2,933 research outputs found
Mobile Phones as Secure Gateways for Message-Based Ubiquitous Communication (Revised)
For ubiquitous communication self-organising ad-hoc networks become
more and more important. We consider mobile phones as appropriate
secure gateways to provide access to the Internet for external
machines with low communication needs. A message-based approach is
best in such a scenario with moving mobile phones and machines. In
this paper we propose a security model for access control to the
communication infrastructure, which is also message oriented. To
meet the requirements of ubiquitously communicating machines, all
algorithms on the sender\u27s side are based on symmetric cryptography
resulting in low computation requirements. Our sophisticated
symmetric key infrastructure for access control is based on unique
combinations of keys and is completed with an effective key
management. This results in a carrier grade security level although
many parties share the same keys. Adopting the Subscriber Identity
Module as a secure storage and computing module achieves the
trustworthiness of the mobile phone. This makes it possible to use
the mobile phone not only as a user terminal but also as a trusted
infrastructure component of the mobile network.
This document is an update of earlier work [BWS07]
presented at the Workshop in Information Security Theory and
Practices 2007 in Crete, Greece
Security by Spatial Reference:Using Relative Positioning to Authenticate Devices for Spontaneous Interaction
Spontaneous interaction is a desirable characteristic associated with mobile and ubiquitous computing. The aim is to enable users to connect their personal devices with devices encountered in their environment in order to take advantage of interaction opportunities in accordance with their situation. However, it is difficult to secure spontaneous interaction as this requires authentication of the encountered device, in the absence of any prior knowledge of the device. In this paper we present a method for establishing and securing spontaneous interactions on the basis of emphspatial references that capture the spatial relationship of the involved devices. Spatial references are obtained by accurate sensing of relative device positions, presented to the user for initiation of interactions, and used in a peer authentication protocol that exploits a novel mechanism for message transfer over ultrasound to ensures spatial authenticity of the sender
A survey on subjecting electronic product code and non-ID objects to IP identification
Over the last decade, both research on the Internet of Things (IoT) and
real-world IoT applications have grown exponentially. The IoT provides us with
smarter cities, intelligent homes, and generally more comfortable lives.
However, the introduction of these devices has led to several new challenges
that must be addressed. One of the critical challenges facing interacting with
IoT devices is to address billions of devices (things) around the world,
including computers, tablets, smartphones, wearable devices, sensors, and
embedded computers, and so on. This article provides a survey on subjecting
Electronic Product Code and non-ID objects to IP identification for IoT
devices, including their advantages and disadvantages thereof. Different
metrics are here proposed and used for evaluating these methods. In particular,
the main methods are evaluated in terms of their: (i) computational overhead,
(ii) scalability, (iii) adaptability, (iv) implementation cost, and (v) whether
applicable to already ID-based objects and presented in tabular format.
Finally, the article proves that this field of research will still be ongoing,
but any new technique must favorably offer the mentioned five evaluative
parameters.Comment: 112 references, 8 figures, 6 tables, Journal of Engineering Reports,
Wiley, 2020 (Open Access
SMS-Based Event Notification System
Existing mass Short Message Service (SMS) mailing systems are designed to work with a specific SMS gateway hence resulting in user lock-in to a SMS vendor. Also, some SMS gateways support scheduling of SMS message to be sent at a later time and date, others do not support it. Moreover, those gateways that support scheduling don't mostly allow users to cancel scheduled SMS message. This study has successfully designed and developed an enterprise class mass SMS mailing system that support multiple users as well as multiple SMS gateways, providing a unified interface and common set of features across many SMS gateways which prevent vendor lock-in as users can choose among multiple SMS vendor gateways. Another major feature provided by the new system is the introduction of SMS message scheduling. This feature makes SMS message scheduling possible across all SMS gateways including those that do not internally support scheduling. Moreover, users can also cancel any scheduled message if the need be. Keywords: Mailing Systems, Lock-In, Scheduling, SMS, SMS Gateway, SMS Vendor
Secure Vehicular Communication Systems: Implementation, Performance, and Research Challenges
Vehicular Communication (VC) systems are on the verge of practical
deployment. Nonetheless, their security and privacy protection is one of the
problems that have been addressed only recently. In order to show the
feasibility of secure VC, certain implementations are required. In [1] we
discuss the design of a VC security system that has emerged as a result of the
European SeVeCom project. In this second paper, we discuss various issues
related to the implementation and deployment aspects of secure VC systems.
Moreover, we provide an outlook on open security research issues that will
arise as VC systems develop from today's simple prototypes to full-fledged
systems
Selective Jamming of LoRaWAN using Commodity Hardware
Long range, low power networks are rapidly gaining acceptance in the Internet
of Things (IoT) due to their ability to economically support long-range sensing
and control applications while providing multi-year battery life. LoRa is a key
example of this new class of network and is being deployed at large scale in
several countries worldwide. As these networks move out of the lab and into the
real world, they expose a large cyber-physical attack surface. Securing these
networks is therefore both critical and urgent. This paper highlights security
issues in LoRa and LoRaWAN that arise due to the choice of a robust but slow
modulation type in the protocol. We exploit these issues to develop a suite of
practical attacks based around selective jamming. These attacks are conducted
and evaluated using commodity hardware. The paper concludes by suggesting a
range of countermeasures that can be used to mitigate the attacks.Comment: Mobiquitous 2017, November 7-10, 2017, Melbourne, VIC, Australi
Ubiquitous robust communications for emergency response using multi-operator heterogeneous networks
A number of disasters in various places of the planet have caused an extensive loss of lives, severe damages to properties and the environment, as well as a tremendous shock to the survivors. For relief and mitigation operations, emergency responders are immediately dispatched to the disaster areas. Ubiquitous and robust communications during the emergency response operations are of paramount importance. Nevertheless, various reports have highlighted that after many devastating events, the current technologies used, failed to support the mission critical communications, resulting in further loss of lives. Inefficiencies of the current communications used for emergency response include lack of technology inter-operability between different jurisdictions, and high vulnerability due to their centralized infrastructure. In this article, we propose a flexible network architecture that provides a common networking platform for heterogeneous multi-operator networks, for interoperation in case of emergencies. A wireless mesh network is the main part of the proposed architecture and this provides a back-up network in case of emergencies. We first describe the shortcomings and limitations of the current technologies, and then we address issues related to the applications and functionalities a future emergency response network should support. Furthermore, we describe the necessary requirements for a flexible, secure, robust, and QoS-aware emergency response multi-operator architecture, and then we suggest several schemes that can be adopted by our proposed architecture to meet those requirements. In addition, we suggest several methods for the re-tasking of communication means owned by independent individuals to provide support during emergencies. In order to investigate the feasibility of multimedia transmission over a wireless mesh network, we measured the performance of a video streaming application in a real wireless metropolitan multi-radio mesh network, showing that the mesh network can meet the requirements for high quality video transmissions
- …