• Asia pacific journal of information systems
• /
• v.13 no.4
• /
• pp.171-189
• /
• 2003

The three main purposes of this paper are to (1) identify critical success factors(CSFs) for electronic commerce(EC), (2) investigate the explanatory power of these CSFs on firm performance, and (3) compare differences in evaluating CSFs and explaining impact of CSFs on performance among Korea, Japan, and U.S.A. EC firms. Through a literature review and interviews with managers in EC firms, a list of 16 CSFs consisting of 111 items was compiled. In the second stage, questionnaires were administered to managers of EC companies in Seoul, Korea, Tokyo, Japan, and Texas, U.S.A. Survey results show that CSFs have very significant explanatory power for firm performance in Korea, Japan, and U.S.A. While security, privacy, technical expertise, information about goods/services, and variety of goods/services are the most explanatory CSFs in Korea and Japan, evaluation of EC operations, technical expertise, and ease of use show most explanatory power in U.S.A. In general, respondents in Korean and Japan evaluate CSFs quite differently compared to U.S.A counterparts.

• Asia pacific journal of information systems
• /
• v.12 no.4
• /
• pp.37-53
• /
• 2002

The three main purposes of this paper are to (1) identify critical success factors(CSF's) for electronic commerce(EC), (2) investigate the explanatory power of these CSF's on firm performance, and (3) compare differences in evaluating CSF's and explaining impact of CSF's on performance between Korean and U.S.A. EC managers. Through a literature review and interviews with managers in EC firms, a list of 16 CSF's consisting of 111 items was compiled. In the second stage, questionnaires were administered to managers of EC companies in Seoul, Korea and Texas, U.S.A. Survey results show that CSF's have very significant explanatory power for firm performance in both Korean and U.S.A. While security, privacy, technical expertise, information about goods/services, and variety of goods/services are the most explanatory CSF's in Korea, evaluation of EC operations, technical expertise, and ease of use show most explanatory power in U.S.A. This analysis confirms the fact that customers use EC if they feel comfortable about navigating EC for information about a variety of goods/services without technical difficulty and in a secure and private way.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.73-92
• /
• 2005

Joux's tripartite key agreement protocol is one of the most prominent developments in the area of key agreement. Although certificate-based and ID-based authentication schemes have been proposed to provide authentication for Joux's protocol, no provably secure password-based one round tripartite key agreement protocol has been proposed yet. We propose a secure one round password-based tripartite key agreement protocol that builds on Joux's protocol and adapts PAK-EC scheme for password-based authentication, and present a proof of its security.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.12
• /
• pp.1691-1696
• /
• 2002

The major factors for the information protection to prepare for the change of the EC environment are found to be the construction of internet cyber-mall, the consumer-protecting regulations and the private information and system security regulations. The standards and methods of the their judgement is also important factors and are believed to attract the consumers' interest about the assessment of the internet cyber-mall and eventually serve the rights and interests of the consumers. The technology-level for the business transaction, the research and development of its technology and putting it into practical use are also found to be significant factors.

• The Journal of Society for e-Business Studies
• /
• v.1 no.1
• /
• pp.51-67
• /
• 1996

Recently the interests in NII, CALS/EC, and security are rapidly increasing. However, only one of the security issues for CALS implementation, i.e., the security for EDI implementation, has been presented in the literature. No comprehensive discussion about CALS security including other CALS applications exists. This paper intends to present such a comprehensive analysis for the security requirements and standards for the well-recognized two-phase CALS implementation. We present a framework for CALS security encompassing security protocols and systems that are arranged into the framework in terms of the CALS implementation phases, application systems, and communication modes. This framework is followed by brief descriptions of the security services and mechanisms for each CALS application.

• Journal of Korea Multimedia Society
• /
• v.14 no.10
• /
• pp.1303-1310
• /
• 2011

This paper proposes the design of 3-party negotiation protocol for the security of self_organized storage which consists of the owner node possessing data, the holder node holding the owner's data and the verification node verifying the data of the holder node on infra-cloud environment. The proposed security technique delegating the data verification of the holder node to the verification node increases the efficiency of the self-organized storage. In addition, the encrypt key and certification of the storage created by EC-DH algorithm enhances the security much more. Also, when the self-organized storage is composed, the security technique not only prevents external flooding attack by setting a certification key among three parties, but also prevents internal flooding attack by restricting the number of verification nodes. And The replay attack which can occur in the step of verification is automatically detected by using the created seed value whenever the verification is requested.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.23-37
• /
• 2002

As the world-wide use of the Internet increases rapidly due to development of computer network the Electronic Commerce for business by treating it is growing as compared to the traditional one for the information exchange in the academic and research areas. The Electronic Payment System used for EC includes the Payment Broker System and the Electronic Purse System. And usually Electronic Purse System operates with IC cards. Saving the money in IC card has a high portability and security. Therefore, the Electronic purse System based on IC card is recently issued in the EC. In this paper, we design and implement of a IC card security system for Common Electronic Purse Specifications in Internet. CEPS is a Electronic Purse System proposed VISA, and conform EMV(Europay Mastercard VISA) security structure. With our system, users easily use Electronic Purse System with only Web browser and IC card. Original EMV paid no regard to using in the Internet. But our system, conforming to CEPS and EMV, is easily used in the Internet.

• Management & Information Systems Review
• /
• v.4
• /
• pp.29-66
• /
• 2000

The current economic environmental changes such as globalization, information and opening of the market is calling for or needing the more rapid change of management and/or marketing strategies of the company than they did before to survive in tile borderless international competition. Under this situation, this study focuses on the correspondence strategies of Electronic Commerce which is one of the key elements to overcome or lead the above demands through seeking the problems of the current EC acception and application specially in Chollabuk Do province. For the above purpose, this study surveys the questionary with business firms of above area and figures out what is the correlation between business form and size and EC acception and application and what is the problems on it. And than provides several counter strategies which are following based on the survey to keep this area companies from out of business and lead the above economic environmental changes. To expand the adoption and application of EC to this area, firstly, top managers of the company must recognize the necessity and importance of EC compared with traditional commerce and change their perception and attitude concerning EC positively, and than try to accept it as soon as possible. Secondly, the company need the retained earning to invest to EC and educate their managers and employees with total participation. Thirdly, local government has to improve its attention to EC as a best way or opportunity to reduce and overcome the economical gap and development its economy because EC can remove the physical time or distance and space, scale and capital limitations. Finally, government has to expand and establish information infrastructure such as technical infrastructure(communication and security technology), Functional infrastructure like standard protocol, Organizational infrastructure(interchange agreement, relative law) and social infrastructure to improve efficient electronic transaction which can Increase the company' international compatitiveness under the current economy trend.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.65-76
• /
• 2005

Speeding up scalar multiplication of an elliptic curve point has been a prime approach to efficient implementation of elliptic curve schemes such as EC-DSA and EC-ElGamal. Koblitz introduced a $base-{\phi}$ expansion method using the Frobenius map. Kobayashi et al. extended the $base-{\phi}$ scalar multiplication method to suit Optimal Extension Fields(OEF) by introducing the table reference method. In this paper we propose an efficient scalar multiplication algorithm on elliptic curve over OEF. The proposed $base-{\phi}$ scalar multiplication method uses an optimized batch technique after rearranging the computation sequence of $base-{\phi}$ expansion usually called Horner's rule. The simulation results show that the new method accelerates the scalar multiplication about $20\%{\sim}40\%$ over the Kobayashi et al. method and is about three times as fast as some conventional scalar multiplication methods.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.737-740
• /
• 2006

유비쿼터스 환경을 현실 세계에 구현함에 있어 가장 중요한 핵심 기술 중 하나는 컨텍스트 정보 관리이다. 하지만 기존의 많은 연구들에서 컨텍스트를 요구함에 있어 무엇을 어떻게 요구할 것인지에 대한 방법이 명확하지 않았다. 따라서 본 논문에서는 응용이 필요로 하는 컨텍스트 정보만을 컨텍스트 매니저에게 주고받는 컨텍스트 전송 프로토콜을 소개한다. 그리고 컨텍스트 요청 메시지와 응답 메시지가 어떻게 XML로 구성되고 동작하는지 보인다. 또한, 개인 정보에 관한 컨텍스트를 안전하게 처리하기 위해 정당한 사용자만이 컨텍스트 정보를 요청하고 받을 수 있도록 SPKI/SDSI(Simple Public Key Infrastructure/Simple Distributed Security Infrastructure)를 이용한 인증절차를 소개한다.