• Journal of Information Processing Systems
• /
• v.8 no.2
• /
• pp.347-358
• /
• 2012

Recently, security researches have been processed on the method to cover a broader range of hacking attacks at the low level in the perspective of hardware. This system security applies not only to individuals' computer systems but also to cloud environments. "Cloud" concerns operations on the web. Therefore it is exposed to a lot of risks and the security of its spaces where data is stored is vulnerable. Accordingly, in order to reduce threat factors to security, the TCG proposed a highly reliable platform based on a semiconductor-chip, the TPM. However, there have been no technologies up to date that enables a real-time visual monitoring of the security status of a PC that is operated based on the TPM. And the TPB has provided the function in a visual method to monitor system status and resources only for the system behavior of a single host. Therefore, this paper will propose a m-TMS (Mobile Trusted Monitoring System) that monitors the trusted state of a computing environment in which a TPM chip-based TPB is mounted and the current status of its system resources in a mobile device environment resulting from the development of network service technology. The m-TMS is provided to users so that system resources of CPU, RAM, and process, which are the monitoring objects in a computer system, may be monitored. Moreover, converting and detouring single entities like a PC or target addresses, which are attack pattern methods that pose a threat to the computer system security, are combined. The branch instruction trace function is monitored using a BiT Profiling tool through which processes attacked or those suspected of being attacked may be traced, thereby enabling users to actively respond.

• IEIE Transactions on Smart Processing and Computing
• /
• v.1 no.1
• /
• pp.65-71
• /
• 2012

Mobile RFID is a new application that uses a mobile phone as an RFID reader with wireless technology and provides a new valuable service to users by integrating RFID and ubiquitous sensor network infrastructures with mobile communication and wireless Internet. Whereas the mobile RFID system has many advantages, privacy violation problems on the reader side are very concerning to individuals and researchers. Unlike in regular RFID environments, where the communication channel between the server and reader is assumed to be secure, the communication channel between the backend server and the RFID reader in the mobile RFID system is not assumed to be safe. Therefore it has become necessary to devise a new communication protocol that secures the privacy of mobile RFID-enabled devices. Recently, Lo et al. proposed a mutual key agreement protocol that secures the authenticity and privacy of engaged mobile RFID readers by constructing a secure session key between the reader and server. However, this paper shows that this protocol does not meet all of the necessary security requirements. Therefore we developed an enhanced mutual key agreement protocol for mobile RFID-enabled devices that alleviates these concerns. We further show that our protocol can enhance data security and provide privacy protection for the reader in an unsecured mobile RFID environment, even in the presence of an active adversary.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.4C
• /
• pp.454-461
• /
• 2007

The next-generation computer is the ultra-lightweight mobile computer that communicates with peripheral handhold devices and provides dynamically the services appropriate to user. To provide the dynamic services on the ultra-lightweight mobile computer, security problem for user or computer system information should be solved and security mechanism is necessary for the ultra-lightweight mobile computing environment that has battery limit and low performance. In this paper, the security mechanism on the component based middleware for the ultra-lightweight mobile computer was implemented using RC-5 cipher algorithm and SHA-1 authentication algorithm. The security components are dynamically loaded and executed into the component based middleware on the ultra-lightweight mobile computer.

• Journal of Korea Society of Industrial Information Systems
• /
• v.4 no.4
• /
• pp.149-153
• /
• 1999

This paper proposes a new security system for the next generation mobile telecommunication system The system is based on the network domain security of the 3GPP. The system provides confidentiality and integrity services in the RLC layer, the second layer of 3GPP. Our system has merits in that it can provide security services without any modification to the 3GPP protocol and has low transmission voerhead. Security algorithm and mode are controlled by the RRC layer, the third layer of 3GPP.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.1
• /
• pp.45-55
• /
• 2018

Recently, because the arrival of the fourth industrial revolution era, many information and telecommunication services have grown rapidly in the mobile business market. So, companies are based Mobile Apps on user customized services and expanding their services. From the standpoint of the business, to generate revenue, the company needs to maintain the existing current computer environment and develop Mobile Apps to offer convenience in various areas such as finance, admiration, e-commerce and sales support. However, as the number of users increase due to expansion of various Mobile services, security threats that are related to Mobile Apps are increasing and its damage is also increasing. Due to the rapid technological transformation of Mobile devices using the Internet, the level of security threats to Smartphones are rising and getting more advance, so this thesis is structured as follows. In Chapter 2, it will look at the overall trends of Mobile Apps as related research. In Chapter 3, it will discuss various security concerns that related to the latest Mobile Apps and learn about the threatening factors. In Chapter 4, it will compare and analyze the threatening factors. Then it will find and suggest the possible plan. In Chapter 5, it will end with conclusion. Finally, to protect mobile devices from security threats, the environment of operating system which manages the resources and data of Apps needs to be protected. Also, it is important that users to have awareness and check activation FinTech technology security in the process of simple payment with fingerprint or IC card.

• ETRI Journal
• /
• v.36 no.1
• /
• pp.51-61
• /
• 2014

In the Mobile IPv6 (MIPv6) protocol, a mobile node (MN) is a mobile device with a permanent home address (HoA) on its home link. The MN will acquire a care-of address (CoA) when it roams into a foreign link. It then sends a binding update (BU) message to the home agent (HA) and the correspondent node (CN) to inform them of its current CoA so that future data packets destined for its HoA will be forwarded to the CoA. The BU message, however, is vulnerable to different types of security attacks, such as the man-in-the-middle attack, the session hijacking attack, and the denial-of-service attack. The current security protocols in MIPv6 are not able to effectively protect the BU message against these attacks. The private-key-based BU (PKBU) protocol is proposed in this research to overcome the shortcomings of some existing MIPv6 protocols. PKBU incorporates a method to assert the address ownership of the MN, thus allowing the CN to validate that the MN is not a malicious node. The results obtained show that it addresses the security requirements while being able to check the address ownership of the MN. PKBU also incorporates a method to verify the reachability of the MN.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.7 no.5
• /
• pp.1145-1151
• /
• 2012

Recently, the demand for mobile system is growing owing to the spread of smart phones to enable the real-time business process. This paper proposes the real-time facility maintenance management system using an android-based mobile application to apply to the facility defect/maintenance field for the apartment building complex. The proposed system model aims to develop the comprehensive management system to integrate the web and mobile system to lead to the realization of mobile office. The security measures required in the mobile system are technically analyzed and implemented on the system.

• The Journal of Korea Robotics Society
• /
• v.2 no.1
• /
• pp.71-79
• /
• 2007

We propose and develop Home Security robot system based on Sensor Network (HSSN) configured by sensor nodes including radio frequency (RF), ultrasonic, temperature, light and sound sensors. Our system can acknowledge security alarm events that are acquired by sensor nodes and relayed in the hop-by-hop transmission way. There are sensor network, Home Security Mobile Robot (HSMR) and Home Server(HS) in this system. In the experimental results of this system, we presented that our system has more enhanced performance of response to emergency context and more speedy and accurate path planning to target position for arriving an alarm zone with obstacle avoidance and acquiring the context-aware information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.549-562
• /
• 2017

In recent years, as the proportion of mobile banking has become bigger with daily usage of mobile banking, security threats are also increasing according to the feeling. Accordingly, the domestic banking system introduces security solution programs in the banking application and sets security check points to ensure the stability of the application in order to check whether it is always executed. This study presents a vulnerability of inactivity bypassing mobile vaccine program operation checkpoints using the intermediate language statically and dynamically analysis when decompiling the android banking applications of major banks in Korea. Also, through the results, it identifies possible attacks that can be exploited and suggest countermeasures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1189-1199
• /
• 2017

With the rapid increase in mobile device users, there are many cyber attacks using SMS messages to infect the mobile device. The monetary demage from those attacks are also increasing. Since those demage are generally related to mobile micropayement systems, we study the details of the incidents on smishing and mobile micropayment. We have identified several limitations of current regulations and laws of them. Thus, we propose new regulations and laws to reduce the financial demage from simishing and to strengthen the security and responsibility of the mobile network operator, payment gateway, and content providers who are participating in the structure of a mobile micropayment systems, such as a regulation for information security evaluation system, several laws for compensation of financial demage within mobile micropayement system.