• Journal of Distribution Research
• /
• v.15 no.5
• /
• pp.103-126
• /
• 2010

The development of an industry including distribution sector is influenced by not only government policy but the related firms' behaviors. Recently the large-scale retailers have had more enormous channel power than any other distributors including monopolistic makers. Now is the time for government to prepare some policies against the unfair transaction behaviors by large-scale retailers. In this paper I tried to inquire into the distribution competition policy from a political correspondent point of view related with the transition of distribution system. For the purpose of this article I compared the case of Korea with Japan. According to the results so far inquired, there are some commons and differences in the cases of the two. Some suggestions are as follows. Considering the predominant position the concept of large-scale retailers is to be extended from a single store to numerous chain stores in the political level. Government needs to examine the standard propriety for large-scale retailer; the size of selling area and amount of sales a year. When a large-scale retailer store is to be established, it need to be taken a permit or a pre-inspection. The Fair Trade Commission have to secure the neutrality from Government's strategies. And government should find out the examples of unfair transaction behavior types and prepare some proper guidelines continually. For the last time statistical data by distributors are to be fitted out and the actual investigations for estimating the effects of government policies need to be enforced.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.3
• /
• pp.1428-1438
• /
• 2013

Services take place in Internet environment, a formation of the trust relationship between user and service provider for services. Different authentication schemes such as using Certificate of Public Key Infrastructure authentication and using ID/PW for a simple user authentication have been proposed for trust relationship. In addition, in the case of electronic financial transactions, transaction integrity and non-repudiation features are provided. These services are provided in Internet environment, use various measures to ensure service safety. However, it was difficult to prevent attacks using existing security technology because of emergence of MITB attack that manipulate the memory area of the Web browser and social engineering attacks such as phishing/pharming, requires application of new security technologies became. In this paper, we propose a concept of smart secure-pad, and utilize it safely formed a trust relationship between user and service provider, a model has been proposed to ensure safety of data transmission. Proposed model's security evaluation results show security against to MITB attack and phishing/pharming that can't be prevent attack using existing security technology. In addition, service provider can easily apply the model in safe environment can provide Internet service using provided representative services applying the proposed model.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.2
• /
• pp.343-350
• /
• 2016

A secure and effective on-chip bus for detecting and preventing malicious attacks by infected IPs is presented in this paper. Most system inter-connects (on-chip bus) are vulnerable to hardware Trojan (Malware) attack because all data and control signals are routed. A proposed secure bus with modifications in arbitration, address decoding, and wrapping for bus master and slaves is designed using the Advanced High-Performance and Advance Peripheral Bus (AHB and APB Bus). It is implemented with the concept that arbiter checks share of masters and manage infected masters and slaves in every transaction. The proposed hardware is designed with the Xilinx 14.7 ISE and verified using the HBE-SoC-IPD test board equipped with Virtex4 XC4VLX80 FPGA device. The design has a total gate count of 39K at an operating frequency of 313MHz using the $0.13{\mu}m$ TSMC process.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.10a
• /
• pp.885-888
• /
• 2015

A secure and effective on-chip bus for detecting and preventing malicious attacks by infected IPs is presented in this paper. Most system inter-connect (on-chip bus) are vulnerable to hardware Trojan (Malware) attack because all data and control signals are routed. A proposed secure bus with modifications in arbitration, address decoding, and wrapping for bus master and slaves is designed using the Advanced High-Performance and Advance Peripheral Bus (AHB and APB Bus). It is implemented with the concept that arbiter checks share of masters and manage infected masters and slaves in every transaction. The proposed hardware is designed with the Xilinx 14.7 ISE and verified using the HBE-SoC-IPD test board equipped with Virtex4 XC4VLX80 FPGA device. The design has a total gate count of 40K at an operating frequency of 250MHz using the $0.13{\mu}m$ TSMC process.

• Journal of Advanced Navigation Technology
• /
• v.14 no.6
• /
• pp.882-889
• /
• 2010

The development of network technology has made rapid growth for online gaming industry on the Internet. Recently, game players have been wanting for a free migration on the game character for game player managed by online game servers of different types. Existing research on the acceptance of the game players demands have suggested migration model of the game character. However, the game Character Migration Process between the game server of different types migration is focused only, and safety issue that is necessary in an online transaction is overlooked. Therefore, ensure the safety of transactions information and when a dispute arises is necessary countermeasures. In this paper, Secure game Character Migration System (SCMP) using dual signature method when migrating game characters between the game servers of different types based on existing research is propose and looks to examine the safety.

• Korea Trade Review
• /
• v.42 no.5
• /
• pp.233-252
• /
• 2017

The fast changes of global financial environment in recent years increase the risk of trade settlement. This means are required to minimize risk of non payment and to maximize secure payment. Open Account trade accounts for 90% of global trade flows. The O/A system means that the goods, along with all the necessary documents, are shipped and delivered before payment is due, usually within a time frame from 30 to 90 days. Meanwhile, Korean small and medium-sized export enterprises are compelled to globalize their activities owing to limitation and competitiveness of domestic marketplace. To keep face with the global trade settlement system and to support globalization of small and medium-sized export firms, the BPO together with Supply Chain Finance will be solutions. The introduction of the BPO system will allow banks to broaden O/A offerings to their client base and due to secure safety, sellers could ship the goods without delay according to orders and buyers could settle promptly by payment undertaking of correspondent banks. Therefore, it is more effective for companies which have sustainable customers and stable transaction. This study take a look at the trend of the global payment systems and suggested limitation of existed payment in order to derive improvement measures of electronic payment for small and medium-sized export enterprises.

• International Journal of Computer Science & Network Security
• /
• v.24 no.8
• /
• pp.32-42
• /
• 2024

The Internet of Things (IoT) is set to transform patient care by enhancing data collection, analysis, and management through medical sensors and wearable devices. However, the convergence of IoT device vulnerabilities and the sensitivity of healthcare data raises significant data integrity and privacy concerns. In response, this research introduces the Smart-Coord system, a practical and affordable solution for securing healthcare IoT. Smart-Coord leverages blockchain technology and coordinate-based access management to fortify healthcare IoT. It employs IPFS for immutable data storage and intelligent Solidity Ethereum contracts for data integrity and confidentiality, creating a hierarchical, AES-CBC-secured data transmission protocol from IoT devices to blockchain repositories. Our technique uses a unique coordinate system to embed confidentiality and integrity regulations into a single access control model, dictating data access and transfer based on subject-object pairings in a coordinate plane. This dual enforcement technique governs and secures the flow of healthcare IoT information. With its implementation on the Matic network, the Smart-Coord system's computational efficiency and cost-effectiveness are unparalleled. Smart-Coord boasts significantly lower transaction costs and data operation processing times than other blockchain networks, making it a practical and affordable solution. Smart-Coord holds the promise of enhancing IoT-based healthcare system security by managing sensitive health data in a scalable, efficient, and secure manner. The Smart-Coord framework heralds a new era in healthcare IoT adoption, expertly managing data integrity, confidentiality, and accessibility to ensure a secure, reliable digital environment for patient data management.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.42
• /
• pp.133-160
• /
• 2009

In International trade the buyer and seller are normally separated from on another not only by distance but also by differences in language and culture. It is rarely possible for the performance of obligations to be simultaneous and the performance of contracts therefore calls for trust in a situation in which the parties are unlikely to feel able to trust each other unless they have a longstanding and successful relationship. Thus the seller under an international contract of sale will not wish to surrender documents of title to goods to the buyer until he has at least an assurance of payment, and no buyer will wish to pay for goods until he has received them. A gap of distrust thus exists which is often bridged by the undertaking of an intermediary known and trusted by both parties who will undertake on his own liability to pay the seller the contract price in return for the documents of title and then pass the documents to the buyer in return for the reimbursement. This is a common explanation of the theory behind the documentary letter of credit in which the undertaking of a bank of international repute serves as a "guarantee" to each party that the other will perform his obligations. The independence principle, also referred to as the "autonomy principle", is at the core of letter of credit or bank guarantee law. This principle provides that the letter of credit or bank guarantee is independent of the underlying contractual commitment - that is, the transaction that the credit is intented to secure - between the applicant and the beneficiary ; the credit is also independent of the relationship between the bank and its customer, the applicant. The most important exception to the independence principle is the doctrine of fraud in the transaction. A strict interpretation of the rule that the guarantee is independent of the underlying transaction would lead to the conclusion that neither fraud nor manifest abuse of rights by the beneficiary would constitute an objection to payment. There is one major problem related to "Independent guarantees", namely abusive or unfair callings. The beneficiary may make an unfair calling under the guarantee. The countermeasure of beneficiary's unfair calling divided three cases. First, advance countermeasure namely by contract. In other words, when the formation of the contract, the parties must insert the Force Majeure Clause, Arbitration Clause to Contract, and clear statement to the condition for demand calling. Second, post countermeasure namely by court. Many countries, including the United States, authorize the courts to grant an order enjoining the issuer from paying or enjoining the beneficiary from receiving payment under the guaranty letter. Third, Export Insurance. For example, the Export Credit Guarantees Department is prepared, subject to certain conditions, to cover the risk of unfair calling. Of course, KEIC in Korea is cover the risk of the all things for guarantees. On international projects, contractor performance is usually guaranteed by either a standby letters of credit or Independent guarantee. These instruments will be care the parties.

• Journal of Intelligence and Information Systems
• /
• v.20 no.2
• /
• pp.163-178
• /
• 2014

Following research proposes "Virtualization of Smart Cards (ViSCa)" which is a security system that aims to provide a multi-device platform for the deployment of services that require a strong security protocol, both for the access & authentication and execution of its applications and focuses on analyzing Virtualization of Smart Cards (ViSCa) platform-based mobile payment service by comparing with other similar cases. At the present day, the appearance of new ICT, the diffusion of new user devices (such as smartphones, tablet PC, and so on) and the growth of internet penetration rate are creating many world-shaking services yet in the most of these applications' private information has to be shared, which means that security breaches and illegal access to that information are real threats that have to be solved. Also mobile payment service is, one of the innovative services, has same issues which are real threats for users because mobile payment service sometimes requires user identification, an authentication procedure and confidential data sharing. Thus, an extra layer of security is needed in their communication and execution protocols. The Virtualization of Smart Cards (ViSCa), concept is a holistic approach and centralized management for a security system that pursues to provide a ubiquitous multi-device platform for the arrangement of mobile payment services that demand a powerful security protocol, both for the access & authentication and execution of its applications. In this sense, Virtualization of Smart Cards (ViSCa) offers full interoperability and full access from any user device without any loss of security. The concept prevents possible attacks by third parties, guaranteeing the confidentiality of personal data, bank accounts or private financial information. The Virtualization of Smart Cards (ViSCa) concept is split in two different phases: the execution of the user authentication protocol on the user device and the cloud architecture that executes the secure application. Thus, the secure service access is guaranteed at anytime, anywhere and through any device supporting previously required security mechanisms. The security level is improved by using virtualization technology in the cloud. This virtualization technology is used terminal virtualization to virtualize smart card hardware and thrive to manage virtualized smart cards as a whole, through mobile cloud technology in Virtualization of Smart Cards (ViSCa) platform-based mobile payment service. This entire process is referred to as Smart Card as a Service (SCaaS). Virtualization of Smart Cards (ViSCa) platform-based mobile payment service virtualizes smart card, which is used as payment mean, and loads it in to the mobile cloud. Authentication takes place through application and helps log on to mobile cloud and chooses one of virtualized smart card as a payment method. To decide the scope of the research, which is comparing Virtualization of Smart Cards (ViSCa) platform-based mobile payment service with other similar cases, we categorized the prior researches' mobile payment service groups into distinct feature and service type. Both groups store credit card's data in the mobile device and settle the payment process at the offline market. By the location where the electronic financial transaction information (data) is stored, the groups can be categorized into two main service types. First is "App Method" which loads the data in the server connected to the application. Second "Mobile Card Method" stores its data in the Integrated Circuit (IC) chip, which holds financial transaction data, which is inbuilt in the mobile device secure element (SE). Through prior researches on accept factors of mobile payment service and its market environment, we came up with six key factors of comparative analysis which are economic, generality, security, convenience(ease of use), applicability and efficiency. Within the chosen group, we compared and analyzed the selected cases and Virtualization of Smart Cards (ViSCa) platform-based mobile payment service.

• Journal of Internet Computing and Services
• /
• v.17 no.5
• /
• pp.25-32
• /
• 2016

There has been a rapid growth in the development of mobile application resulting from its wide usage for online transaction, data storage and exchange of information. However, an important issue that has been overlooked is the lack of emphasis on the security issues at the early stage of the development. In fact, security issues have been kept until the later stage of the implementation of mobile apps. Requirements engineers frequently ignore and incorrectly elicit security related requirements at the early stage of mobile application development. This scenario has led to the failure of developing secure and safe mobile application based on the needs of the users. As such, this paper intends to provide further understanding of the real challenges in extracting security attributes for mobile application faced by novice requirements engineers. For this purpose, two experiments on eliciting security attributes requirements of textual requirements scenario were conducted. The performance related to the correctness and time taken to elicit the security attributes were measured and recorded. It was found that the process of eliciting correct security attributes for mobile application requires effort, knowledge and skills. The findings indicate that an automated tool for correct elicitation security attributes requirement could help to overcome the challenges in eliciting security attributes requirements, especially among novice requirements engineers.