• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.14 no.3
• /
• pp.40-50
• /
• 2006

This study investigates how airline customers evaluate e-ticket process newly adopted by many of airlines. Customers are highly satisfied with the easy of confirmation on their itineraries and the channel provided through while they are worry about the likelihood of leakage of personal information during e-ticket process. Highly experienced customers on the usage of e-ticket are more concerned about ancillary aspects such as visual image of I.T.R(Itinerary and Receipt) and travel information than functional aspect such as easy of confirmation on itinerary. And also experienced customers are more likely to repurchase e-ticket and when purchasing tickets they do it through internet and call center of airlines rather than travel agencies and ticket office of airlines.

• Journal of Korea Multimedia Society
• /
• v.21 no.1
• /
• pp.26-33
• /
• 2018

As financial transactions using mobile devices have been activated, mobile payment services have appeared and many changes have been made to the existing financial service methods. Due to the simplified payment method of mobile payment service, security threats such as personal information leakage, phishing damage, and malicious code are increasing. Research that can solve this is needed. In this paper, we discuss the features and security factors of mobile payment system. In order to improve the security of mobile payment system, we propose a fault analysis method based on frequency of occurrence using Fault Fishbone Analysis(FFA) technique.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.165-172
• /
• 2015

Recently large amounts of customer information has leaked ranging from public institutions to the large-scale of portals, and similar information leakage incidents owing to the absence of personal information management have subsequently occurred. Therefore, the security infrastructure in which leakage of internal data can be blocked fundamentally is emerging as a key issue. An integrated identity and access management architecture which performs user access and its rights management, authentication and audit of the business systems is more important to improve the efficiency of business. In addition, this approach is emerging as a safe and effective ways for identity and access rights management. In this paper, we analyze how an integrated approach for identity and access management to improve the efficiency of the computational work and to strengthen the security in local government administration should be constructed, and proposed the preferred solution.

• The Journal of Society for e-Business Studies
• /
• v.27 no.2
• /
• pp.137-152
• /
• 2022

Consumers' enhanced intention to adopt the Mydata service or their voluntary provision of personal information is a very essential element in the stable growth of the Mydata industry along with the creation of corporate values. The growing leakage of customer information according to the rising value of data can have negative impacts on the use of Mydata service and shrink quality custom service needs based on the personal information provided by financial consumers. This study set out to identify security risks that financial consumers could recognize and security factors that could supplement them and investigate the effects of these security factors on consumers' intention to adopt the Mydata service, thus providing useful implications for increasing the acceptance of financial consumers and finding a strategy to expand safe utilization. The findings raise a need to guarantee the stability and transparency of information provided by customers as information subjects, and they should be essential requirements for the Mydata service. The security factors applied to guarantee them should include convenience in terms of financial service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.701-712
• /
• 2016

The number of subscriber of digital pay TV service such as Digital Cable TV and IPTV is increasing from various kind of service provider world widely. These services require personal information of users to provide VOD(Video on Demand) and customized contents. Therefore, massive amount of personal information collected by service provider can cause social confusion such as leakage of privacy and property damage. This paper investigates whether broadcasting stations are providing enough notification for privacy policy and methodology of collecting private information in proper way. Furthermore, we analyze actual network traffic of IPTV service between user and service provider to suggest solution of privacy protection along with current status analysis.

• Journal of Information Technology Services
• /
• v.19 no.1
• /
• pp.55-69
• /
• 2020

The Internet cyber space has become more important as it enters the intelligent information society of the 4th Industrial Revolution beyond the information age through the development of ICT, the expansion of personalized services through mobile and SNS, the development of IoT, big data, and artificial intelligence. The Internet has formed a new paradigm in human civilization, but it has focused only on the efficiency of its functions. Therefore, various side effects such as information divide, cyber terrorism, cyber violence, hacking, and personal information leakage are emerging. In this situation, facing the intelligent information society can lead to an uncontrollable chaos. Therefore, this study classifies the cyber dysfunction of intelligent information society and analyzes social cognition, suggests cyber dysfunction standard of intelligent information society, and examines the seriousness of dysfunction, and suggests technical research directions for future technologies and services. The dysfunctional classification of the intelligent information society was classified into five areas of cyber crime and terrorism, infringement of rights, intelligent information usage culture, intelligent information reliability, and social problems by FGI methodology. Based on the classification, the social perception of current and future cyber dysfunction severity was surveyed and it showed female is more sensitive than male about the dysfunction. A GAP analysis confirmed social awareness that the future society would be more serious about AI and cyber crime

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.839-845
• /
• 2018

Sensitive data is encrypted and stored as privacy policy is strengthened through frequent leakage of personal information. For this reason, the cryptographically owned encrypted data is a very important analysis from the viewpoint of digital forensics. Until now, the digital evidence collection procedure only considers imaging, so hardware specific information is not collected. If the encryption key is generated by information that is not left in the disk image, the encrypted data can not be decrypted. Recently, an application for performing encryption using hardware specific information has appeared. Therefore, in this paper, hardware specific information which does not remain in file form in auxiliary storage device is studied, and hardware specific information collection method is introduced.

• Journal of KIISE
• /
• v.44 no.1
• /
• pp.21-26
• /
• 2017

In recent years, new technologies such as Internet of Things, Cloud Computing and Big Data are being widely used. And the type and amount of data is dramatically increasing. This makes security an important issue. In terms of leakage of sensitive personal information. In order to protect confidential information, a method called anonymization is used to remove personal identification elements or to substitute the data to some symbols before distributing and sharing the data. However, the existing method performs anonymization by generalizing the level of quasi-identifier hierarchical. It requires a higher level of generalization in case where k-anonymity is not satisfied since records in data table are either added or removed. Loss of information is inevitable from the process, which is one of the factors hindering the utility of data. In this paper, we propose a novel anonymization technique using decision tree based machine learning to improve the utility of data by minimizing the loss of information.

• Journal of Information Technology Services
• /
• v.7 no.1
• /
• pp.23-43
• /
• 2008

Because IT security guidelines for universities and colleges mostly focus on hardware aspects, the problems such as security incidents by a user's mistake and personal information leakage by hacking are serious in our higher educational institutes. In order to solve these information protection and security problems in the educational institutes, realizable and implementable information protection and security guidelines which will contribute to escalate information protection level should be established and at the same time, specific guidelines should be provided to make the guidelines efficient. In this paper, the information security problems and cases are categorized to develop information security guidelines for the higher educational institutes in terms of short, mid, and long term aspects and the solutions to the problems are sought. In addition, a serious of approaches to the information security are proposed such as the improvement measures for the employees of the institute to have desirable security-minded, security problem prevention and resolving methods, developing conflict coordination procedure and law and regulation system establishment for making the educational institutes be information-oriented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1605-1618
• /
• 2016

In recent years, security incidents - such as personal information leakage, homepage hacking, DDoS and etc. - targeting finance companies(banks, securities companies, credit card companies, insurance companies and etc.) have increased steadily. In this paper, we analyze problems of information security management level in the existing electronic financial infrastructure from perspective of compliance and information security certification system and propose improvements to enable sustainable high level of information security activities under a comprehensive management system for the financial sector characteristics using ISMS, SECU-STAR and CNIVAM system.