92,288 research outputs found
Securing Interactive Sessions Using Mobile Device through Visual Channel and Visual Inspection
Communication channel established from a display to a device's camera is
known as visual channel, and it is helpful in securing key exchange protocol.
In this paper, we study how visual channel can be exploited by a network
terminal and mobile device to jointly verify information in an interactive
session, and how such information can be jointly presented in a user-friendly
manner, taking into account that the mobile device can only capture and display
a small region, and the user may only want to authenticate selective
regions-of-interests. Motivated by applications in Kiosk computing and
multi-factor authentication, we consider three security models: (1) the mobile
device is trusted, (2) at most one of the terminal or the mobile device is
dishonest, and (3) both the terminal and device are dishonest but they do not
collude or communicate. We give two protocols and investigate them under the
abovementioned models. We point out a form of replay attack that renders some
other straightforward implementations cumbersome to use. To enhance
user-friendliness, we propose a solution using visual cues embedded into the 2D
barcodes and incorporate the framework of "augmented reality" for easy
verifications through visual inspection. We give a proof-of-concept
implementation to show that our scheme is feasible in practice.Comment: 16 pages, 10 figure
Mobile Terminal Security
The miniaturization of electronics and recent developments in
biometric and screen technologies will permit a pervasive presence
of embedded systems. This - and the inclusion of networking
capabilities and IP addresses in many handheld devices - will
foster the widespread deployment of personal mobile
equipment.\smallskip
This work attempts to overview these diverse aspects of mobile
device security. We will describe mobile networks\u27 security (WLAN
and WPAN security, GSM and 3GPP security) and address platform
security issues such as bytecode verification for mobile equipment
and protection against viruses and Trojan horses in mobile
environment - with a concrete J2ME implementation example. Finally
we will turn to hardware attacks and briefly survey the physical
weaknesses that can be exploited to compromise mobile
equipment.\smallski
Securing route optimisation in NEMO
Third International Symposium on Modeling and Optimization in Mobile, Ad Hoc,and Wireless Networks. 4-6 April 2005. Riva del Garda, Trentino, ItalyThe network mobility (NEMO) basic support protocol enables mobile networks to change their point of attachment to the Internet, while preserving established sessions of the nodes within the mobile network. When only a nonnested mobile network is considered, the so-called triangle routing is the main problem that should be faced. In mobile IPv6, the route optimisation mechanism solves this problem, and the return routability mechanism aims to limit the security concerns originated because of the route optimisation. Nowadays return routability is considered a weak solution (i.e., based on strong assumptions). In this article we explore different approaches to route optimisation in NEMO and we devise how to adapt some of the terminal mobility solutions to a NEMO environment, where, as we propose, a delegation of signalling rights from the mobile network node to the mobile router is necessary.Publicad
Introducing a novel authentication protocol for secure services in heterogeneous environments using Casper/FDR
Next Generation Networks is a convergence of networks such as 2G/3G, WLAN as well as the recently implemented Long Term Evolution (LTE) networks. Future mobile devices will switch between these different networks to maintain the connectivity with end servers. However, to support these heterogeneous environments, there is a need to consider a new design of the network infrastructure, where currently closed systems such as 3G will have to operate in an open environment. Security is a key issue in this open environment; after authenticating the mobile terminal to access the network, there is a requirement for service-level mechanisms to protect the session between the mobile terminal and the remote service provider. Furthermore, since mobile terminals switch between networks of different characteristics in terms of coverage, Quality of Service and security, there is a need for re-assessing the security of the same session over the different networks to comply with the changes at the network level due to the mobility. Therefore, this paper introduces a Service-Level Authentication and Key Agreement protocol to secure the session between the mobile terminal and the end server. The proposed protocol considers user mobilities in an heterogeneous environment and reassesses the session's security level in case of handover. The proposed protocol has been verified using formal methods approach based on the well-established Casper/FDR compilers
Secure voice for mobile satellite applications
The initial system studies are described which were performed at JPL on secure voice for mobile satellite applications. Some options are examined for adapting existing Secure Telephone Unit III (STU-III) secure telephone equipment for use over a digital mobile satellite link, as well as for the evolution of a dedicated secure voice mobile earth terminal (MET). The work has included some lab and field testing of prototype equipment. The work is part of an ongoing study at JPL for the National Communications System (NCS) on the use of mobile satellites for emergency communications. The purpose of the overall task is to identify and enable the technologies which will allow the NCS to use mobile satellite services for its National Security Emergency Preparedness (NSEP) communications needs. Various other government agencies will also contribute to a mobile satellite user base, and for some of these, secure communications will be an essential feature
A High-confidence Cyber-Physical Alarm System: Design and Implementation
Most traditional alarm systems cannot address security threats in a
satisfactory manner. To alleviate this problem, we developed a high-confidence
cyber-physical alarm system (CPAS), a new kind of alarm systems. This system
establishes the connection of the Internet (i.e. TCP/IP) through GPRS/CDMA/3G.
It achieves mutual communication control among terminal equipments, human
machine interfaces and users by using the existing mobile communication
network. The CPAS will enable the transformation in alarm mode from traditional
one-way alarm to two-way alarm. The system has been successfully applied in
practice. The results show that the CPAS could avoid false alarms and satisfy
residents' security needs.Comment: IEEE/ACM Internet of Things Symposium (IOTS), in conjunction with
GreenCom 2010, IEEE, Hangzhou, China, December 18-20, 201
New Watermarking Scheme for Security and Transmission of Medical Images for PocketNeuro Project
We describe a new Watermarking system of medical information security and terminal mobile phone adaptation for PocketNeuro project. The later term refers to a Project created for the service of neurological diseases. It consists of transmitting information about patients \"Desk of Patients\" to a doctor\'s mobile phone when he is visiting or examining his patient. This system is capable of embedding medical information inside diagnostic images for security purposes. Our system applies JPEG Compression to Watermarked images to adapt them to the doctor\'s mobile phone. Experiments performed on a database of 30-256x256 pixel-sized neuronal images show that our Watermarking scheme for image security is robust against JPEG Compression. For the purpose of increasing the image Watermarking robustness against attacks for an image transmission and to perform a large data payload, we encode with Turbo-Code image-embedded bits information. Fidelity is improved by incorporation of the Relative Peak Signal-to-Noise Ratio (RPSNR) as a perceptual metric to measure image degradation
A proposed NFC payment application
This article has been made available through the Brunel Open Access Publishing Fund. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.Near Field Communication (NFC) technology is based on a short range radio communication channel which enables users to exchange data between devices. With NFC technology, mobile services establish a contactless transaction system to make the payment methods easier for people. Although NFC mobile services have great potential for growth, they have raised several issues which have concerned the researches and prevented the adoption of this technology within societies. Reorganizing and describing what is required for the success of this technology have motivated us to extend the current NFC ecosystem models to accelerate the development of this business area. In this paper, we introduce a new NFC payment application, which is based on our previous “NFC Cloud Wallet” model [1] to demonstrate a reliable structure of NFC ecosystem. We also describe the step by step execution of the proposed protocol in order to carefully analyse the payment application and our main focus will be on the Mobile Network Operator (MNO) as the main player within the ecosystem
- …