• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.885-895
• /
• 2019

As seen in recent cases of hacking in financial services, attackers are attempting to hacking trustee with poor security management, rather than directly hacking a financial company. As a result, the consignor is strengthening the security check and control of the trustee, but small trustee has difficulties to invest in information security with the lack of computer facilities and the excessive cost of security equipment. In this paper I investigate the vulnerability of personal information processing life cycle standards in order to enhance the security of small consignee that receive personal information form the credit card company. To solve the vulnerability the company should use litigation management system constructed on cloud computing service and install VPN to secure confidentiality and intergrity in data transfer section. Also, to enhance the security of users, it is suggested to protect personal credit information by installing PC firewall and output security on user PC.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.87-97
• /
• 2003

In this paper, we define two security concepts, “non-computable security” and “distribution security”, about authentication information committed to a authentication server without any trustee, and propose an authenticatied key exchange protocol based on password, satisfying “distribution security”. We call it MAP(Muti-Server Authentication Protocol based on Password) and show that SSSO(Secure Single Sign On) using MAP solves a problem of SSO(Single Sign On) using authentication protocol based on password with a trustee.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.2
• /
• pp.83-92
• /
• 1999

Cryptography techniques can prevent eavesdroppers from maliciously intercepting or modifying sensitive information. however misuses of encryption may cause other problems First if the encryption key is lost or damaged even an authorized access to the original data will be denied. Second criminals can prevent authorized law enforcement officers from examining the necessary information by using the strong encrypted data can provide solutions for the situations. In this paper we propose a new key escrow system based on the ElGamal cryptosystem. Our system provide time-bound eavesdropping under court authorized permission protect from trustee's cheating and prevent user's shadow public key generation.

• Journal of Communications and Networks
• /
• v.4 no.2
• /
• pp.81-89
• /
• 2002

In this paper, we design and implement an efficient fair off-line electronic cash system based on Elliptic Curve Discrete Logarithm Problem (ECDLP), in which the anonymity of coins is revocable by a trustee in case of dispute. To achieve this, we employ the Petersen and Poupard s electronic cash system [1] and extend it by using an elliptic curve over the finite field GF($2^n$). This naturally reduces message size by 85% compared with the original scheme and makes a smart card to store coins easily. Furthermore, we use the Baek et al. s provably secure public key encryption scheme [2] to improve the security of electronic cash system. As an extension, we propose a method to add atomicity into new electronic cash system. To the best of our knowledge, this is the first result to implement a fair off-line electronic cash system based on ECDLP with provable security.

• Informatization Policy
• /
• v.18 no.2
• /
• pp.49-71
• /
• 2011

This study aims at finding what factors influence trust in e-government and how trust in e-government and satisfaction with e-government services affect trust in government. Despite of the importance of trust in e-government, there has not been sufficient research. Giving light on the factors of affecting trust in e-government is of academic significance. Therefore, the purpose of this study is to explore the nature, driving forces and consequences of citizens'trust in e-government and in government. The empirical results indicated that temporal embeddedness, network embeddedness, information provision quality, information security quality and e-participation quality affect satisfaction with e-government services and trust in e-government. Also, satisfaction with e-government services and trust in e-government influence trust in government, and satisfaction with e-government services affect trust in e-government.

• Information Systems Review
• /
• v.14 no.3
• /
• pp.75-97
• /
• 2012

Fostering trusting belief in financial transactions is a challenging task in Internet banking services. Authenticated Certificate had been regarded as an effective method to guarantee the trusting belief for online transactions. However, previous research claimed that this method has some loopholes for such abusers as hackers, who intend to attack the financial accounts of innocent transactors in Internet. Two types of methods have been suggested as alternatives for securing user identification and activity in online financial services. Control transparency uses information over the transaction process to verify and to control the transactions. Outcome feedback, which refers to the specific information about exchange outcomes, provides information over final transaction results. By using these two methods, financial service providers can send signals to involved parties about the robustness of their security mechanisms. These two methods-control transparency and outcome feedback-have been widely used in the IS field to enhance the quality of IS services. In this research, we intend to verify that these two methods can also be used to reduce risks and to increase the security protections in online banking services. The purpose of this paper is to empirically test the effects of the control transparency and the outcome feedback on the risk perceptions in Internet banking services. Our assumption is that these two methods-control transparency and outcome feedback-can reduce perceived risks involved with online financial transactions, while increasing perceived trust over financial service providers. These changes in user attitudes can increase the level of user satisfactions, which may lead to the increased user loyalty as well as users' willingness to pay for the financial transactions. Previous research in IS suggested that the increased level of transparency on the process and the result of transactions can enhance the information quality and decision quality of IS users. Transparency helps IS users to acquire the information needed to control the transaction counterpart and thus to complete transaction successfully. It is also argued that transparency can reduce the perceived transaction risks in IS usage. Many IS researchers also argued that the trust can be generated by the institutional mechanisms. Trusting belief refers to the truster's belief for the trustee to have attributes for being beneficial to the truster. Institution-based trust plays an important role to enhance the probability of achieving a successful outcome. When a transactor regards the conditions crucial for the transaction success, he or she considers the condition providers as trustful, and thus eventually trust the others involved with such condition providers. In this process, transparency helps the transactor complete the transaction successfully. Through the investigation of these studies, we expect that the control transparency and outcome feedback can reduce the risk perception on transaction and enhance the trust with the service provider. Based on a theoretical framework of transparency and institution-based trust, we propose and test a research model by evaluating research hypotheses. We have conducted a laboratory experiment in order to validate our research model. Since the transparency artifact(control transparency and outcome feedback) is not yet adopted in online banking services, the general survey method could not be employed to verify our research model. We collected data from 138 experiment subjects who had experiences with online banking services. PLS is used to analyze the experiment data. The measurement model confirms that our data set has appropriate convergent and discriminant validity. The results of testing the structural model indicate that control transparency significantly enhances the trust and significantly reduces the risk perception of online banking users. The result also suggested that the outcome feedback significantly enhances the trust of users. We have found that the reduced risk and the increased trust level significantly improve the level of service satisfaction. The increased satisfaction finally leads to the increased loyalty and willingness to pay for the financial services.