• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제5권6호
• /
• pp.1192-1213
• /
• 2011

Information security management systems (ISMSs) are used to manage information about their customers and themselves by governments or business organizations following advances in e-commerce, open networks, mobile networks, and Internet banking. This paper explains the existing ISMSs and presents a comparative analysis. The discussion deals with different types of ISMSs. We addressed issues within the existing ISMSs via analysis. Based on these analyses, then we proposes the development of an information security management evaluation system (ISMES). The method can be applied by a self-evaluation of the organization and an evaluation of the organization by the evaluation committee. The contribution of this study enables an organization to refer to and improve its information security levels. The case study can also provide a business organization with an easy method to build ISMS and the reduce cost of information security evaluation.

• Management Science and Financial Engineering
• /
• 제16권2호
• /
• pp.115-138
• /
• 2010

People acknowledge that mobile technology has improved their lives in terms of convenience, flexibility, connectedness, and new freedom of choice. However, as people increase usage of technology, they may become frustrated, challenged, annoyed, and irritated with it. This is the main characteristic of mobile technology paradoxes. Once technology gets into people's daily life, which it already has, people will look for a way to minimize the dependency on the technology, as well as finding a way to use the technology to improve the quality of their life. The focus of this study is to understand the mobile technology paradoxes and to develop coping strategies. As mobile technology is already a part of people's daily life, it is inevitable that people need to utilize technology as part of their lifestyles. This study developed a research model regarding the relationship between mobile technology perception and choice of coping strategies, including personal risk propensity as a mediating factor. Discussion on the importance of the technology paradoxes for developing mobile solution and services from the customers' perspectives followed after hypotheses testing.

• 한국지능정보시스템학회:학술대회논문집
• /
• 한국지능정보시스템학회 2005년도 춘계학술대회
• /
• pp.283-291
• /
• 2005

The development of mobile applications is fast in recent years. However, nearly all applications are for messaging, financial, locating services based on simple interactions with mobile users because of the limited screen size, narrow network bandwidth, and low computing power. Processing an algorithm for supporting a group decision process on mobile devices becomes impossible. In this paper, we introduce the mobile-oriented simple interactive procedure for support a group decision making process. The interactive procedure is developed for multiple objective linear programming problems to help the group select a compromising solution in the mobile Internet environment. Our procedure lessens the burden of group decision makers, which is one of necessary conditions of the mobile environment. Only the partial weak order preferences of variables and objectives from group decision makers are enough for searching the best compromising solution. The methodology is designed to avoid any assumption about the shape or existence of the decision makers's utility function. For the purpose of the experimental study of the procedure, we developed a group decision support system in the mobile Internet environment, MOBIGSS　and applied to an allocation problem of investor assets.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제18권3호
• /
• pp.704-719
• /
• 2024

Botnet pandemics are becoming more prevalent with the growing use of mobile phone technologies. Mobile phone technologies provide a wide range of applications, including entertainment, commerce, education, and finance. In addition, botnet refers to the collection of compromised devices managed by a botmaster and engaging with each other via a command server to initiate an attack including phishing email, ad-click fraud, blockchain, and much more. As the number of botnet attacks rises, detecting harmful activities is becoming more challenging in handheld devices. Therefore, it is crucial to evaluate mobile botnet assaults to find the security vulnerabilities that occur through coordinated command servers causing major financial and ethical harm. For this purpose, we propose a hybrid analysis approach that integrates permissions and API and experiments on the machine-learning classifiers to detect mobile botnet applications. In this paper, the experiment employed benign, botnet, and malware applications for validation of the performance and accuracy of classifiers. The results conclude that a classifier model based on a simple decision tree obtained 99% accuracy with a low 0.003 false-positive rate than other machine learning classifiers for botnet applications detection. As an outcome of this paper, a hybrid approach enhances the accuracy of mobile botnet detection as compared to static and dynamic features when both are taken separately.

• 정보보호학회논문지
• /
• 제24권5호
• /
• pp.931-939
• /
• 2014

결제를 위한 이전의 웹 접근 인증 시스템의 웹 혹은 모바일 채널은 단지 사용자 인증만을 위한 것이며 사용자와 은행 및 금융 기관과의 인증은 이루어지지 않고 있다. 따라서 본 논문은 웹 기반 결제 시스템을 위한 사용자와 은행 및 금융 기관과의 상호 인증이 가능한 결제 거래 인증 모드를 제안한다. 제안한 시스템은 유선 전자 거래를 위한 안전한 전자 거래 (Secure Electronic Transaction : SET)를 무선 네트워크를 위한 결제 시스템으로 설계하였다. 또한 거래 인증 모드를 사용한 이 시스템은 SET 단점인 유선의 카드 기반 거래를 대신하여, 무선의 계좌 기반 거래를 지원 할 수 있다. 따라서 고객은 고객과 고객 은행 사이의 상호 인증으로 고객 은행 사이트에 다시 로그인할 필요 없이 잔고를 확인할 수 있다.

• 정보처리학회논문지:컴퓨터 및 통신 시스템
• /
• 제2권3호
• /
• pp.133-142
• /
• 2013

최근 스마트 기기는 결제, 할인쿠폰 등 각종 기능을 제공하는 수단으로 진화되면서 통신과 금융이 융합된 모바일 NFC 서비스의 시장이 급성장할 것으로 전망되고 있다. 특히 모바일 NFC 결제 서비스 시장의 활성화가 예상됨에 따라 모바일 NFC 결제 서비스는 국내 외적으로 널리 주목받고 있다. 하지만 이에 따른 NFC 기술 활용 증가로 개인정보 이용이 늘면서 침해요소 또한 증가하고 있다. 최근 한국인터넷진흥원에서 발표한 "NFC 개인정보보호 대책 최종보고서"에 따르면 개인정보 암호화를 부분적으로 미지원하거나 불필요한 개인정보의 과도한 수집 및 저장 등이 문제점으로 제기되었으며 Google사의 Google Wallet 서비스의 개인정보 유출 사고 또한 이러한 문제점을 뒷받침하는 근거가 되고 있다. 본 논문에서는 기존에 서비스되고 있는 NFC 모바일 결제 서비스 상에서 결제정보의 이동 경로 별 결제 기술의 위협을 분석하고 OTA(Over the Air) 상에서 안전한 정보교환을 위한 NTRU 기반 상호인증 기법과 사용자와 은행 간의 결제 단계에서 결제정보를 직접적으로 사용하지 않고 결제자를 증명할 수 있는 NTRU기반 영지식 증명 기법에 대해 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권2호
• /
• pp.1180-1200
• /
• 2017

Currently, automated payment services provide intuitive user interfaces by adapting various wireless communication devices with mobile services. For example, companies like Samsung, Google, and Apple have selected the NFC payment method to service payments of existing credit cards. An electronic payment standard has been released for NFC activation within Korea and will strengthen the safety of payment service communications. However, there are various security risks regarding the NFC-based electronic payment method. In particular, the NFC payment service using the recently released lightweight devices cannot provide the cryptographic strength that is supported by many financial transaction services. This is largely due to its computational complexity and large storage resource requirements. The chaotic map introduced in this study can generate a highly complicated code as it is sensitive to the initial conditions. As the lightweight study using the chaotic map has been actively carried out in recent years, associated authentication techniques of the lightweight environment have been released. If applied with a chaotic map, a high level of cryptographic strength can be achieved that can provide more functions than simple XOR operations or HASH functions. Further, this technique can be used by financial transaction services. This study proposes a mutual authentication technique for NFC-PCM to support an NFC payment service environment based on the chaotic map.

• Management Science and Financial Engineering
• /
• 제13권2호
• /
• pp.79-97
• /
• 2007

This paper investigates the relationship of service quality and user satisfaction in the wired and mobile Internet services based on the integrative framework of both systems. Given a moderate level of reliability and validity, the commonly driven dimensions for measuring service quality include responsiveness, assurance, empathy, convenience, usefulness, and diversity. User satisfaction is measurable by the dimensions of communication/entertainment, finance/economics, location/geography, and information/consulting. We apply the MANOVA tests to evaluate whether each of the service quality dimensions has an overall influence on user satisfaction. Next, multiple regression analyses are conducted to check if unique positive effect exists between each combination of service quality dimensions and user satisfaction dimensions. The results show that service quality must be taken care of with respect to the assurance dimension in order to enhance customer satisfaction in the dimensions of location/geography, which will contribute to increasing the utilization of mobile service. For improving user satisfaction in the dimension of information/consulting, service quality must be supported with respect to assurance and empathy in the mobile Internet market, in addition to diversity, which is the only significant service quality in the wired Internet service.

• 한국정보시스템학회지:정보시스템연구
• /
• 제18권2호
• /
• pp.1-18
• /
• 2009

Recently, internet banking is growing rapidly. Moot banks in Korea provide internet banking services. Internet banking becomes a major trend in the financial marketplace. With advanced computer technology and declining communication costs, many customers prefer online alternatives such as internet banking, mobile banking or phone banking rather than going to banks by themselves. The number of customers using those alternatives is skyrocketing and domestic commercial banks encourage them of the use. As the internet is highly developed, customers demand higher quality services and banks develop and provide diverse services in order to respond to them. However, internet banking service users are still afraid of their personal and financial information being exposed on the internet. The purpose of this research is to empirically analyze the influence that appropriate internet banking affect user's security intention. The research model proposed in this study includes user's security intention which is influenced by self-efficacy, security trust, Internet banking attitude, perceived security and security intention. According to the result of this study, self-efficacy and security trust are related to the security attitude. There is a significant relationship between security attitude and perceived security. Also, user's security attitude and perceived security is significantly affected by security intention.

• 디지털융복합연구
• /
• 제17권2호
• /
• pp.127-134
• /
• 2019

본 연구에서는 관광객을 대상으로 스마트폰 모바일뱅킹 서비스에 대한 행동 의도에 미치는 영향 요인들을 탐색하고자 한다. 모바일 인터넷 기술의 발전과 스마트 폰의 보급으로 인해 스마트폰 기반의 모바일뱅킹에 대한 관심과 보급이 대중화되고 있다. 이러한 상황에서 본 연구에서는 독립변수로서 기대 성과, 사회적 영향, 촉진 조건, 인지된 재정적 비용, 습관, 인지된 보안 수준을, 그리고 종속변수로서 사용자의 이용행동의도 사이의 관계를 분석하였다. 본 연구에서는 제주국제공항에서 중국 관광객을 대상으로 203명의 응답자를 대상으로 분석을 실시하였고, Smartpls 3.0으로 독립변수들의 영향 정도를 파악하였다. 분석 결과 인지된 보안 수준 및 습관이 행동 의도에 긍정적인 영향을 미침을 알 수 있었다. 특히 인지된 보안을 최근에 스마트폰 기반 모바일뱅킹의 중요한 이슈라는 점에서 본 연구 결과에 부합된다. 본 연구는 관광객 대상으로 스마트폰 기반 모바일 뱅킹 서비스의 행위 요인에 대한 분석이라는 점에서 의의를 가진다.