• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.57-62
• /
• 2022

The Sambodana project is a mobile communication security system development project using Hardening Android. The initial idea for this project is that information leakage occurs outside of a communications application with end-to-end cryptographic security. Android hardening prevents unwanted applications and bloatware from being installed, such as unavailable Google Play Store or install restrictions.

• Journal of information and communication convergence engineering
• /
• v.7 no.3
• /
• pp.330-334
• /
• 2009

Most security solutions and middleware on home network consider internet users as approaching subject. It is unrealistic where the most subjects are mobile users who want to control home network devices. Therefore minor and fast certification structures are needed to control other devices with mobile device that has lower computing capacity. To solve the above problems, this paper wants to build safe certification frame work for internet and mobile users to control household devices safely. New certification structure is proposed to get out of heavy certification structure like PKI and to minimize encrypting and decrypting operation by compounding session key and public key.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.954-955
• /
• 2012

Recently as increasing the use of mobile communication devices the use of mobile readers for recognition tag attached to objects is also increasing. Accordingly, meantime, that gives rise to the vulnerability of RFID systems between reader and tag security issues, as well as security issues between the reader and the back-end server will occur. In this paper between the reader and the back-end server to security vulnerabilities efficient authentication protocol using the hash function is proposed.

• Proceedings of the IEEK Conference
• /
• 2000.07b
• /
• pp.977-981
• /
• 2000

The traditional client-server model RPC and mobile agents have been used for interprocess communication between processes in different hosts. The performances of two mechanisme were analyzed in the literature [4, 6, 9]. But the security services which extensively affect the performance of systems because of low speed have not been considered. We propose two performance models considering the security services for the RPC and the mobile agent Through the analysis of the models, we show that the execution time of the mobile agent takes less than the RPC In the environment considering security services.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.5
• /
• pp.1471-1483
• /
• 2023

One of the fastest-growing mobile services accessible today is mobile payments. For the safety of this service, the Near Field Communication (NFC) technology is used. However, NFC standard protocol has prioritized transmission rate over authentication feature due to the proximity of communicated devices. Unfortunately, an adversary can exploit this vulnerability with an antenna that can eavesdrop or alter the exchanged messages between NFC-enabled devices. Many researchers have proposed authentication methods for NFC connections to mitigate this challenge. However, the security and privacy of payment transactions remain insufficient. We offer a privacy-preserving, anonymity-based, safe, and efficient authentication protocol to protect users from tracking and replay attacks to guarantee secure transactions. To improve transaction security and, more importantly, to make our protocol lightweight while ensuring privacy, the proposed protocol employs a secure offline session key generation mechanism. Formal security verification is performed to assess the proposed protocol's security strength. When comparing the performance of current protocols, the suggested protocol outperforms the others.

• Journal of Digital Convergence
• /
• v.11 no.2
• /
• pp.317-322
• /
• 2013

Mobile cloud environment is recently becoming popular due to Internet access through various environments. Driven by computer performance improvement and service development, the demand for mobile cloud is increasing and accordingly the damage is on the rise. Therefore, it needs to conduct a study on problems of security necessary in large database that occurs in mobile cloud services. Although various security solutions limiting database access, security strategies about new user environments should be analyzed. This study analyzes weakness of safe data access through database management in mobile cloud environment and examines security requirements for safe data management. In addition, this study looks into threatening factors of security in cloud services and then draws security requirements about safer access control. A study on system application and evaluation of security requirements about access control is required.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.177-185
• /
• 2016

As the fintech industry is growing at an incredible rate, mobile phones are positioned as the most important tool for financial transaction. However, with a rising number of malware applications, the types of attack and illegal access to mobile device are becoming more diverse and sophisticated. This paper studies the potential keylogger attack by exploiting the Accessibility Service in Android framework. This type of attack allows the malicious individual to use keylogger on the victim's Android mobile phone to steal passwords during mobile financial transaction regardless of security keypad setting. Lastly the paper proposes solutions to counter these types of attack by verifying the accessibility usage and amending the application guideline for accessibility.

• The Journal of the Korea Contents Association
• /
• v.16 no.2
• /
• pp.243-250
• /
• 2016

Recently, with the rise of the mobile device, from mobile devices the user who owns the security, speed up the implementation of the guarantee management environment as businesses and individual equipment for the effcient management of the existing system, but the introduction of the MDM MDM App management features administrators to register the App until you can't prvent the security threat. Therefore, this paper addresses these issues in order to improve the security of your application for the control system. The proposed system is a function of the MDM authentication technology to design analysis, and system architecture to help prevent information disclosure within the design and implementation of Mobile-based application control system. Implementation of the control system to assess the security of the international common criteria security evaluation complete the test scenarios on the basis of the test items. An average of 40% of the test results to verify the results of this enhanced security.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.13
• /
• pp.69-81
• /
• 2000

Under the co-sponsorship of UNIDROIT and I.C.A.O., a preliminary draft Convention on International Interests in Mobile Equipment and a preliminary draft Protocol on Matters Specific to Aircraft Equipment has been prepared. The purpose of the Convention is to provide for the creation and effect of a new international interest in mobile equipment. The Convention's approach is quite novel in that it purports to create an international interest based upon the convention itself. The Convention is intended to be supplemented by Protocols, each of is intended to provide equipment-specific rules necessary to adapt the rules of the Convention to fit the special pattern of financing for different categories of equipment. To date, two sessions of governmental experts were held in Rome and Montreal. Korean delegations attended the two sessions. One of the members of the Korean delegation published a report on the first session. He expressed his objection to the so called self-help remedy contemplated by the current preliminary draft of the Convention which enables the holder of a security interest to repossess and dispose of the subject of the security interest by private sale rather than public auction on the occurrence of an event of default of the debtor. His view is based upon his understanding that under Korean law, the only remedy available to the holder of a security interest in mobile equipment, such as an airplane, is to apply to the competent court for a public auction. In my view, his understanding is not quite correct and is inconsistent with the current practice in Korea. Under Korean law, the parties' agreement for private sale is in principle valid unless there is an interested party who has acquired a security interest after the creation of the prior security interest or a creditor who has caused the subject of the security interest to be attached by a competent court. In this article, I discuss the current Korean law and practice relating to the enforcement of security interests by private sale in more detail.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.3
• /
• pp.525-532
• /
• 2013

Recently. smartphones have been popularized rapidly and now located deep in our daily life, providing a variety of services from banking, SNS (Social Network Service), and entertainment to smart-work mobile office through apps. Such smartphone apps can be easily downloaded from what is known as app store which, however, bears many security issues as software developers can just as easily upload to it. Military apps will be exposed to a myriad of security threats if distributed through internet-basis commercial app store. In order to mitigate such security concerns, this paper suggests a security guidelines for establishing a military-excusive app store and security verification system which prevent the security hazards that can occur during the process of development and distribution of military-use mobile apps.