• Journal of Information Processing Systems
• /
• v.3 no.2
• /
• pp.54-63
• /
• 2007

The high-speed mobile Internet has recently been expanded, many attractive services are provided. However, these services require some form of security-related technology. This paper outlines Japanese mobile services and exposits some mobile security topics including mobile spam, mobile malware, mobile DRM system, mobile WiMAX security, and mobile key management.

• Journal of Korea Multimedia Society
• /
• v.18 no.2
• /
• pp.218-232
• /
• 2015

According to the development of information processing technology and mobile communication technology, the utilization of mobile banking systems is drastically increasing in banking system. In the foreseeable future, it is expected to increase rapidly the demands of mobile banking in bank systems with the prevalence of smart devices and technologies. However, the keeping 'security' is very important in banking systems that handles personal information and financial assets. But it is very difficult to improve the security of banking systems only with the vulnerabilities and faults analysis methods of information security. Hence, in this paper, we accomplish the analysis of security risk factor and security vulnerability that occur in mobile banking system. With analyzed results, we propose the information security control and management processes for assessing and improving security based on the mechanisms which composes mobile banking system.

• Journal of Internet Computing and Services
• /
• v.17 no.5
• /
• pp.25-32
• /
• 2016

There has been a rapid growth in the development of mobile application resulting from its wide usage for online transaction, data storage and exchange of information. However, an important issue that has been overlooked is the lack of emphasis on the security issues at the early stage of the development. In fact, security issues have been kept until the later stage of the implementation of mobile apps. Requirements engineers frequently ignore and incorrectly elicit security related requirements at the early stage of mobile application development. This scenario has led to the failure of developing secure and safe mobile application based on the needs of the users. As such, this paper intends to provide further understanding of the real challenges in extracting security attributes for mobile application faced by novice requirements engineers. For this purpose, two experiments on eliciting security attributes requirements of textual requirements scenario were conducted. The performance related to the correctness and time taken to elicit the security attributes were measured and recorded. It was found that the process of eliciting correct security attributes for mobile application requires effort, knowledge and skills. The findings indicate that an automated tool for correct elicitation security attributes requirement could help to overcome the challenges in eliciting security attributes requirements, especially among novice requirements engineers.

• International Journal of Internet, Broadcasting and Communication
• /
• v.12 no.4
• /
• pp.180-187
• /
• 2020

Security threats are increasing with interest due to the mass spread of smart devices, and vulnerabilities in developed applications are being exposed while mobile malicious codes are spreading. The government and companies provide various applications for the public, and for reliability and security of applications, security checks are required during application development. In this paper, among the security threats that can occur in the mobile service environment, we set up the vulnerability analysis items to respond to security threats when developing Android-based applications. Based on the set analysis items, vulnerability analysis was performed by examining three applications of public institutions and private companies currently operating as mobile applications. As a result of application security checks used by three public institutions and companies, authority management and open module stability management were well managed. However, it was confirmed that many security vulnerabilities were found in input value verification, outside transmit data management, and data management. It is believed that it will contribute to improving the safety of mobile applications through the case of vulnerability analysis for Android application security.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.765-768
• /
• 2007

In this paper, the security evaluation method about mobile web services message is suggested in the method for improving the safety an reliability about the mobile web services message. In order that the goal of this paper is accomplished, the security threat and the security vulnerability which can be occurred in the mobile web services message are defined. The evaluation method for performing the security evaluation about the mobile web services message is defined. Also, the requirements for the mobile web services message security evaluation are defined. Finally, the evaluation framework for performing the mobile web services message security evaluation is constituted, and the evaluation scenario example is suggested. By using the mobile web services message security evaluation defined in the paper, before the mobile web services is deployed, the security threats and security vulnerability can be verified. Also, the countermeasure for the security threat and security vulnerability discovered in the verification result can be prepared. Therefore, the sorority and reliability about the mobile web services can be improved.

• Proceedings of the IEEK Conference
• /
• 2000.11a
• /
• pp.469-472
• /
• 2000

Security-related issues in mobile communications are increasing. The security requirements of mobile communications for the mobile users include authentication of the mobile user, the data confidentiality, the data confidentiality and the location privacy of mobile user. These services require security features compatible with the wireline networks. However, wireless networks have many restrictions compare to wireline networks such as the limited computational capability of mobile equipment and limited resource(bandwidth) between a mobile user and a fixed network. So, security features for IMT-2000 are designed to meet the limited capacity. In this paper, we analyze the required security features and mechanism, and design network access security feature effective for IMT-2000 Systems. The design includes security functions allocation to each system. Finally, discuss the computational power of each system based on at]coated functions to it

• Proceedings of the KIEE Conference
• /
• 2002.11c
• /
• pp.585-588
• /
• 2002

Grid provides integral ing system that enables to use distributed computing resource and services as adapts traditional infrastructures to overcome the distributed computing environments. But, computing today is moving away from a restriction of the desktop, becoming diffused into our surrounding and onto our personal digital devices. In such mobile computing environments, users expects to access resource and services at any time from anywhere in such Mobile-Grid computing. This expectation results security issues, since the computing environments is expanded. This paper describes the security challenges in Mobile-Grid computing, explaining why traditional security mechanism fail to meet the demands of these environments. This paper describes policy driven security mechanism enabled entity to use service and data in trust Mobile-Grid environments and a set of security service module that need to be realized in the Mobile-Grid security architecture presents a set of use pattern that show hew these modules can be used for billing service in a secure Mobile-Grid environments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.105-116
• /
• 2011

Mobile IPTV is a IPTV interactive broadcasting service through wireless Internet. Mobile IPTV service would be much more promoted. Thus, the methods for protecting the broadcasting contents will be indispensible elements for the successful Mobile IPTV service achievement. This paper describes the characteristics of Mobile IPTV and the related contents protection techniques. To evaluate several security issues, we suggest a DCAS security framework model for Mobile IPTV, and speculate the most widespread, a security technologies for Mobile IPTV such as DCSA. Moreover, candidate models of Mobile IPTV protection system are suggested based on these technologies.

• International Journal of Fuzzy Logic and Intelligent Systems
• /
• v.11 no.4
• /
• pp.229-237
• /
• 2011

As smart phones have become widely adopted, they have brought about changes in individual lifestyles, as well as significant changes in the industry. As the mobile technology of smart phones has become associated with all areas of industry, it is not only accelerating innovation in other industries such as shopping, healthcare service, education, and finance, but is also creating new markets and business opportunities. The preparation of thorough security measures for smart phones is increasing in demand. While offering excellent mobility and convenience, smart phones can be exposed to a range of violation threats. In particular, it is necessary to make efforts to develop a security system that can preemptively cope with potential security threats in the banking service area, which requires a high level of reliability. This paper suggests a security reference model that is considered for the smart phone-based joint mobile banking development project being undertaken by the Bank of Korea in 2010. The purpose of this study is to make a security reference model for a reliable smart phone-based mobile financial service, by recognizing the specific security threats directed toward smart phones, and providing countermeasures to these security threats. The proposed mobile banking security reference model is useful in improving system security by systematically analyzing information security threats to the mobile financial service, and by presenting the guideline for the preparation of countermeasures.

• Journal of Information Processing Systems
• /
• v.20 no.1
• /
• pp.38-52
• /
• 2024

The 5G is the 5th generation mobile network that provides enhanced mobile broadband, ultra-reliable & low latency communications, and massive machine-type communications. New services can be provided through multi-access edge computing, network function virtualization, and network slicing, which are key technologies in 5G mobile communication. However, these new technologies provide new attack paths and threats. In this paper, we analyzed the overall threats of 5G mobile communication through a literature review. First, defines 5G mobile communication, analyzes its features and technology architecture, and summarizes possible security issues. Addition, it presents security threats from the perspective of user devices, radio access network, multi-access edge computing, and core networks that constitute 5G mobile communication. After that, security requirements for threat factors were derived through literature analysis. The purpose of this study is to conduct a fundamental analysis to examine and assess the overall threat factors associated with 5G mobile communication. Through this, it will be possible to protect the information and assets of individuals and organizations that use 5G mobile communication technology, respond to various threat situations, and increase the overall level of 5G security.