• Title/Summary/Keyword: Ubiquitous banking

Search Result 15, Processing Time 0.024 seconds

A Study on the Security of One-Time Keypad (OTK) (원타임 키패드의 보안성 분석)

  • Kim, Jon-Lark;Lee, Nari;Roe, Young Gun;Galvez, Lucky Erap
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.4
    • /
    • pp.731-742
    • /
    • 2017
  • For all the various cryptographic techniques related to security, social technological attacks such as a shoulder surfing are infeasible to block off completely. Especially, the attacks are executed against financial facilities such as automated teller machine(ATM) which are located in public areas. Furthermore, online financial services whose rate of task management is consistently increasing are vulnerable to a shoulder surfing, smudge attacks, and key stroke inference attacks with google glass behind the convenience of ubiquitous business transactions. In this paper, we show that the security of ATM and internet banking can be reinforced against a shoulder surfing by using One-Time Keypad(OTK) and compare the security of OTK with those of ordinary keypad and One-Time Password(OTP).

Design and Implementation of a Spatial Sensor Database System for the USN Environment (USN 환경을 위한 공간 센서 데이타베이스 시스템의 설계 및 구현)

  • Shin, In-Su;Liu, Lei;Kim, Joung-Joon;Chang, Tae-Soo;Han, Ki-Joon
    • Spatial Information Research
    • /
    • v.20 no.1
    • /
    • pp.59-69
    • /
    • 2012
  • For the USN(Ubiquitous Sensor Network) environment which generally uses spatial sensor data as well as aspatial sensor data, a sensor database system to manage these sensor data is essential. In this reason, some sensor database systems such as TinyDB, Cougar are being developed by many researchers. However, since most of them do not support spatial data types and spatial operators to manage spatial sensor data, they have difficulty in processing spatial sensor data. Therefore, this paper developed a spatial sensor database system by extending TinyDB. Especially, the system supports spatial data types and spatial operators to TinyDB in order to manage spatial sensor data efficiently and provides the memory management function and the filtering function to reduce the system overload caused by sensor data streams. Lastly, we compared the processing time, accuracy, and memory usage of the spatial sensor database system with those of TinyDB and proved its superiority through the performance evaluation.

A study on the System for the Mobile electronic account (모바일 기반의 디지털콘텐츠 사례 전자장부시스템에 관한 연구)

  • Song Eun-Jee
    • Journal of Digital Contents Society
    • /
    • v.6 no.1
    • /
    • pp.19-24
    • /
    • 2005
  • Mobile service is able to offer the elastic service to anyone regardless of the place and the tin. With this characteristics, the ubiquitous service could be also provided even to the place which the access was limited with the existing line service, which could improve the mutual connection and could result in the service extension Mobile communication companies, which realized the limit of sale only by telephone conversation, have made an effort to develop wireless internet with concentration as its alternation. Especially concentrating their effort both to the development of distinctive and various contents and to tin development of system for mobile service such as the mobile banking, mobile game and etc., they have done their best to secure the number of the people using the wireless internet. This study is to propose the electronic account system based on the mobile as a case study of contents production for such a mobile service. This system has its advantage to perform the financial management immediately when the income and outcome happen without limitation of the time and space. The information could be stored, searched and modified by using of the mobile phone for this system was made up for the weak point of the financial management for wired internet.

  • PDF

Practical Password-Authenticated Three-Party Key Exchange

  • Kwon, Jeong-Ok;Jeong, Ik-Rae;Lee, Dong-Hoon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.2 no.6
    • /
    • pp.312-332
    • /
    • 2008
  • Password-based authentication key exchange (PAKE) protocols in the literature typically assume a password that is shared between a client and a server. PAKE has been applied in various environments, especially in the “client-server” applications of remotely accessed systems, such as e-banking. With the rapid developments in modern communication environments, such as ad-hoc networks and ubiquitous computing, it is customary to construct a secure peer-to-peer channel, which is quite a different paradigm from existing paradigms. In such a peer-to-peer channel, it would be much more common for users to not share a password with others. In this paper, we consider password-based authentication key exchange in the three-party setting, where two users do not share a password between themselves but only with one server. The users make a session-key by using their different passwords with the help of the server. We propose an efficient password-based authentication key exchange protocol with different passwords that achieves forward secrecy in the standard model. The protocol requires parties to only memorize human-memorable passwords; all other information that is necessary to run the protocol is made public. The protocol is also light-weighted, i.e., it requires only three rounds and four modular exponentiations per user. In fact, this amount of computation and the number of rounds are comparable to the most efficient password-based authentication key exchange protocol in the random-oracle model. The dispensation of random oracles in the protocol does not require the security of any expensive signature schemes or zero-knowlegde proofs.

An Integrative Method of FTA and FMEA for Software Security Analysis of a Smart Phone (스마트 폰의 소프트웨어 보안성 분석을 위한 FTA와 FMEA의 통합적 방법)

  • Kim, Myong-Hee;Toyib, Wildan;Park, Man-Gon
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.2 no.12
    • /
    • pp.541-552
    • /
    • 2013
  • Recently software security of the smart phone is an important issue in the field of information science and technology due to fast propagation of smart technology in our life. The smart phone as the security critical systems which are utilizing in terminal systems of the banking, ubiquitous home management, airline passengers screening, and so on are related to the risk of costs, risk of loss, risk of availability, and risk by usage. For the security issues, software hazard analysis of smart phone is the key approaching method by use of observed failures. In this paper, we propose an efficient integrative framework for software security analysis of the smart phone using Fault Tree Analysis (FTA) and Failure Mode Effect Analysis (FMEA) to gain a convergence security and reliability analysis technique on hand handle devices. And we discuss about that if a failure mode effect analysis performs simpler, not only for improving security but also reducing failure effects on this smart device, the proposed integrative framework is a key solution.