These days, information protection for administration systems of corporations or governmental organizations has been emphasized. Various kinds of information protection systems for reinforcing the security of the administration system have been employed. Nevertheless, accidents in information protection have been occurring.
Conventional information protection system, for any terminal of a user trying to access the administration system, provides information protection service for the administration system by controlling the access using log information or network information of the terminal and by monitoring use information on the administration system of the terminal even after the access is allowed.
In the conventional information protection system, however there is a problem that an illegal user may access to the administration system without any trouble using a legitimate terminal, in situation where the illegal user has knowledge of personal information of a legitimate user.
Meanwhile, a user has to install a virtual private network module or information protection module in the terminal in case where the legitimate users such as corporate employees or government officials in remote place try to access to the administration system and the administration system of corporations or governmental organizations is constructed based on virtual private network.
Meanwhile, there is no need to authenticate a user for commonly used credit cards or transportation cards when using the cards, and therefore illegal use is relatively easy if an illegitimate user obtains simple personal information or card information of the user. Therefore, there is a problem that a person who illegally acquired a credit card or a transportation card can use the card freely without any limitation in an illegal way of e.g., duplicating it at home or abroad once the person finds out simple personal information or card information of the legitimate user.
Additionally, in transactions such as an internet banking or an electronic bidding, there is a problem that the informations can be used in illegal withdrawals, illegal bidding, illegal e-commerce, etc., upon obtaining the information of a PKI(public key infrastructure) certificate or a security card.