• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.129-141
• /
• 2006

The purpose of this paper is to design Conformance Test Suite for BSP(Biometric Service Provider) based on BioAPI(Biometric Application Programming Interface) v2.0. The proposed BioAPI Conformance Test Suite enables users to test BSP with framework independently. A test scheduling tool has been embodied to use Test Assertion in the form of XML. In order to demonstrate the performance of the Conformance Test Suite, the experiment was performed by using both verification and identification BSPs. As the results of this experiment, we were able to determinate whether BSPs based on BioAPI v2.0 satisfied standard requirements or not.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.2
• /
• pp.445-466
• /
• 2022

As everything linking to the internet, people can subscribe to various services from a service provider to facilitate their lives through the Internet of Things (IoT). An obligatory thing for the service provider is that they should push the service data safely and timely to multiple IoT terminal devices regularly after the IoT devices accomplishing the service subscription. In order to control the service message received by the legal devices as while as keep the confidentiality of the data, the public key encryption algorithm is utilized. While the existing public encryption algorithms for push service are too complicated for IoT devices, and almost of the current subscription schemes based on push mode are relying on centralized organization which may suffer from centralized entity corruption or single point of failure. To address these issues, we design a secure subscription-push service scheme based on blockchain and edge computing in this article, which is decentralized with secure architecture for the subscription and push of service. Furthermore, inspired by broadcast encryption and multicast encryption, a new encryption algorithm is designed to manage the permissions of IoT devices together with smart contract, and to protect the confidentiality of push messages, which is suitable for IoT devices. The edge computing nodes, in the new system architecture, maintain the blockchain to ensure the impartiality and traceability of service subscriptions and push messages, meanwhile undertake some calculations for IoT devices with limited computing power. The legalities of subscription services are guaranteed by verifying subscription tags on the smart contract. Lastly, the analysis indicates that the scheme is reliable, and the proposed encryption algorithm is safe and efficient.

• Journal of Korea Trade
• /
• v.27 no.1
• /
• pp.192-210
• /
• 2023

Purpose - Vietnam has the fastest growing digital economy in Southeast Asia and is emerging as a critical overseas market for Korean banks in the post-COVID-19 era. Accordingly, many Korean banks entered the Vietnamese market to overcome the limitations of the saturated domestic financial market and create new revenue sources. This study examined the current status of digital finance in Vietnam and the cases of Korean banks that have succeeded in the Vietnamese market. Then, importance-performance analysis (IPA) was conducted on local customers, managers and staff members of Korean banks in Vietnam. Design/methodology - In this study, we analyzed the importance and satisfaction factors of mobile banking app usage in Vietnam through IPA. In particular, we identified the differences between the two groups by considering the viewpoint of customers who use mobile banking apps and that of managers and staff members who provide mobile banking services. Findings - The IPA results from the customer group and managers and staff members group were generally similar, but differences were observed in Ease of Use (Technology), Innovativeness (Organization), and Increase in Revenue (Economic). In the case of the customer group, Ease of Use (Technology) is located in the second quadrant, which shows low satisfaction compared to high importance. However, in the managers and staff members group, Ease of Use (Technology) is located in the first quadrant, which indicates high importance and high satisfaction. This difference in perception can cause complaints from local customers; thus, it is necessary to change the perception of the technological aspect for ease of use of mobile banking apps in consideration of the customer's position. In addition, it is necessary to allocate the resources invested in the Innovativeness (Organization) and Increase in Revenue (Economic) to Ease of Use (Technology). Originality/value - In this study, based on the HOTE framework, factors for using mobile banking apps were derived, and IPA was conducted targeting local customers (app user) and managers and staff members (app provider) of Korean banks in Vietnam. Through this, we presented the results of empirical analysis that can help Korean banks efficiently utilize limited resources and budgets.

• Asian Journal of Innovation and Policy
• /
• v.6 no.1
• /
• pp.23-44
• /
• 2017

This study explores how the technology commercialization process leads to either success or failure after transfer from PROs to SMEs by conducting a binomial logistic regression analysis. We found that the more additional development a firm implements on the transferred technology, the more likely the commercialization is to fail. The higher number of alternative technology and bigger market risk are associated with a greater likelihood of failure. On the other hand, the existence of complementary technology, the degree of cooperation with the technology provider, the size of the target market, the willingness of the CEO, and the funding availability are known to have positive effects on the success of technology commercialization. In addition, the case studies we conducted from the sample companies demonstrated that "market uncertainty," "technological issues depending on the technology-specific characteristics," and "a lack of funding capability" are some of the causes for failure of technology commercialization.

• Journal of Information Technology Services
• /
• v.5 no.3
• /
• pp.151-163
• /
• 2006

The purpose of this research was to examine the factors that affect colleges that play an important role in technology commercialization as technology provider, and enterprises as technology user engaging in technology transfer commercialization by dividing it into strategic resource factor. And this study was also intended to present a strategic meaning and perspective relative to colleges and enterprises as well. To do this, those factors that have influences on technology transfer commercialization were elicited through investigation of literatures, and classified into strategic resource factors to suit research purpose, and based on these information, research hypothesis and research model were established and designed. Research results improved that some enterprises among benefited from technology transfer.

• Journal of the Korean Society of Hazard Mitigation
• /
• v.10 no.5
• /
• pp.97-108
• /
• 2010

Recent patterns of diversification of a disaster, depending on the size of the larger trend, quick and efficient response to disaster prevention, to increase the importance and role of advanced equipment and technology of fire protection industry is becoming more, over market size 11 trillion won and 10 million workers in industries of national importance, but to exceed, As most SMEs compared to other industries are backwardness. Therefore, in this study closely the characteristics of the fire protection industry analysis, the systematization of theoretical models of the finance cooperative system considering the characteristics of fire protection industry and provider the fosterage, they will contribute to independent economic activity and industrial development for operators to use the finance cooperative system of fire protection industry.

• Journal of Information Processing Systems
• /
• v.14 no.5
• /
• pp.1087-1101
• /
• 2018

As cloud computing has become a widespread technology, malicious attackers can obtain the private information of users that has leaked from the service provider in the outsourced databases. To resolve the problem, it is necessary to encrypt the database prior to outsourcing it to the service provider. However, the most existing data encryption schemes cannot process a query without decrypting the encrypted databases. Moreover, because the amount of the data is large, it takes too much time to decrypt all the data. For this, Programmable Order-Preserving Secure Index Scheme (POPIS) was proposed to hide the original data while performing query processing without decryption. However, POPIS is weak to both order matching attacks and data count attacks. To overcome the limitations, we propose a group order-preserving data encryption scheme (GOPES) that can support efficient query processing over the encrypted data. Since GOPES can preserve the order of each data group by generating the signatures of the encrypted data, it can provide a high degree of data privacy protection. Finally, it is shown that GOPES is better than the existing POPIS, with respect to both order matching attacks and data count attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.9
• /
• pp.2405-2423
• /
• 2012

In a traditional Single Sign-On (SSO) scheme, the user and the Service Providers (SPs) have given their trust to the Identity Provider (IdP) or Authentication Service Provider (ASP) for the authentication and correct assertion. However, we still need a better solution for the local/native true SSO to gain user confidence, whereby the trusted entity must play the role of the ASP between distinct SPs. This technical gap has been filled by Trusted Computing (TC), where the remote attestation approach introduced by the Trusted Computing Group (TCG) is to attest whether the remote platform integrity is indeed trusted or not. In this paper, we demonstrate a Trustworthy Mutual Attestation (TMutualA) protocol as a proof of concept implementation for a local true SSO using the Integrity Measurement Architecture (IMA) with the Trusted Platform Module (TPM). In our proposed protocol, firstly, the user and SP platform integrity are checked (i.e., hardware and software integrity state verification) before allowing access to a protected resource sited at the SP and releasing a user authentication token to the SP. We evaluated the performance of the proposed TMutualA protocol, in particular, the client and server attestation time and the round trip of the mutual attestation time.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.1
• /
• pp.71-87
• /
• 2008

In order to survive in a competitive environment, many companies are taking much interest in building IT infrastructure and are investing in that area. But, despite of all the interest and investments, many companies are unsatisfied and confused because of the lack of guidance and understandings of IT infrastructure. Therefore the purpose of this study is to prove that the level of IT usage is different according to organizational characteristics and industrial categories, and to give a guideline to companies' planning on newly building IT infrastructure. In conclusion, companies newly planning on building IT infrastructure should consider the amount of information technology functional uses according to the organizational characteristics and industrial category and they follow the below guidelines. On building the IT infrastructure the organization having the characteristics of formalization should consider and provide the standardization function first. The companies having the characteristics of decentralization should consider and provider firstly the application and communication function. And the companies having the characteristics of specialization should consider and provider the security function.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.4 no.2
• /
• pp.154-173
• /
• 2010

Database outsourcing is unavoidable in the near future. In the scenario of data stream outsourcing, the data owner continuously publishes the latest data and associated authentication information through a service provider. Clients may register queries to the service provider and verify the result's correctness, utilizing the additional authentication information. Research on On-line Stream Analytics (OLSA) is motivated by extending the data cube technology for higher multi-level abstraction on the low-level-abstracted data streams. Existing work on OLSA fails to consider the issue of database outsourcing, while previous work on stream authentication does not support OLSA. To close this gap and solve the problem of OLSA query authentication while outsourcing data streams, we propose MDAHRB and MDAHB, two multi-dimensional authentication approaches. They are based on the general data model for OLSA, the stream cube. First, we improve the data structure of the H-tree, which is used to store the stream cube. Then, we design and implement two authentication schemes based on the improved H-trees, the HRB- and HB-trees, in accordance with the main stream query authentication framework for database outsourcing. Along with a cost models analysis, consistent with state-of-the-art cost metrics, an experimental evaluation is performed on a real data set. It exhibits that both MDAHRB and MDAHB are feasible for authenticating OLSA queries, while MDAHRB is more scalable.