37,386 research outputs found
Device- versus Network-Centric Authentication Paradigms for Mobile Devices: Operational and Perceptual Trade-Offs
The increasing capability and functionality of mobile devices is leading to a corresponding increase in the need for security to prevent unauthorised access. Indeed, as the data and services accessed via mobile devices become more sensitive, the existing method of user authentication (predominately based upon Personal Identification Numbers) appears increasingly insufficient. An alternative basis for authentication is offered by biometric approaches; which have the potential to be implemented in a non-intrusive manner and also enable authentication to be applied in an ongoing manner, beyond initial point-of-entry. However, the implementation of any authentication mechanism, particularly biometric approaches, introduces considerations of where the main elements of functionality (such as the processing of authentication data, decisions making, and storing user templates/profiles) should reside. At the extremes, there are two alternatives: a device-centric paradigm, in which the aforementioned aspects are handled locally; or a network-centric paradigm, in which the actions occur remotely and under the jurisdiction of the network operator. This paper examines the alternatives and determines that each context introduces considerations in relation to the privacy of user data, the processing and storage of authentication data, network bandwidth demands, and service availability. In view of the various advantages and disadvantages, it is concluded that a hybrid approach represents the most feasible solution; enabling data storage and processing to be split between the two locations depending upon individual circumstances. This represents the most flexible approach, and will enable an authentication architecture to be more adaptable to the needs of different users, devices and security requirements
Mobile distributed authentication protocol
Networks access control is a crucial topic and authentication is a pre-requisite of that process. Most existing authentication protocols (for example that used in the GSM mobile network) are centralised. Depending on a single entity is undesirable as it has security, trust and availability issues. This paper proposes a new protocol, GSM-secure network access protocol (G-SNAP). In G-SNAP, the authentication procedure and network access control is handled by a quorum of authentication centres. The advantages of the novel protocol include increased security, availability and distributed trust
A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends
This paper examines the security vulnerabilities and threats imposed by the
inherent open nature of wireless communications and to devise efficient defense
mechanisms for improving the wireless network security. We first summarize the
security requirements of wireless networks, including their authenticity,
confidentiality, integrity and availability issues. Next, a comprehensive
overview of security attacks encountered in wireless networks is presented in
view of the network protocol architecture, where the potential security threats
are discussed at each protocol layer. We also provide a survey of the existing
security protocols and algorithms that are adopted in the existing wireless
network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term
evolution (LTE) systems. Then, we discuss the state-of-the-art in
physical-layer security, which is an emerging technique of securing the open
communications environment against eavesdropping attacks at the physical layer.
We also introduce the family of various jamming attacks and their
counter-measures, including the constant jammer, intermittent jammer, reactive
jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the
integration of physical-layer security into existing authentication and
cryptography mechanisms for further securing wireless networks. Finally, some
technical challenges which remain unresolved at the time of writing are
summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201
A Study of IEEE 802.15.4 Security Framework for Wireless Body Area Network
A Wireless Body Area Network (WBAN) is a collection of low-power and
lightweight wireless sensor nodes that are used to monitor the human body
functions and the surrounding environment. It supports a number of innovative
and interesting applications, including ubiquitous healthcare and Consumer
Electronics (CE) applications. Since WBAN nodes are used to collect sensitive
(life-critical) information and may operate in hostile environments, they
require strict security mechanisms to prevent malicious interaction with the
system. In this paper, we first highlight major security requirements and
Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control
(MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4
security framework and identify the security vulnerabilities and major attacks
in the context of WBAN. Different types of attacks on the Contention Access
Period (CAP) and Contention Free Period (CFP) parts of the superframe are
analyzed and discussed. It is observed that a smart attacker can successfully
corrupt an increasing number of GTS slots in the CFP period and can
considerably affect the Quality of Service (QoS) in WBAN (since most of the
data is carried in CFP period). As we increase the number of smart attackers
the corrupted GTS slots are eventually increased, which prevents the legitimate
nodes to utilize the bandwidth efficiently. This means that the direct
adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure
for certain WBAN applications. New solutions are required to integrate high
level security in WBAN.Comment: 14 pages, 7 figures, 2 table
An Energy Aware and Secure MAC Protocol for Tackling Denial of Sleep Attacks in Wireless Sensor Networks
Wireless sensor networks which form part of the core for the Internet of Things consist of resource constrained sensors that are usually powered by batteries. Therefore, careful
energy awareness is essential when working with these devices.
Indeed,the introduction of security techniques such as authentication and encryption, to ensure confidentiality and integrity of data, can place higher energy load on the sensors. However, the absence of security protection c ould give room for energy drain attacks such as denial of sleep attacks which have a higher negative impact on the life span ( of the sensors than the presence of security features.
This thesis, therefore, focuses on tackling denial of sleep attacks from two perspectives A security perspective and an energy efficiency perspective. The security perspective involves evaluating and ranking a number of security based techniques to curbing denial of sleep attacks. The energy efficiency perspective, on the other hand, involves exploring duty cycling and simulating three Media Access Control ( protocols Sensor MAC, Timeout MAC andTunableMAC under different network sizes and measuring different parameters such as the Received Signal Strength RSSI) and Link Quality Indicator ( Transmit power, throughput and energy efficiency Duty cycling happens to be one of the major techniques for conserving energy in wireless sensor networks and this research aims to answer questions with regards to the effect of duty cycles on the energy efficiency as well as the throughput of three duty cycle protocols Sensor MAC ( Timeout MAC ( and TunableMAC in addition to creating a novel MAC protocol that is also more resilient to denial of sleep a ttacks than existing protocols.
The main contributions to knowledge from this thesis are the developed framework used for evaluation of existing denial of sleep attack solutions and the algorithms which fuel the other contribution to knowledge a newly developed protocol tested on the Castalia Simulator on the OMNET++ platform. The new protocol has been compared with existing protocols and
has been found to have significant improvement in energy efficiency and also better resilience to denial of sleep at tacks Part of this research has been published Two conference
publications in IEEE Explore and one workshop paper
- …