• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.2
• /
• pp.394-402
• /
• 2010

At a recent, enterprises based on online-service are established because of rapid growth of information network. These enterprises collect personal information and do customer management. If customers use a paid service, company send billing information to customer and customer pay it. Such circulation and management of information is big issue but most companies don't care of information security. Actually, personal information that was managed by largest internal open-market was exposed. For safe customer information management, this paper proposes the method that decrease load of RSA cryptography algorithm that is commonly used for preventing from illegal attack or hacking. The method for decreasing load was designed by Binary NAF Method and it can operates modular Exponentiation rapidly. We implemented modular Exponentiation algorithm using existing Binary Method and Windows Method and compared and evaluated it.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.11
• /
• pp.201-208
• /
• 2019

In the phono-sapiens era of the intelligence information society, most business activities are increasingly dependent on networks and information systems. SMEs, which occupy the majority of Korean companies, are increasingly possessing the value and technology of their information assets, and their ability to protect core technologies that are the driving force of corporate growth will be the most important competitiveness of enterprises. Accordingly, the Ministry of Science and ICT and the Korea Internet & Security Agency(KISA) provides a foundation for minimizing the damage from cyber threats such as hacking and information leakage by evaluating the current information protection level of SMEs and enhancing information protection capability by supporting a high level of customized information protection consulting. In this study, we analyze the effectiveness of information protection based on the results of KISA SMEs consulting. In addition, by identifying problems and limitations derived from SMEs information protection consulting results, SMEs should propose measures to improve information security of SMEs that can manage information protection management system more efficiently and effectively.

• Journal of Convergence for Information Technology
• /
• v.9 no.9
• /
• pp.27-32
• /
• 2019

Along with the growth of u-Healthcare, we propose a security enhancement based on network separation for CloudHIS with for handling healthcare information to cope with cyber attack. To protect against all security threats and to establish clear data security policies, we apply desktop computing servers to cloud computing services for CloudHIS. Use two PCs with a hypervisor architecture to apply physical network isolation and select the network using KVM switched controller. The other is a logical network separation using one PC with two OSs, but the network is divided through virtualization. Physical network separation is the physical connection of a PC to each network to block the access path from both the Internet and the business network. The proposed system is an independent desktop used to access an intranet or the Internet through server virtualization technology on a user's physical desktop computer. We can implement an adaptive solution to prevent hacking by configuring the CloudHIS, a cloud system that handles medical hospital information, through network separation for handling security enhancement.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.35-43
• /
• 2023

As digital infrastructure increases connections and convergence progress rapidly in all areas, and it is most important to ensure safety from cyber infringement or hacking to continue national growth. Accordingly, it examines the obstacles to cyber threat information sharing, which is the basis for responding to cyber infringement, and suggests ways to improve efficiency. First of all, information sharing is divided into three areas: the government, cyber security companies, small and medium-sized enterprises and individuals and the requirements are checked from their respective positions. We will supplement this and explore ways to strengthen cybersecurity and provide economic benefits to each other. Therefore, national and public organizations will propose policies to create an cybersecurity industry ecosystem with a virtuous cycle that leads to diversification of cyber threat information sources, strengthening cybersecurity for general companies and individuals, and creating demand for the cybersecurity industry. The results of the study are expected to help establish policies to strengthen national cybersecurity.

• Information Systems Review
• /
• v.22 no.4
• /
• pp.135-161
• /
• 2020

With the growth of blockchain and cryptocurrency-related markets, cryptocurrency exchanges are growing as a new industry. However, as the legal and regulatory definitions of cryptocurrencies are still in progress, unlike existing industrial groups, they are not under the supervision of regulatory agencies. As a result, users (i.e., cryptocurrency investors) have suffered two types of damage that could occur from hacking and other accidents on the exchanges. One type of the damage is the loss of assets caused by the extortion of personal information or account and the other is the damage from users who might be involved in external frauds. Both are analyzed in comparison with existing operators whose functions are like the exchanges. The results of this study show that membership (KYC: Know Your Client), log-in, and additional authentication in transactions are on the similar level to those of the operators while the fraud detection system (FDS) and anti-money laundering (AML) of fiat currencies and cryptocurrencies need rapid improvement.

• The Journal of the Korea Contents Association
• /
• v.9 no.12
• /
• pp.787-796
• /
• 2009

The electronic commerce keeps going through a tremendous growth since the latter half of 1990's. But the consumer damages are being increased from characteristics such as non-confrontation, anonymity, internationality, unilaterality and possibility of temptation. Accordingly, this thesis has derived legal and systematic improvements for consumer protection in general as follows. First of all, it is necessary to extend the period to exercise the subscription withdrawal rights according to electronic commerce consumer protection law. Second, the electronic commerce has high possibility of causing errors by consumers because it is performed by non-confrontation and the accurate information must be provided to prevent errors in advance because it is not easy for consumers to prove their own errors. Third, a certification mark system on electronic agreement has to be adopted. Fourth, the legal, systematic and technological measures have to be adopted to prevent from having a sense of fear toward leaking or using personal information through a safe personal information management. Fifth, a strict supervision on internet trust mark is required. Finally, because the intervention or interference by a third party may take place through a hacking on messages or documents sent according to procedure in terms of online settlement, it is necessary to raise security on the system through a precise authentication between concerned parties.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.18 no.3
• /
• pp.465-474
• /
• 2023

As the effective use and strong protection of an organization's information resources are recognized as a condition for the growth of an organization, they are increasing technological and policy investments in IS(information security). However, information exposure can occur from external invasions such as hacking and incidents related to misuse and abuse by insiders. This study proposes a mechanism that considers the organizational environment and individual characteristics from the viewpoint of promoting employees' IS participation activities. In other words, the study presents the complex effects of organizational environmental factors (ethical leadership, IS collaborative communication) and personal factors (person-organization fit) on organization trust and IS voice behavior. We surveyed office workers who asked for IS-related business activities and tested hypotheses using 422 samples. As a result, ethical leadership influenced organization trust through collaborative communication, and organization trust strengthened IS voice behavior by having an interaction effect with person-organization fit. This study suggests direction for establishing an organizational environment for promoting IS-related activities by office workers, so it provides practical implications for organizations with goals related to internal information exposure control.

• Asia pacific journal of information systems
• /
• v.21 no.4
• /
• pp.1-25
• /
• 2011

Internet-based commerce has undergone an explosive growth over the past decade as consumers today find it more economical as well as more convenient to shop online. Nevertheless, the shift in the common mode of shopping from offline to online commerce has caused consumers to have worries over such issues as private information leakage, online fraud, discrepancy in product quality and grade, unsuccessful delivery, and so forth, Numerous studies have been undertaken to examine the role of perceived risk as a chief barrier to online purchases and to understand the theoretical relationships among perceived risk, trust and purchase intentions, However, most studies focus on empirically investigating the effects of trust on perceived risk, with little attention devoted to the effects of perceived risk on trust, While the influence trust has on perceived risk is worth studying, the influence in the opposite direction is equally important, enabling insights into the potential of perceived risk as a prohibitor of trust, According to Pavlou (2003), the primary source of the perceived risk is either the technological uncertainty of the Internet environment or the behavioral uncertainty of the transaction partner. Due to such types of uncertainty, an increase in the worries over the perceived risk may negatively affect trust, For example, if a consumer who sends sensitive transaction data over Internet is concerned that his or her private information may leak out because of the lack of security, trust may decrease (Olivero and Lunt, 2004), By the same token, if the consumer feels that the online merchant has the potential to profit by behaving in an opportunistic manner taking advantage of the remote, impersonal nature of online commerce, then it is unlikely that the merchant will be trusted, That is, the more the probable danger is likely to occur, the less trust and the greater need to control the transaction (Olivero and Lunt, 2004), In summary, a review of the related studies indicates that while some researchers looked at the influence of overall perceived risk on trust level, not much attention has been given to the effects of different types of perceived risk, In this context the present research aims at addressing the need to study how trust is affected by different types of perceived risk, We classified perceived risk into six different types based on the literature, and empirically analyzed the impact of each type of perceived risk upon consumer trust in an online merchant and further its impact upon purchase intentions. To meet our research objectives, we developed a conceptual model depicting the nomological structure of the relationships among our research variables, and also formulated a total of seven hypotheses. The model and hypotheses were tested using an empirical analysis based on a questionnaire survey of 206 college students. The reliability was evaluated via Cronbach's alphas, the minimum of which was found to be 0.73, and therefore the questionnaire items are all deemed reliable. In addition, the results of confirmatory factor analysis (CFA) designed to check the validity of the measurement model indicate that the convergent, discriminate, and nomological validities of the model are all acceptable. The structural equation modeling analysis to test the hypotheses yielded the following results. Of the first six hypotheses (H1-1 through H1-6) designed to examine the relationships between each risk type and trust, three hypotheses including H1-1 (performance risk ${\rightarrow}$ trust), H1-2 (psychological risk ${\rightarrow}$ trust) and H1-5 (online payment risk ${\rightarrow}$ trust) were supported with path coefficients of -0.30, -0.27 and -0.16 respectively. Finally, H2 (trust ${\rightarrow}$ purchase intentions) was supported with relatively high path coefficients of 0.73. Results of the empirical study offer the following findings and implications. First. it was found that it was performance risk, psychological risk and online payment risk that have a statistically significant influence upon consumer trust in an online merchant. It implies that a consumer may find an online merchant untrustworthy if either the product quality or the product grade does not match his or her expectations. For that reason, online merchants including digital storefronts and e-marketplaces are suggested to pursue a strategy focusing on identifying the target customers and offering products that they feel best meet performance and psychological needs of those customers. Thus, they should do their best to make it widely known that their products are of as good quality and grade as those purchased from offline department stores. In addition, it may be inferred that today's online consumers remain concerned about the security of the online commerce environment due to the repeated occurrences of hacking or private information leakage. Online merchants should take steps to remove potential vulnerabilities and provide online notices to emphasize that their website is secure. Second, consumer's overall trust was found to have a statistically significant influence on purchase intentions. This finding, which is consistent with the results of numerous prior studies, suggests that increased sales will become a reality only with enhanced consumer trust.