Securing personal distributed environments

The Personal Distributed Environment (PDE) is a new concept being developed by Mobile VCE allowing future mobile users flexible access to their information and services. Unlike traditional mobile communications, the PDE user no longer needs to establish his or her personal communication link solely through one subscribing network but rather a diversity of disparate devices and access technologies whenever and wherever he or she requires. Depending on the services’ availability and coverage in the location, the PDE communication configuration could be, for instance, via a mobile radio system and a wireless ad hoc network or a digital broadcast system and a fixed telephone network. This new form of communication configuration inherently imposes newer and higher security challenges relating to identity and authorising issues especially when the number of involved entities, accessible network nodes and service providers, builds up. These also include the issue of how the subscribed service and the user’s personal information can be securely and seamlessly handed over via multiple networks, all of which can be changing dynamically. Without such security, users and operators will not be prepared to trust their information to other networks

Internet security for mobile computing

Mobile devices are now the most dominant computer platform. Every time a mobile web application accesses the internet, the end user’s data is susceptible to malicious attacks. For instance, when paying a bill at a store with NFC mobile payment, navigating through a city operating GPS on a smartphone, or dictating the temperature at a household with a home automation device. These activities seem routine, yet, when vulnerabilities are present they can leave holes for hackers to access bank accounts, pinpoint a user’s recent location, or tell when someone is not at home. The awareness of the end user cannot be trusted. Device vendors and developers must provide safeguards. An ongoing issue is that the present security standards are outdated and were never envisioned with mobile devices in mind. It can be suggested that security is only idling the progress of mobile computing. Still, many application developers and IT professionals do not adopt security standards fast enough to keep up-to-date with known vulnerabilities. The main goals of the next generation of security standards, TLS, will provide developers with greater security efficiency and improved mobile throughput. These proposed capabilities of the TLS protocol will streamline mobile computing into the forefront of security practices. The analysis of this report demonstrates concepts on the direction mobile security, usability, and performance from a development standpoint.Electrical and Computer Engineerin

Secure Identification in Social Wireless Networks

The applications based on social networking have brought revolution towards social life and are continuously gaining popularity among the Internet users. Due to the advanced computational resources offered by the innovative hardware and nominal subscriber charges of network operators, most of the online social networks are transforming into the mobile domain by offering exciting applications and games exclusively designed for users on the go. Moreover, the mobile devices are considered more personal as compared to their desktop rivals, so there is a tendency among the mobile users to store sensitive data like contacts, passwords, bank account details, updated calendar entries with key dates and personal notes on their devices. The Project Social Wireless Network Secure Identification (SWIN) is carried out at Swedish Institute of Computer Science (SICS) to explore the practicality of providing the secure mobile social networking portal with advanced security features to tackle potential security threats by extending the existing methods with more innovative security technologies. In addition to the extensive background study and the determination of marketable use-cases with their corresponding security requirements, this thesis proposes a secure identification design to satisfy the security dimensions for both online and offline peers. We have implemented an initial prototype using PHP Socket and OpenSSL library to simulate the secure identification procedure based on the proposed design. The design is in compliance with 3GPP‟s Generic Authentication Architecture (GAA) and our implementation has demonstrated the flexibility of the solution to be applied independently for the applications requiring secure identification. Finally, the thesis provides strong foundation for the advanced implementation on mobile platform in future

MPCS: Mobile-based Patient Compliance System for Chronic Illness Care

More than 100 million Americans are currently living with at least one chronic health condition and expenditures on chronic diseases account for more than 75 percent of the $2.3 trillion cost of our healthcare system. To improve chronic illness care, patients must be empowered and engaged in health self-management. However, only half of all patients with chronic illness comply with treatment regimen. The self-regulation model, while seemingly valuable, needs practical tools to help patients adopt this self-centered approach for long-term care. \par In this position paper, we propose Mobile-phone based Patient Compliance System (MPCS) that can reduce the time-consuming and error-prone processes of existing self-regulation practice to facilitate self-reporting, non-compliance detection, and compliance reminders. The novelty of this work is to apply social-behavior theories to engineer the MPCS to positively influence patients\u27 compliance behaviors, including mobile-delivered contextual reminders based on association theory; mobile-triggered questionnaires based on self-perception theory; and mobile-enabled social interactions based on social-construction theory. We discuss the architecture and the research challenges to realize the proposed MPCS

MPCS: Mobile-based Patient Compliance System for Chronic Illness Care

More than 100 million Americans are currently living with at least one chronic health condition and expenditures on chronic diseases account for more than 75 percent of the $2.3 trillion cost of our healthcare system. To improve chronic illness care, patients must be empowered and engaged in health self-management. However, only half of all patients with chronic illness comply with treatment regimen. The self-regulation model, while seemingly valuable, needs practical tools to help patients adopt this self-centered approach for long-term care. \par In this position paper, we propose Mobile-phone based Patient Compliance System (MPCS) that can reduce the time-consuming and error-prone processes of existing self-regulation practice to facilitate self-reporting, non-compliance detection, and compliance reminders. The novelty of this work is to apply social-behavior theories to engineer the MPCS to positively influence patients\u27 compliance behaviors, including mobile-delivered contextual reminders based on association theory; mobile-triggered questionnaires based on self-perception theory; and mobile-enabled social interactions based on social-construction theory. We discuss the architecture and the research challenges to realize the proposed MPCS

The design and implementation of a smartphone and Bluetooth-based criminal tracking system

This thesis describes the design and implementation of a real-time criminal tracking system. A criminal under tracking is asked to wear a low energy Bluetooth device and carry a smartphone. The Bluetooth device is secure on his body (e.g., hand or foot) and communicates with the smartphone, which communicates with a central server through cellular networks. The smartphone monitors the status of the Bluetooth device and reports to the server in real time when the status changes (e.g., connection lost or device being taken off). Moreover, it monitors the criminal\u27s movement and reports to the server whenever the criminal moves into an alert zone, a geographic region where the law enforcement wants the criminal\u27s movement to be tracked. Compared to the existing tracking approaches, our system has the following desired features. 1) Scalable. Instead of having a criminal to report its location all the time, the system allows one to configure where and when the criminal needs to be tracked, thus minimizing both mobile communication cost and server processing cost. 2) Low-cost. The system uses only off-shelf components (e.g., Bluetooth device and smartphone) which communicate through regular wireless networks. 3) Secure. The communication between a Bluetooth device and the corresponding smartphone is authenticated through One Time Password