JOURNAL BROWSE
Search
Advanced SearchSearch Tips
Fault Tree Analysis and Failure Mode Effects Analysis for Software Security Improvements in Mobile Banking Information Systems
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
Fault Tree Analysis and Failure Mode Effects Analysis for Software Security Improvements in Mobile Banking Information Systems
Kim, So Young; Kim, Myong Hee; Park, Man-Gon;
  PDF(new window)
 Abstract
Due to rapid development of mobile device technologies, the mobile banking through Internet has become a major service of banking information systems as a security-critical information systems. Recently, lots of mobile banking information systems which handle personal and transaction information have been exposed to security threats in vulnerable security control and management processes, mainly software systems. Therefore, in this paper, we propose a process model for software security improvements in mobile banking information system by application of fault tree analysis(FTA) and failure modes and effects analysis(FMEA) on the most important activities such as `user authentication` and `access control` and `virus detection and control` processes which security control and management of mobile banking information systems are very weak.
 Keywords
Software Security;Security-Critical Information Systems;Mobile Banking Information Systems;Fault Tree Analysis(FTA);Failure Modes and Effects Analysis;
 Language
Korean
 Cited by
 References
1.
H.G. Shin, “Year 2013 Predictive Analysis of Information Security Trends in Banking IT,” Journal of Payment Settlement and IT, Vol. 51, pp. 581-586, 2013.

2.
J.S. Seong, “A Study on the Prevention of Security Incident,” Journal of Security Engineering, Vol. 9, No. 6, pp. 503-510, 2012.

3.
M.H. Kim, W. Toyib, and M.G. Park, “An Integrative Method of FTA and FMEA for Software Security Analysis of a Smart Phone,” Korean Information Processing Society Transactions on Computer and Communication Systems, Vol. 2, No. 12, pp. 541-552, 2013.

4.
S.M. Jang and M.G. Park, “A Study on the Fault Analysis and Security Assessment for Smart Card Management System,” Journal of Korea Multimedia Society, Vol. 17, No. 1, pp. 52-59, 2014. crossref(new window)

5.
M.H. Kim, E.J. Jin, and M.G. Park, “Fault Tree Analysis and Fault Modes and Effect Analysis for Security Evaluation of IC Card Payment Systems,” Journal of the Korean Multimedia Society, Vol. 16, No. 1, pp. 87-99, 2013. crossref(new window)

6.
Ubiquitous Management Academy Consulting, http://consulting.u-mac.co.kr/pds/quality/list.asp?sch_head=m_title&sch_string=fmea (accessed on April., 1, 2015).

7.
J.H. Lee, “Usage and Problems of Authentication Certificate on Smart Environment,” Journal of Internet and Security Focus, Korea Internet and Security Agency, Vol. 3, pp. 23-53, 2013.

8.
B.K. Lee, A Research on Discovering New Vulnerabilities and Analyzing Methods in Domestic Mobile Environment, KISA-WP-2012-0009, Research Report of the Korea Internet & Security Agency, 2012.

9.
S.Y. Kim, M.H. Kim, and M.G. Park, “A Study on the Information Security Control and Management Process in Mobile Banking System,” Journal of the Korean Multimedia Society, Vol. 18, No. 2, pp. 218-232, 2015. crossref(new window)

10.
J.C. Ryu, A Study of Malware Detection Based on Mobile OS, KISA-WP-2010-0057, Research Report of the Korea Internet & Security Agency, 2010.

11.
J. Nie and X. Hu, "Mobile Banking Information Security and Protection Methods," Proceeding 2008 International Conference on Computer Science and Software Engineering, pp. 587-590, 2008.

12.
White Paper of FIS Consulting Services, http://www.fisglobal.com/ucmprd-pub/groups/public/documents/document/c028786.pdf (accessed on April, 1, 2015).

13.
K. Streff and J. Haar, “An Examination of Information Security in Mobile Banking Architectures,” Journal of Information Systems Applied Research, Vol. 2, No. 2, pp. 1-16, 2009.