Mobile transactions over NFC and GSM

Dynamic relationships between Near Field Communication (NFC) ecosystem players in a monetary transaction make them partners in a way that they sometimes require to share access permission to applications that are running in the service environment. One of the technologies that can be used to ensure secure NFC transactions is cloud computing. This offers a wider range of advantages than the use of only a Secure Element (SE) in an NFC enabled mobile phone. In this paper, we propose a protocol for NFC mobile payments over NFC using Global System for Mobile Communications (GSM) authentication. In our protocol, the SE in the mobile device is used for customer authentication whereas the customer's banking credentials are stored in a cloud under the control of the Mobile Network Operator (MNO). The proposed protocol eliminates the requirement for a shared secret between the Point of Sale (PoS) and the MNO before execution of the protocol, a mandatory requirement in the earlier version of this protocol. This elimination makes the protocol more practicable and user friendly. A detailed analysis of the protocol discusses multiple attack scenarios

Secure Cloud Computing Based On Mobile Agents

In this paper, we provide protection to the service requested to the cloud from user. Cloud computing is a examine sloping system that launch services to the client at low cost. According to various researches user verification is the most significant security concern and demanding issue in cloud-based environment. As cloud computing provides different advantages it also brings some of the concern about the security and privacy of information. Cloud computing requests to concentrate on three main security issues : privacy, reliability and accessibility. In this paper, we propose a new approach that provides confidentiality for the services request by the user by using mobile agents for communication between user and cloud layer; we provide security at each layer in cloud computing with Kerberos. We provide security to service which will be request to the cloud with authentication server and TGS system. DOI: 10.17762/ijritcc2321-8169.150318

Biometrics-as-a-Service: A Framework to Promote Innovative Biometric Recognition in the Cloud

Biometric recognition, or simply biometrics, is the use of biological attributes such as face, fingerprints or iris in order to recognize an individual in an automated manner. A key application of biometrics is authentication; i.e., using said biological attributes to provide access by verifying the claimed identity of an individual. This paper presents a framework for Biometrics-as-a-Service (BaaS) that performs biometric matching operations in the cloud, while relying on simple and ubiquitous consumer devices such as smartphones. Further, the framework promotes innovation by providing interfaces for a plurality of software developers to upload their matching algorithms to the cloud. When a biometric authentication request is submitted, the system uses a criteria to automatically select an appropriate matching algorithm. Every time a particular algorithm is selected, the corresponding developer is rendered a micropayment. This creates an innovative and competitive ecosystem that benefits both software developers and the consumers. As a case study, we have implemented the following: (a) an ocular recognition system using a mobile web interface providing user access to a biometric authentication service, and (b) a Linux-based virtual machine environment used by software developers for algorithm development and submission

Context-Awareness Enhances 5G Multi-Access Edge Computing Reliability

The fifth generation (5G) mobile telecommunication network is expected to support Multi- Access Edge Computing (MEC), which intends to distribute computation tasks and services from the central cloud to the edge clouds. Towards ultra-responsive, ultra-reliable and ultra-low-latency MEC services, the current mobile network security architecture should enable a more decentralized approach for authentication and authorization processes. This paper proposes a novel decentralized authentication architecture that supports flexible and low-cost local authentication with the awareness of context information of network elements such as user equipment and virtual network functions. Based on a Markov model for backhaul link quality, as well as a random walk mobility model with mixed mobility classes and traffic scenarios, numerical simulations have demonstrated that the proposed approach is able to achieve a flexible balance between the network operating cost and the MEC reliability.Comment: Accepted by IEEE Access on Feb. 02, 201

Trusted integration of cloud-based NFC transaction players

Near Field Communication (NFC) is a short range wireless technology that provides contactless transmission of data between devices. With an NFC enabled device, users can exchange information from one device to another, make payments and use their NFC enabled device as their identity. As the main payment ecosystem players such as service providers and secure element issuers have crucial roles in a multi-application mobile environment similar to NFC, managing such an environment has become very challenging. One of the technologies that can be used to ensure secure NFC transaction is cloud computing which offers wide range of advantages compare to the use of a Secure Element (SE) as a single entity in an NFC enabled phone. This approach provides a comprehensive leadership of the cloud provider towards managing and controlling customer's information where it allows the SE which is stored within an NFC phone to deal with authentication mechanisms rather than storing and managing sensitive transaction information. This paper discusses the NFC cloud Wallet model which has been proposed by us previously [1] and introduces a different insight that defines a new integrated framework based on a trusted relationship between the vendor and the Mobile Network Operator (MNO). We then carry out an analysis of such a relationship to investigate different possibilities that arise from this approach

A Cloud Authentication Protocol using One-Time Pad

There is a significant increase in the amount of data breaches in corporate servers in the cloud environments. This includes username and password compromise in the cloud and account hijacking, thus leading to severe vulnerabilities of the cloud service provisioning. Traditional authentication schemes rely on the users to use their credentials to gain access to cloud service. However once the credential is compromised, the attacker will gain access to the cloud service easily. This paper proposes a novel scheme that does not require the user to present his credentials, and yet is able to prove ownership of access to the cloud service using a variant of zero-knowledge proof. A challenge-response protocol is devised to authenticate the user, requiring the user to compute a one-time pad (OTP) to authenticate himself to the server without revealing password to the server. A prototype has been implemented to facilitate the authentication of the user when accessing Dropbox, and the experiment results showed that the overhead incurred is insignificant

A proposed NFC payment application

This article has been made available through the Brunel Open Access Publishing Fund. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.Near Field Communication (NFC) technology is based on a short range radio communication channel which enables users to exchange data between devices. With NFC technology, mobile services establish a contactless transaction system to make the payment methods easier for people. Although NFC mobile services have great potential for growth, they have raised several issues which have concerned the researches and prevented the adoption of this technology within societies. Reorganizing and describing what is required for the success of this technology have motivated us to extend the current NFC ecosystem models to accelerate the development of this business area. In this paper, we introduce a new NFC payment application, which is based on our previous “NFC Cloud Wallet” model [1] to demonstrate a reliable structure of NFC ecosystem. We also describe the step by step execution of the proposed protocol in order to carefully analyse the payment application and our main focus will be on the Mobile Network Operator (MNO) as the main player within the ecosystem