A Study on Internal User Access Control Method Using Multiple Factors for Safe Financial Information System

Abstract

Financial information systems operated by financial institutions are based on various customers’ information. If leaked for illegal and vicious purposes, financial information can bring a lot of damages, including financial damages. Therefore, continuous demands on IT compliance related to financial information systems have risen as financial policy institutions suggest integrated plans for improvement on clarity of financial information service and reinforcement on safety of information systems operation. In order to meet such demands, financial institutions invested efforts and capital to prevent illegal leaks of financial information outside of barriers, however, it happens that not only do information leaks caused by external factors, but also ones caused by internal information system users occur quite frequently. Therefore, financial information systems must be operated and managed by authorized internal users. For that, this study analyzes various authentication technologies and compliances as advanced research then suggests a new authentication model for financial information system users. Through this model, we expect that the system will be able to secure safety in operation and management of financial information system hence, to deal with illegal leaks of financial information.