• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.227-230
• /
• 2013

Financial transactions using a mobile terminal and the Internet is activated, it is a stock exchange enabled using mobile devices and the Internet. Koscom in charge of IT operations of securities transaction-related in (securities ISAC), to analyze the vulnerability of information security related to securities transactions, which corresponds to running the integrated security control system. Online stock trading is a subject to the Personal Information Protection Act, electronic systems of related, has been designated as the main information and communication infrastructure to, damage financial carelessness of the user, such as by hacking is expected to are. As a result, research on the key vulnerabilities of information security fields related to securities business cancer decoding of the Securities and Exchange packet, through the analysis of security events and integrated security control is needed.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.5
• /
• pp.1003-1008
• /
• 2017

The Internet of Things has attracted considerable research attention in recent years. In order for the new IoT technology to be widely used, the reliability and protection of information is required. IoT systems are very vulnerable to physical security due to their easy accessibility. Along with the development of SoC technology, many operating systems have been developed and many new operating systems have been introduced. In this paper, we describe the vulnerability analysis results for operating systems running on the ARMv7 Thumb Architecture hardware platform. For the recently introduced "Windows 10 IoT Core" operating system, I implemented the Zero-Day Attack by implanting the penetration code developed through the research into a specific IoT system. The virus detection test for the resulting penetration code was validated by referral to the "virustotal" site.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.40 no.3
• /
• pp.116-122
• /
• 2017

Advances in information technology, communication and network technology are radically facilitating digital convergences as the integration of human, equipment, and space in the current industry 4.0 era. In industry 4.0 environment, the vast amount of information with networked computing technology can be simultaneously accessible even in limited physical space. Two main benefit points out of these information are the convenience and efficiency in their online transactions either buying things online or selling online. Even though there exist so many benefits that information technology can create for the people doing business over the internet there is a critical problem to be answered. In spite of many such advantages, however, online transactions have many dysfunctions such as personal information leakage, account hacking, and cybercrime. Without preparing the appropriate protection methods or schema people reluctantly use the transaction or would find some other partners with enhanced information security environment. In this paper we suggested a novel selection criteria that can be used to evaluate the reliable means of authentication against the expected risks under on-going IoT based environment. Our selection criteria consists of 4 steps. The first step is services and risk identification step. The second step is evaluation of risk occurrence step. The third step includes the evaluation of the extent of damage. And the final step is the assessment of the level of risk. With the help of the above 4 step-approach people can systematically identify potential risks hiding in the online transactions and effectively avoid by taking appropriate counter actions.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.5S
• /
• pp.1726-1735
• /
• 2000

Internet purchase is increasing according to the activation of Electronic Commerce. Currently, the hardware is main purchase items in the Electronic commerce. The on-line purchase of digital product, that is electronic file type of product, has many merits such as, does not cost in logistics, is ease of searching the product, and is possible of 'Try and Buy' system. But, actually digital products have not been major proudct because of tits piracy problem. The piracy problem of digital products comes from the lack of safety in DP license control technology. Current EC has no method to identify the object that has the right ot use the digital product. The protecting of object change is impossible and the protection of hacking is not enough and EC has any problems in efficient license control because of the incompletion of EC structure. In this paper, e propose the design and implementation of on-line DP circulation system, which can activate on-line circulation of DP in EC and protect its piracy, by using the new license control technology, that is Dynamic License control technology.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.53-59
• /
• 2013

As the hacking technology for cyber-terror and financial fraud evolves, the research and development for advanced and standardized information security technology is growing to be more and more important. In this paper, the domestic level of technology and standardization for information security as compared to advanced country is diagnosed, and future policy is presented by analyzing the influence effect for market and technology. The information security is classified into information security-based & user protection, network & system security, and application security & evaluation validation with details of OTP-based validation, smart-phone app security, and mobile electronic finance, etc. The analytic results indicate that domestic level is some poor for advanced country, the technological development and standardization capability for smart-phone app security and mobile electronic finance is needed, and finally the government's supporting policy for the future Internet is urgently needed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.705-715
• /
• 2017

Today, the world is evolving into a huge community that can communicate with real-time information sharing and communication based on the rapid advancement of scientific technology and information. Behind this information, the adverse effects of information assets, such as hacking, viruses, information assets, and unauthorized disclosure of information assets, are continually increasing as a serious social problem. Each time an infringement of the invasion and personal information leaks occur, many regulatory policies have been announced, including stricter regulations for protecting the privacy of the government and establishing comprehensive countermeasures. Also, companies are making various efforts to increase awareness of the importance of information security. Nevertheless, information security accidents like the leaks of industrial secrets are continuously occurring and the frequency is not lessening. In this thesis, I proposed a customized security policy methodology that supports users with various business circumstances and service and also enables them to respond to the security threats more confidently and effectively through not a monotonous and technical but user-centered security policy.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.237-240
• /
• 2011

Voice over Internet Protocol calls using administrative agency to build a national information and communication service, 'C' group, providers, the KT, SK Broadband, LG U+, Samsung SDS, as there are four operators. To prepare for an attack on Voice over Internet Protocol for administrative agency, security is a need for research to support the model. In this paper, the Internet telephone business of Administrative Agency to investigate and analyze the specific security measures to respond. Should set priorities around confidentiality about five security threats from NIS to Study of Voice over Internet Protocol Security Response Model for Administrative Agency. (1) Illegal wiretapping, (2) call interception, (3) service misuse, (4) denial of service attacks, (5) spam attacks, write about and analyze attack scenarios. In this paper, an analysis of protection by security threats and security breaches through a step-by-step system to address the research study is a step-by-step development of the corresponding model.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.11S
• /
• pp.3694-3701
• /
• 2000

Internet purchase is increasing according to the activation of Electronic Commerce. Currently, the hardware is main purchase items in the Electronic Commerce. The on-line purchase of digital product, that is electronic file type of product, has many merits such as, does not cost in logistics, is ease of searching the product, and is possible of 'Try and Buy' system. But, actually digital products have not been major product and Cause of its piracy problem. Therefore, the tchnology of digital rights management is focused within EC. The piracy problem of digital products comes from the lack of safety in DP license control technology. Current EC has no method to identify the object that has the right to use the digital product. The protecting of object change is impossible and the protection of hacking is not enough and EC has many problems in efficient license control because of the incompletion of EC structure. In this paper, we propose the design and implementation of on-line circulation system, which can activate on-line circulation of MP3 digital data product in EC, by using the new license control technology, that is Dynamic License Control technology.

• Journal of Digital Convergence
• /
• v.17 no.11
• /
• pp.195-200
• /
• 2019

The role of the Internet of Things in the Fourth Industrial Revolution is in the era of collecting data at the end and analyzing big data through technology to analyze the future or behavior. Therefore, due to the nature of the IoT, it is vulnerable to security and requires a lightweight security protocol. The spread of things Internet technology is changing our lives a lot. IT companies all over the world are already focusing on products and services based on things Internet, and they are going to the era of all things internet that can communicate not only with electronic devices but also with common objects. People, people, people and objects, things and things interact without limitation of time and space, collecting, analyzing and applying information. Life becomes more and more smart, but on the other hand, the possibility of leakage of personal information becomes greater. Therefore, this study proposed security threats that threaten the protection of personal information and countermeasures, and suggested countermeasures for building a secure IoT environment suitable for the Fourth Industrial Revolution.

• Journal of Advanced Navigation Technology
• /
• v.25 no.5
• /
• pp.415-425
• /
• 2021

In line with the trend of the digital transformation, the financial sector is providing financial services with new technologies. Among them, the open banking, which is drawing attention from global financial industry, is a service environment that maximizes customers' convenience and data utilization. In addition, the shift in the digital paradigm has also increased anxiety that security problems such as hacking and information leakage caused by data sharing are also concerned. A failure to overcome the negative view will hinder the development of financial services. This study presents a security governance system that can safely and comprehensively manage data in a digital financial ecosystem. This prepares a technical application plan by presenting a digital financial security architecture to field workers, focusing on the open banking service environment. It can be seen that this study is worthwhile by presenting a comprehensive information protection system that allows financial IT to introduce and utilize open banking services in a changing environment.