• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.183-191
• /
• 2016

Most recent trend reveals broader state of provision of NFC service as NFC technology was applied on smartphones which has become core communication tools by providing integrated services such as payment, medical, and personal authentication. Moreover, with integration of original service and NFC technology, new service providers now can handle personal information of original service or can handle other personal information with transition of previous service provider to NFC service provider. Considering current state of security industry along with NFC technology and service, we would like to analyze current stage of security threats and plan the counter strategies to create NFC service structure.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.3
• /
• pp.754-766
• /
• 1997

In this paper,we implement the Audit Trail Service Sydtem for the EDI Security.It has solved a law dispute between enterprises by informations that have generated by the EDI serice systrm.The audit trail service sys-tem implemented for EDI security satisfied the requirements of audit and the protocol of the security serive of X.435 and X.400.The EDI Security Audit System consists of the event discrimiator,the audit recirder,the audit archiver,and the provider of audit services .The event discriminator classified the reansmitted data from the EDI network ot audit sercices.The audit recorder constructs an index that has combined time information wiht audit unformations which are classified by the event discriminator.ZThe audit archiver performas the vacumming of added audit imformations by passing time by passing time.The audit provider is a module that carries out the audit trail servies by using stored audit informations. The audit provider suports audit servies,which are non-requdiation,proof and probe,controller of security,and accesing infrimation.The audit trail service system for EDI security constructs audit information by using index that is combining time imfromation,so it supports especially fast accesing audit information.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.33 no.4
• /
• pp.130-137
• /
• 2010

This paper analyzes the main factors affecting user selection of a small-sum electronic payment system using survey data of 396 users. Several findings emerge. First, users consider three pillars and eight factors in adopting a new system : system features(stability, security, and flexibility), transaction cost(payment commission and settlement period), and financial capability of provider(stability of financial structure, risk management capability, and funding capability). Second, the stability of the financial structure of the system provider is the most important factor to user acceptance of a new e-payment system. Users tend to consider uncertainty risk more seriously than transaction cost. This reflects the reality that electronic payment system service industry has not fully fledged yet. Third, some moderating effects exist according to payment methods and business usages. As for payment methods, speedy settlement cycle for wired/wireless phone payment, system stability for credit card and account transfer payment, and security for advance payment means are crucial factors. As for business usages, the stability of financial structure for online game content, system stability for music and video content, proxy payment commission for e-learning content, flexibility of the payment system for digital adult content, and security for public services are decisive ones.

• Journal of the Korea Safety Management & Science
• /
• v.6 no.2
• /
• pp.127-139
• /
• 2004

Web-based services have fundamentally confidential problems due to characteristics of internet environment such as anonymity. These problems are serious obstacles to grow the web-based services. The security and confidence of web-based services rely on both service provider and users' opinion. But the former has difficulty in trusting the service provider and the latter takes too long time to propagete all users after converging their opinion. Therefore it is necessary to establish the objective and confidential evaluation and certification program for web-based service. In this paper, the internal and external web-based services evaluation and certification programs are compared and analyzed. The critical factors and evaluation methodology for secure and confidential web-based service are identified. Finally, this paper provides the improvement and strategy for web-based services evaluation and certification program.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1337-1344
• /
• 2012

This paper analyzed electronic transaction systems of social commerce service which have rapidly grown recent days, and as a result found that most of the electronic transaction systems of social commerce service had payment amount modification issue. This paper proposes a method for solving the payment amount modification issue. The proposed method adds an authentication process between servers of social commerce service provider and payment-gateway company. The added authentication process prohibits user getting involved in payment procedure, and thus prevents payment amount modification.

• International Journal of Internet, Broadcasting and Communication
• /
• v.8 no.1
• /
• pp.7-18
• /
• 2016

Several authentication methods have been developed to make use of tokens in the mobile networks and smart payment systems. Token used in smart payment system is genearated in place of Primary Account Number. The use of token in each payment transaction is advantageous because the token authentication prevents enemy from intercepting credit card number over the network. Existing token authentication methods work together with the cryptogram, which is computed using the shared key that is provisioned by the token service provider. Long lifetime and repeated use of shared key cause potential brawback related to its vulnerability against the brute-force attack. This paper proposes a per-transaction shared key mechanism, where the per-transaction key is agreed between the mobile device and token service provider for each smart payment transaction. From server viewpoint, per-transaction key list is easy to handle because the per-transaction key has short lifetime below a couple of seconds and the server does not need to maintain the state for the mobile device. We analyze the optimum size of the per-transaction shared key which satisfy the requirements for transaction latency and security strength for secure payment transactions.

• International Journal of Computer Science & Network Security
• /
• v.23 no.5
• /
• pp.65-72
• /
• 2023

Cloud Computing is one of the current research areas in computer science. Recently, Cloud is the buzz word used everywhere in IT industries; It introduced the notion of 'pay as you use' and revolutionized developments in IT. The rapid growth of modernized cloud computing leads to 24×7 accessing of e-resources from anywhere at any time. It offers storage as a service where users' data can be stored on a cloud which is managed by a third party who is called Cloud Service Provider (CSP). Since users' data are managed by a third party, it must be encrypted ensuring confidentiality and privacy of the data. There are different types of cryptographic algorithms used for cloud security; in this article, the algorithms and their security measures are discussed.

• The KIPS Transactions:PartC
• /
• v.15C no.4
• /
• pp.221-226
• /
• 2008

IPTV is well known services of TPS (Triple play service). Since TPS supplies the bundle service, service providers can supply low-priced services for their subscribers. To supply high quality contents stably, it is an essential requirement to make payment for the services. According to the type of services, either CAS or DRM is used to protect the pay-contents service. Also IPTV uses or will use these security systems to protect the service. In this paper, we will describe security problems when a IPTV service provider chooses either CAS or DRM, and then propose a new security system to solve the problems.

• Journal of Information Technology Services
• /
• v.14 no.4
• /
• pp.221-236
• /
• 2015

Application software is delivered to customers as a form of service at cloud environment. A cloud service provider is a marketplace between supply side (application providers) and demand side (customers). Cloud service providers have to validate applications to be included in their service portfolio. Not only performance, security, networking, compliances should be checked but also business contract, authentication should be provided. Organization customers are more sensitive to these validation criteria and process. We study the Internet2 NET+, which is a successful cloud marketplace of applications for research and education organizations. This case study shows us three things : (i) a cloud marketplace's application management process : selection, validation, transition to service, customization of applications (ii) what a cloud marketplace has for its infrastructure like authentication, security, access control etc. (iii) what a cloud marketplace has as its governance structure. This case study will provide informative analysis of Internet2 NET, a profit-making vertical and buyer's marketplace (education industry). And we will get some strategic implications for planning and implementing cloud marketplaces.

• Journal of Broadcast Engineering
• /
• v.13 no.2
• /
• pp.261-273
• /
• 2008

Multimedia service whose use is rapidly increasing supports effective services to convert and transmit multimedia data based on network speed, noise circumstance, terminal computation, and type of contents for satisfying QoS. For supporting information protection of multimedia service, it offers middle level of singular security service or security mechanism which is based on policy of service provider, depending on present terminal computation and type of contents. It can support security mechanism for more effective multimedia service, if we study security of application layer and network layer for supporting multimedia service. In this paper, we propose Multimedia security framework reflected on quantitative analysis of the WLAN(Wireless Local Area Network) mesh network security using the utility function in the level of the sorority, violation and addictive compensation model.