• International Journal of Computer Science & Network Security
• /
• v.22 no.2
• /
• pp.413-423
• /
• 2022

The NHIS provides free or highly subsidized healthcare to all people by providing financial fortification. However, the financial sustainability of the scheme is threatened by numerous factors. Therefore, this work sought to provide a solution to process claims intelligently. The provided Petri net model demonstrated successful data flow among the various participant. For efficiency, scalability, and performance two main subsystems were modelled and integrated - data input and claims processing subsystems. We provided smart claims processing algorithm that has a simple and efficient error detection method. The complexity of the main algorithm is good but that of the error detection is excellent when compared to literature. Performance indicates that the model output is reachable from input and the token delivery rate is promising.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.245-253
• /
• 2022

Commenced in 1954 by IBM, machine translation has expanded immensely, particularly in this period. Machine translation can be broken into seven main steps namely- token generation, analyzing morphology, lexeme, tagging Part of Speech, chunking, parsing, and disambiguation in words. Morphological analysis plays a major role when translating Indian languages to develop accurate parts of speech taggers and word sense. The paper presents various machine translation methods used by different researchers for Indian languages along with their performance and drawbacks. Further, the paper concentrates on parts of speech (POS) tagging in Marathi dialect using various methods such as rule-based tagging, unigram, bigram, and more. After careful study, it is concluded that for machine translation, parts of speech tagging is a major step. Also, for the Marathi language, the Hidden Markov Model gives the best results for parts of speech tagging with an accuracy of 93% which can be further improved according to the dataset.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.617-627
• /
• 2013

Wireless communication technology such as NFC and RFID makes the data transfer between devices much easier. Instead of the irksome typing of passwords, users are able to simply authenticate themselves with their smart cards or smartphones. Relay attack, however, threatens the security of token-based, something-you-have authentication recently. It efficiently attacks the authentication system even if the system has secure channels, and moreover it is easy to deploy. Distance bounding or localization of two devices has been proposed to detect relay attacks. We describe the disadvantages and weakness of existing methods and propose a new way to detect relay attacks by recording a background noise.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.341-351
• /
• 2021

Recently, user-driven privacy control technology, such as distributed ID management, has been gaining attention. However, the existing blockchain-based access control studies have not provided a sufficient level of privacy control method to users. This paper proposes a method that combines permissioned blockchain technology and a recent privacy control standard. To allow users to participate in privacy control, a token-based user access control service that conforms to the UMA2 standard was applied to the blockchain dApp. By combining the blockchain and UMA2, the proposed method provides a user-centered privacy control function that the existing blockchain could not provide. In addition, we solved the problem of privacy, security, and availability of entities, which are the disadvantages of UMA2.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.803-813
• /
• 2013

As the developments of smart devices and social network services, the amount of data has been exploding. The world is facing Big data era. For these reasons, the Big data processing technology which is a new technology that can handle such data has attracted much attention. One of the most representative technologies is Hadoop. Hadoop Distributed File System(HDFS) designed to run on commercial Linux server is an open source framework and can store many terabytes of data. The initial version of Hadoop did not consider security because it only focused on efficient Big data processing. As the number of users rapidly increases, a lot of sensitive data including personal information were stored on HDFS. So Hadoop announced a new version that introduces Kerberos and token system in 2009. However, this system is vulnerable to the replay attack, impersonation attack and other attacks. In this paper, we analyze these vulnerabilities of HDFS security and propose a new protocol which complements these vulnerabilities and maintains the performance of Hadoop.

• Convergence Security Journal
• /
• v.16 no.6_2
• /
• pp.83-88
• /
• 2016

Over recent years there has been considerable growth in interest in the use of biometric systems for personal authentication. Biometrics is a field of technology which has been and is being used in the identification of individuals based on some physical attribute. By using biometrics, authentication is directly linked to the person, rather than their token or password. Biometric authentication is a type of system that relies on the unique biological characteristics of individuals to verify identity for secure access to electronic systems. In 2013, Althobati et al. proposed an efficient remote user authentication protocol using biometric information. However, we uncovered Althobati et al.'s protocol does not guarantee its main security goal of mutual authentication. We showed this by mounting threat of data integrity and bypassing the gateway node attack on Althobati et al.'s protocol. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in device. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in WSN(Wireless Sensor Networks) operate with resource constraints such as limited power, computation, and storage space.

• Convergence Security Journal
• /
• v.7 no.3
• /
• pp.101-107
• /
• 2007

In recent years, electronic financial services, such as internet banking, come into wide use since the personal computer and network technology have made reasonably good progress. The growth of electronic financial service contributes to promoting the business efficiency of financial institution and promoting the convenience of financial customer, while the security on electronic financial service is getting more important because it is not face-to-face financial service. Therefore, the financial sector had decided to introduce the OTP (One Time Password) in order to authenticate the identification of customer and has built the Integrated OTP Authentication Center for a customer being able to use only one OTP token in electronic financial transaction with several financial institution. In this paper, we introduce the business of Integrated OTP Authentication Center and present the security analysis on integrated OPT authentication service, which is the main function of Integrated OTP Authentication Center.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.8B
• /
• pp.939-946
• /
• 2011

The Internet banking service provides convenience than the traditional offline services. However, it still causes a number of security problems including hacking. In order to strengthen security, the financial institutions have provided such authentication methods as the official authentication certificate, the security token, the security card and OTP. However, the incidents related to hacking have continuously occurred. Especially, various weak points have been suggested for the authentication methods in regard to such types of hacking as the memory hacking or the MITM attack. So I needed was a new authentication method. In this study, the two-channel authentication method which provide two-way authentication on the user's PC and mobile device when executing the electronic financial transactions in the Internet banking environment is suggested. Also, by analyzing it in comparison with other existing methods, it is possible to check that the prospects of safety and credibility are strengthened.

• Journal of Convergence Society for SMB
• /
• v.5 no.3
• /
• pp.15-20
• /
• 2015

There have been consumer needs for mobile payment system due to the rapid increase in the number of smartphones and the use of them. In tum, the market has been expanding as IT companies begin to participate in the mobile payment system business. Moreover, since the system supports better services not only covering payment service but also interworking with various apps in devices, it has been maximizing the consumer convenience. Although the convenience increased due to the mobile payment system, the vulnerability in security also increased; and smartphone users have been afraid of using the mobile payment system. This study is to examine Samsung Pay and Apple Pay, to present the vulnerability, and to suggest a countermeasure.

• The Journal of Society for e-Business Studies
• /
• v.12 no.4
• /
• pp.17-27
• /
• 2007

This paper proposes a key distribution and authentication protocol between user, service provider and key distribution center (KDC). This protocol is based on symmetric cryptosystem, challenge-response, Diffie-Hellman component and hash function. In the proposed protocol, user and server update the session key under token-update operation, and user can process repeated efficient authentications by using updated session keys. And another merit is that KDC needs not to totally control the session key between user and server in proposed protocol. Even an attacker steals the parameters from the KDC, the attacker still can not calculate session key. According to the comparison and analysis with other protocols, our proposed protocol provides good efficiency and forward secure session key.