• ETRI Journal
• /
• v.37 no.2
• /
• pp.348-358
• /
• 2015

Mobile devices have been widespread and become very popular with connectivity to the Internet, and a lot of desktop PC applications are now aggressively ported to them. Unfortunately, mobile devices are often vulnerable to malicious attacks due to their common usage and connectivity to the Internet. Therefore, the demands on the development of mobile security systems increase in accordance with advances in mobile computing. However, it is very hard to run a security program on a mobile device all of the time due the device's limited computational power and battery life. To overcome these problems, we propose a novel mobile security scheme that migrates heavy computations on mobile devices to cloud servers. An efficient data transmission scheme for reducing data traffic between devices and servers over networks is introduced. We have evaluated the proposed scheme with a mobile device in a cloud environment, whereby it achieved a maximum speedup of 13.4 compared to a traditional algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.913-921
• /
• 2017

Mobile electronic commerce is rapidly growing up on the strength of popularization of smart devices such as smart phone followed by internet user increase. Concurrently with this, the anxiety on information security and personal information leakage of the user of mobile electronic commerce significantly built up in recent. In this respect, the information security and personal information protection should be become aware of their importance for the sustainable expansion and development of mobile commerce. Based on the demands as mentioned, this study analyzed the effects of the awareness of personal information security on recognized risk, recognized confidence and intent to use. The result of this study indicates that information security and personal information protection contribute to improvement in confidence by decreasing anxiety and uncertainty related to mobile commerce. Reduction of anxiety and uncertainty implies a crucial point that affects psychological mechanism making intent to use higher.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1191-1197
• /
• 2013

In large-scale distributed sensor networks, it is often recommended to employ mobile sinks, instead of fixed base stations, for data collection to prolong network lifetime and enhance security. Mobile sinks may also be used, e.g., for network repair, identification and isolation of compromised sensor nodes and localized reprogramming, etc. In such circumstances, mobile sinks should be able to securely interact with neighbor sensor nodes while traversing the network. This paper presents a secure and efficient mobile query protocol that can be used for such purposes.

• Proceedings of the IEEK Conference
• /
• 2008.06a
• /
• pp.63-64
• /
• 2008

The mobile RFID (Radio Frequency Identification) is a new application to use mobile phone as RFID reader with a wireless technology and provides new valuable services to user by integrating RFID and ubiquitous sensor network infrastructure with mobile communication and wireless internet. However, there are an increasing number of concerns, and even some resistances, related to consumer tracking and profiling using RFID technology. Therefore, in this paper, we describe the security analysis and implementation leveraging globally networked mobile RFID services which complies with the Korea's mobile RFID forum standard.

• Journal of Korea Multimedia Society
• /
• v.20 no.5
• /
• pp.782-790
• /
• 2017

As most of the recent smart devices have NFC function the NFC mobile coupon will become one of the pervasive NFC applications. We need the secure NFC coupon protocols to issue and use NFC mobile coupon. In this paper, we analyze the security of the previous protocols and point out the problems of security. As the result of analysis, Premium M-coupon Protocol proposed by A. Alshehri and S. Schneider is the most secure but has unnecessary operations. We propose the Modified Premium M-coupon Protocol-1 with the unnecessary operations removed and show this protocol is secure by security analysis. Most of NFC mobile coupon protocols use the cryptography with the shared secret keys. We propose the Modified Premium M-coupon Protocol-2 without the shared secret keys and show this protocol is secure by security analysis.

• Journal of Internet Computing and Services
• /
• v.24 no.4
• /
• pp.15-24
• /
• 2023

Digital therapeutics (DTx) are utilized to replace or supplement drug therapy to treat patients. DTx are developed as a mobile application for portability and convenience. The government requires security verification to be performed on digital medical devices that manage sensitive information during the transmission and storage of patient data. Although safety verification is included in the approval process for DTx, the cybersecurity checklist used as a reference does not reflect the characteristics of mobile applications. This poses the risk of potentially overlooking vulnerabilities during security verification. This study aims to address this issue by comparing and analyzing existing items based on the mobile tactics, techniques, and procedures of MITRE ATT&CK, which manages globally known and occurring vulnerabilities through regular updates. We identify 16 items that require improvement and expand the checklist to 29 items to propose improvement measures. The findings of this study may contribute to the safe development and advancement of DTx for managing sensitive patient information.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.3
• /
• pp.183-188
• /
• 2004

In the course of Internet proliferation. many network-related technologies are examined for possible growth and evolution. The use of Internet-based technologies in private networks has further fuelled the demand for network-based applications. The most Promising among the new paradigms is use of mobile agents. It also however, suffers from a major drawback, namely the potential for malicious attacks, abuse of resources pilfering of information, and other security issues. These issues are significantly hampering the acceptance of the mobile-agent paradigm. This paper proposed the design of strong and safe mobile agent gateway that split and merge the agent code with security policy database. This mechanism will promote the security in mobile agent systems and mobile agent itself.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.10
• /
• pp.445-460
• /
• 2013

Mobile applications today are being offered as various services depending on the mobile device and mobile environment of users. This increase in mobile applications has shifted the spotlight to their vulnerability. As an effective method of security verification, this paper proposes "phase-wise security verification for the implementation of mobile applications". This method allows additional security verification by covering specific items across a wider range compared to existing methods. Based on the identified weaknesses, it detects the cause of vulnerability and monitors the related settings.

• Convergence Security Journal
• /
• v.11 no.3
• /
• pp.75-84
• /
• 2011

With the rapid development of mobile technology the use of smartphone is spreading. In order to activate mobile banking and market in the future, the most important key is a secure financial transactoin. However, because many apps are developed without security check in proportional to the spread of smartphone, security threat is inevitably high. Current smartphone banking is processed as the way of the existing public certificate or OTP technique in the mobile environment, but many security hole about current technology is pointed out steadily. Therefore, in this paper we are to improve a existing security hole by reinforcing the security through multi-factor authentication and providing a physical non-repudiation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1361-1376
• /
• 2015

Recently, the size of the mobile game market and the number of mobile game users are growing. Also, as the mobile game's life cycle is increasing at the same time, auto program issue reappears which has been appeared in PC online games. Gamers usually tend to ignore warning messages from antivirus programs and even worse they delete antivirus program to execute auto programs. Therefore, mobile game users are easily compromised if the auto program performs malicious behaviors not only for the original features. In this paper, we analyze whether seven auto programs of "clash of clans" which has a lot more users for a long time perform malicious behaviors or not. We forecast the possible security threats in near future and proposed countermeasures based on this analysis. By analyzing auto programs of highly popular mobile game of today, we can acquire the knowledge on auto program's recent trend such as their development platform, operating mode, etc. This analysis will help security analysts predict auto program's evolving trends and block potential threats in advance.