• 한국HCI학회:학술대회논문집
• /
• 2008.02a
• /
• pp.269-273
• /
• 2008

In ubiquitous environments, clients move between domains freely and its activities in the other domains are growth. Like this environment, the service provider makes access or activity records what they are provided to clients. This record can make a privacy problem to recognize a person or trace some works. So this record must be kept and managed by user instead of the service provider. In this paper, we propose a system that can gather those records from the service provider to home domain server which client's managing by themselves. In addition, if remote domain manager requests that record by the legal process, system can transfer only a range of information which allowed by client to keep personal privacy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.97-109
• /
• 2010

Although the primary liability for online copyright infringement may fall on the individual who illegally copies, transfers, and/or distributes the copyrighted content, the issue of indirect liability for Online Service Providers (OSPS) that provide a channel for the distribution of illegal content has recently come under the spotlight. Currently, in an effort to avoid liability for indirect copyright infringement and improve their reputation, most OSPs have voluntarily applied filtering technology. Under the Copyright Act of Korea, special types of OSPS including P2P and Web-based Hard Drive (WebHard) are required to incorporate filtering technology, and may be charged with penalties if found without one. However, despite the clear need for filtering mechanisms, several arguments have been set forth that question the efficacy and appropriateness of the system. As such, this paper discusses the liability theory adopted in the US. -a leader in internet technology development-and analyzes the scope of liability and filtering related regulations in our copyright law. In addition, this paper considers the current applications of filtering as well as limits of the applied filtering technology in OSPS today. Finally, we make four suggestions to improve filtering in Korea, addressing issues such as clarifying the limits and responsibilities of OSPS, searching for cooperative solutions between copyright holders and OSPS, standardizing the filtering technology to enable compatibility among different filtering techniques, and others.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.237-249
• /
• 2010

If one analyzes recent cyber incidents including personal information infringement cases, it seems like actual attack is targeting Internet service providers but actually they are targeting Internet service users. For many users, all the services were not provided to them as they have signed for in the contract or personal informations, which users have provided to service providers when signing contracts, were disclosed to public without users' consent causing aftereffect. As a result, importance of S-SLA indexes, which is to be included in the SLA to be signed between a user and a service provider, is ever more increasing. Especially, if there is a S-SLA indexes for anti-virus services, service providers have to provide a high quality of service as they have signed in the SLA. However, there wasn't any researches in the S-SLA area domestically and there are only limited SLA indexes related to system or service maintenances at the moment. Therefore, this paper analyses security functions in anti-virus services and proposes S-SLA indexes for different security level.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.2
• /
• pp.565-586
• /
• 2022

Cloud storage's elastic expansibility not only provides flexible services for data owners to store their data remotely, but also reduces storage operation and management costs of their data sharing. The data outsourced remotely in the storage space of cloud service provider also brings data security concerns about data integrity. Data integrity verification has become an important technology for detecting the integrity of remote shared data. However, users without data access rights to verify the data integrity will cause unnecessary overhead to data owner and cloud service provider. Especially malicious users who constantly launch data integrity verification will greatly waste service resources. Since data owner is a consumer purchasing cloud services, he needs to bear both the cost of data storage and that of data verification. This paper proposes a verification control algorithm in data integrity verification for remotely outsourced data. It designs an attribute-based encryption verification control algorithm for multiple verifiers. Moreover, data owner and cloud service provider construct a common access structure together and generate a verification sentinel to verify the authority of verifiers according to the access structure. Finally, since cloud service provider cannot know the access structure and the sentry generation operation, it can only authenticate verifiers with satisfying access policy to verify the data integrity for the corresponding outsourced data. Theoretical analysis and experimental results show that the proposed algorithm achieves fine-grained access control to multiple verifiers for the data integrity verification.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.3
• /
• pp.1-11
• /
• 2021

Development of ICT technologies leads exponential growth of various sharing economy over the last couple of years. The intuitive advantage of the sharing economy is efficient utilization of idle goods and services, but there are safety and security concerns. In this paper, we propose a onetime password based access control system to support secure accommodation sharing service and show the implementation results. To provide a secure service to both the provider and the user, the proposed system issues a onetime access password that is valid only during the sharing period reserved by the user, thereafter access returns to the accommodation owner. Especially, our system provides secure user access by merging the two elements of speaker recognition using voice and a one-time password to open and close the door lock. In this paper, we propose a secure system for accommodation sharing services as a use-case, but the proposed system can be applicable to various sharing services utilizing security-sensitive facilities.

• The Journal of Information Systems
• /
• v.27 no.1
• /
• pp.133-151
• /
• 2018

Purpose Global fintech industry is proliferating. Although domestic investment in fintech service is also increasing fast, user acceptance of fintech payment service seems slower than expected. Previous fintech literature mainly focuses on overall characteristics and technical aspects of fintech including security issues and explores factors affecting the service adoption. This study aims to examine crucial factors affecting user's resistance intention to fintech payment service adoption. The research model was formulated based on innovation diffusion theory and status quo bias theory and validated empirically. Design/methodology/approach The proposed research model was empirically validated with 149 responses from college students who have used fintech payment service. The component-based SEM was employed for data analysis. Findings The significant findings are as follow. First, compatibility has significant negative effect and complexity, and perceived risk has a positive effect on user resistance. Second, institutional trust does not show a significant effect on user resistance but has an indirect effect through the mediation of trust in service provider. Finally, trust in service provider shows the significant negative effect on user resistance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.129-141
• /
• 2006

The purpose of this paper is to design Conformance Test Suite for BSP(Biometric Service Provider) based on BioAPI(Biometric Application Programming Interface) v2.0. The proposed BioAPI Conformance Test Suite enables users to test BSP with framework independently. A test scheduling tool has been embodied to use Test Assertion in the form of XML. In order to demonstrate the performance of the Conformance Test Suite, the experiment was performed by using both verification and identification BSPs. As the results of this experiment, we were able to determinate whether BSPs based on BioAPI v2.0 satisfied standard requirements or not.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.2B
• /
• pp.144-156
• /
• 2003

Internet/Intranet has been continuously enhanced by new emerging IP technologies such as differentiate service(DiffServ), IPSec(IP Security) and MPLS(Multi-protocol Label Switching) traffic engineering. According to the increased demands of various real-time multimedia services, ISP(Internet Service Provider) should provide enhanced end-to-end QoS(quality of service) and security features. Therefore, Internet and Intranet need the management functionality of sophisticated traffic engineering functions. In this paper, we design and implement the performance management functionality for the guaranteed end-to-end QoS provisioning on MPLS-based VPLS(Virtual Private LAN Service). We propose VPLS OAM(Operation, Administration and Maintenance) for efficient performance management. We focus on a scheme of QoS management and measurement of QoS parameters(such as delay, jitter, loss, etc.) using VPLS OAM functions. The proposed performance management system also supports performance tuning to enhance the provided QoS by re-adjusting the bandwidth of LSPs for VPLS. We present the experimental results of performance monitoring and analysis using a network simulator.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.317-326
• /
• 2012

Internet service provider is able to collect personal information to prevent the violations of the rights of service providers and customers using internet. But there are still many debates going on between a personal privacy and a regulation. Proxy servers are used in various technical purposes include bypass access. Although the proxy server users are increasing but there are not any proper institutional mechanisms and regulations to protect users. In this study, we discuss the two sides of a proxy service includes its privacy protection function and the cyber-crime threat and propose supplementary measures to mediate between the interests of public and private.

• Journal of the Korea Society for Simulation
• /
• v.27 no.1
• /
• pp.51-60
• /
• 2018

This study aims to understand crucial factors affecting user's Fintech payment service adoption. On the basis of innovation diffusion theory and prior Fintech literature, this study classifies the influence factors of users' adoption of Fintech payment service into two dimensions - service dimension containing complexity, perceived benefit, trust in service provider and user dimension containing personal innovativeness and security breach experience. The data analysis results using binary logistic regression shows the negative direct effects of perceived risk, complexity, security accident experience on user's service adoption are statistically significant. Personal innovativeness has a positive effect on user's Fintech payment service adoption. The moderation effect of security accident experience is also significant at p<0.05.