• Journal of Korea Multimedia Society
• /
• v.18 no.11
• /
• pp.1342-1350
• /
• 2015

Due to rapid development of mobile device technologies, the mobile banking through Internet has become a major service of banking information systems as a security-critical information systems. Recently, lots of mobile banking information systems which handle personal and transaction information have been exposed to security threats in vulnerable security control and management processes, mainly software systems. Therefore, in this paper, we propose a process model for software security improvements in mobile banking information system by application of fault tree analysis(FTA) and failure modes and effects analysis(FMEA) on the most important activities such as 'user authentication' and 'access control' and 'virus detection and control' processes which security control and management of mobile banking information systems are very weak.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.177-186
• /
• 2011

Mobile services which are applied PC performance and mobile characteristics are increased with spread of the smartphone. Recently, mobile cloud service is getting the spotlight as a solution of mobile service problems that mobile device is lack of memory, computing power and storage and mobile services are subordinate to a particular mobile device platform. However, mobile cloud service has more potential security threats by the threat inheritance of mobile service, wireless network and cloud computing service. Therefore, security threats of mobile cloud service has to be removed in order to deploy secure mobile cloud services and user and manager should be able to respond appropriately in the event of threat. In this paper, We define mobile cloud service threats by threat analysis of mobile device, wireless network and cloud computing and we propose mobile cloud service countermeasures in order to respond mobile cloud service threats and threat scenarios in order to respond and predict to potential mobile cloud service threats.

• Journal of Digital Convergence
• /
• v.12 no.5
• /
• pp.263-269
• /
• 2014

Mobile Cloud Service will provide cloud services through mobile devices. Because storage space constraints and computing process performance limitations of mobile devices, this service will process in the cloud environment after moving works and data that have to process in mobile terminal. The obstacles of mobile cloud service activity will have concerned high about the reliability service, data security, and the confidentiality security. In particular, in convergence of mobile services and cloud services, each threats are expected to be generated complicatedly. In this paper, we define the type of mobile cloud services as well as security threats that can occur in mobile cloud. Also we suggest security countermeasures in mobile app. and enterprises countermeasures. We suggest verification of mobile applications for user information protection about security countermeasures in mobile app. Also we describe the cloud providers responsibility and user responsibility about enterprises countermeasures.

• The KIPS Transactions:PartC
• /
• v.16C no.6
• /
• pp.691-698
• /
• 2009

A mobile communication device is a small size of portable computer which provides communication service, such as smart phone and PDA. Currently, one of the biggest barriers in developing the mobile communication device is security issue. Even though there are excellent security functions which can remove the security issues, there is a problem that the mobile communication device can not be loaded with all the functions because it has low storage, poor computational power, and inconvenient user interface, compared to the desktop personal computer. This paper proposes a context-aware security reconfiguration scheme for effective security management of the mobile communication device. The scheme can provide the mobile communication device with the optimized security service which is most adapted to its current security context. Through the prototype implementation and the experiments of the proposed scheme, we have confirmed that the proposed scheme is excellent in terms of computing resource efficiency and usability, without degrading security level.

• The Journal of the Korea Contents Association
• /
• v.19 no.5
• /
• pp.194-204
• /
• 2019

The mobile payment app market has been expanding recently. However, the usage rate of mobile payment apps is not meeting service providers' expectations due to concerns about security and privacy. This study investigated how personal predisposition and how the security signals of the payment app affect users' perceived privacy and security risks, and how these factors ultimately affect the trust of mobile payment apps. The results showed that privacy concerns increase the risk of perceived personal information leaks and reduce perceived mobile system security, while familiarity, perceived reputation, and assurance seal reduce the risk of perceived personal information leaks and increase perceived mobile system security. Finally, it revealed that the reduced risk of perceived personal information leaks and the increased security of mobile systems had a positive impact on the reliability of mobile payment apps.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.741-744
• /
• 2006

Mobile IPv6은 방화벽의 사용을 전혀 고려하지 않은 채 설계되었다. 그렇기 때문에 방화벽을 사용하는 네트워크에서는 정상적으로 동작하지 않는 문제가 생긴다. 본 논문에서는 일반적인 방화벽의 패킷 판단에 사용되는 상태테이블에 관하여 설명하고, Mobile IPv6 환경에서 방화벽을 사용함으로써 생기는 문제점을 알아본 뒤 향후 Mobile IPv6 환경에서의 방화벽 사용에 관한 연구의 방향을 제안한다.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.249-254
• /
• 2021

Our society is depending on mobile devices that play a major role in our lives. Utilizing these devices is possible due to their speed power and efficiency in performing basic as well as sophisticated operations that can be found in traditional computers like desktop workstations. The challenge with using mobile devices is that organizations are concerned with the interference between personal and corporate use due to Bring Your Own Device (BYOD) trend. This paper highlights the importance of mobile devices in our daily tasks and the associated risks involved with using these devices. Several technologies and countermeasures are reviewed in this paper to secure the mobile devices from different attempts of attacks. It is important to mention that this paper focuses on technical measures rather than considering different aspects of security measures as recommended by the cybersecurity community.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.201-212
• /
• 2011

Smartphone devices are widely used because of recent improvements in hardware device, network infrastructure, and emergences in open mobile platforms. These changes provide various advantages and cause security problems. One of the solutions to prevent these problems is that applying of the virtualization technology to mobile environment ha., attracted attention. In this paper, we proposed the virtualization technology which is based on security-enhanced mobile platform scheme, for secure mobile environment based on the secure execution and process concealing technology.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.5S
• /
• pp.1657-1665
• /
• 2000

Mobile agents based e-commerce system has many advantage than traditional e-commerce-information gathering on goods, price settlement and payment, delivery of the goods purchased, and so on. However, due to the security vulnerability that stems from mobile agent's mobility, mobile agents based e-commerce system has additional security problems. Therefore, in order to do e-commerce securely in th system, first of al the security issues on mobile agents must be addressed. It this paper, we propose a mobile agent transfer protocol that provides confidentiality and integrity of mobile agent in transit and mutual authentication for communicating hosts. We further show the security of the protocol against many possible attacks. Also, we suggest the location management mechanism of mobile agents based on the trust center. This mechanism is capable of finding their locations transparently and detecting mobile agent clones.

• Journal of Technology Innovation
• /
• v.14 no.1
• /
• pp.201-225
• /
• 2006

Technology Acceptance Model (TAM) considers perceived ease of use and perceived usefulness as the important determinants of user behavior regarding information technology. As an extension of TAM, this research examines perceived security as an additional determining variable to explain an individual's acceptance and use of mobile banking as well as internet banking. The results show that perceived ease of use does not affect the individual's attitude toward the use of mobile or internet banking, while perceived usefulness does. Furthermore, perceived security affects perceived usefulness in mobile banking, but not in internet banking. In addition, in mobile banking, perceived security is positively related to perceived usefulness, though perceived security is negatively related to attitude. Finally, the average scores of surveyed data for Internet banking are higher and significantly different than those for mobile banking.