Journal of Korea Multimedia Society (한국멀티미디어학회논문지)

Korea Multimedia Society (한국멀티미디어학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on the Fault Analysis and Security Assessment for Smart Card Management System

스마트카드 관리 시스템(SCMS)의 결함분석과 보안성 평가에 관한 연구

  • 장수미 (부경대학교 대학원 정보시스템학과) ;
  • 박만곤 (부경대학교 공과대학 IT융합응용공학과)
  • Received : 2013.10.17
  • Accepted : 2013.12.09
  • Published : 2014.01.31
Download PDF
⟨ Previous Next ⟩

Abstract

These days, smart card management system(SCMS) have been broadly used for security conformability, efficiency of issuance management, key management and expert management in the smart card market. SCMS is composed of card management, issuance management, key management, application management, and issuers management systems. SCMS enables card issuers from banks, credit card companies, and telecommunications companies to provide these cards to card users. And then SCMS enables card users to download new programs to chips for use of these cards successively and provide related smart card data in safety and efficiency. In this paper, we propose a framework for security assessment and an efficient method for security improvement through fault analysis which is more effective.

오늘날 스마트카드 시장이 급속히 성장하고, 응용분야가 확대됨에 따른 문제점들을 해결하기 위해 보안성, 발급 업무 편의성 및 유지 관리 업무 효율성을 높이기 위한 스마트카드 관리 시스템이 활용된다. 스마트카드 관리 시스템은 카드 관리, 발급 관리, 키 관리, 응용 관리, 발급처 관리 등으로 구성 되어 있다. 스마트카드 관리 시스템은 스마트카드를 발급하고자 하는 카드 발급사(은행, 카드사, 이동통신사 등)가 스마트카드를 구매 및 발급하여 일반 사용자들에게 배포한다. 그리고 카드 사용자의 향후 지속적인 사용을 위해 칩에 새로운 프로그램을 다운로드 해 주고 또한 이에 관련한 데이터를 안전하고 효율적으로 관리하는 기능을 제공한다. 본 연구에서는 이와 같은 스마트카드 관리 시스템을 보다 효과적인 결함분석을 수행하여 보안성을 평가하는 프레임워크와 보안성을 효율적으로 개선하는 방법을 제안한다.

Keywords

References

  1. Rajiv Kumar Sharma and Pooja Sharma, "System Failure Behavior and Maintenance Decision Making using, RCA, FMEA and FM," Journal of Quality in Maintenance Engineering, Vol. 16, No. 1, pp. 64-88, 2010. https://doi.org/10.1108/13552511011030336
  2. Myonghee Kim and Man-Gon Park, "A Study on the Software Fault Modes and Effect Analysis for Software Safety Evaluation," Journal of th Korean Multimedia Society, Vol. 15, No. 1, pp. 113-130, 2012. https://doi.org/10.9717/kmms.2012.15.1.115
  3. Global Platform, Open Platform Card Specification, Ver.2.0.1, 2000.
  4. Korea ICT Association, The Trends Analysis and Research of Standardization in the IC Card Technology Area, Field, Technical Report TTA-03020-SA, 2003.
  5. Global Platform, A Primer to the Implementation of Smart Card Management and Related Systems, Ver.1.0, 2000.
  6. "Smart Card Security" of Smart Card Basics Web Site. Retrieved on 30 September, http://www.smartcardbasics.com/smartcard-security.html, 2013.
  7. E.J. Henley and H. Kumamoto, Reliability Engineering and Risk Assessment, Prentice Hall, New Jersey, 1981.
  8. Myonghee Kim, Eun-Ji Jin, and Man-Gon Park, "Fault Tree Analysis and Fault Modes and Effect Analysis for Security Evaluation of IC Card Payment Systems," Journal of th Korean Multimedia Society, Vol. 16, No. 1, pp. 87-99, 2013. https://doi.org/10.9717/kmms.2013.16.1.087
  9. R.E. Barlow and P. Chatterjee, Introduction to Fault Tree Analysis, Operations Research Center, Univ. of California, Berkeley, 1973.
  10. John C. Knight and Luis G. Nakano, Software Test Techniques for System Fault-Tree Analysis, Press of University of York, UK, 1997.
  11. Younju Oh, Junbeom Yoo, Sungdeok Cha, and Han Seong Son, "Software Safety Analysis of Function Block Diagram using Fault Trees", Reliability Engineering and System Safety, Vol. 88, No. 3, pp. 215-228, 2005. https://doi.org/10.1016/j.ress.2004.07.019
  12. Maier T. "FMEA and FTA to Support Safe design of Embedded Software in Safety Critical Systems," Proc. CRS 12th Annual Workshop on Safety and Reliability of Software Based Systems, pp. 351-367, 1997.
  13. Papadopoulos Y and Maruhn M, "Modelbased Synthesis of Fault Trees from Matlab-Simulink Models," Proc. DSN 2001, pp. 77-82, 2001.

Cited by

  1. A Study on the Design of Automatic Billing Information Systems for Long-Term Home Care Services Business Using iBeacon vol.19, pp.3, 2016, https://doi.org/10.9717/kmms.2016.19.3.612
  2. A Study on the Information Security Control and Management Process in Mobile Banking Systems vol.18, pp.2, 2015, https://doi.org/10.9717/kmms.2015.18.2.218
  3. Fault Tree Analysis and Failure Mode Effects Analysis for Software Security Improvements in Mobile Banking Information Systems vol.18, pp.11, 2015, https://doi.org/10.9717/kmms.2015.18.11.1342
  4. 스마트 러닝 시스템의 보안성 개선을 위한 고장 트리 분석과 고장 유형 영향 및 치명도 분석 vol.20, pp.11, 2014, https://doi.org/10.9717/kmms.2017.20.11.1793