2008

In this article, DHRMIS being developed with ERP at resent realizes the personnel affairs recording procedures that all the Ministry of National Defense, the army, the navy and the air force can use on personnel affairs in order to solve the problem of the personnel recording procedures of the MND and each of the troops such as using manual affairs together with computation affairs, absence of electronic recording managements in some of the institutions MND, insufficiency of real time recording, and excess of centralized managements to present and record the personnel data. The personnel recording procedures consist of standardized personnel recording procedures and definition of the personnel recording procedures. This personnel recording procedures propose 3 improvements such as an atomic electronic recording management, a real time recording affair, effective centralization and distribution of verification authority so as to guarantee authentication, integrity, reliance, and accessibility of personnel data. When proposed personnel recording procedures are realized through developing DHRMS, these can bring on unification of 10 recording management systems, reduction of recording management time from 45 days to 3 days, distribution of verification authority MND, each of the troops, each of the institutes, an individual, and reduction of some of the manual documents.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.815-817
• /
• 2014

According to a rapid development of medical technology and increasing requirements of the users on prevention and control of diseases, whole healthcare services are changing into user-oriented services. There are many attempts and studies on integrating users' medical information but it is so difficult to implement a true user-oriented medical services because carrying the information from each medical facility to the integrated medical information system involves many conflicts of interests and authentication problems. This paper presents integrated medical information system which provides real-time medical services, allowing the users to be a critical player who can receive the medical information they want from any medical facility on their mobile devices without any change in the form of documents in relation to those issued by that facility and give that information themselves to the system through the mobile devices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.6
• /
• pp.115-125
• /
• 2001

Authentication and access control are essential requirements for the information security of distributed environment. Delegation is process whereby an initiator principal in a distributed environment authorizes another principal to carry out some functions on behalf of the former. Delegation of access rights also increases the availability of services offer safety in distributed environments. A delegation easily provides principal to grant privileges in the single domain with Role-Based Access Control(RBAC). But in the multi-domain, initiators who request delegation may require to limit the access right of their delegates with restrictions that are called delegate restriction to protect the abuse of privilege. In this paper, we propose the delegation view as function of delegation restrictions. Proposed delegation view model not only prevent over-exposure of documents from granting multiple step delegation to document sharing in multi-domain with RBAC infrastructure but also reduce overload of security administrator and communication.

• The Journal of the Korea Contents Association
• /
• v.9 no.12
• /
• pp.787-796
• /
• 2009

The electronic commerce keeps going through a tremendous growth since the latter half of 1990's. But the consumer damages are being increased from characteristics such as non-confrontation, anonymity, internationality, unilaterality and possibility of temptation. Accordingly, this thesis has derived legal and systematic improvements for consumer protection in general as follows. First of all, it is necessary to extend the period to exercise the subscription withdrawal rights according to electronic commerce consumer protection law. Second, the electronic commerce has high possibility of causing errors by consumers because it is performed by non-confrontation and the accurate information must be provided to prevent errors in advance because it is not easy for consumers to prove their own errors. Third, a certification mark system on electronic agreement has to be adopted. Fourth, the legal, systematic and technological measures have to be adopted to prevent from having a sense of fear toward leaking or using personal information through a safe personal information management. Fifth, a strict supervision on internet trust mark is required. Finally, because the intervention or interference by a third party may take place through a hacking on messages or documents sent according to procedure in terms of online settlement, it is necessary to raise security on the system through a precise authentication between concerned parties.