• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제27권4호
• /
• pp.843-853
• /
• 2017

In the case of electronic payment, the obligation to use the certificate-based authentication was abolished. As Fin-tech service providers gain autonomy, various authentication methods are provided. SMS, ARS, PIN, Text-passwords, Fingerprints are popular authentication methods in the mobile Fin-tech services. In this study evaluate the usability and security of authentication methods in a unified mobile environment. We evaluate the usability through SUS and interview. Also we evaluate the security level of authentication methods through NIST guideline. At the result of the usability evaluation, Fingerprint authentication method had been determined as the highest usability, also Fingerprint authentication method had been determined as the safest authentication method by obtaining Security Level 4.

• International Journal of Computer Science & Network Security
• /
• 제23권3호
• /
• pp.123-129
• /
• 2023

The most effective tutoring method is one-on-one, face-to-face in-person human tutoring. However, due to the limited availability of human tutors, computer-based alternatives have been developed. These software based alternatives are called Intelligent Tutoring Systems (ITS) which are used to tutor students in different domains. Although ITS performance is inferior to that of human teachers, the field is growing and has recently become very popular. User interfaces play key role in usability perspective of ITS. Even though ITS research has advanced, the majority of the work has concentrated on learning sciences while mostly disregarding user interfaces. Because of this, the present ITS includes effective learning modules but a less effective interface design. Usability is one approach to gauge a software's performance, while "ease of use" is one way to assess a software's quality. This paper measures the usability effectiveness of an ITS which is designed to teach Object-Oriented (OO) analysis and design concepts using Unified Modeling Language (UML). Computer Supported Usability Questionnaire (CSUQ) survey was conducted for usability evaluation of UML-ITS. According to participants' responses to the system's usability survey, all responses lie between 1 to 3 scale points which indicate that the participants were satisfied and comfortable with most of the system's interface features.

• International Journal of Computer Science & Network Security
• /
• 제22권1호
• /
• pp.49-54
• /
• 2022

It is challenging to select appropriate technology in education to interact with students in today's digital world. Especially when the technologies used at home on smart devices like tablets and mobile phones are very advanced, on the other side, it may be more challenging to find sharing technology in the classroom. One of the ways is to use new technologies like Augmented Reality (AR). The current study aims to develop usability principles for the development and evaluation of education using AR technology applications. We develop usability principles for AR applications by analyzing existing research about heuristic evaluation methods, design principles for AR systems.

• Korean Security Journal
• /
• 제17호
• /
• pp.195-220
• /
• 2008

Various Kinds of social pathology and crimes that threaten our daily safety are on the increase in process of time as a result of the development of science and technology empty of moral sense, Value Confusions, apolaustic tendency, economic and social transformation recently. Moreover the effective provision of police service lies beyond the boundaries of the police organization. Therefore private security personnel have made an effort for safety and protection of group as well as an individual through the introduction of private security industry based on a benefit principle and private security industry is being become complexes utilizing technology as well as high-end devices through various international events. The field of private security industry in Korea is being extended rapidly with expansionism of society and public services but the quality improvement is declining. Furthermore the study of recruit education program for security personnel as the basis of quality improvement is insufficient compared with the study of police service. Consequently, this investigation is going to contribute to development of recruit education program for security personnel through the analysis about difference of each subject usability for education about electronic security and facility guard.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제22권5호
• /
• pp.1191-1204
• /
• 2012

As attackers try to paralyze information security systems, many researchers have investigated security testing to analyze vulnerabilities of information security products. Penetration testing, a critical step in the development of any secure product, is the practice of testing a computer systems to find vulnerabilities that an attacker could exploit. Security testing like penetration testing includes gathering information about the target before the test, identifying possible entry points, attempting to break in and reporting back the findings. Therefore, to obtain maximum generality, re-usability and efficiency is very useful for efficient security testing and vulnerability hunting activities. In this paper, we propose a threat analysis based software security testing technique for evaluating that the security functionality of target products provides the properties of self-protection and non-bypassability in order to respond to attacks to incapacitate or bypass the security features of the target products. We conduct a security threat analysis to identify vulnerabilities and establish a testing strategy according to software modules and security features/functions of the target products after threat analysis to improve re-usability and efficiency of software security testing. The proposed technique consists of threat analysis and classification, selection of right strategy for security testing, and security testing. We demonstrate our technique can systematically evaluate the strength of security systems by analyzing case studies and performing security tests.

• Journal of the Institute of Electronics and Information Engineers
• /
• 제49권9호
• /
• pp.215-224
• /
• 2012

Using password on system is easy to build and shorten the access time to authorize user, which is high in use for vary system that requires users' authorization. Many input device are able to perform the password system easily, such as PC, smart-phone, tablet PC, etc. Beside the high usability of password, physical attack occurs when user put their password on the device, known as Shoulder Surfing attack. It used to be formed in numbers, characters or mix of different kinds, but new kind of password arose. Exploiting image or making scenarios are those kinds which are able to reflect users' intentions. Not many estimation exists for new password, so there's need to be standard for those new password for highlighting usability and accessability. In this paper, we propose password system with simple image and switching key-board to test statistical method to estimate usability on the password.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제22권6호
• /
• pp.1243-1252
• /
• 2012

Due to the widespread use of smart devices, threats of direct observation attacks such as shoulder surfing and recording attacks, by which user secrets can be stolen at user interfaces, are increasing greatly. Although formal security models are necessary to evaluate the possibility of and security against those attacks, such a model does not exist. In this paper, based on the previous work in which a HCI cognitive model was firstly utilized for analyzing security, we propose STM-GOMS model as an improvement of GOMS-based model with regard to memory limitations. We then apply STM-GOMS model for analyzing usability and security of a password entry scheme commonly used in smart devices and show the scheme is vulnerable to the shoulder-surfing attack. We finally conduct user experiments to show the results that support the validity of STM-GOMS modeling and analysis.

• Asian Journal of Innovation and Policy
• /
• 제4권3호
• /
• pp.307-327
• /
• 2015

This study attempts to develop a methodology that analyzes patent applications to identify future skills, in particular in the sector of information security, recently into the spotlight. Matching skill elements from the International Patent Classification (IPC) with skill units from job analysis, the study tries to track trends in the skills needs based on IPC time-pattern. It then verifies the validity of the outlook for future skills needs by addressing the situation through the use of patents. The research assesses the usability of patent information for this type of analysis. While this study is limited to the information security sector by using Korean patent information, it can be expanded in the future to other areas and patents in the United States and Europe.

• International Journal of Advanced Culture Technology
• /
• 제9권2호
• /
• pp.106-117
• /
• 2021

The aim is to find cyber measures in consideration of physical CPTED in order to prepare countermeasures for cybercrime prevention. For this, the six applied principles of CPTED were used as the standard. A new control item was created in connection with the control items of ISO27001. A survey was conducted on former and current investigators and security experts. As a result of the reliability analysis, the Kronbar alpha coefficient value was 0.947, indicating the reliability of the statistical value. As a result of factor analysis, it was reduced to six factors. The following are six factors and countermeasures. Nature monitoring blocks opportunities and strengthens business continuity. Access control is based on management system compliance, personnel security. Reinforcement of territoriality is reinforcement of each wife and ethics. Establishment of security policy to enhance readability, security system maintenance. Increasing usability is seeking ways to utilize, periodic incentives. For maintenance, security education is strength and security-related collective cooperation is conducted. The differentiation of this study was to find countermeasures against cybercrime in the psychological part of the past. However, they approached to find in cyber measures. The limitation of the study is to bring the concept of physical CPTED to the cyber concept.

• Journal of Internet Computing and Services
• /
• 제18권4호
• /
• pp.69-78
• /
• 2017

We expect that the accredited certificate-based open banking, which is actively deployed in recent times, will solve the Galapagosization problem of the existing accredited certificate-based closed banking by supporting standard communication protocol and web compatibility. However, it is questionable how much the open banking will answer the security and usability problems of the existing closed banking. This paper is focused on analyzing the differences between the existing closed banking and the open banking, and then evaluates how much the security and usability problems of the existing closed banking are resolved by the open banking. The study firstly analyzes the security vulnerabilities raised in the process of providing closed banking services for the past 15 years or more, the countermeasures applied to enhance security, and the convenience impact of countermeasures. And then, the security and convenience of the open banking is inferred by analyzing the implementation difference between the closed banking and the open banking. The paper also briefly discusses how to improve the open banking to resolve the remaining problems of the open banking.