• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.3
• /
• pp.73-80
• /
• 2018

Due to the popularity of smartphones and the simplification of financial services, the number of mobile financial services is increasing. However, the security keypads developed for existing financial services are susceptible to probability analysis attacks and have security vulnerabilities. In this paper, we propose and implement a security keypad based on dual touch. Prior to the proposal, we examined the existing types of security keypads used in the mobile banking and mobile payment systems of Korean mobile financial businesses and analyzed the vulnerabilities. In addition, we compared the security of the proposed dual touch keypad as well as existing keypads using the authentication framework and the existing keypad attack types (Brute Force Attack, Smudge Attack, Key Logging Attack, and Shoulder Surfing Attack, Joseph Bonneau). Based on the results, we can confirm that the proposed security keypad with dual touch presented in this paper shows a high level of security. The security keypad with dual touch can provide more secure financial services, and it can be applied to other mobile services to enhance their security.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.291-293
• /
• 2017

Security services that support electric energy service gateway require relatively high reliability. In particular, the application services that accompany communications and data are run organically. Each of the security services should support a secure service platform that supports a secure, scalable life cycle for existing services which should be extends security layer of Universal Middleware such as OSGi platform. In this convergence platform, it is the study of security transfer modular services that allow independent life cycle management of systems through Universal middleware. First, It is modular in terms of energy consumption service and data, enabling real-time operation, communications, remote management and applications. Second, the life cycle of the secure module to support the life cycle of secure, delete, start and updating of the security module by applying the security policy module layer concept. It is modular in terms of power generation and accountability, enabling us to distinguish between reliability and accountability in a large volume of data models in the smart grid, the service was intended to be standardized and applied to the security service platform.

• The Journal of Information Systems
• /
• v.18 no.2
• /
• pp.1-18
• /
• 2009

Recently, internet banking is growing rapidly. Moot banks in Korea provide internet banking services. Internet banking becomes a major trend in the financial marketplace. With advanced computer technology and declining communication costs, many customers prefer online alternatives such as internet banking, mobile banking or phone banking rather than going to banks by themselves. The number of customers using those alternatives is skyrocketing and domestic commercial banks encourage them of the use. As the internet is highly developed, customers demand higher quality services and banks develop and provide diverse services in order to respond to them. However, internet banking service users are still afraid of their personal and financial information being exposed on the internet. The purpose of this research is to empirically analyze the influence that appropriate internet banking affect user's security intention. The research model proposed in this study includes user's security intention which is influenced by self-efficacy, security trust, Internet banking attitude, perceived security and security intention. According to the result of this study, self-efficacy and security trust are related to the security attitude. There is a significant relationship between security attitude and perceived security. Also, user's security attitude and perceived security is significantly affected by security intention.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.8
• /
• pp.67-76
• /
• 2019

Along with the diversification of digital content services using wired/wireless networks, the market for the construction of base systems is growing rapidly. Cloud computing services are recognized for a reasonable cost of service and superior system operations. Cloud computing is convenient as far as system construction and maintenance are concerned; however, owing to the security risks associated with the system construction of actual cloud computing service, the ICT(Information and Communications Technologies) market is lacking regardless of its many advantages. In this paper, we conducted an experiment on a cloud computing security enhancement model to strengthen the security aspect of cloud computing and provide convenient services to the users. The objective of this study is to provide secure services for system operation and management while providing convenient services to the users. For secure and convenient cloud computing, a single sign-on (SSO) technique and a system access control technique are proposed. For user authentication using SSO, a security level is established for each user to facilitate the access to the system, thereby designing the system in such a manner that the rights to access resources of the accessed system are not abused. Furthermore, using a user authentication ticket, various systems can be accessed without a reauthorization process. Applying the security technique to protect the entire process of requesting, issuing, and using a ticket against external security threats, the proposed technique facilitates secure cloud computing service.

• Electronics and Telecommunications Trends
• /
• v.34 no.1
• /
• pp.111-122
• /
• 2019

As society develops, the demand for safety and security services increases. Developed nations such as the United States use advanced technology to lower crime rate and promote intelligent security services. First, this article examines intelligent systems that are used for monitoring and detecting crimes and dangerous situations. Recently, we have been studying technologies that enable preemptive responses through prediction of crime and hazardous situations. In this paper, we examine the cases of security services based on a crime/risk prediction model and explain the structure and major technologies of an intelligent security system. In addition, we propose a direction for technological development for achieving future security services.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.183-188
• /
• 2021

The study aimed to assess the state of electronic security for the website of the Deanship of Library Affairs at Northern Border University, as one of the university's electronic portals, which provides distinguished knowledge services to faculty members, through the Saudi Digital Library, and the integrated automated system for libraries (Symphony) with the definition of cyber security of the university, and the most important threats The study sought to analyze the opinions of a wide sample of faculty members, towards evaluating the state of electronic security for the Deanship of Library Affairs portal, through the use of both the analytical method, as well as the survey, using the questionnaire tool, and the study sample consisted of 95 A faculty member of all academic categories and degrees, and university faculties, and the study concluded that it is necessary to work to overcome the relative slowness of the university's Internet, with the faculty members notifying the information security services through e-mail and SMS service, with the continuous updating of operating systems, Apply and use the latest anti-spyware, hacking, and antivirus software at the university, while conducting extensive research studies towards information security services, and contracting It aims to introduce information security risks, and ways to combat and overcome them, and spread the culture of information security among faculty members.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2001.10a
• /
• pp.150-153
• /
• 2001

Today Internet is only Best-Effort service. During the past few years, new types of internet applications which require performance beyond the best-effort service that is provided by the current internet have emerged. These applications required QoS(Quality of Services) guarantee and Security between end-to-end. In this paper simulations Differentiated Services that IETF(Internet Engineering Task Forte) has proposed one of QoS(Quality of Services) guarantee VPN(Virtual private Network) using QoS(Quality of Services) guarantee and IP Security between end-to-end.

• Korean Security Journal
• /
• no.19
• /
• pp.67-103
• /
• 2009

Objectives of this study is develop security services through determinants analysis on the efficiency of security works regarding security and guarding business in Korea because nowadays the modern society like Korea let alone all over the world faces the increase of dangerous factors in every security field of the human societies, and also it is the very present situation that an individual's life even the national security itself can be at the risk without guaranteeing the efficiency of the security services. For this purpose, this study reviewed related documents, surveyed and interviewed security personnels to identify what the potentially influential factors are in both the public and private security organizations regarding the efficiency of present security services and organizations, and what differences are. Also, comparing the public and private security sectors, this study intended to suggest policy agendas how to enhance the efficiency of security services in the future. This study surveyed the 177 agents and former agents of the Presidential Security Service(PSS) for the public security sector, and also surveyed, interviewed, and internet-based polled 821 randomly selected personnels for the private security sector. This research showed that regarding the efficiency of the security services number of independent variables which had positive responses in the public security sector was more than that in the private security sector. Among the 21 questions regarding this issue, there were all of 21 positive responses in the public security sector while there were 18 negative responses in the private security sector. As a result of synthesizing all the answers of the both sides, it is possible to understand that mostly the ratio of the positive response was much higher. In the public security service, statistically significant variables were budget support for events, prior access of information, an integrated teamwork training, organizational atmosphere, morale of organization personnel. However, practical training of the security service and mutual communication showed unexpectedly negative(-) signs. In the private security service, statistically significant variables were budget support for events, integrated teamwork training, socially friendly atmosphere, compensation for the personnels, bullet-proof equipments and vehicles, mood of organization, personnel recruit and disposition, unexpected incidents and basic attitude for security services. In sum, while organizational personnel variables and organizational management variables were significant in the public security service, some organizational management variables and all socio-environment variables were statistically significant at 5% significance level.

• Journal of Digital Convergence
• /
• v.12 no.8
• /
• pp.113-127
• /
• 2014

The use of mobile devices offers a variety of services to the individuals and companies. On the other hand, security threats and new mobile security threats that exist in IT infrastructure to build the environment for mobile services are present at the same time. Services such as mobile and vaccine management services, such as MDM (Mobile Device Management) has attracted a great deal of interest in order to minimize the threat of security in mobile environment. These solutions can not protect an application that was developed for the mobile service from the threat of vulnerability of mobile application itself. Under these circumstances, in this paper, we proposed mobile application security checklists based on application security review items in order to prevent security accidents that can occur in a mobile service environment. We collected and analyzed Android applications, we performed a total inspection of the applications for verification of the effectiveness of the check items. And we checked that the check items through a survey of experts suitability was verified.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.8
• /
• pp.311-317
• /
• 2016

Many services have been developed that are based on smart devices, and security between devices is emphasized. A beacon on the current IoT(Internet of Things) services has been utilized in the commercial field and is being applied to the services of the home IoT. On the other hand, the beacon is weak to security using Bluetooth-based services. Therefore, it is important to strengthen the security of the beacon. This paper proposes a dual security technique that can enhance the security of beacon-based services. The dual security architecture and security process is proposed based on beacon and authentication service. In addition, mobile application was developed and validated based on the beacon for proving the suitability of the proposed technique. The experimental method for verification are the authentication failure case, such as 1st authentication fail, and authentication success case, such as 1st authentication success and 2nd authentication success. The components of the verification experiments consists of two beacons (matched with Beacon ID, mismatched with Beacon ID), one mobile device and authentication application. This was tested to verify the compatibility of the dual security architecture and 1st/2nd authentication process.