• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.5
• /
• pp.1450-1470
• /
• 2023

In a Vehicular Cloud (VC) network, an announcement protocol plays a critical role in promoting safety and efficiency by enabling vehicles to disseminate safety-related messages. The reliability of message exchange is essential for improving traffic safety and road conditions. However, verifying the message authenticity could lead to the potential compromise of vehicle privacy, presenting a significant security challenge in the VC network. In contrast, if any misbehavior occurs, the accountable vehicle must be identifiable and removed from the network to ensure public safety. Addressing this conflict between message reliability and privacy requires a secure protocol that satisfies accountability properties while preserving user privacy. This paper presents a novel announcement protocol for secure communication in VC networks that utilizes group signature to achieve seemingly contradictory goals of reliability, privacy, and accountability. We have developed the first comprehensive announcement protocol for VC using group signature, which has been shown to improve the performance efficiency and feasibility of the VC network through performance analysis and simulation results.

• Asia pacific journal of information systems
• /
• v.33 no.4
• /
• pp.1093-1117
• /
• 2023

The study aims to determine the impact of quality outcomes on behavior intentions in Financial Technology (FinTech) payment services. The study is focused on the development and testing of the impact of the SERVQUAL model on the TAM, i.e., Technology Acceptance Model for the measurement of the behavioral intention of users to use fintech payment services. The sample entails 578 specific survey responses from northern India from October to December 2022. The respondents were users of FinTech. The PLS-SEM technique was employed to explain the implementation process. Consequently, it discovered a significant relationship between the SERVQUAL models and the impact on behavioral intentions identified by TAM. The study will provide insight into the factors that impact the quality outcomes and adoption of Fintech payment services to the providers. The paper demystifies FinTech payment services in the range of perception of service quality outcomes and provides essential theories. The TAM model reflects the customer's sense of satisfaction, usefulness, and attitude. In contrast, the SERVQUAL model demonstrates the user's assessment of service quality outcomes such as quality, trust, security, and service quality positively affects behavioral intention in FinTech payment services.

• The Journal of the Korea Contents Association
• /
• v.11 no.3
• /
• pp.84-99
• /
• 2011

As the integrated and large-scale information is extended due to an advanced information system, a possibility of leaking out privacy increases as the time passes by. As a result, the necessity of using a privacy impact assessment (PIA) is emphasized because it can analyze and minimize the element of invasion of privacy. However, an essential audit for personal information protection is not fulfilled because most of the information system audit supervises over physical, managerial, and technical security items of system architecture area so that general items are the only things being checked. Consequently, this paper proposes that in order to minimize the invasion of personal information, the privacy impact assessment should be done. It also presents a procedure and method of personal information protection audit according to the result of the assessment. After applying the suggested method to two projects, it was confirmed that the improvements for protecting personal information were drawn from this paper.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.295-303
• /
• 2023

As the cloud computing market grows, a variety of cloud services are now reliably delivered. Administrative agencies and public institutions of South Korea are transferring all their information systems to cloud systems. It is essential to develop security solutions in advance in order to safely operate cloud services, as protecting cloud services from misuse and malicious access by insiders and outsiders over the Internet is challenging. In this paper, we propose a zero trust model for cloud storage services that store sensitive data. We then verify the effectiveness of the proposed model by operating a cloud storage service. Memory, web, and network forensics are also performed to track access and usage of cloud users depending on the adoption of the zero trust model. As a cloud storage service, we use Amazon S3(Simple Storage Service) and deploy zero trust techniques such as access control lists and key management systems. In order to consider the different types of access to S3, furthermore, we generate service requests inside and outside AWS(Amazon Web Services) and then analyze the results of the zero trust techniques depending on the location of the service request.

• Journal of the Institute of Convergence Signal Processing
• /
• v.17 no.1
• /
• pp.10-17
• /
• 2016

GPS location information storage included in the HD black box is using a unique manner for each manufacturer does not have a specific standard. In this paper, in order to overcome the limitations of the storage space and thereby the image quality according to store GPS position information deteriorate to solve the problems that cause, we propose the location information concealment method included in the HDTV video content using a essential hidden region. HDTV video content is a Border Extender of 8 lines in the frame to the bottom of the compression will be required. This was inserted into the image of a gray scale used in block form in order to space the current position information is concealed to prevent image degradation. The proposed method was confirmed using real HD black box, there are more difficult to interpret the format of the ASCII code re-edit the location information when the compression effect disappears with the existing security zones added. Therefore, the proposed method is suitable for location-based services, such as Facebook or Youtube videos.

• Convergence Security Journal
• /
• v.22 no.5
• /
• pp.95-105
• /
• 2022

The Army, Navy, and Air Force are making various efforts to develop a weapon system that incorporates the 4th industrial revolution technology so that it can be used in multi-domain operations. In order to effectively demonstrate the integrated combat power through the weapon system to which the new technology is applied, it is necessary to establish a network environment in which each weapon system can transmit and receive information smoothly. For this, it is essential to analyze the Information Exchange Requirement(IER) of each weapon system, but many IER analysis studies did not sufficiently reflect the various considerations of the actual tactical network. Therefore, this study closely analyzes the research methods and results of the existing information exchange requirements analysis studies. In IER analysis, the size of the message itself, the size of the network protocol header, the transmission/reception structure of the tactical network, the information distribution process, and the message occurrence frequency. In order to be able to use it for future IER prediction, we present a technique for calculating the information exchange requirement as a probability distribution using the Poisson distribution and the probability generating function. In order to prove the validity of this technique, the results of the probability distribution calculation using the message list and network topology samples are compared with the simulation results using Network Simulator 2.

• Asia pacific journal of information systems
• /
• v.5 no.2
• /
• pp.79-100
• /
• 1995

Internal Control(IC) comprises the plan of organization and all of the coordinating methods and measures adopted in a business to safeguard its assets, check the accuracy and reliability of its accounting data, promote operational efficiency and encourage adherence to the prescribed managerial policies. If an organization's IC is not adequate, Accounting Information System (AIS) will be vulnerable to accomplish the organizations successes. Therefore, an effective and efficient IC is essential to its successes. The purpose of this study is to analyze the impact of EDP IC on the perceived usefulness of AIS. Do the general controls indirectively affect to the usefulness of AIS through th application controls? To solve these problems, a research model and a set of hypotheses were established and empirically tested. 60 financial institutions (banks, insurance companies, security companies) agreed to participate in the study. Data were gathered through structured interviews with 60 information systems managers and 537 users of accounting information of each company. Survey forms were designed and collected from financial institutions in Seoul. Information systems' managers of financial institutions responded to questionnaire(1) which consists of a series of 70 questions related to practice and perceived importance. Questionnaire (2) was received from 537 users, who responded to series of 17 questions related to the perceived usefulness. The results of analysis are summarized below. Effects of general controls are more direct on AIS's usefulness than those of application controls. Whereas, indirect effects of application controls are geater than those of general controls. Therefore, the greater the effects of application controls on general controls, the higher the perceived usefulness of AIS. In conclusion, this study supports that the perceived usefulness of AIS is affected by IC which are composed of general controls and application controls. The results of this study has significant implication to financial institution as computer fraud potential increases. Because of global competitions, financial institutions should restructure to IC and AIS in order to take advantage of the technological progress in Information System.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.7
• /
• pp.57-64
• /
• 2022

In this paper, the definition and overview of digital health care that has emerged recently, core technology, and We would like to propose a plan to establish a next-generation information protection system that can protect digital healthcare devices and data from cyber attacks. Various vulnerabilities exist for digital healthcare devices and data, and cyber attacks are possible for those vulnerabilities. Through an attack on digital health care devices and information and communication networks, it can directly adversely affect human life and health, Since digital healthcare data contains sensitive and personal information, it is essential to safely protect it from cyber attacks. In the case of this proposal, for continuous safe management of data and cyber attacks on equipment and communication networks for digital health devices, It is expected to be able to respond more effectively and continuously through the establishment of the next-generation information protection system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.7
• /
• pp.3093-3115
• /
• 2020

Network anomaly detection system plays an essential role in detecting network anomaly and ensuring network security. Anomaly detection system based machine learning has become an increasingly popular solution. However, due to the unbalance and high-dimension characteristics of network traffic, the existing methods unable to achieve the excellent performance of high accuracy and low false alarm rate. To address this problem, a new network anomaly detection method based on data balancing and recursive feature addition is proposed. Firstly, data balancing algorithm based on improved KNN outlier detection is designed to select part respective data on each category. Combination optimization about parameters of improved KNN outlier detection is implemented by genetic algorithm. Next, recursive feature addition algorithm based on correlation analysis is proposed to select effective features, in which a cross contingency test is utilized to analyze correlation and obtain a features subset with a strong correlation. Then, random forests model is as the classification model to detection anomaly. Finally, the proposed algorithm is evaluated on benchmark datasets KDD Cup 1999 and UNSW_NB15. The result illustrates the proposed strategies enhance accuracy and recall, and decrease the false alarm rate. Compared with other algorithms, this algorithm still achieves significant effects, especially recall in the small category.

• Journal of Arbitration Studies
• /
• v.30 no.4
• /
• pp.121-138
• /
• 2020

The O2O services in the healthcare sector have only been in full swing for about three years, and unlike existing O2O consumer goods, the scale and scope of the dispute are more complicated due to restrictions on medical treatment. In this study, O2O service platform operators and medical institutions' roles and responsibilities were redefined as a countermeasure for resolving disputes in healthcare O2O services and the laws for changing the transaction environment. A change in institutional mechanisms was proposed. This study looked at the types of consumer disputes related to healthcare O2O services as insufficient information problems, problems in the course of medical service implementation, problems with immunity provisions for platform operators, cancellations, and non-compliance with refunds. All the information generated during transactions in the healthcare sector was extensive in scale and included the most sensitive information among personal information, stressing the importance of ensuring security. The area that started in the O2O range before the medical institution visit also proposed a plan to establish a system for the delivery of proven information as a pre-medical person. The scale and growth will grow faster, given that consumers can experience the information they want anytime, anywhere they want. However, the platform broker's role, a link player, will become more important because consumers who use the service will have their first meeting with non-face-to-face product providers. On the other hand, service providers may have side effects of misleading consumers by providing false information or misleading consumers through exaggerated advertisements. The O2O service market is expected to expand beyond distribution and dining out to the entire industry. However, since it is challenging to check accurate statistics on the detailed market, various disputes and consumer protection measures will be required for each detailed market, and comprehensive leading solutions will be essential in the future.