• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.977-983
• /
• 2013

This paper presents result of researching personal information exposure of Korean twitter and facebook users. Personally identifiable information such as e-mail and phone numer is exposed in the accounts less than 1%. However there are many cases that a person is identified by non personally identifiable information. For example, 350 thousands accounts are distinguished with other accounts because its name is unique. Using combination of information such as name and high school, we can distinguish 2.97 millions accounts. We also found 170 thousands account pairs that are candidate of one users' own account. Linkability between two accounts in two different domains means that the person is identified. Currently, only personally identifiable information is protected by policy. This paper shows that the policy has limited effects under the circumstances that a person can be identified by non personally identifiable information and the account linking is possible.

• Proceedings of the CALSEC Conference
• /
• 2001.08a
• /
• pp.165-176
• /
• 2001

* Extension of EC(Electronic Commerce) * Standard of Message -EDI : UN/EDIFACT, ANSI X12, etc -XML : ebXML, CML, MathML, WIDL, etc * Various of Information -Business Transaction Data -Private Data : ID, Password, Personal Information -Charge Data : Accounts, Card, etc * Message Level Security(omitted)

• Korean Journal of Social Welfare
• /
• v.51
• /
• pp.5-28
• /
• 2002

The purpose of this paper is to examine the issues and the characteristics of the recent social security pension debate in the United States. For the purpose the transforming process from the funded system to the pay-as-you-go system in the 1930s, three alternatives of social security reform proposed by the Social Security Administration in 1996, and the other various alternatives proposed by the politicians, the business leaders and the scholars were analysed. While the alternatives were compared, the critical issues could be identified. The core issues were as follows. First, the individual accounts should be newly made or not? Second, who is the main administrator, government or private investment companies? Third, what is important, the inter-generational and the vertical income redistribution effect or the individual equity in social security pension system? Besides, the different positions of the social forces were also examined. The supporters of privatizing the social security pension, supporters of IA and PSA, prefer the value of equity, the effect of promoting savings, the private management of the social security funds, and the investment of the funds to the private capital markets. The supporters of pay-as-you-go system, supporters of MB, prefer the inter-generational and the vertical income redistribution effect of social security pension, and were convinced that fundamental changes of the systems are not necessary, and the insolvency problem could be overcome through a few reform, for example, increasing the rate and decreasing the benefits.

• Smart Media Journal
• /
• v.10 no.3
• /
• pp.48-53
• /
• 2021

The authentication process is a key step that should be used to verify that a user is legitimate, and it should be used to verify that a user is a legitimate user and grant access only to that user. Recently, two-factor authentication and OTP schemes are used by most applications to add a layer of security to the login process and to address the vulnerability of using only one factor for authentication, but this method also allows access to user accounts without permission. This is a known security vulnerability. In this paper, we propose a Zero Knowledge Proofs (ZKP) personal information authentication scheme based on a Smart Contract of a block chain that authenticates users with minimal personal information exposure conditions. This has the advantage of providing many security technologies to the authentication process based on blockchain technology, and that personal information authentication can be performed more safely than the existing authentication method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1251-1258
• /
• 2016

Recently, leaks of the personal information of Internet users have been occurring too frequently. Generally, Internet users have email accounts. The use of email as a communications tool in the private and public sectors has increased. Therefore, in email usage, password management to ensure a more secure email service is most important. In this study, we conducted an online survey of email users and analyzed their responses by using structural equation modeling software to find the psychological and behavioral characteristics of their password management. The results of this study provide useful suggestions on information security strategies related to email password management at both the enterprise and individual levels.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.05a
• /
• pp.456-460
• /
• 2012

Privacy Protection Act of 30 March 2012 was performed. In general, personal information management to enhance security in the DB server has a security system but, PC for the protection of the privacy and security vulnerability analysis is needed to research on self-diagnosis. In this paper, from a PC to search information relating to privacy and enhance security by encrypting and for delete file delete recovery impossible. In pc found vulnerability analysis is Check user accounts, Checking shared folders ,Services firewall check, Screen savers, Automatic patch update Is checked. After the analysis and quantification of the vulnerability checks through the expression, enhanced security by creating a checklist for the show, PC security management, server management by semi-hwahayeo activates. In this paper the PC privacy and PC security enhancements a economic damage and of the and Will contribute to reduce complaints.

• Health Policy and Management
• /
• v.26 no.3
• /
• pp.226-232
• /
• 2016

Background: This study was conducted to analyze the influence of socioeconomic characteristics of community on the food insecurity under the control of personal socioeconomic factors which may be influence to the food security. Methods: Food insecurity and individual socioeconomic characteristics were obtained from 2012 community health survey. Socioeconomic characteristics of communities were extracted from the data of Statistics Korea and local governments. Personal socioeconomic factors were sex, age, educational status, job, and monthly family income. Socioeconomic characteristics of communities were administrative district (urban vs. rural), senior population rate, degree of financial self reliance, degree of financial independence, portion of welfare budget, number of welfare facilities, and unemployment rate. We analysed the relationships between the food insecurity and socioeconomic characteristics of community using multi-level analysis under the control of personal characteristics. Results: On personal level age, sex, education status, and monthly family income were related with food insecurity. On community level administrative district (urban vs. rural), degree of financial independence, unemployment rate, and proportion of welfare budget among local general government accounts were related to individual food insecurity. Rural area, district with low levels of financial independence, low portion of welfare budget, and greater unemployment rate showed a higher level of food insecurity. Conclusion: To reduce the level of food insecurity in a community it is necessary to decrease the unemployment rate, in addition to providing support from the central government by increasing the proportion of the welfare budget so that both factors contribute to raising the degree of financial independence.

• Information Systems Review
• /
• v.22 no.4
• /
• pp.135-161
• /
• 2020

With the growth of blockchain and cryptocurrency-related markets, cryptocurrency exchanges are growing as a new industry. However, as the legal and regulatory definitions of cryptocurrencies are still in progress, unlike existing industrial groups, they are not under the supervision of regulatory agencies. As a result, users (i.e., cryptocurrency investors) have suffered two types of damage that could occur from hacking and other accidents on the exchanges. One type of the damage is the loss of assets caused by the extortion of personal information or account and the other is the damage from users who might be involved in external frauds. Both are analyzed in comparison with existing operators whose functions are like the exchanges. The results of this study show that membership (KYC: Know Your Client), log-in, and additional authentication in transactions are on the similar level to those of the operators while the fraud detection system (FDS) and anti-money laundering (AML) of fiat currencies and cryptocurrencies need rapid improvement.

• Journal of Intelligence and Information Systems
• /
• v.20 no.2
• /
• pp.163-178
• /
• 2014

Following research proposes "Virtualization of Smart Cards (ViSCa)" which is a security system that aims to provide a multi-device platform for the deployment of services that require a strong security protocol, both for the access & authentication and execution of its applications and focuses on analyzing Virtualization of Smart Cards (ViSCa) platform-based mobile payment service by comparing with other similar cases. At the present day, the appearance of new ICT, the diffusion of new user devices (such as smartphones, tablet PC, and so on) and the growth of internet penetration rate are creating many world-shaking services yet in the most of these applications' private information has to be shared, which means that security breaches and illegal access to that information are real threats that have to be solved. Also mobile payment service is, one of the innovative services, has same issues which are real threats for users because mobile payment service sometimes requires user identification, an authentication procedure and confidential data sharing. Thus, an extra layer of security is needed in their communication and execution protocols. The Virtualization of Smart Cards (ViSCa), concept is a holistic approach and centralized management for a security system that pursues to provide a ubiquitous multi-device platform for the arrangement of mobile payment services that demand a powerful security protocol, both for the access & authentication and execution of its applications. In this sense, Virtualization of Smart Cards (ViSCa) offers full interoperability and full access from any user device without any loss of security. The concept prevents possible attacks by third parties, guaranteeing the confidentiality of personal data, bank accounts or private financial information. The Virtualization of Smart Cards (ViSCa) concept is split in two different phases: the execution of the user authentication protocol on the user device and the cloud architecture that executes the secure application. Thus, the secure service access is guaranteed at anytime, anywhere and through any device supporting previously required security mechanisms. The security level is improved by using virtualization technology in the cloud. This virtualization technology is used terminal virtualization to virtualize smart card hardware and thrive to manage virtualized smart cards as a whole, through mobile cloud technology in Virtualization of Smart Cards (ViSCa) platform-based mobile payment service. This entire process is referred to as Smart Card as a Service (SCaaS). Virtualization of Smart Cards (ViSCa) platform-based mobile payment service virtualizes smart card, which is used as payment mean, and loads it in to the mobile cloud. Authentication takes place through application and helps log on to mobile cloud and chooses one of virtualized smart card as a payment method. To decide the scope of the research, which is comparing Virtualization of Smart Cards (ViSCa) platform-based mobile payment service with other similar cases, we categorized the prior researches' mobile payment service groups into distinct feature and service type. Both groups store credit card's data in the mobile device and settle the payment process at the offline market. By the location where the electronic financial transaction information (data) is stored, the groups can be categorized into two main service types. First is "App Method" which loads the data in the server connected to the application. Second "Mobile Card Method" stores its data in the Integrated Circuit (IC) chip, which holds financial transaction data, which is inbuilt in the mobile device secure element (SE). Through prior researches on accept factors of mobile payment service and its market environment, we came up with six key factors of comparative analysis which are economic, generality, security, convenience(ease of use), applicability and efficiency. Within the chosen group, we compared and analyzed the selected cases and Virtualization of Smart Cards (ViSCa) platform-based mobile payment service.

• Maritime Security
• /
• v.3 no.1
• /
• pp.45-72
• /
• 2021

North Korea's cyber capabilities represent a relatively new threat to global financial institutions and foreign governments, particularly the U.S and South Korean governments. Based primarily on publicly available sources, such as journalistic accounts and scholarly publications, this qualitative paper analyzes the ways in which North Korean leader Kim Jong Un has bolstered his country's asymmetric power and advanced his line of byungjin (dual development in the economy and military). Particularly by merging the cyber and maritime domains, North Korean operatives generate more revenue for the regime and helps keep the heavily sanctioned leadership in power. Despite the increased international attention to North Korean hackers, few analysts have examined the important role of cyber in the DPRK's internal political culture, specifically in advancing Kim Jong Un's byungjin line. Cyber fits into the DPRK's longstanding tradition of irregular warfare and guerilla-based armed struggle. Cyber also further advances Kim's personal reputation in the DPRK as an economic innovator and military strategist. This paper pays particular attention to the role of the DPRK's cyber operations in both ideological and maritime contexts. Recently, North Korean hackers have targeted South Korean shipbuilding industries and developed a blockchain scam, known as Marine Chain. North Korean cyber agents have increasingly paid attention to the nexus of cyber and maritime domains in their activities.