• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.1B
• /
• pp.29-36
• /
• 2011

Near Field Communication is an emerging short-range wireless connectivity technology that offers proximity and different operating modes. Particularly, NFC technology has the potential to revolutionize mobile applications like payment and ticketing because NFC is more complex and mutual connectivity than RFID as the simple tag reader. Finally, NFC security technology defines the robust security protocols. This paper will specify and analyze the NFC security technology, and study the chance and its beneficial effect of the UICC card as the NFC Secure Element.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.40 no.6
• /
• pp.39-46
• /
• 2003

Biometric technologies using biometric information like fingerprints features are in wide use for the secure user authentication in many services including log-in of computer systems, entrance ID and E-commercial security. Nowadays, biometric technologies are ported into small embedded systems like security tokens or smart cards due to the merit of being secure and automatic in comparison with the previous method in user authentication such as using a PIN. In this paper, the security token developed as an embedded system and tile user authentication system implemented and tested using fingerprints information are described. Communications between the security token and tile host are tested and verified with USB. And, execution time and runtime memory on tile security token board was measured and performance improvement was described. In addition, requisites for the transit from the security token to the match-on-card was mentioned.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.4B
• /
• pp.687-694
• /
• 2010

IPTV(Internet Protocol Television) is an emerging technology in which telecommunication and broadcasting technologies are converged. IPTV service providers usually multicast scrambled contents. And only legitimate subscribers who pass the access control can de-scramble and use the contents. In order to ensure revenues, providers oftentimes employ password-based authentication protocols that ensure secure authentication processes between set-top box and smart card. In this paper, we propose a fingerprint-based 1-out-of-n authentication protocol which provides convenient and more secure authentication process in some organizational environments. The proposed scheme shows that only those who provide legitimate fingerprint information can be authenticated even in a situation that both password and smart card are compromised.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.05a
• /
• pp.451-455
• /
• 2012

In this paper, Nateon, MSN Messenger, including how to hack into the most intimate acquaintance formed as follows, for hacking (keyloggers, remote monitoring, etc.) by sending a bank and ID, PW, certificate, security card, etc. personal financial information obtained after the withdrawal of the account balance to have a personal financial analysis infringement attack vulnerable elements found in internet banking, the vulnerabilities and countermeasures concerning the prevention of accidents, including violations by seeking a more secure Internet banking personal Internet Banking is to devise a deal.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.3 no.2
• /
• pp.411-420
• /
• 1999

The topic of electronic commerce is a hot issue in computer technology. There are many kinds of risks associated with electronic commerce which performs financial transactions by exchanging electronic information over public networks. Therefore, security factors such as confidentiality, integrity, authentication and non-repudiation should be required to construct secure electronic commerce systems. In this paper, the credit card-based payment protocol applying dual signature is presented. It provides payment information to the bank a cardholder pays to, but conceals ordering information. It also offers ordering information to a merchant, but hides payment information including the card number. Thus, cardholder's private information can be protected. In order to accomplish this, dual signature is performed employing both symmetric method utilizing cardholder's secret number as an encryption key and asymmetric method.

• Journal of Korea Multimedia Society
• /
• v.6 no.5
• /
• pp.849-860
• /
• 2003

As mobile device is becoming more popular, E-Commerce changes into M-Commerce. Especially, IMT-2000 (International Mobile Telecommunication 2000) service is prepared for M-Commerce and this has USIM (Universal Subscriber Identity Module) as a core of certification of individuality and transactions. As a result, the area of mobile service going to expand by USIM. But, mobile services using USIM leave much to be desired, and developed application don't variety. In this paper, for the efficient design of USIM, the structure of USIM and protocol is analyzed, and secure payment solution in USIM is proposed. Specially, offline payment system is proposed for the verification of proposed protocols including security, saving, and calculation of balance. finally, the simulation of proposed payment system on USIM is performed using Java Card.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.6
• /
• pp.2139-2151
• /
• 2014

Embedded system testing, especially long-term reliability testing, of flash memory solutions such as embedded multi-media card, secure digital card and solid-state drive involves strategic decision making related to test sample size to achieve high test coverage. The test sample size is the number of flash memory devices used in a test. Earlier, there were physical limitations on the testing period and the number of test devices that could be used. Hence, decisions regarding the sample size depended on the experience of human testers owing to the absence of well-defined standards. Moreover, a lack of understanding of the importance of the sample size resulted in field defects due to unexpected user scenarios. In worst cases, users finally detected these defects after several years. In this paper, we propose that a large number of potential field defects can be detected if an adequately large test sample size is used to target weak features during long-term reliability testing of flash memory solutions. In general, a larger test sample size yields better results. However, owing to the limited availability of physical resources, there is a limit on the test sample size that can be used. In this paper, we address this problem by proposing a self-adaptive reliability testing scheme to decide the sample size for effective long-term reliability testing.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.2
• /
• pp.87-94
• /
• 2013

In this paper, we analyse the weaknesses of authentication scheme preserving user anonymity proposed by Khan et al in 2011 and we propose a new authentication schemes preserving user anonymity that improved these weaknesses. Khan et al's authentication scheme is vulnerable to insider attack and doesn't provide user anonymity to the server. Also, this scheme is still a weakness of wrong password input by mistake in spite of proposing the password change phase. In this paper, we will show that Khan et al's scheme is vulnerable to the stolen smart card attack and the strong server/user masquerade attack. The proposed authentication scheme propose the improved user anonymity, which can provide more secure privacy to user by improving these weaknesses.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.41 no.5
• /
• pp.25-32
• /
• 2004

An anti-fraud system that utilizes association rules of fraud as well as AFS (Anti Fraud System) for credit card payments in e-commerce is proposed. The association rules are found by applying the data mining algorithm to millions of transaction records that have been generated as a result of orders on goods through the Internet. When a customer begins to process an order by using transaction components of a secure messaging protocol, the degree of risk for the transaction is assessed by using the found rules. More credit information will be requested or the transaction is rejected if it is interpreted as risky.

• Journal of Internet Computing and Services
• /
• v.20 no.3
• /
• pp.111-117
• /
• 2019

We categorize the model of simple payment into Magnetic Secure Transmission, Near Filed Communication, and App Card based on the Focus Group Interview. We also define the key drivers for the diffusion of simple payment services based on the literature review with the experts. Through Analytic Hierarchy Process our finding suggests that the degree of acceptance at the stores is the most critical factor which decides the diffusion of simple payment service model. Security is also the important driver but due to the fact that service providers should follow the information security rule and supervisory guidance, it actually did not make a big difference in terms of assessing competence of each model.