• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.3
• /
• pp.181-196
• /
• 2014

Cloud computer technology currently provides diverse services based on a comprehensive environment ranging from hardware to solution, network and service. While the target of services has been extended from institutions and corporations to personal infrastructure and issues were made about security problems involved with protection of private information, measures on additional security demands for such service characteristics are insufficient. This paper proposes a multi-session authentication technique based on the characteristics of SaaS (Software as a Service) among cloud services. With no reliable authentication authority, the proposed technique reinforced communication sessions by performing key agreement protocol safe against key exposure and multi-channel session authentication, providing high efficiency of performance through key renewal using optimzied key table. Each formed sessions have resistance against deprivation of individual confirmation and service authority. Suggested confirmation technique that uses these features is expected to provide safe computing service in clouding environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.1
• /
• pp.85-102
• /
• 1999

In this paper, we propose an EC-SRP(Elliptic Curve - Secure Remote Password) protocol that uses ECDLP(Elliptic Curve Discrete Logarithm Problem) instead SRP protocols’s DLP. Since EC-SRP uses ECDLP, it inherits the high performance and security those are the properties of elliptic curve. And we reduced the number of elliptic curve scalar multiplication to improve EC-SRP protocol’s performance. Also we have proved BC-SRP protocol is a secure AKC(Authenticated Key Agreement with Key Confirmation) protocol in a random oracle model.

• Journal of Information Technology Services
• /
• v.20 no.2
• /
• pp.147-166
• /
• 2021

As vehicle sharing service is being widely used in China. The sharing economy appeared to be a way to make people's lives more convenient and to utilize limited resources efficiently. Sharing economy companies have created an app to satisfy users' needs with providing more benefits. Although research on vehicle sharing services has been continuously conducted at the level of the sharing economy, there are not many empirical studies related to the perception of the sharing economy from the consumer's point of view. In this sense, this study considered the perceived relationship benefits (social benefits, economic benefits, psychological benefits, and functional benefits) of Didi chuxing service as the key independent variables influencing users' confirmation and satisfaction, And suggests that users' confirmation and satisfaction are the key determinants of Didi continuance intention . To test the proposed research model, this study conducted structural equation model using 268 data collected on the users who have experience of Didi service. According to the empirical analysis results, This study verifies that: First, social benefits, economic benefits, psychological benefits, and functional benefits are determinants of user's satisfaction. Second, expectation confirmation depends on economic benefits, psychological benefits, functional benefits and social influence, meanwhile, social benefit has no effect on expectation confirmation. Third, expectation confirmation is proved to be a positive predictor of users' satisfaction. Finally, this results indicate that continuous use intention is determined by users' satisfaction.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.13-25
• /
• 2004

The key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, key confirmation, and key freshness. In this paper, we present the guideline of security functions in BSAN(Broadband Satellite Access Network), and analyze the specification of the security primitives and the hey exchange Protocols for the authenticated key agreement between RCST(Return Channel Satellite Terminal) and NCC(fretwork Control Centre). In addition, we propose the security specification for a domestic broad satellite network based on the analysis on the analysis profile of ETSI(European Telecommunications Standards Institute) standards. The key exchange protocols proposed in ETSI standard are vulnerable to man-in-the-middle attack and they don't provide key confirmation. To overcome this shortcoming, we propose the 4 types of the key exchange protocols which have the resistant to man-in-the-middle-attack, key freshness, and key confirmation, These proposed protocols can be used as a key exchange protocol between RCST and NCC in domestic BSAN. These proposed protocols are based on DH key exchange protocol, MTI(Matsumoto, Takashima, Imai) key exchange protocol, and ECDH(Elliptic Curve Diffie-Hellman).

• The Journal of Information Systems
• /
• v.20 no.4
• /
• pp.1-22
• /
• 2011

This study addressed trust to collective intelligence for explaining the affecting factors to the intention to use of collective intelligence by dividing the object of trust into a Web site and an information source group. We explored the factors affecting user's continuance intention toward collective intelligence in the view off trust building. We made a well-structured survey of our proposed model and gained 205 cases. We analyzed the proposed research model empirically using partial least square method. The findings are summarized as follows. First, all key factors (relevance, timeless, completeness, understandability) composing of collective intelligence quality have a positive and significant impact on confirmation. Second, confirmation has a significant impact on trust toward a Web site, as well as toward an information source group. The last is that trust toward a Web site influences on continuance intention, whereas trust toward an information source group doesn't.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.209-215
• /
• 2020

The environment of the Internet provides an efficient communication of the things which are connected. While internet and online service provide us many valuable benefits, online services offered and accessed remotely through internet also exposes us to many different types of security threats. Most security threats were just related to information leakage and the loss of authentication on client-server environment. In 2016, Ahmed et al. proposed an efficient lightweight remote user authentication protocol. However, Kang et al. show that it's scheme still unstable and inefficient. It cannot resist offline identity guessing attack and cannot provide session key confirmation property. Moreover, there is some risk of biometric information's recognition error. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in device. In addition, our proposed scheme should provide not only security, but also efficiency since we only use hash function and XOR operation.

• 한국경영정보학회:학술대회논문집
• /
• 2007.06a
• /
• pp.503-508
• /
• 2007

In order to understand information system post-adoption phenomena, the expectation-confirmation model (ECM) was proposed. Past studies based on the ECM focus on a referent centered on the target IS being studied. The effect of this reference, captured through confirmation, has been strongly shown. However, the saliency of two additional reference effects, captured through self-image congruity and regret, has not been explored. In order to fill this knowledge gap, this paper attempts to develop a research model that extends the ECM by incorporating self-image congruity and regret as well as perceived enjoyment. For this extension, we synthesize the extant literature on continued IS use, self-image congruity, and regret. The analysis results tell us that self-image congruity plays a key role in forming two post-adoption beliefs, perceived usefulness and perceived enjoyment. It is also found that the absolute effect of regret on continuance intention is larger than those of other antecedents identified in IS. Overall, this study preliminarily confirms the saliency of self-image congruity and regret in post-adoption phenomena. Our study results is likely to help the IS community systematically address unexplored effects of self-image congruity and regret.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.17 no.3
• /
• pp.39-61
• /
• 2021

This study aims to examine the effect of the Mindfulness for YouTube users. Recently, video sharing platforms have grown rapidly with YouTube, and YouTube has grown rapidly despite the emergence of various video sharing platforms. Which YouTube represents these changes, provides an environment where anyone can make and distribute videos. And through these advantages, many viewers are coming in and more creators are making videos. The purpose of this study is to understand the influence factors of YouTube service in Korea and to clarify the causal relationship between the factors that affect the continued use intention through usefulness, confirmation, and satisfaction. For this reason, presented a research model that applied key variables of the Mindfulness theory, which emphasized that users should be aware of their emotions. In order to empirical verification the research model of this study, a questionnaire was conducted for university students and general office workers who had experience using YouTube. As a result, first decentered attention has been shown that has no positive effect on perceived usefulness and confirmation. Second, non-judgmental acceptance has benn shown that has a postitive effect on perceived usefulness and confirmation. Third, current self-perception has been shown that has no positive effect on perceived usefulness and confirmation. Fourth, concentration has been shown that has no positive effect on perceived usefulness and confirmation. And Mindfulness has been shown that has a positive effect on satisfaction and perceived usefulness. Through this, it is important to use YouTube to use what users feel is important, and it is important to determine whether the video is helpful to them when accepting content and make them expect the next video.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.5135-5149
• /
• 2015

Communications among multi-party must be fast, cost effective and secure. Today's computing environments such as internet conference, multi-user games and many more applications involve multi-party. All participants together establish a common session key to enable multi-party and secure exchange of messages. Multi-party password-based authenticated key exchange scheme allows users to communicate securely over an insecure network by using easy-to-remember password. Kwon et al. proposed a practical three-party password-based authenticated key exchange (3-PAKE) scheme to allow two users to establish a session key through a server without pre-sharing a password between users. However, Kwon et al.'s scheme cannot meet the security requirements of key authentication, key confirmation and anonymity. In this paper, we present a novel, simple and efficient multi-party password-based authenticated key exchange (M-PAKE) scheme based on the elliptic curve cryptography for mobile environment. Our proposed scheme only requires two round-messages. Furthermore, the proposed scheme not only satisfies security requirements for PAKE scheme but also achieves efficient computation and communication.

• Journal of information and communication convergence engineering
• /
• v.3 no.3
• /
• pp.163-166
• /
• 2005

The Key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, Key confirmation, and Key freshness. In this paper, Two authenticated key exchange protocols TPEKE-E(Two Pass Encrypted Key Exchange-Exchange-Efficient) and TPEKE-S(Two Pass Encrypted Key xchange-Secure) are introduced. A basic idea of the protocols is that a password can be represented by modular addition N, and the number of possible modular addition N representing the password is $2^N$. The TPEKE-E is secure against the attacks including main-in-the-middle attack and off-line dictionary attack, and the performance is excellent so as beyond to comparison with other authenticated key exchange protocols. The TPEKE-S is a slight modification of the TPEKE-E. The TPEKE-S provides computational in feasibility for learning the password without having performed off line dictionary attack while preserving the performance of the TPEKE-E.