Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

PV177

On the Security of Internet Banking in South Korea
by

Jan Dolecek

on 28 April 2010

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of PV177

On the Security of Internet Banking in South Korea Jan Dolecek, FI MU
juzna.cz@gmail.com PV177
Introduction many advantages enthusiastic users curious security sued by OpenWeb IE + MS only proprietary Aim of paper describe security mechamisms in Korea evaluate it discuss it solution Security mechanisms properties user/server authentication confidentiality data integrity non-repudiation Korean properties detect and remove malware network access control anti-keylogger one-time password proprietary protocols SEED RSA+HMAC Secure and Authenticated
Communication Channel because of Crypto wars summary User Authentication password one-time password PIN certificate (PKI) physical token biometrics combines 2-3 -> secure PC is untrusted Not Effective? feature count is higher? security through obscurity Phishing attacks? Private key storage? Passphrase redundancy? Firewall Anti-virus Keystroke encryption Security proof? User issues
70% prefer other banks Compatibility problems Difficulty "False" better security Speed Recommendations Provide more options User-friendly documentation Compatible and/or open
mechanisms Trustworthy approach Virtualization Bootable USB token CAP device Conclusion Q&A Thank you Korean banking non-secure non-compatible non-standard Solution TLS Trusted platform CAP devices ActiveX firewall anti-virus anti-keylogger secure tunnel
Full transcript