• Journal of Internet Computing and Services
• /
• v.24 no.4
• /
• pp.15-24
• /
• 2023

Digital therapeutics (DTx) are utilized to replace or supplement drug therapy to treat patients. DTx are developed as a mobile application for portability and convenience. The government requires security verification to be performed on digital medical devices that manage sensitive information during the transmission and storage of patient data. Although safety verification is included in the approval process for DTx, the cybersecurity checklist used as a reference does not reflect the characteristics of mobile applications. This poses the risk of potentially overlooking vulnerabilities during security verification. This study aims to address this issue by comparing and analyzing existing items based on the mobile tactics, techniques, and procedures of MITRE ATT&CK, which manages globally known and occurring vulnerabilities through regular updates. We identify 16 items that require improvement and expand the checklist to 29 items to propose improvement measures. The findings of this study may contribute to the safe development and advancement of DTx for managing sensitive patient information.

• Annual Conference of KIPS
• /
• 2009.11a
• /
• pp.579-580
• /
• 2009

Proxy Mobile IPv6에서는 같은 Local Mobility Anchor 내의 다른 Mobile Access Gateway에 있는 Mobile Node들의 패킷 전송에 있어서 발생하는 삼각 라우팅 문제는 여전히 존재한다. 이 문제점을 해결하기 위해 인터넷 드래프트 Liebsch와 Dutta에서 제안된 두 가지 Route Optimization 기법의 동작 과정을 알아보고, 상호 데이터 전송 상황에서 더 나은 성능을 제공하는 Correspondent Route Optimization 기법을 제안한다. 제안한 Route Optimization 기법은 Correspondent Flag를 추가하여 Mobile Access Gateway 간 Corresponding Binding을 완료하여, Route Optimization을 설정한다. 제안한 Correspondent Route Optimization 기법은 기존의 기법보다 상호 데이터 전송 상황에서 Route Optimization에 필요한 메시지 수가 적기 때문에 시그널링 비용이 감소하였다.

• Annual Conference of KIPS
• /
• 2023.05a
• /
• pp.104-106
• /
• 2023

The mobile crowdsensing platform obtains sensing data from mobile users, and the involvement of the public increases the untrustworthy of collected data. In order to distinguish factual data from inaccurate data provided by untrustworthy users, the truth discovery method has been introduced for accurate data aggregation in mobile crowdsensing (MCS). To explore the application of truth discovery in mobile crowdsensing, we overview the general concepts of truth discovery algorithms. Finally, we summarize the main existing application prospects of truth discovery in mobile crowdsensing.

• Annual Conference of KIPS
• /
• 2008.05a
• /
• pp.706-709
• /
• 2008

With the increasing popularity of P2P file sharing and advancement of mobile technologies, mobile P2P has revealed its attraction. Anonymity has become an increasing requirement in mobile networks. To reduce receiving garbage files, file validation and filtering are other requirements in the mobile P2P environment. If there are effective file filtering and validation mechanism, nodes' battery duration will be saved. In this paper, we do an analysis of security and anonymity in P2P file sharing and exchange system in mobile ad hoc environment, and propose a new efficient anonymous protocol, which can provide anonymity by broadcasting with a probabilistic algorithm and hiding real hop count information, the file validation by the file's special hash value and file filtering mechanism through the collaboration of middle nodes.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.6
• /
• pp.177-185
• /
• 2007

Lately, it is a trend that diffusion of Mobile Information Appliance that do various function by development of IT technology. There is function that do more convenient and efficient exchange information and business using mobile phone that is Mobile Information Appliance, but disfunction that is utilized by pointed end engineering data leakage, individual's privacy infringement, threat, etc. relationship means to use mobile phone is appeared and problems were appeared much. However, legal research of statute unpreparedness and so on need research and effort to prove delete, copy, integrity of digital evidence that transfer secures special quality of easy digital evidence to objective evidence in investigation vantage point is lacking about crime who use this portable phone. It is known that this Digital Forensic field is Mobile Forensic. In this paper. We are verify about acquisition way of digital evidence that can happen in this treatise through mobile phone that is Mobile Forensic's representative standing and present way to prove integrity of digital evidence using Hash Function.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.15 no.1
• /
• pp.104-109
• /
• 2005

Context-awareness is an important element that can provide service of good quality according to users' surrounding environment and status in ubiquitous computing environment. Information gathering tools for context-awareness use small size mobile devices which have easy movement and a mobile agent in mobile device. Now, Mobile agents are consuming much times and expense to collect and recognize each users' context information. Therefore, needs research about structure for users' context information awareness in early time to reduce mobile agent's load. This paper proposes a P2P mobile agent structure that mikes filtering techniques and a P2P agent in mobile agent. The proposed structure analyzes each user's context information in same area, and groups users who have similar preference degree. Grouped users share information using a P2P mobile agent. Also this structure observes and learns to continue on users' action and service, and measures new interrelation.

• The KIPS Transactions:PartC
• /
• v.19C no.1
• /
• pp.29-38
• /
• 2012

Due to rapid spread of smart phones and SNS(Social Network Service), using of Internet applications has increased and taking up bandwidth more than 3G network's capacity recently. This caused reduction of speed and service quality, and occurred strong needs that backbone network company to increasing investment costs. Also a great rise of mobile network users causing identity management problems on mobile service provider through mobile network. This paper proposes advanced IDM3G[1] - to solve user ID management and security problems on mobile internet application services over 3G network and more - authentication management protocol. $I^2DM$ protocol breakup loads which made by existing IDM3G protocol's mutual authentication via mobile operator, via sending some parts to internet application service provider, enhancing mobile and ID management of service provider and network load and process load from information handling and numbers of transmitting packets, to suggest more optimized protocol against further demanding of 3G mobile network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.79-91
• /
• 2008

Modern society as an information society, a lot of information is communicated in on-line. Specially, mobile environment based on radio communication has a characteristic of flexibility compared with wire communication and is developed rapidly. However, the more mobile technology is developed the more security for sensitive information is needed. Therefore, MTM(Mobile Trusted Module) is developed and promoted by TCG(Trusted Computing Group), which is an industry standard body to enhance the security level in the mobile computing environment. MTM, hardware security module for mobile environment, offers user's privacy protection, platform integrity verification, and individual platform attestation. On the other hand, secure migration scheme is required in case secret data or key is transferred from one platform to the other platform. In this paper, we analyze migration schemes which were described in TCG standard and other papers and then propose security maintenance scheme for secret data using USIM(Universal Subscriber Identity Module).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.109-127
• /
• 2011

Mobile Office is a new type of working method in the workplace that can be used at any time or anywhere by connecting to the network with mobile devices. This allows people to do their jobs without their physical presence in their offices to use computers. The elements in mobile office environment are advancing. They include the widespread distribution of the smart phones, the network enhancing strategy in a ubiquitous environment and expansion of the wireless internet; however, there are not enough security guidelines or policies against these threats on the new environment, the mobile office, although there is the revitalization policy of smart work supported by the government. CERT and ISAC, the known security system as of now, could be used for the secure mobile office, In this paper, suggestions are to be provided for strengthening the security of smart mobile office by analysing the functions of CERT and ISAC.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.3
• /
• pp.93-104
• /
• 2010

The advent of various mobile devices and mobile services has caused diversification of information stored in a mobile device, e.g., SMS, photos, movies, addresses, e-mails, digital certificates, and so on. Because mobile devices are lost or stolen easily, user authentication is critical to protect the information stored in mobile devices. However, the current user authentication methods using Personal Identification Numbers (PINs) and passwords are vulnerable to Shoulder Surfing Attacks (SSAs), which enables an attacker to obtain user's information. Although there are already several SSA-resistant authentication methods in the literature, most of these methods lack of usability. Moreover, they are not suitable for use in mobile devices. In this paper, we propose a user friendly password input method for mobile devices which is secure against SSA. We also perform user tests and compare the security and usability of the proposed method with those of the existing password input methods.