• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.1
• /
• pp.185-194
• /
• 2018

This study investigates the limitations of blockchain technology and the ways to improve it by using Delphi technique. Limit factors and improvement measures are classified into technology, service, and legal system. First, from a technical point of view, lack of standardization of the technology, insufficiency of integration, lack of scalability, unclear cancellation or correction policy, excessive cost of transaction verification, insufficient personal information protection and not enough to respond to hacking defense were the limiting factors. In order to improve these, the followings; ensuring standardization, securing integration and scalability, establishing cancellation of each applicable data, establishment of correction policy, efficiency of verification cost, the protection of personal information and countermeasure against hacking are provided. The related technology development and countermeasures must be established to effectively introduce the blockchain technology to the market. Second, in the early stage of blockchain service, it showed lack of utilization of the blockchain, security threat, shortage of skilled workers, and lack of legal liability. As a solution to these problems, it is necessary to suggest various applications, against security threat, training professional manpower, and securing legal responsibility. It should also provide a foundation for providing institutionally stable services. Third, from as legal system point of view, inadequate legal compliance, lack of relevant regulation, and uncertainty in the regulation were the limiting factors. Therefore establishing a legal system, which is the most important area for activating the service, should be accompanied by the provision of legal countermeasures, clearness of regulations and measures to be taken by relevant governmental authorities. This study will contribute as a reference for a research, related to the blockchain.

• The Journal of the Korea Contents Association
• /
• v.9 no.12
• /
• pp.787-796
• /
• 2009

The electronic commerce keeps going through a tremendous growth since the latter half of 1990's. But the consumer damages are being increased from characteristics such as non-confrontation, anonymity, internationality, unilaterality and possibility of temptation. Accordingly, this thesis has derived legal and systematic improvements for consumer protection in general as follows. First of all, it is necessary to extend the period to exercise the subscription withdrawal rights according to electronic commerce consumer protection law. Second, the electronic commerce has high possibility of causing errors by consumers because it is performed by non-confrontation and the accurate information must be provided to prevent errors in advance because it is not easy for consumers to prove their own errors. Third, a certification mark system on electronic agreement has to be adopted. Fourth, the legal, systematic and technological measures have to be adopted to prevent from having a sense of fear toward leaking or using personal information through a safe personal information management. Fifth, a strict supervision on internet trust mark is required. Finally, because the intervention or interference by a third party may take place through a hacking on messages or documents sent according to procedure in terms of online settlement, it is necessary to raise security on the system through a precise authentication between concerned parties.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.6 no.7
• /
• pp.17-26
• /
• 2016

Information spill was occurred several times in the country due to the negligence of the large internet service providers including SK Communications, Auction, KT. In order to judge the Internet Service Provider(ISP)'s liability in individual data spill caused by hacking, the violation of existing legislation or general principle of law's good faith principle has to be examined. However, based on current ISP's good faith principle, there is no objective standard for judging liability. Such uncertain range of protection action duty based on good faith principle generates complaint toward companies, therefore presentation of objective judgement range index on how to determine this range is needed. However due to the legal characteristic of above-mentioned law, it is not possible to fix the range of protection action duty and regulate it on law. In order to resolve this, rather than concerning simply on legal system level, fusion approach method is needed. Thus, this research will discuss the measure for objective standard for predicting ISP's range of protection action duty through fusion view dividing in technical, legal and administrative aspects.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.9
• /
• pp.464-472
• /
• 2017

In the ICT (Information and Communication Technology) convergence security environment, a lot of companies use an external public web system for the external disclosure and sharing of product information, manufacturing technology, service manualsand marketing materials. In this way, the web system disclosed on the Internet is an important aspect of cyber security management and has an always-on vulnerability requiringan information protection solution and IT vulnerability checks. However, there are limits to vulnerability detection management in anexternal environment. In this study, in order to solvethese problems, we constructed a system based on digital forensics and conducted an empirical study on the detection of important information in enterprises by using forensic techniques. It was found thatdue to the vulnerability of web systems operated in Korea and overseas, important information could be revealed,such as the companies' confidential data and security management improvements. In conclusion, if a system using digital forensic techniques is applied in response to theincreasing number of hacking incidents, the security management of vulnerable areas will be strengthened and the cyber security management system will be improved.

• Journal of Convergence for Information Technology
• /
• v.9 no.10
• /
• pp.9-15
• /
• 2019

Recently, in the field of next-generation e-commerce and finance, interest in blockchain-based technologies such as Bitcoin and Ethereum is great. Although the security of blockchain technology is known to be secure, hacking incidents / accidents related to cryptocurrencies are being issued. The main causes were vulnerabilities in the external environment, such as taking over login sessions on cryptocurrency wallets, exposing private keys due to malware infection, and using simple passwords. However, private key management recommends general methods such as utilizing a dedicated application or local backup and physical archiving through document printing. In this paper, we propose a white box password-based private key protection scheme. As a result of safety and performance analysis, we strengthened the security against vulnerability of private key exposure and proved the processing efficiency of existing protocol.

• Information Systems Review
• /
• v.22 no.4
• /
• pp.135-161
• /
• 2020

With the growth of blockchain and cryptocurrency-related markets, cryptocurrency exchanges are growing as a new industry. However, as the legal and regulatory definitions of cryptocurrencies are still in progress, unlike existing industrial groups, they are not under the supervision of regulatory agencies. As a result, users (i.e., cryptocurrency investors) have suffered two types of damage that could occur from hacking and other accidents on the exchanges. One type of the damage is the loss of assets caused by the extortion of personal information or account and the other is the damage from users who might be involved in external frauds. Both are analyzed in comparison with existing operators whose functions are like the exchanges. The results of this study show that membership (KYC: Know Your Client), log-in, and additional authentication in transactions are on the similar level to those of the operators while the fraud detection system (FDS) and anti-money laundering (AML) of fiat currencies and cryptocurrencies need rapid improvement.

• The Journal of Information Technology
• /
• v.7 no.4
• /
• pp.9-20
• /
• 2004

Result Dos that materialization KNU Virus Wall to solve serious problem Hurtfulness Virus is present network chiefly in this research to do not become and do correct disposal in situation such as internet and Multiple Protocol that is done intelligence anger for ESM, CIS and MIS side as secondary to solve this problem about out log analysis system embody. As a result, could use comprehensively, and can click by Site Design, Packet transmission, and used to interior internet (GroupWare) in information protection aspect because intelligence enemy to face each other ESM's various hacking and virus uses Enterprise Security Management system and CIS, whole web through Smart View and relation of security could do monitoring.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.9 no.6
• /
• pp.63-68
• /
• 2009

In the whole information technology area, the protection of information from hacking or tapping becomes a very serious issue. Therefore, the more effective, convenient and secure methods are required to make the safe operation. Encryption algorithms are known to be computationally intensive. They consume a significant amount of computing resources such as CPU time and memory. In this paper we propose the scalable encryption scheme with four criteria, the compression of plaintext, variable size of block, selectable round and software optimization. We have tested our scheme by c++. Experimental results show that our scheme achieves the faster execution speed of encryption/decryption.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.8C
• /
• pp.838-848
• /
• 2005

Most of the national critical key infrastructure, such as power, piped gas and water supply facilities, or the high-speed railroad, is run on the SCADA system. Recently, concerns have been raised about the possibility of these facilities being attacked by cyber terrorists, hacking, or viruses. Thus, it is time to adopt the relevant security management techniques. This paper attempts to propose such security management techniques, including information protection measures and troubleshooting, based on a risk analysis process concerning assets, threats/vulnerability, and hazards, and to examine the security management status of critical key infrastructure in the U.S. and Japan.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.52 no.11
• /
• pp.164-168
• /
• 2015

As Internet use is widespread advertising through the Web, shopping, banking, etc. As the various services offered by the network, the need for Web security is increasing. A security system for the protection of information assets and systems against various types of external hacking threats and unlawful intrusion will require. Intrusion Detection Tool of the paper web will have is to increase the security level, to prevent the loss of resources and labor spent by the individual monitoring of the web. Security intrusion detection system analyzes the cause of the problem of the security vulnerability and exposure of the information on the Web. Using a monitor to determine a fast support of security is to design a security system for the purpose of protecting the information security vulnerability and exposure information.