• Title, Summary, Keyword: Mobile Security

Search Result 1,720, Processing Time 0.039 seconds

Actual Condition and Issues for Mobile Security System

  • Sakurai, Kouichi;Fukushima, Kazuhide
    • Journal of Information Processing Systems
    • /
    • v.3 no.2
    • /
    • pp.54-63
    • /
    • 2007
  • The high-speed mobile Internet has recently been expanded, many attractive services are provided. However, these services require some form of security-related technology. This paper outlines Japanese mobile services and exposits some mobile security topics including mobile spam, mobile malware, mobile DRM system, mobile WiMAX security, and mobile key management.

A Study on the Information Security Control and Management Process in Mobile Banking Systems

  • Kim, So Young;Kim, Myong Hee;Park, Man-Gon
    • Journal of Korea Multimedia Society
    • /
    • v.18 no.2
    • /
    • pp.218-232
    • /
    • 2015
  • According to the development of information processing technology and mobile communication technology, the utilization of mobile banking systems is drastically increasing in banking system. In the foreseeable future, it is expected to increase rapidly the demands of mobile banking in bank systems with the prevalence of smart devices and technologies. However, the keeping 'security' is very important in banking systems that handles personal information and financial assets. But it is very difficult to improve the security of banking systems only with the vulnerabilities and faults analysis methods of information security. Hence, in this paper, we accomplish the analysis of security risk factor and security vulnerability that occur in mobile banking system. With analyzed results, we propose the information security control and management processes for assessing and improving security based on the mechanisms which composes mobile banking system.

Meeting Real Challenges in Eliciting Security Attributes for Mobile Application Development

  • Yusop, Noorrezam;Kamalrudin, Massila;Yusof, Mokhtar Mohd;Sidek, Safiah
    • Journal of Internet Computing and Services
    • /
    • v.17 no.5
    • /
    • pp.25-32
    • /
    • 2016
  • There has been a rapid growth in the development of mobile application resulting from its wide usage for online transaction, data storage and exchange of information. However, an important issue that has been overlooked is the lack of emphasis on the security issues at the early stage of the development. In fact, security issues have been kept until the later stage of the implementation of mobile apps. Requirements engineers frequently ignore and incorrectly elicit security related requirements at the early stage of mobile application development. This scenario has led to the failure of developing secure and safe mobile application based on the needs of the users. As such, this paper intends to provide further understanding of the real challenges in extracting security attributes for mobile application faced by novice requirements engineers. For this purpose, two experiments on eliciting security attributes requirements of textual requirements scenario were conducted. The performance related to the correctness and time taken to elicit the security attributes were measured and recorded. It was found that the process of eliciting correct security attributes for mobile application requires effort, knowledge and skills. The findings indicate that an automated tool for correct elicitation security attributes requirement could help to overcome the challenges in eliciting security attributes requirements, especially among novice requirements engineers.

A Study on the Mobile Application Security Threats and Vulnerability Analysis Cases

  • Kim, Hee Wan
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.12 no.4
    • /
    • pp.180-187
    • /
    • 2020
  • Security threats are increasing with interest due to the mass spread of smart devices, and vulnerabilities in developed applications are being exposed while mobile malicious codes are spreading. The government and companies provide various applications for the public, and for reliability and security of applications, security checks are required during application development. In this paper, among the security threats that can occur in the mobile service environment, we set up the vulnerability analysis items to respond to security threats when developing Android-based applications. Based on the set analysis items, vulnerability analysis was performed by examining three applications of public institutions and private companies currently operating as mobile applications. As a result of application security checks used by three public institutions and companies, authority management and open module stability management were well managed. However, it was confirmed that many security vulnerabilities were found in input value verification, outside transmit data management, and data management. It is believed that it will contribute to improving the safety of mobile applications through the case of vulnerability analysis for Android application security.

A Study on Security Evaluation for Mobile Web Services Message (모바일 웹서비스 메시지의 보안 평가에 관한 연구)

  • Lee, Seoung-Hyeon;Lee, Jae-Seung
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • /
    • pp.765-768
    • /
    • 2007
  • In this paper, the security evaluation method about mobile web services message is suggested in the method for improving the safety an reliability about the mobile web services message. In order that the goal of this paper is accomplished, the security threat and the security vulnerability which can be occurred in the mobile web services message are defined. The evaluation method for performing the security evaluation about the mobile web services message is defined. Also, the requirements for the mobile web services message security evaluation are defined. Finally, the evaluation framework for performing the mobile web services message security evaluation is constituted, and the evaluation scenario example is suggested. By using the mobile web services message security evaluation defined in the paper, before the mobile web services is deployed, the security threats and security vulnerability can be verified. Also, the countermeasure for the security threat and security vulnerability discovered in the verification result can be prepared. Therefore, the sorority and reliability about the mobile web services can be improved.

  • PDF

Analysis and Design of Security Feature in IMT-2000 (IMT-2000 이동통신시스템의 보안기능 요구 분석 및 설계)

  • 권수근;신경철;김진업;김대식
    • Proceedings of the IEEK Conference
    • /
    • /
    • pp.469-472
    • /
    • 2000
  • Security-related issues in mobile communications are increasing. The security requirements of mobile communications for the mobile users include authentication of the mobile user, the data confidentiality, the data confidentiality and the location privacy of mobile user. These services require security features compatible with the wireline networks. However, wireless networks have many restrictions compare to wireline networks such as the limited computational capability of mobile equipment and limited resource(bandwidth) between a mobile user and a fixed network. So, security features for IMT-2000 are designed to meet the limited capacity. In this paper, we analyze the required security features and mechanism, and design network access security feature effective for IMT-2000 Systems. The design includes security functions allocation to each system. Finally, discuss the computational power of each system based on at]coated functions to it

  • PDF

Fault Tree Analysis and Failure Mode Effects Analysis for Software Security Improvements in Mobile Banking Information Systems (모바일 뱅킹 정보시스템의 소프트웨어 보안성 개선을 위한 고장 트리 분석과 고장 유형 영향 분석)

  • Kim, So Young;Kim, Myong Hee;Park, Man-Gon
    • Journal of Korea Multimedia Society
    • /
    • v.18 no.11
    • /
    • pp.1342-1350
    • /
    • 2015
  • Due to rapid development of mobile device technologies, the mobile banking through Internet has become a major service of banking information systems as a security-critical information systems. Recently, lots of mobile banking information systems which handle personal and transaction information have been exposed to security threats in vulnerable security control and management processes, mainly software systems. Therefore, in this paper, we propose a process model for software security improvements in mobile banking information system by application of fault tree analysis(FTA) and failure modes and effects analysis(FMEA) on the most important activities such as 'user authentication' and 'access control' and 'virus detection and control' processes which security control and management of mobile banking information systems are very weak.

Intergrating Security Model for Mobile-Grid (Mobile-Grid 환경에서의 통합 보안 모델)

  • Kang, Su-Youen;Lee, Sung-Young
    • Proceedings of the KIEE Conference
    • /
    • /
    • pp.585-588
    • /
    • 2002
  • Grid provides integral ing system that enables to use distributed computing resource and services as adapts traditional infrastructures to overcome the distributed computing environments. But, computing today is moving away from a restriction of the desktop, becoming diffused into our surrounding and onto our personal digital devices. In such mobile computing environments, users expects to access resource and services at any time from anywhere in such Mobile-Grid computing. This expectation results security issues, since the computing environments is expanded. This paper describes the security challenges in Mobile-Grid computing, explaining why traditional security mechanism fail to meet the demands of these environments. This paper describes policy driven security mechanism enabled entity to use service and data in trust Mobile-Grid environments and a set of security service module that need to be realized in the Mobile-Grid security architecture presents a set of use pattern that show hew these modules can be used for billing service in a secure Mobile-Grid environments.

  • PDF

A Study on DCAS Security Framework Model for Mobile IPTV (모바일 IPTV 환경에 적합한 DCAS 보안 프레임워크 연구)

  • Choi, Jung-Young;Cho, Kwan-Tae;Lim, Jong-In
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.1
    • /
    • pp.105-116
    • /
    • 2011
  • Mobile IPTV is a IPTV interactive broadcasting service through wireless Internet. Mobile IPTV service would be much more promoted. Thus, the methods for protecting the broadcasting contents will be indispensible elements for the successful Mobile IPTV service achievement. This paper describes the characteristics of Mobile IPTV and the related contents protection techniques. To evaluate several security issues, we suggest a DCAS security framework model for Mobile IPTV, and speculate the most widespread, a security technologies for Mobile IPTV such as DCSA. Moreover, candidate models of Mobile IPTV protection system are suggested based on these technologies.

A Study on the Influence of Mobile Information Security on Mobile Office Service Satisfaction and Continuous Use in the Enterprise BYOD Environment (기업의 BYOD 환경에서 정보보안이 모바일 오피스 서비스 만족과 지속적 사용에 미치는 영향에 관한 연구)

  • Park, Byoung-Woo;Jang, Seok-Eun;Lee, Eun-Kyoung;Lee, Sang-Joon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.4
    • /
    • pp.929-939
    • /
    • 2018
  • The mobile office, which was expected to be a key strategy for business operation through business innovation, was slow to spread from the BYOD environment to information security issues. This study analyzes mobile office information security and analyzes countermeasures against mobile information security threats to analyze the influence of information security factors on corporate satisfaction and continuous use of mobile office service. The results of the study were identified through the research model and hypothesis, quantitative empirical analysis based on the questionnaire and qualitative empirical analysis based on the expert interview. Through this study, practical implications and future directions for mobile office service satisfaction and continuous use are suggested.