Advertisement

Multimedia Tools and Applications

, Volume 74, Issue 20, pp 8831–8847 | Cite as

Vulnerability of information disclosure in data transfer section for constructing a safe smart work infrastructure

  • Geon Il Heo
  • Yong Jun Park
  • Won Hyung ParkEmail author
Article

Abstract

As the communication infrastructure has extended and the number of a smartphone’ users has been rapidly increasing, many companies want to introduce Smart Work. But this means that people have chances to produce or handle their company’s data. If an administrator doesn’t consider a ‘security’ element, the Smart Work will be terrible security threats not a chance. For constructing a safe Smart Work infrastructure, this paper selects major domestic and external web[mobile] sites which provide cloud, VoIP[mVoIP], messenger, E-mail services and examines whether data are encrypted or not in data transfer section.

Keywords

Smart Work Information disclosure SSL/TLS Wireshark Cipher suite 

References

  1. 1.
    National Information Planning Group 2012 Information statistics (2012) National Information Society AgencyGoogle Scholar
  2. 2.
    Guide of Smart Work for Enterprise (2011) National Information Society AgencyGoogle Scholar
  3. 3.
    Survey on the Wireless Internet Usage, http://isis.kisa.or.kr, Korea Internet Security Agency, 12. 2012
  4. 4.
    Heo GI, Kang JW, Park WH (2013) Countermeasures of privacy disclosure vulnerability in data transfer section. Korea Society of IT ServicesGoogle Scholar
  5. 5.
    Kim AC, Kim S, Park WH, Lee DH (2013) Fraud and financial crime detection model using malware forensics. Multimedia Tools Appl, SpringerGoogle Scholar
  6. 6.
    Kim Y-H, Park WH (2012) A study on cyber threat prediction based on intrusion detection event for APT attack detection. Multimedia Tools Appl, SpringerGoogle Scholar
  7. 7.
    Park WH, Lee DH, Kim KN. A study on improvement of the evidence collection module in windows forensic. Inf Sci Appl (ICISA) 2011 International Conference, pp 1–4, 2012Google Scholar
  8. 8.
    Sherif MH, Rhrouchni A, Gaid AY, Farazmandnia F (1998) SET and SSL: electronic payments on the Internet. ISCC ’98. Proceedings. Third IEEE Symposium, pp. 353–358Google Scholar
  9. 9.
    Thomas S (2000) SSL and TLS essential. Wiley, New YorkGoogle Scholar
  10. 10.
    Freier AO (1996) The SSL protocol version 3.0. Internet draftGoogle Scholar
  11. 11.
  12. 12.
    Convergence Security R&D Team (2010) Handbook of Cipher. Korea Internet Security AgencyGoogle Scholar
  13. 13.
    Convergence Security R&D Team (2010) Guide of cipher algorithm and key length. Korea Internet Security AgencyGoogle Scholar
  14. 14.
    Convergence Security R&D Team (2009) Handbook of securiy server. Korea Internet Security AgencyGoogle Scholar
  15. 15.
    Korea Internet Security Agency, Introduction to SEED Algorithm, http://seed.kisa.or.kr/iwt/ko/sup/EgovSeedInfo.do, March 2013
  16. 16.
    Korea Ministry of Government Legislation, http://www.law.go.kr/lsInfoP.do?lsiSeq=123210&efYd=20120818#0000, March 2013

Copyright information

© Springer Science+Business Media New York 2013

Authors and Affiliations

  1. 1.Department of Information SecurityKorea UniversitySeoulRepublic of Korea
  2. 2.Department of Information and CommunicationSungkyunkwan UniversitySuwon-siRepublic of Korea
  3. 3.Department of Cyber SecurityFar East UniversityChungcheongbuk-doRepublic of Korea

Personalised recommendations