• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.1
• /
• pp.35-41
• /
• 2016

Internet of Things (IoT) services are widely used in appliances of daily life and industries. IoT services also provide various conveniences to users and are expected to affect value added of all industries and national competitiveness. However, a variety of security threats are increased in IoT environments and lowers reliability of IoT devices and services that make some obstacles for commercialization. The attacks arising in IoT environments are making industrial and normal life accidents unlike existing information leak and monetary damages, and can expand damage scale of leakage of personal information and privacy more than existing them. To solve these problems, we design a session key based access control scheme for secure communications in IoT environments. The proposed scheme reinforces message security by generating session key between device and access control network system. We analyzed the stability of the proposed access scheme in terms of data forgery and corruption, unauthorized access, information disclosure, privacy violations, and denial of service attacks. And we also evaluated the proposed scheme in terms of permission settings, privacy indemnity, data confidentiality and integrity, authentication, and access control.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.267-270
• /
• 2017

As IT technology developed, storage media also developed. Among them, USB, which is a removable storage medium, is used not only to have several per person but also to work in various companies. Users store valuable and confidential data within USB. As time went on, the need for security increased. In order to solve this security problem, USB has been introduced to allow users to access internal files by inputting ID and password by embedding a security program in USB. However, the method of storing ID and Password inside is low confidentiality and high risk of information leakage. To solve these problems, we propose a 2 factor authentication system using Radius server in addition to login authentication. The proposed system not only improves the authenticity of the device, but also reduces the risk of infringement of personal information when lost. It also encrypts internal files to increase the confidentiality of internal information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.13-21
• /
• 2006

Though authentication using biometric techniques has conveniences for people, security problems like the leakage of personal bio-information would be serious. Even if cancelable biometric is a good solution for the problems, only a few biometric authentication scheme with cancelable feature has been published. In this paper, we suggest a face authentication scheme with two security factors: password and face image. Using matching algorithm in the permuted domain, our scheme is designed to be cancelable in the sense that templates that is composed of permutation and weight vector can be changed freely.

• Journal of information and communication convergence engineering
• /
• v.15 no.2
• /
• pp.91-96
• /
• 2017

PIN-entry interfaces have high risks to leak secret values if the malicious attackers perform shoulder-surfing attacks with advanced monitoring and observation devices. To make the PIN-entry secure, many studies have considered invisible radio channels as a secure medium to deliver private information. However, the methods are also vulnerable if the malicious adversaries find a hint of secret values from user's $na{\ddot{i}}ve$ gestures. In this paper, we revisit the state-of-art radio channel based bimodal PIN-entry method and analyze the information leakage from the previous method by exploiting the sight tracking attacks. The proposed sight tracking attack technique significantly reduces the original password complexities by 93.8% after post-processing. To keep the security level strong, we introduce the advanced bimodal PIN-entry technique. The new technique delivers the secret indicator information through a secure radio channel and the smartphone screen only displays the multiple indicator options without corresponding numbers. Afterwards, the users select the target value by following the circular layout. The method completely hides the password and is secure against the advanced shoulder-surfing attacks.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.28 no.3
• /
• pp.87-97
• /
• 2005

This study deals with the analysis on the consciousness and image character of the internet shopping mall. As consciousness analysis result of internet shopping mall consumer, 'cheap price' and 'convenience' are evaluated high by reason that buy goods/service. 'Delivery delay' shows that deficiency of swiftness is indicated preferentially by shortcoming when the goods/service are purchased at the internet shopping mall. Consumer is prferring most 'deferred payment' with consumer's protection system of internet shopping mall. In image character of internet shopping mall, computer system speed and swiftness of reaction time, intimacy of shopping mall site design, delivery system trustability, goods/service contiguity, trustability of billing system, recognition shopping mall company, consistency about good service etc., showed high assessment, but comparative satisfaction is not high in solution at authoritativeness of personal information leakage prevention, problem occurrence.

• The Journal of Society for e-Business Studies
• /
• v.24 no.2
• /
• pp.217-228
• /
• 2019

In the 4th Industrial Revolution, the Internet of Things emerged and various services and convenience improved. As the frequency of use increases, security threats such as leakage of personal information coexist and the importance of security are increasing. In this paper, we analyze the security threats of the Internet of things and propose a model for enhancing security through user authentication using Fast IDentity Online (FIDO). As a result, we propose to implement strong user authentication by introducing second authentication through FIDO.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.28 no.1
• /
• pp.16-23
• /
• 2005

Purpose of this research wishes to present way to more safe and reliable operation way to shopping mall operation companies as well as consumerism through general utilization present condition of customers and satisfaction investigation that use internet shopping mall and establish wholesome commercial transaction order. This research draws criteria and items about success factor through each precedent research literature investigation about internet shopping mall success factor, and made up a questionnaire criteria and items that affect important internet shopping mall company's selection to college students and graduate students with learning connected with electronic commerce course. Execute pair comparison that require in AHP and analyzed priority weight about criteria and items to shopping mall company selection. As the result, Appeared that 'Credibility about internet shopping mall company's transaction' is considered most heftily by importance criteria at internet shopping mall selection. Appeared that think 'Credibility of personal information leakage prevention' most important to each criteria.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.5
• /
• pp.1027-1034
• /
• 2017

Recently, OTP (One-time-Password) log-in methods have been used in many areas to prevent leakage of personal information and enhance security. The OTP method is primarily used for security of bank personal account, this is one of the sophisticated security ways in which one time password is generated and checked to enhance security. Digital door locks frequently used in everyday life require convenience and safety simultaneously. Meanwhile, related technologies for digital door locks are evolving, but methods for enhancement of security are still unsatisfactory. Generally, the digital door lock using password input type has been most commonly used and especially it provides more convenience, but it has some problems such as password exposure and password oblivion. Therefore, in this study, we propose and implement the OTP-based digital door lock system with enhanced security and convenience features but without the risk of password exposure and oblivion.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.3
• /
• pp.139-146
• /
• 2008

Despite of information security installation, leakage of personal information in web services has not decreased. This is because traffics to web applications are still vulnerable by permitting external sources to access services in port HTTF 80 and HTTPS 443, even with firewall systems in place. This thesis analyzes various attack patterns resulted from web service environment and vulnerable traffic and categorizes the traffics into normal and abnormal traffics. Also this proposes ways to analyze web application attack patterns from those abnormal traffics based on weak points warned in OWASF(Open Web Application Security Project), design a system capable of detect and isolate attacks in real time, and increase efficiency of preventing attacks.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.1
• /
• pp.243-250
• /
• 2019

In this paper, we develop a Secure File Management Security(: SFMS) based on media in a cloud environment to encrypt and decrypt cloud data on a computer using a Bluetooth - based cryptographic module. The Bluetooth cipher module makes it easy to browse files stored in the cloud, but it is never possible to browse without a module. It is a solution that fundamentally blocks the problems such as hacking and leakage of personal data that have recently become an issue.