• Convergence Security Journal
• /
• v.21 no.2
• /
• pp.29-35
• /
• 2021

UART (Universal asynchronous receiver/transmitter) is a hardware device that converts data into serial format and transmits it, and is widely used for system diagnosis and debugging in most embedded systems. Hackers can access system memory or firmware by using the functions of UART, and can take over the system by acquiring administrator rights of the system. In this paper, we studied secure UART to protect against hacker attacks through UART. In the proposed scheme, only authorized users using the promised UART communication protocol are allowed to access UART and unauthorized access is not allowed. In addition, data is encrypted and transmitted to prevent protocol analysis through sniffing. The proposed UART technique was implemented in an embedded Linux system and performance evaluation was performed.

• Journal of Information Technology Services
• /
• v.20 no.6
• /
• pp.63-81
• /
• 2021

Joint financial network of Korea Financial Telecommunications and Clearings Institute, which is an essential facility with a natural monopoly, maintained its closedness as monopoly/public utility model, but it has evolved in the form of open banking in order to obtain domestic fintech competitiveness in the rapidly changing digital financial ecosystem such as the acceleration of Big Blur. In accordance with digital transformation strategy of financial institutions, various ICT companies are actively participating in the financial industries, which has been exclusive to banks, through the link technology called Open API. For this reason, there has been a significant change in the financial service supply chain in which ICT companies participate as users. The level of security in the financial service supply chain is determined based on the weakest part of the individual components according to the law of minimum. In addition, there is a perceived risk of personal information and financial information leakage among the main factors that affect users' intention to accept services, and appropriate protective measures against perceived security risks can be a catalyst, which increases the acceptance of open banking. Therefore, this is a study on factors affecting the introduction of open banking to achieve financial innovation by developing an open banking security control model for financial institutions, as a protective measures to user organizations, from the perspectives of cyber financial security and customer information protection, respectively, and surveying financial security experts. It is expected, from this study, that effective information protection measures will be derived to protect the rights and interests of financial customers and will help promote open banking.

• Journal of Digital Convergence
• /
• v.19 no.11
• /
• pp.1-10
• /
• 2021

This paper aimed to look at the awareness of foreign workers in social platforms by using text mining, one of the big data techniques and draw suggestions for foreign workers. To achieve this purpose, data collection was conducted with search keyword 'Foreign Worker' from Jan. 1, to Dec. 31, 2020, and frequency analysis, TF-IDF analysis, and degree centrality analysis and 100 parent keywords were drawn for comparison. Furthermore, Ucinet6.0 and Netdraw were used to analyze semantic networks, and through CONCOR analysis, data were clustered into the following eight groups: foreigner policy issue, regional community issue, business owner's perspective issue, employment issue, working environment issue, legal issue, immigration issue, and human rights issue. Based on such analyzed results, it identified national awareness of foreign workers and main issues and provided the basic data on policy proposals for foreign workers and related researches.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.5
• /
• pp.67-74
• /
• 2023

In this paper, we analyze the authentication protocol for DRM proposed by Hussain et al. in 2022, and present an improved solution. Hussain et al. argued that their authentication protocol guarantees man-in-the-middle attack, replay attacks, and mutual authentication. However, as a result of analyzing Hussain et al.'s authentication protocol in this paper, Hussain et al.'s authentication protocol still has an insider attack problem, a problem with Yu et al.'s authentication protocol that they pointed out. For this reason, when an inside attacker acquires information on a mobile device, a user impersonation attack was also possible. In addition, there were problems with the user's lack of ID format verification and the problem of the secret key mismatch of the digital contents between the server and the user. Therefore, this paper proposes an improved solution to solve these problems. As a result of analysis in this paper, the improved solution is safe from various attacks such as smart card attack, insider attack, and password guessing attack and can safely authenticate users of DRM.

• Journal of Digital Convergence
• /
• v.20 no.1
• /
• pp.119-127
• /
• 2022

In order to analyze the effect of strengthening the disclosure of remuneration for high-paid workers among the measures to improve the governance structure of financial companies by the Financial Services Commission in 2018, this study demonstrated the compensation system, management performance, and improvement of governance for Korean financial companies from 2015 to 2020. Analysis was performed. As a result of the empirical analysis, it was found that financial companies after 2018 decreased the employee compensation disparity and the majority shareholding ratio, while the stock performance and foreign ownership ratio increased. This study has the greatest contribution in that it is the first domestic study to verify the effect of applying the so-called Say on Pay, which discloses management's remuneration and allows shareholders to check its appropriateness through voting.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.45-55
• /
• 2023

With the widespread use of digital devices, anonymous communication technologies such as the dark web and deep web are becoming increasingly popular for criminal activity. Because these technologies leave little local data on the device, they are difficult to track using conventional crime investigation techniques. The United States and the United Kingdom have enacted laws and developed systems to address this issue, but South Korea has not yet taken any significant steps. This paper proposes a new blockchain-based crime investigation method that uses physical memory data analysis to track the behavior of anonymous network users. The proposed method minimizes infringement of basic rights by only collecting physical memory data from the device of the suspected user and storing the tracking information on a blockchain, which is tamper-proof and transparent. The paper evaluates the effectiveness of the proposed method using a simulation environment and finds that it can track the behavior of dark website users with a residual rate of 77.2%.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.05a
• /
• pp.846-847
• /
• 2012

The domestic courier market, large and small companies working in more than 100 leading logistics service market is fully open. Year since 2001 has increased by 10%. 1.3 billion per year in 2011 saying the shipping box, and the market size is about 3 trillion won. Courier in 2012 with the growth of online shopping is expected to develop the industry further. However, these courier industry in appearance, but the consumer's personal growth and exposure, exploiting the fears of crime is high. In this paper, using DRM (Digital Rights Management) delivery method to implement information security system is proposed.

• Journal of Contemporary Eastern Asia
• /
• v.14 no.1
• /
• pp.23-43
• /
• 2015

In most of the world, the current trend in information technology is for open data movement that promotes transparency and equal access. An opposite trend is observed in China, which has the world's largest Internet population. The country has implemented sophisticated cyber-infrastructure and practices under the name of The Golden Shield Project (commonly referred to as the Great Firewall) to limit access to popular international web services and to filter traffic containing 'undesirable' political content. Increasingly, tech-savvy Chinese bypass this firewall and use Twitter to share knowledge on censorship circumvention and encryption to collectively troubleshoot firewall evasion methods, and even mobilize actions that border on activism. Using a mixed mythological approach, the current study addresses such networked knowledge sharing among citizens in a restricted web ecosystem. On the theoretical front, this study uses webometric approaches to understand change agents and positive deviant in the diffusion of censorship circumvention technology. On policy-level, the study provides insights for Internet regulators and digital rights groups to help best utilize communication networks of positive deviants to counter Internet control.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.287-290
• /
• 2006

디지털 기술의 발전으로 인해 원본과 동일한 품질을 가지는 디지털 콘텐츠의 무한한 복제가 가능할 뿐만 아니라 인터넷을 통해 전 세계 어디라도 전파될 수 있다. 이러한 디지털 콘텐츠의 불법복제에 따른 문제를 해결해 줄 수 있는 것이 바로 DRM(Digital Rights Management)이다. 하지만 현재의 DRM은 콘텐츠를 구매하여 License를 받은 최초의 디바이스에서만 사용이 가능하도록 설계 되어 있다. 이러한 방식은 콘텐츠를 구매한 사용자의 권리를 제한하는 것이다. 본 논문에서는 Home Network와 같은 특정 Domain영역 안에서만 콘텐츠의 사용이 가능한 DRM 시스템을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.10b
• /
• pp.1403-1406
• /
• 2001

인터넷은 처음에는 단순히 오프라인에서 유통되는 실물 상품의 흐름을 중개해주는 역할을 해왔으나 인터넷을 통한 실물상품의 중개는 아날로그 상태의 상품들이 인터넷이라는 거간꾼의 중개작용을 통한 전자상거래 형태로 정착되었다. 이러한 실물 상품 유통의 중개자였던 인터넷은 실물 상품들이 디지털화 됨으로써 컨텐츠들의 유통을 위한 통로이면서 동시에 그 자체로서 메시지가 되어버린 하나의 매체로 전환하게 되었다. 그러나, 인터넷을 통해 디지털 컨텐츠들이 쉽고 간편하게 원본과 똑같은 품질로 복제할 수 있을 뿐만 아니라 상상을 초월하는 빠른 속도로 이동이 가능하여 사용자들이 불법으로 얼마든지 이용할 수 있다는 것이다. 현재 국내, 국외에서 이러한 문제를 해결하기 위해 제안한 기술 디지털 컨텐츠들을 보호하고 관리할 수 있도록 하는 DRM(Digital Rights Management)이라는 시스템이 계속적으로 개발되고 있다[1]. 디지털 컨텐츠를 보호하고 저작권을 관리하는 시스템인 DRM 에는 크게 세 가지의 기본 시스템(Publisher, Customer, DRM Server System)이 있다. 본 논문에서는 컨텐츠를 등록하고 저작권자가 그 컨텐츠를 관리하는 DRM Publisher System을 키 알고리즘을 이용하여 설계한다.