• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1261-1266
• /
• 2021

Existing information security risk assessment methods focus on evaluating the vulnerability of information assets. However, when the form of information assets changes and new types of information assets emerge, there is a limitation in that the evaluation standards for them are also added or deleted. Existing methods have insufficient research on the path through which cyber threats are introduced. In particular, there is very little research on blocking the inflow path for web-based information systems with public IPs. Therefore, this paper introduces the main research contents of the BDLA (Blockade and Defense Level Analysis)-based information security risk assessment model. In addition, by applying the BDLA-based information security risk assessment model, the information security risk level was studied by measuring the blockade level and security equipment level of 17 public institutions.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.4
• /
• pp.838-847
• /
• 2017

CNG which was released as a substitute of the previous CAPI (Cryptography API) library from Microsoft is constructed with individual modules based on the plug-in architecture, this means CNG is exceedingly helpful in the cost of development as well as the facility of extension. On the opposite side of these advantages, considerations on security issues are quite insufficient. Therefore, a research on security assurance is strongly required in the environment of distributing and utilizing the CNG library, hence, we analyze possible security vulnerabilities on the CNG library. Based on analyzed vulnerabilities, proof-of-concept tools are implemented and vulnerabilities are verified using them. Verified results are that contents of mail, account information of mail server, and authentication information of web-sites such as Amazon, E-bay, Google, and Facebook are exposed in Outlook program and Internet Explorer program using CNG library. We consider that the analyzed result in this paper can improve the security for various applications using CNG library.

• Journal of Korea Multimedia Society
• /
• v.17 no.7
• /
• pp.778-786
• /
• 2014

Buyer-seller watermarking protocol is one of the copyright protection techniques which combine a cryptographic protocol used in electronic commerce with a digital wetermarking scheme aiming at proving the ownership of multimedia contents and preventing the illegal reproduction and redistribution of digital contents. In this paper, it is proposed a new watermarking scheme in an encrypted domain in an image that is based on the block-DCT framework. In order to implement watermarking scheme in a public-key cryptosystem, it is divided that frequency coefficients exist as real number into integer and decimal layer. And the decimal layer is modified integer type through integral-processing. Also, for robustness and invisibility required in watermarking scheme, it is designed a direction-adaptive watermarking scheme based on locally edge-properties of each block in an image through analyzing distribution property of the frequency coefficients in a block using JND threshold.

• Journal of Broadcast Engineering
• /
• v.13 no.1
• /
• pp.43-52
• /
• 2008

We study the problem of search in which a server contains various multimedia contents and a user wishes to retrieve some multimedia items containing a specific without revealing to the server which items they are. Recently, Ogata and Kurosawa introduced a search scheme by using the notion of oblivious transfer. In their scheme, a user must inefficiently search and compare all the data stored in the seuer for each search query. In this paper, we propose an efficient oblivious search by using the oblivious transfer, in which a user needs not to search and compare all the data. We formally prove that the proposed scheme is secure under the hardness of RSA known target inversion problem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.147-155
• /
• 2003

The diffusion of internet infrastructure and a fast increase of Population to use it is becoming a base of the service that can use various information, data and digital contents which were provided through off-line physically and used. Recently, the. techniques for copy deterrence and copyright protection have been important in e-commerce because various contents in digital form can be duplicated easily. The Access Control(AC) technique that only a user having the qualifications can access and use contents normally has been studied. The Conditional Access System(CAS) used in a satellite broadcasting md Digital Right Management System(DRMS) used for contents service are representative models of current commercialized access control. The CAS and DRM can be considered as an access control technique based on the payment based type(PBT). This paper describe the access control method of payment free type(PFT) suggested in ［5］ which are independent on the payment structure. And then we suggest a new access control method of payment free type which is more efficient than the previous one.

• Journal of Digital Contents Society
• /
• v.19 no.1
• /
• pp.85-91
• /
• 2018

Most banks use only demographic information such as gender, age, occupation and address to segment customers, but they do not reflect financial behavior patterns of customers. In this study, we aim to solve the problems by using various big data in a bank and to develop customer segmentation method which can be widely used in many banks in the future. In this paper, we propose an approach of segmenting clustering blocks with bottom-up method. This method has an advantage that it can accurately reflect various financial needs of customers based on various transaction patterns, channel contact patterns, and existing demographic information. Based on this, we will develop various marketing models such as product recommendation, financial need rating calculation, and customer churn-out prediction based on this, and we will adapt this models for the marketing strategy of NH Bank.

• Proceedings of the Korea Contents Association Conference
• /
• 2014.11a
• /
• pp.291-292
• /
• 2014

본 연구에서는 스마트워크 환경에서 정보보호를 위하여 사용자와 서비스 제공자 입장에서 정보보호 요구사항을 분석하고, 정보보호 요구사항을 바탕으로 스마트워크 도입 및 운영 관점에서의 보안 위협 및 취약점을 분석하여 대안을 찾고자 한다.

• Journal of Digital Contents Society
• /
• v.19 no.1
• /
• pp.93-102
• /
• 2018

This study aims to present policy implications by analyzing information security behavior factors of internet users. The research model, based on PMT and UTAUT2, consists of perceived threat, severity, social influence, self-efficacy, experience and habits, PC and privacy behaviors, security behaviors on new services and set demographic characteristics, use places of internet, use of paid products, and experiences of accident as moderate variables to analyze the effect on security behavior. The results showed that perceived severity, self-efficacy significantly influenced on experience and habits, and experience and habits and self-efficacy had a high influence on PC and privacy behavior. Also, PC and privacy behaviors have a high impact on security behavior of new services. Age, income, use of paid products, and experience of accidents have a moderating effects on security behaviors. The results of this study are expected to help policy decision making to improve the level of information security of internet users.

• Korean Journal of Human Ecology
• /
• v.10 no.1
• /
• pp.83-91
• /
• 2001

Currently, obtaining information about the housing studies through the internet web sites is one of the outstanding mediums. Those are of the housings, architecture, interior design, furniture products, hotels and its journals, etc., and out of all those informations are the highly expected value of use. But. it may causes the public users to experience a negative effect, because many of those informations provided on the internet web sites related to the housing studies/informations are not providing an equal quality of information. And measuring the quality is also not easy. This study focuses on the establishment of evaluation criterion for the housing information-related internet web sites. In such a vein, it proposes a clear model to evaluate the information qualities with the 43 questionnaires / examining items. To test the questionnaires/rating items, the analysis has been implemented which has shown the reciprocal effect between the 2 major factors. One major factor with 4 variables on the information searches are (1) the accuracy/reliability of contents and techniques, (2) the design of a picture and communication, (3) the readability and security, and (4) the security of private information, and the other factor with 3variables on the additional services are (1) the diversities of contents and ease of orderings, (2) the abilities of search and e-mail, and (3) the events and after services. This study/rating model will provide the users with a fundamental material in evaluating the quality of housing information on the internet web sites.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.1071-1082
• /
• 2021

COVID-19 has changed a lot in our daily lives, where school classes and remote classes have been combined or converted to remote classes. Many students spent more time online, and cyberbullying, such as indiscriminate disclosure of their personal information, bullying of their classmates online, increased. In this paper, we propose an online education program as a countermeasure against cyberbullying. This program is designed for elementary, middle, and high school students and can also be used for informatics or ethics classes in the 2015 curriculum. The proposed program is divided into four major themes: 'Cyberbullying,' 'Information Security,' 'Cyber Crime,' and 'Language Violence,' and is divided into a total of ten topics according to its connection. It was organized to teach the topics evenly by grade. Also, the program's feasibility was verified by experts on the selection of educational contents and organizing of contents. In the future, it will be necessary to apply for this program and conduct an effectiveness analysis to measure whether it has effectively contributed to the decrease in cyberbullying rates among students and the improvement of coping skills.