• 한국멀티미디어학회논문지
• /
• 제18권2호
• /
• pp.218-232
• /
• 2015

According to the development of information processing technology and mobile communication technology, the utilization of mobile banking systems is drastically increasing in banking system. In the foreseeable future, it is expected to increase rapidly the demands of mobile banking in bank systems with the prevalence of smart devices and technologies. However, the keeping 'security' is very important in banking systems that handles personal information and financial assets. But it is very difficult to improve the security of banking systems only with the vulnerabilities and faults analysis methods of information security. Hence, in this paper, we accomplish the analysis of security risk factor and security vulnerability that occur in mobile banking system. With analyzed results, we propose the information security control and management processes for assessing and improving security based on the mechanisms which composes mobile banking system.

• Journal of Information Processing Systems
• /
• 제3권2호
• /
• pp.54-63
• /
• 2007

The high-speed mobile Internet has recently been expanded, many attractive services are provided. However, these services require some form of security-related technology. This paper outlines Japanese mobile services and exposits some mobile security topics including mobile spam, mobile malware, mobile DRM system, mobile WiMAX security, and mobile key management.

• 정보보호학회논문지
• /
• 제21권1호
• /
• pp.105-116
• /
• 2011

모바일 IPTV는 무선 인터넷 망을 이용하여 IPTV의 양방향 서비스에 이동성을 함께 제공함으로써 사용자의 편의를 증대시킬 수 있는 기술이다. 이러한 모바일 IPTV 서비스는 더욱 많은 수요를 불러올 것으로 예상되는데, 성공적인 사업화와 서비스 활성화를 위해서는 무선 환경과 모바일 통신단말기를 이용한 콘텐츠 보호 등 다양한 기술적 이슈를 해결해야 한다. 본 논문에서는 모바일 IPTV 특성과 모바일 IPTV 서비스를 위한 보안 요구사항을 살펴보고, 그에 따라 요구되는 콘텐츠 보안의 문제점들을 살펴보고자 한다. 또한 이를 해결하기 위한 모바일 IPTV환경에서 DCAS 보안 프레임워크 모델을 제시하고, 기존 DCAS에 비하여 개선된 사항을 평가한다.

• 한국멀티미디어학회논문지
• /
• 제18권11호
• /
• pp.1342-1350
• /
• 2015

Due to rapid development of mobile device technologies, the mobile banking through Internet has become a major service of banking information systems as a security-critical information systems. Recently, lots of mobile banking information systems which handle personal and transaction information have been exposed to security threats in vulnerable security control and management processes, mainly software systems. Therefore, in this paper, we propose a process model for software security improvements in mobile banking information system by application of fault tree analysis(FTA) and failure modes and effects analysis(FMEA) on the most important activities such as 'user authentication' and 'access control' and 'virus detection and control' processes which security control and management of mobile banking information systems are very weak.

• Journal of Information Processing Systems
• /
• 제20권1호
• /
• pp.38-52
• /
• 2024

The 5G is the 5th generation mobile network that provides enhanced mobile broadband, ultra-reliable & low latency communications, and massive machine-type communications. New services can be provided through multi-access edge computing, network function virtualization, and network slicing, which are key technologies in 5G mobile communication. However, these new technologies provide new attack paths and threats. In this paper, we analyzed the overall threats of 5G mobile communication through a literature review. First, defines 5G mobile communication, analyzes its features and technology architecture, and summarizes possible security issues. Addition, it presents security threats from the perspective of user devices, radio access network, multi-access edge computing, and core networks that constitute 5G mobile communication. After that, security requirements for threat factors were derived through literature analysis. The purpose of this study is to conduct a fundamental analysis to examine and assess the overall threat factors associated with 5G mobile communication. Through this, it will be possible to protect the information and assets of individuals and organizations that use 5G mobile communication technology, respond to various threat situations, and increase the overall level of 5G security.

• 인터넷정보학회논문지
• /
• 제17권5호
• /
• pp.25-32
• /
• 2016

There has been a rapid growth in the development of mobile application resulting from its wide usage for online transaction, data storage and exchange of information. However, an important issue that has been overlooked is the lack of emphasis on the security issues at the early stage of the development. In fact, security issues have been kept until the later stage of the implementation of mobile apps. Requirements engineers frequently ignore and incorrectly elicit security related requirements at the early stage of mobile application development. This scenario has led to the failure of developing secure and safe mobile application based on the needs of the users. As such, this paper intends to provide further understanding of the real challenges in extracting security attributes for mobile application faced by novice requirements engineers. For this purpose, two experiments on eliciting security attributes requirements of textual requirements scenario were conducted. The performance related to the correctness and time taken to elicit the security attributes were measured and recorded. It was found that the process of eliciting correct security attributes for mobile application requires effort, knowledge and skills. The findings indicate that an automated tool for correct elicitation security attributes requirement could help to overcome the challenges in eliciting security attributes requirements, especially among novice requirements engineers.

• 한국정보보호학회:학술대회논문집
• /
• 한국정보보호학회 2006년도 하계학술대회
• /
• pp.741-744
• /
• 2006

Mobile IPv6은 방화벽의 사용을 전혀 고려하지 않은 채 설계되었다. 그렇기 때문에 방화벽을 사용하는 네트워크에서는 정상적으로 동작하지 않는 문제가 생긴다. 본 논문에서는 일반적인 방화벽의 패킷 판단에 사용되는 상태테이블에 관하여 설명하고, Mobile IPv6 환경에서 방화벽을 사용함으로써 생기는 문제점을 알아본 뒤 향후 Mobile IPv6 환경에서의 방화벽 사용에 관한 연구의 방향을 제안한다.

• International Journal of Computer Science & Network Security
• /
• 제21권4호
• /
• pp.249-254
• /
• 2021

Our society is depending on mobile devices that play a major role in our lives. Utilizing these devices is possible due to their speed power and efficiency in performing basic as well as sophisticated operations that can be found in traditional computers like desktop workstations. The challenge with using mobile devices is that organizations are concerned with the interference between personal and corporate use due to Bring Your Own Device (BYOD) trend. This paper highlights the importance of mobile devices in our daily tasks and the associated risks involved with using these devices. Several technologies and countermeasures are reviewed in this paper to secure the mobile devices from different attempts of attacks. It is important to mention that this paper focuses on technical measures rather than considering different aspects of security measures as recommended by the cybersecurity community.

• 정보보호학회논문지
• /
• 제28권4호
• /
• pp.929-939
• /
• 2018

업무혁신으로 기업 운영의 핵심 전략이 될 것으로 기대한 모바일 오피스는 BYOD 환경에서 정보보안 이슈로 확산이 더디게 진행되었다. 본 연구는 기업의 모바일 오피스 서비스 만족과 지속적 사용에 대해 정보보안 요인들이 미치는 영향을 분석하고자 선행연구를 통해 모바일 오피스 정보보안에 대해 고찰하고 모바일 정보보안 위협에 대한 대응방안을 분석하였다. 연구 모형과 가설을 도출하고 설문 기반의 정량적 실증 분석과 전문가 인터뷰 기반의 정성적 실증분석을 통해 연구의 주요 결과를 규명했다. 이를 통해 모바일 오피스 서비스 만족과 지속적 사용을 위한 실무적인 시사점과 향후 발전 방향을 제시하였다.

• 한국IT서비스학회지
• /
• 제23권2호
• /
• pp.13-29
• /
• 2024

Recently, with the rapid spread of mobile terminals such as smartphones and tablet PCs, social demand for mobile information security is increasing as new security issues that are difficult to predict as well as service evolution and lifestyle changes are raised. Smart terminals include smartphones, smart pads, chromebooks, laptops, etc. that provide various functions such as phone calls, text messages, Internet browsing, social media apps, games, and education. Along with the explosive spread of these smart terminals, they are naturally being used in our daily life and educational environment. In the mobile environment, behind the convenience of portability, there are more various security threats and vulnerabilities than in the general PC environment, and threats such as device loss, information leakage, and malicious codes exist, so it is necessary to take fundamental security measures at a higher level. In this study, we suggest ways to improve security by identifying trends in mobile smart information security and effectively responding to security threats to the mobile environment. In addition, it presents implications for various measures for effective class utilization along with correct security management methods and security measures related to the supply of smart devices that the Office of Education is promoting for schools at each level.