권태경(Taekyoung Kwon)
직함: Professor
Yonsei Univ.
Information security has become an essential requirement of the modern computing systems. For example, confidentiality, integrity, authenticity, and availability are now being widely stressed and even sometimes overstressed by those people who are demanding, developing or deploying such new systems. However, unfortunately, we are still experiencing many kinds of security-related accidents and new vulnerabilities in terms of cyber attacks, hackings, and something like those malicious activities. No matter what the work of longue haleine, we still have sufficient perhaps hardly avoidable reasons for being at actual risk, for instance, legacy systems, weakest links, easiest penetration, and so on. Meanwhile, most users are notoriously lazy and perceive the risk only as those on the outside. I would like to introduce several experiences confronted in our recent research and discuss pervasive actual risk and the user's perception gap: What it is and why knowing it is important.
Prof. Kwon was born in Seoul, Korea, and received his academic degrees (B.S., M.S., and Ph.D.) in computer science from Yonsei University, Seoul, Korea. From 1999 to 2000, he did his post-doc study at U.C. Berkeley and developed a password authenticated key exchange protocol called AMP, which was presented at ISOC NDSS 2001 and standardized in IEEE P1363.2 and ISO/IEC 11770-4, respectively. From 2001 to 2013 Spring, he was a professor of computer engineering at Sejong University, Seoul, Korea. In 2013, he came back to Shinchon Campus to join the faculty of Yonsei University where he is currently a professor of information. He is on the director board of the Korea Institute of Information Security and Cryptology (KIISC) and the editorial committee of the Korea Information Science Society (KIISE). He also serves as committee members or chairs for many international and domestic conferences. His research interests are mainly in the field of Information Security and Privacy, and inclu de Usable Security, IoT Security, Software Security, AI Security, Applied Cryptography, Cryptographic Protocols, and Human-Computer Interactions.