Securing Interactive Sessions Using Mobile Device through Visual Channel and Visual Inspection

Communication channel established from a display to a device's camera is known as visual channel, and it is helpful in securing key exchange protocol. In this paper, we study how visual channel can be exploited by a network terminal and mobile device to jointly verify information in an interactive session, and how such information can be jointly presented in a user-friendly manner, taking into account that the mobile device can only capture and display a small region, and the user may only want to authenticate selective regions-of-interests. Motivated by applications in Kiosk computing and multi-factor authentication, we consider three security models: (1) the mobile device is trusted, (2) at most one of the terminal or the mobile device is dishonest, and (3) both the terminal and device are dishonest but they do not collude or communicate. We give two protocols and investigate them under the abovementioned models. We point out a form of replay attack that renders some other straightforward implementations cumbersome to use. To enhance user-friendliness, we propose a solution using visual cues embedded into the 2D barcodes and incorporate the framework of "augmented reality" for easy verifications through visual inspection. We give a proof-of-concept implementation to show that our scheme is feasible in practice.Comment: 16 pages, 10 figure

Mobile Terminal Security

The miniaturization of electronics and recent developments in biometric and screen technologies will permit a pervasive presence of embedded systems. This - and the inclusion of networking capabilities and IP addresses in many handheld devices - will foster the widespread deployment of personal mobile equipment.\smallskip This work attempts to overview these diverse aspects of mobile device security. We will describe mobile networks\u27 security (WLAN and WPAN security, GSM and 3GPP security) and address platform security issues such as bytecode verification for mobile equipment and protection against viruses and Trojan horses in mobile environment - with a concrete J2ME implementation example. Finally we will turn to hardware attacks and briefly survey the physical weaknesses that can be exploited to compromise mobile equipment.\smallski

Securing route optimisation in NEMO

Third International Symposium on Modeling and Optimization in Mobile, Ad Hoc,and Wireless Networks. 4-6 April 2005. Riva del Garda, Trentino, ItalyThe network mobility (NEMO) basic support protocol enables mobile networks to change their point of attachment to the Internet, while preserving established sessions of the nodes within the mobile network. When only a nonnested mobile network is considered, the so-called triangle routing is the main problem that should be faced. In mobile IPv6, the route optimisation mechanism solves this problem, and the return routability mechanism aims to limit the security concerns originated because of the route optimisation. Nowadays return routability is considered a weak solution (i.e., based on strong assumptions). In this article we explore different approaches to route optimisation in NEMO and we devise how to adapt some of the terminal mobility solutions to a NEMO environment, where, as we propose, a delegation of signalling rights from the mobile network node to the mobile router is necessary.Publicad

Introducing a novel authentication protocol for secure services in heterogeneous environments using Casper/FDR

Next Generation Networks is a convergence of networks such as 2G/3G, WLAN as well as the recently implemented Long Term Evolution (LTE) networks. Future mobile devices will switch between these different networks to maintain the connectivity with end servers. However, to support these heterogeneous environments, there is a need to consider a new design of the network infrastructure, where currently closed systems such as 3G will have to operate in an open environment. Security is a key issue in this open environment; after authenticating the mobile terminal to access the network, there is a requirement for service-level mechanisms to protect the session between the mobile terminal and the remote service provider. Furthermore, since mobile terminals switch between networks of different characteristics in terms of coverage, Quality of Service and security, there is a need for re-assessing the security of the same session over the different networks to comply with the changes at the network level due to the mobility. Therefore, this paper introduces a Service-Level Authentication and Key Agreement protocol to secure the session between the mobile terminal and the end server. The proposed protocol considers user mobilities in an heterogeneous environment and reassesses the session's security level in case of handover. The proposed protocol has been verified using formal methods approach based on the well-established Casper/FDR compilers

Secure voice for mobile satellite applications

The initial system studies are described which were performed at JPL on secure voice for mobile satellite applications. Some options are examined for adapting existing Secure Telephone Unit III (STU-III) secure telephone equipment for use over a digital mobile satellite link, as well as for the evolution of a dedicated secure voice mobile earth terminal (MET). The work has included some lab and field testing of prototype equipment. The work is part of an ongoing study at JPL for the National Communications System (NCS) on the use of mobile satellites for emergency communications. The purpose of the overall task is to identify and enable the technologies which will allow the NCS to use mobile satellite services for its National Security Emergency Preparedness (NSEP) communications needs. Various other government agencies will also contribute to a mobile satellite user base, and for some of these, secure communications will be an essential feature

A High-confidence Cyber-Physical Alarm System: Design and Implementation

Most traditional alarm systems cannot address security threats in a satisfactory manner. To alleviate this problem, we developed a high-confidence cyber-physical alarm system (CPAS), a new kind of alarm systems. This system establishes the connection of the Internet (i.e. TCP/IP) through GPRS/CDMA/3G. It achieves mutual communication control among terminal equipments, human machine interfaces and users by using the existing mobile communication network. The CPAS will enable the transformation in alarm mode from traditional one-way alarm to two-way alarm. The system has been successfully applied in practice. The results show that the CPAS could avoid false alarms and satisfy residents' security needs.Comment: IEEE/ACM Internet of Things Symposium (IOTS), in conjunction with GreenCom 2010, IEEE, Hangzhou, China, December 18-20, 201

New Watermarking Scheme for Security and Transmission of Medical Images for PocketNeuro Project

We describe a new Watermarking system of medical information security and terminal mobile phone adaptation for PocketNeuro project. The later term refers to a Project created for the service of neurological diseases. It consists of transmitting information about patients \"Desk of Patients\" to a doctor\'s mobile phone when he is visiting or examining his patient. This system is capable of embedding medical information inside diagnostic images for security purposes. Our system applies JPEG Compression to Watermarked images to adapt them to the doctor\'s mobile phone. Experiments performed on a database of 30-256x256 pixel-sized neuronal images show that our Watermarking scheme for image security is robust against JPEG Compression. For the purpose of increasing the image Watermarking robustness against attacks for an image transmission and to perform a large data payload, we encode with Turbo-Code image-embedded bits information. Fidelity is improved by incorporation of the Relative Peak Signal-to-Noise Ratio (RPSNR) as a perceptual metric to measure image degradation

A proposed NFC payment application

This article has been made available through the Brunel Open Access Publishing Fund. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.Near Field Communication (NFC) technology is based on a short range radio communication channel which enables users to exchange data between devices. With NFC technology, mobile services establish a contactless transaction system to make the payment methods easier for people. Although NFC mobile services have great potential for growth, they have raised several issues which have concerned the researches and prevented the adoption of this technology within societies. Reorganizing and describing what is required for the success of this technology have motivated us to extend the current NFC ecosystem models to accelerate the development of this business area. In this paper, we introduce a new NFC payment application, which is based on our previous “NFC Cloud Wallet” model [1] to demonstrate a reliable structure of NFC ecosystem. We also describe the step by step execution of the proposed protocol in order to carefully analyse the payment application and our main focus will be on the Mobile Network Operator (MNO) as the main player within the ecosystem