An Analysis of Security Threats and Security Requirements on the Designated PC Solution (이용 PC 지정에 대한 보안위협 및 보안 요구사항 분석)

Kyungroul Lee (이경률); Lee,Sun-Young (이선영); Kang-bin Yim (임강빈)

doi:10.9708/jksci.2017.22.05.029

An Analysis of Security Threats and Security Requirements on the Designated PC Solution

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2017, 22(5), pp.29-39
DOI : 10.9708/jksci.2017.22.05.029
Publisher : The Korean Society Of Computer And Information
Research Area : Engineering > Computer Science
Received : August 10, 2015
Accepted : April 25, 2017
Published : May 31, 2017

Kyungroul Lee ¹, Lee,Sun-Young ¹, Kang-bin Yim ¹

¹순천향대학교

Accredited

ABSTRACT

In this paper, we analyse security threats and security requirements about the designated PC solution which restricts usable PCs that are only an user own PCs or a registered PC for online banking or very important services. Accordingly, causable threats of the designated PC solution are classified a process, a network layer, a software module, and an environment of platform, and we draw security requirements based on analysed security threats. Results of this research are considered utilization of criteria for improving security of the designated PC solution and standards for giving hint of imposition of the designated PC solution.

KEYWORDS

Designated PC solution, Security threat, Security requirement, Identification, Device authentication, User authentication

Citation status

* References for papers published after 2023 are currently being built.

[report] Financial Security Agency(FSA) / 2012 /

[journal] Su-Mi Lee / 2011 / Domestic Electronic Financial Status and Classification of Security Threats / Review of Korea Institute of Information Security and Cryptology(KIISC) 21(7) : 53~61

[other] Neowiz games corporaion / 2011 / Internet connection blocking method through a fixed PC service using an IP address and hardware information, G06F 21/20 /

[confproc] Kyungroul Lee / 2012 / A Guideline for the Fixed PC Solution / proceedings of Smart Convergence Technologies and Applications(SCTA) : 74~76

[other] Telecommunications Technology Association(TTA / 2011 / Security Requirement for Virtual Keyboard, TTAK.KO-12.0180 /

[book] Mikro Tik / 2004 / Packet Sniffer / Mikro Kifls SIA

[journal] 김정윤 / 2010 / Weaknesses of the new design of wearable token system proposed by Sun et al. / 정보보호학회논문지 / 한국정보보호학회 20(5) : 81~88

[journal] 맹영재 / 2008 / An Analysis of Replay Attack Vulnerability on Single Sign-On Solutions / 정보보호학회논문지 / 한국정보보호학회 18(1) : 103~114

[journal] Yang-Seo Choi / 2006 / Privacy information exposure techniques and countermeasures through Social engineering attacks / Review of Korea Institute of Information Security and Cryptology(KIISC) 16(1) : 40~48

[journal] 이동휘 / 2006 / Intelligence Report and the Analysis Against the Phishing Attack Which Uses a Social Engineering Technique / 융합보안 논문지 / 한국융합보안학회 6(4) : 171~177

[journal] 강병탁 / 2011 / A study on the vulnerability of OTP implementation by using MITM attack and reverse engineering / 정보보호학회논문지 / 한국정보보호학회 21(6) : 83~100

[journal] 원동호 / 2010 / Vulnerabilities Analysis of the OTP Implemented on a PC / 정보처리학회논문지C / 한국정보처리학회 17(4) : 361~370

[confproc] Kyungroul Lee / 2015 / Security Assessment of the Designated PC Solution / The Korean Institute of Smart Media(KISM) Spring Conference

[confproc] Hyeungjun Yeuk / 2015 / An Analysis of the Vulnerability of the Designated PC solution / The Korean Institute of Smart Media(KISM) Spring Conference

[journal] 김종회 / 2011 / A New Malware Propagation Technique based on the Send Function Hooking and Its Countermeasure / 정보과학회논문지 : 시스템 및 이론 / 한국정보과학회 38(4) : 178~185

[journal] Kangwon Lee / 2012 / Extraction of Platform-unique Information as an Identifie / Journal of Wireless Mobile Networks, Ubiquitous Computing and Dependable Application(JoWUA) 3(4) : 85~99

[journal] 심종익 / 2011 / Protecting Memory of Process Using Mandatory Access Control / 한국정보통신학회논문지 / 한국정보통신학회 15(9) : 1947~1954

[journal] 이경률 / 2012 / A New Analysis Method for Packed Malicious Codes / 한국항행학회논문지 / 한국항행학회 16(3) : 488~494

[confproc] Non Thiranant / 2012 / Challenge-Response Authentication with a Smartphone / Proceedings of the Korea Society of Computer & Information(KSCI) 20(2) : 187~190

[journal] 전웅렬 / 2011 / Analysis of Threats and Countermeasures on Mobile Smartphone / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 16(2) : 153~164

[journal] 신성윤 / 2014 / A Study of Definition of Security Requirements on Encryption and Audit Logging / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 19(9) : 85~91

[journal] 문재찬 / 2012 / Vulnerability Analysis and Threat Mitigation for Secure Web Application Development / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 17(2) : 127~137

[journal] 박미옥 / 2013 / Weaknesses Cryptanalysis of Khan's Scheme and Improved Authentication Scheme preserving User Anonymity / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 18(2) : 87~94

[journal] 김영백 / 2013 / A Vulnerability Analysis of Multi-Context RFID Mutual Authentication Protocol / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 18(10) : 71~79

This paper was written with support from the National Research Foundation of Korea.

KJCKorea
Journal Central

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65

An Analysis of Security Threats and Security Requirements on the Designated PC Solution

ABSTRACT

KEYWORDS

Citation status

* References for papers published after 2023 are currently being built.

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65

An Analysis of Security Threats and Security Requirements on the Designated PC Solution

ABSTRACT

KEYWORDS

Statistics

Tools

Issue List

Citation status

KCI Citation Counts (0)

REFERENCES (24) * References for papers published after 2023 are currently being built.

Search PDF

Citation

* References for papers published after 2023 are currently being built.