• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.3
• /
• pp.111-118
• /
• 2023

Cyber attacks are increasing worldwide, and attacks on personal privacy such as CCTV and IP camera hacking are also increasing. If you search for IP camera hacking methods in spaces such as YouTube, SNS, and the dark web, you can easily get data and hacking programs are also on sale. If you use an IP camera that has vulnerabilities used by hacking programs, you easily get hacked even if you change your password regularly or use a complex password including special characters, uppercase and lowercase letters, and numbers. Although news and media have raised concerns about the security of IP cameras and suggested measures to prevent damage, hacking incidents continue to occur. In order to prevent such hacking damage, it is necessary to identify the cause of the hacking incident and take concrete measures. First, we analyzed weak account settings and web server vulnerabilities of IP cameras, which are the causes of IP camera hacking, and suggested solutions. In addition, as a specific countermeasure against hacking, it is proposed to add a function to receive a notification when an IP camera is connected and a function to save the connection history. If there is such a function, the fact of damage can be recognized immediately, and important data can be left in arresting criminals. Therefore, in this paper, we propose a method to increase the safety from hacking by using the connection notification function and logging function of the IP camera.

• Korean Security Journal
• /
• no.21
• /
• pp.155-175
• /
• 2009

RFID that provide automatic identification by reading a tag attached to material through radio frequency without direct touch has some specification, such as rapid identification, long distance identification and penetration, so it is being used for distribution, transportation and safety by using the frequency of 125KHz, 134KHz, 13.56MHz, 433.92MHz, 900MHz, and 2.45GHz. Also it is one of main part of Ubiquitous that means connecting to net-work any time and any place they want. RFID is expected to be new growth industry worldwide, so Korean government think it as prospective field and promote research project and exhibition business program to linked with industry effectively. RFID could be used for access control of person and vehicle according to section and for personal certify with password. RFID can provide more confident security than magnetic card, so it could be used to prevent forgery of register card, passport and the others. Active RFID could be used for protecting operation service using it's long distance date transmission by application with positioning system. And RFID's identification and tracking function can provide effective visitor management through visitor's register, personal identification, position check and can control visitor's movement in the secure area without their approval. Also RFID can make possible of the efficient management and prevention of loss of carrying equipments and others. RFID could be applied to copying machine to manager and control it's user, copying quantity and It could provide some function such as observation of copy content, access control of user. RFID tag adhered to small storage device prevent carrying out of item using the position tracking function and control carrying-in and carrying-out of material efficiently. magnetic card and smart card have been doing good job in identification and control of person, but RFID can do above functions. RFID is very useful device but we should consider the prevention of privacy during its application.

• Asia pacific journal of information systems
• /
• v.17 no.2
• /
• pp.123-137
• /
• 2007

The advent of the Internet and related Web technologies has created an easily accessible link between a firm and its customers, and has provided opportunities to a firm to use information technology to support supplementary after-sale services associated with a product or service. It has been widely recognized that supplementary services are an important source of customer value and of competitive advantage as the characteristics of the product itself. Many of these supplementary services are information-based and need not be co-located with the product, so more and more companies are delivering these services electronically. Net-based customer service, which is defined as an Internet-based computerized information system that delivers services to a customer, therefore, is the core infrastructure for supplementary service provision. The importance of net-based customer service in delivering supplementary after-sale services associated with product has been well documented. The strategic advantages of well-implemented net-based customer service are enhanced customer loyalty and higher lock-in of customers, and a resulting reduction in competition and the consequent increase in profits. However, not all customers utilize such net-based customer service. The digital divide is the phenomenon in our society that captures the observation that not all customers have equal access to computers. Socioeconomic factors such as race, gender, and education level are strongly related to Internet accessibility and ability to use. This is due to the differences in the ability to bear the cost of a computer, and the differences in self-efficacy in the use of a technology, among other reasons. This concept, applied to e-commerce, has been called the "e-commerce divide." High Internet penetration is not eradicating the digital divide and e-commerce divide as one would hope. Besides, to accommodate personalized support, a customer must often provide personal information to the firm. This personal information includes not only name and address, but also preferences information and perhaps valuation information. However, many recent studies show that consumers may not be willing to share information about themselves due to concerns about privacy online. Due to the e-commerce divide, and due to privacy and security concerns of the customer for sharing personal information with firms, limited numbers of customers adopt net-based customer service. The limited level of customer adoption of net-based customer service affects the firm profits and the customers' welfare. We use a game-theoretic model in which we model the net-based customer service system as a mechanism to enhance customers' loyalty. We model a market entry scenario where a firm (the incumbent) uses the net-based customer service system in inducing loyalty in its customer base. The firm sells one product through the traditional retailing channels and at a price set for these channels. Another firm (the entrant) enters the market, and having observed the price of the incumbent firm (and after deducing the loyalty levels in the customer base), chooses its price. The profits of the firms and the surplus of the two customers segments (the segment that utilizes net-based customer service and the segment that does not) are analyzed in the Stackelberg leader-follower model of competition between the firms. We find that an increase in adoption of net-based customer service by the customer base is not always desirable for firms. With low effectiveness in enhancing customer loyalty, firms prefer a high level of customer adoption of net-based customer service, because an increase in adoption rate decreases competition and increases profits. A firm in an industry where net-based customer service is highly effective loyalty mechanism, on the other hand, prefers a low level of adoption by customers.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.9
• /
• pp.79-89
• /
• 2013

Recently, the need for outsourcing sensitive data has grown due to the wide spreading of cost-effective and flexible cloud service. However, there is a fundamental concern in using such service since users have to trust external servers. Therefore, searchable encryption can be a very valuable tool to meet the security requirements of data outsourcing. However, most of work on searchable encryption focus only on privacy preserving search function and relatively lacks research on encryption mechanism used to actually encrypt data. Without a suitable latter mechanism, searchable encryption cannot be deployed in real world cloud services. In this paper, we analyze previously used and possible data encryption mechanisms for multi-user searchable encryption system and discuss their pros and cons. Our results show that readily available tools such as broadcast encryption, attribute-based encryption, and proxy re-encryption do not provide suitable solutions. The main problem with existing tools is that they may require separate fully trusted servers and the difficulty in preventing collusion attacks between outsiders and semi-trusted servers.

• The Journal of Society for e-Business Studies
• /
• v.20 no.4
• /
• pp.103-126
• /
• 2015

Compared to other countries, cloud computing in Korea is not popular especially in the government sector. One of the reasons for the current not-fully-blossomed situation is partly by early investment in huge government datacenters under Korea's e-government initiative; let alone, there was no strong control tower as well as no enforcing law and ordinances for driving such cloud computing initiative. However, in 2015 March 'Cloud Computing and Privacy Security Act' (hereinafter, Cloud Act) had been passed in the Parliament and from September 2015 Cloud Act was deployed in Korea. In U.S., FedRAMP (Federal Risk Assessment and Management Program) along with Obama Adminstration's 'Cloud First' strategy for U.S. federal institutions is the key momentum for federal cloud computing adoption. In 2015 January, U.S. Congressional Research Service (CRS) has published an extensive monitoring report for cloud computing in U.S. federal institutions. The CRS report which monitored U.S. government cloud computing implementation is indeed a good guideline for Korean government cloud computing services. For this reason, the purpose of the study is to (1) identify important aspects of the enacted Korean Cloud Act, (2) describe recent U.S. federal government cloud computing status, (3) suggest strategy and key strategy factors for facilitating cloud adoption in public organizations reflecting SDLC strategy, wherein.

• Journal of The Korean Association of Information Education
• /
• v.19 no.3
• /
• pp.299-310
• /
• 2015

This study was conducted with the goal to identify the degree to which elementary school students' knowledge about personal information protection practices impacted their actual behavior with regard to privacy protection. To fulfill this goal, knowledge about personal information protection was set as (1) knowledge about concepts of personal information, (2) knowledge of the rights of information holders, (3) knowledge about the code of conduct for information protection, and (4) awareness of the value of personal information. As for students' behaviors to ensure their personal information protection those were set as their habits to comply with the personal in-formation protection code of conduct and their efforts to respond and recover from any personal information violation. This study was conducted targeting 510 elementary students. The degree of the students' knowledge and their behaviors was measured by first distributing a self-report survey to the students and then analyzing their responses. The results of the analysis revealed the following: First, it was found that there are no differences among the four factors of knowledge and behavior according to the status of their education. Second, the two factors that primarily affected their personal information protection behavior were found to be their awareness of the information protection code of conduct and awareness of the value of personal information. This study holds significance in that it makes suggestions as to how personal protection practices should be taught to public school students.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.6
• /
• pp.1237-1244
• /
• 2009

In this paper, we proposed a mobile phone payment system using light signal containing payment related information. The digicard system we proposed creates virtual mobile card such as credit numbers and the created information is loaded in mobile phone. The virtual card information should be changed to pulse signal by light signal devices of mobile phone and the specific digicard system reader is able to read light signal. In recent years, a mobile phone payment system has been developed in order to provide user's convenience. But the mobile phone payment system has problems such as the production costs and complex and large size. In order to solve the aforementioned problems, we proposed mobile phone payment system being implemented by updating software without additional hardware modules. Therefore it is possible to apply the proposed digicard system to all kinds of mobile phone. Also encryption module is implemented to solve the problem of the security and privacy. According to an aspect of the present invention, there is provided a mobile phone payment system using a light signal containing payment-related information, comprising: a mobile phone; a photo receiver: and a control server.

• Journal of the Korean Home Economics Association
• /
• v.38 no.1
• /
• pp.75-87
• /
• 2000

The aims of this study are to establish a mode of housing life style that meet the demands of families living in big cities, and the contribute to the development of a better housing life style pattern by considering metropolitan residents' choice of housing and basic concepts of their behavioral patterns. The results of this study were as follows: 1. Value orientation of family life was divided into value orientation of family and value orientation of housing. Value orientation of family was constituted of four factors such as 'harmony', 'leisure and hobbies', 'individual development and its support' , 'education' . Value orientation of housing is constituted of three factors such as 'physical characteristics of house' , '\`environmental condition', 'socio-economic conditions of housing'. The comprehensive life values were constituted of six factors such as 'the importance of communal family', 'the importance of housing decoration and housing life benefits', 'the importance of security and holding environment' , 'the importance of familial harmony', 'the importance of privacy', 'the importance of convenience and natural environment'. Based on three factors, were found to be fine types of value orientation of family life which were 'pursue healthy of family', 'comfort of family', 'clean environment', 'convenient environment', and 'harmonious relationship among family members'. Variables influencing the value orientation of family life were property and price of housing. 2. Consumption propensity when buying house, furniture and durables were constituted of four factors which were propensity to 'beauty', 'fashion', 'tradition and symbol', and 'pragmatic use'. Based on these factors, there were found to be four types of consumption propensity when buying house, furniture and durables which were 'fashion', 'tradition and symbol', 'beauty', and 'pragmatic use'. Variables influencing spending habits were found to be objective social class (SES), types of residence, wife's educational background, and price of housing. 3. Propensity to using space were constituted of three factors which were 'convenience', 'politeness and social grace', and 'housekeeping'. Based on these factors, there were found to be three types of propensity to using space which were 'individuality', 'convenience', and 'politeness and housekeeping'. Variables influencing propensity to use of space were found to be objective social class (SES), wife's educational background, types of homeownership and price of housing 4. According to this study, there were found to be six patterns of housing life style: 1) family that seeks formalist life, 2) family that seeks harmonious life, 3) family that seeks active healthy life, 4) family that combine various factors, 5) family that seeks convenience, 6) family that stresses environment.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.47 no.1
• /
• pp.65-72
• /
• 2010

Nowadays, most hospitals have been used to create MRI or CT and managed them. Doctors depend on fast access to images such as magnetic resonance imaging (MRIs), computerized tomography (CT) scans, and X-rays for accurate diagnoses. Those image data are related privacy of a patient. Therefore, it should be protected from hackers and managed perfectly. In this paper, we propose a data hiding method into MRI or CT related a condition and intervention of a patient, and it is suggested that how to authenticate patient information from an image. In this way, we create hash code using HMAC with patient information, and hash code and patient information is hided into an image. After then, doctor will check authentication using HMAC. In addition, we use a reversible data hiding DE(Difference Expansion) algorithm to hide patient information. This technique is possible to reconstruct the original image with stego image. Therefore, doctor can easily be possible to check condition of a patient. As a consequence of an experiment with MRI image, data hiding, extraction and reconstruct is shown compact performance.

• Journal of Nutrition and Health
• /
• v.37 no.8
• /
• pp.688-700
• /
• 2004

This study was conducted to analyze how appropriate the on-line nutrition information was externally as a web information. Four-hundred-ninety-seven web sites from 5 internet search engines (Yahoo, Empas, Nate, Hanmir, Naver) were selected on the basis of April 25th, 2004. The skillful personnels monitored them about 8 evaluating categories: clarity, purpose, authority, durability, advertisement, privacy and/or security, responsibility, and contents. Forty percent of the selected web sites were operated by the companies which had commercial purpose like internet shopping malls and 5.6% by academies, societies, research institutions, schools/colleges and public institutions. Most of web sites (76.1 %) were managed for advertisements and sales of companies' commodities, and 32.6% had the food and nutrition information as first purpose. Ninety-three percent of web sites were targeted to healthy individuals through whole life cycle. Specifically, there were lots of web sites for the obesity which were offered by diet related companies. Of the 497 web sites, 193 mentioned the name providing the nutrition information, but only 1/3 had reliability on their specialty. As a source of nutrition information, 52.7% of web sites were using 'books of the major field' and 42.0% 'newspapers' and 23.7% 'broadcasting', respectively. Most web sites mentioned 'setting-up date' but not 'renewal date'. Thirty-six percent of web sites took '2 - 3 days' for the operators to answer the questions through the bulletin. Forty-seven percent of web sites answered' 1 - 10 questions' per 1 week, but 40.1 % of them didn't answer for a week at all. There were 118 web sites (23.7%) to record the connected frequencies and 36.0% of them put the advertisements. Around 96% of web sites mentioned feedback addresses. Among the menus of web sites, 68.0% were about self-advertisement and 64.0% about nutrition information. Each web site was scored to judge its external quality according to the operators by selecting 13 items. Web sites managed by public institution had highest scores (9.5), and lowest in private vendors', food companies' and individual web pages. Among search engines, Naver got the highest score of 7.0 and Nate the lowest one of 6.1. As it was only the pilot study, there were several limits in evaluating tools, time and monitored quantity. To make monitoring of on-line nutrition informatiions actively, standardized monitoring forms might be developed under the integrated studies.