• Journal of KIISE:Computing Practices and Letters
• /
• v.7 no.4
• /
• pp.324-335
• /
• 2001

Information systems, which support information security functions such as CALS and EC systems, should have cryptographic functions for information in order to storage and communicate securely. Additionally, including recovery of lost keys, lots of cryptographic keys should be securely managed. In this paper, we present some results of development of a key recovery system for recovery of encrypted data. The proposed system, in a type of key encapsulation approach, confirms to NIST's RKRP(Requirements for Key Recovery Products) that is a defecto international key recovery standard, as well as CC 2.0 that is a international security evaluation criteria. A message sender secretly choices two or more key recovery agents from a pool of key recovery agents. The key recovery information is generated by using the recovering key, random keys and public keys of the chosen agents. A message receiver can not know which key recovery agents are involved in his key recovery service. We have developed two versions of prototype of key recovery system such as C/Unix and Java/NT versions. Our systems can be used for recovery of communicating informations as well as storing informations, and as a new security service solution for electronic commerce service infrastructures.

• The KIPS Transactions:PartD
• /
• v.11D no.4
• /
• pp.747-754
• /
• 2004

Database administrators should be aware of performance characteristics of database systems in order to manage database system effectively. The usages of system resources in database systems could be quite different under database workloads. The objective of this paper is to identify and analyze performance characteristics of database systems in different workloads, which could help database tuners tune database systems Under the TPC-C and TPC-W workloads, which represent typical workloads of online transaction processing and electronic commerce respectively, we investigated usage types of resource that are determined by fourteen performance indicator, and are behaved in response to changes of four tuning parameters (data buffer, private memory, I/O process, shared memory). Eight out of the fourteen performance indicators cleary show the performance differences under the workloads. Changes of data buffer parameter give a influences to database system. The tuning parameter that affects the system performance significantly is the database buffer size in the both workloads.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.8
• /
• pp.95-104
• /
• 2013

DDoS attacks have became as a social threat since 2009 7.7 DDoS turmoil. Even though defence techniques have been developing to provide against those threats, they become much more sophisticate. In recent years, the attack form of DDoS is changing from high amount of traffic attack of network layers to highly sophisticate small amount of application layers. To make matters worse, attack agent for the attack has became very intelligent so that it is difficult to be blocked since it can't be distinguished from normal PCs. In the user authentication system(such as CAPTCHA) User intervention is required to distinguish normal PCs and intelligent attack agents and in particular, in a NAT environment, IP-based blocking method can be cut off the normal users traffic at the same time. This research examined defense techniques which are able to distinguish between agent and normal PC and effectively block ways the HTTP DDoS offense applying one-time session key based authentication method using Cookie which is used in HTTP protocol to protect web sever from sophisticate application layer of DDoS.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.9
• /
• pp.1199-1205
• /
• 2021

In the era of big data, not only structured data well organized in databases, but also the Internet, social network services, it is very important to effectively analyze unstructured big data such as web documents, e-mails, and social data generated in real time in mobile environment. Big data analysis is the process of creating new value by discovering meaningful new correlations, patterns, and trends in big data stored in data storage. We intend to summarize and visualize the analysis results through frequency analysis of unstructured article data using R language, a big data analysis tool. The data used in this study was analyzed for total 104 papers in the Mon-May 2021 among the journals of the Korea Institute of Information and Communication Engineering. In the final analysis results, the most frequently mentioned keyword was "Data", which ranked first 1,538 times. Therefore, based on the results of the analysis, the limitations of the study and theoretical implications are suggested.

• The Journal of the Korea Contents Association
• /
• v.21 no.7
• /
• pp.386-403
• /
• 2021

Preannouncing a new product to its target audiences has been more and more prevalent in a wealth of industries, particularly industries that attach great importance to the speed of entry. Grounded in market signaling theory, the current research advances a theoretical model that takes full cognizance of the relation between preannounced information about an upcoming product and individual customers' behavioral intentions as well as significant moderating effects of prior product knowledge and new product innovativeness. In response, a web-based survey is conducted for data collection and the structural equation model is utilized for data analysis. Results of this study demonstrate that preannounced new product information attributes (i.e., quantity, clarity) may positively influence consumers' attitudes, in turn, lead to a favorable purchase intention. Moreover, the moderating effects of product knowledge and product innovativeness are also confirmed. Specifically, product knowledge moderates the quantity-attitude relation positively and moderates the clarity-attitude relation negatively, whereas product innovativeness does opposite. Both implications and limitations are also described.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1489-1497
• /
• 2018

Web application services have diversified. At the same time, research on intrusion detection is continuing due to the surge of cyber threats. Also, As a single-defense system evolves into multi-level security, we are responding to specific intrusions by correlating security events that have become vast. However, it is difficult to check the OS, service, web application type and version of the target system in real time, and intrusion detection events occurring in network-based security devices can not confirm vulnerability of the target system and success of the attack A blind spot can occur for threats that are not analyzed for problems and associativity. In this paper, we propose the validation of effectiveness for intrusion detection events using TF-IDF. The proposed scheme extracts the response traffics by mapping the response of the target system corresponding to the attack. Then, Response traffics are divided into lines and weights each line with an TF-IDF weight. we checked the valid intrusion detection events by sequentially examining the lines with high weights.

• The Journal of Information Systems
• /
• v.27 no.4
• /
• pp.1-33
• /
• 2018

Purpose The purpose of this study is to review topic and survey methodological trends in 'The Journal of Information Systems' in order to present the practical guidelines for the future IS research. By attempting to conduct a meta-analysis on both topic and survey methodological trends, this study could provide researchers wishing to pursue this line of work further with what can be done to improve IS disciplines. Design/methodology/approach In this study, we have reviewed 185 papers that were published in 'The Journal of Information Systems' from 2010 to 2018 and classified them based on topics studied and survey methodologies used. The classification guidelines, which was developed by Palvia et al.(2015), has been used to capture the topic trends. We have also employed Struab et al.(2004)s' guidelines for securing rigor of validation issues. By using two guidelines, this study could also present topic and rigor trends in 'The Journal of Information Systems' and compare them to those trends in International Journals. Findings Our findings have identified dominant research topics in 'The Journal of Information Systems'; 1) social media and social computing, 2) IS usage and adoption, 3) mobile computing, 4) electronic commerce/business, 5) security and privacy, 6) supply chain management, 7) innovation, 8) knowledge management, and 9) IS management and planning. This study also could offer researchers who pursue this line of work further practical guidelines on mandatory (convergent and discriminant validity, reliability, and statistical conclusion validity), highly recommended (common method bias testing), and optional validations (measurement invariance testing for subgroup analysis, bootstrapping methods for testing mediating effects).

• International Area Studies Review
• /
• v.14 no.2
• /
• pp.205-227
• /
• 2010

Where should a plant or service facility be located? The decision is crucial since the capital investment in land, factory construction, and facility is enormous. Once a firm has sunk a large sum of money into a factory, it lives with the decision for a long time. In this age of global markets and global production, this is a key decision problem for contemporary manufacturing and/or service. Using data from Korean and Chinese managers and the AHP (Analytic Hierarchy Process), this paper did study on the actual condition for identifying the differences of opinion between the two group's(Shanghai and Shenyang managers) in how to make decisions on the location problems. Since this study was carried out during recent global economy recession, and the limitation of the collected questionnaires, it is hard to avoid the possibility for those managers to show different view from their ordinary times. Nevertheless, this paper will provide managers with useful informations on successful facility location in China.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.97-105
• /
• 2008

The various mutations of the malicious codes are fast generated on the network. Also the behaviors of them become intelligent and the damage becomes larger step by step. In this paper, we suggest the method to select the useful measures for the detection of the codes. The method has the advantage of shortening the detection time by using header data without payloads and uses connection data that are composed of TCP/IP packets, and much information of each connection makes use of the measures. A naive estimator is applied to the probability distribution that are calculated by the histogram estimator to select the specific measures among 80 measures for the useful detection. The useful measures are then selected by using relative entropy. This method solves the problem that is to misclassify the measure values. We present the usefulness of the proposed method through the result of the detection experiment using the detection patterns based on the selected measures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.49-59
• /
• 2002

As the electronic commerce increases rapidly in the mobile communication, security issues become more important. A suitable authentication and key agreement for the mobile communication environment is a essential condition. Some protocols based on the public key cryptosystem such as Diffie-Hellman, EIGamal etc. were adapted in the mobile communication. But these protocols that are based on the difficult mathematical problem in the algebra, are so slow and have long key-length. Therefore, these have many limitation to apply to the mobile communication. In this paper, we propose an authentication and key agreement protocol based on NTRU to overcome the restriction of the mobile communication environment such as limited sources. low computational fewer, and narrow bandwidth. The proposed protocol is faster than other protocols based on ECC, because of addition and shift operation with small numbers in the truncated polynomial ring. And it is as secure as other existent mathematical problem because it is based on finding the Shortest or Closest Vector Problem(SVP/CVP).