Securing dynamic itineraries for mobile agent applications

In this paper we present a novel mechanism for the protection of dynamic itineraries for mobile agent applications. Itineraries that are decided as the agent goes are essential in complex applications based on mobile agents, but no approach has been presented until now to protect them. We have conceived a cryptographic scheme for shielding dynamic itineraries from tampering, impersonation and disclosure. By using trust strategically, our scheme provides a balanced trade-off between flexibility and security. Our protection scheme has been thought always bearing in mind a feasible implementation, and thus facilitates the development of applications that make use of it. An example application based on a real healthcare scenario is also presented to show its operation

Intrusion Detection System (IDS) Techniques and Responses for Mobile Wireless Networks

In recent years, the rapidly expanding area of mobile and wireless computing applications was definitely redefined the concept of network security. Even though that wireless had opened a new and exiting world with its advancing technology it is no doubt that it is popularity is on the rise. However, the biggest concern with either wireless or mobile computing applications in security. It can no longer be effective in the traditional way of securing networks with the use of firewalls and even with the use of stronger encryption algorithm keys. The need to develop and research for new structures and methods to protect and define the wireless networks and the mobile computing applications is becoming more and more evident. In this report, we will conduct an in-depth analysis of the weaknesses of the wireless networks and hence proved why the use of an intrusion detection system is of great importance in securing the backbone of mobile computing field. This would also involve detecting anomalies in the mobile ad-hoc network including inconsistencies in the routing tables and activities on other layers

A New Secure Lightweight Authentication Protocol for NFC mobile Payment

As mobile applications grow, securing these applications become an important factor for their success. Especially, when these applications are related to financial transactions. Nowadays, mobile payment that is based on NFC technology is considered one of these important topics. In this paper, we propose A New Secure and Lightweight Authentication Protocol for NFC mobile Payment (NSLA) protocol. NSLA protocol presents a new method to update the users’ identities and the valid session keys, which preserves the privacy and ensures the integrity of the system. The presented performance analysis shows that NSLA protocol satisfies low computation overhead. Moreover, the security analysis proves that NSLA protocol has an immunity against replay attack, brute force attack, denial of service attack, and others types of attacks

Securing Interactive Sessions Using Mobile Device through Visual Channel and Visual Inspection

Communication channel established from a display to a device's camera is known as visual channel, and it is helpful in securing key exchange protocol. In this paper, we study how visual channel can be exploited by a network terminal and mobile device to jointly verify information in an interactive session, and how such information can be jointly presented in a user-friendly manner, taking into account that the mobile device can only capture and display a small region, and the user may only want to authenticate selective regions-of-interests. Motivated by applications in Kiosk computing and multi-factor authentication, we consider three security models: (1) the mobile device is trusted, (2) at most one of the terminal or the mobile device is dishonest, and (3) both the terminal and device are dishonest but they do not collude or communicate. We give two protocols and investigate them under the abovementioned models. We point out a form of replay attack that renders some other straightforward implementations cumbersome to use. To enhance user-friendliness, we propose a solution using visual cues embedded into the 2D barcodes and incorporate the framework of "augmented reality" for easy verifications through visual inspection. We give a proof-of-concept implementation to show that our scheme is feasible in practice.Comment: 16 pages, 10 figure

Comparison of the security mechanisms of popular operating systems for mobile devices

The article concerns the differences in the mechanisms of securing the three most popular mobile platforms, which are Android, iOS and Windows Phone. Mainly focuses on the differences related to access to user data, installing and running applications, Internet access, network connectivity, cloud services, backup, file encryption capabilities, the use of electronic signatures and connect the device to your computer

Framework of Smart Mobile Rfid Networks

Basically RFID (radio-frequency identification) is a wireless communication technology within the L1 (Layer 1, the physical layer of the OSI 7-layer Reference Model) and L2 scopes between RFID tag and reader. The RFID reader reads the code in the RFID tag and interprets it by communicating with the IS(information services)  server via a proper communication network. This is the typical architecture defined by EPC (electronic product Code)global. RFID networks need to provide value added services in order to give better visibility to inventory movement across supply chain or closed loop applications like Asset tracking or Work In Progress tracking. The RFID reader can be stationary or mobile. A mobile RFID reader affords more applications than the stationary one. Mobile RFID is a newly emerging technology which uses the mobile phone as an RFID reader with a wireless technology and provides new valuable services to the user by integrating RFID and ubiquitous sensor network infrastructure with mobile communication and wireless internet. The mobile RFID enables business to provide new services to mobile customers by securing services and transactions from the end-user to a company's existing e-commerce and IT systems. In this paper, I describe about the core components of mobile RFID, advantages and its applications in scenario of smart networks. Although there are several types of mobile RFID readers in the market, I focused on mobile RFID technology that has several positive features including security, network architecture, operation scenario, and code resolution mechanism. Keywords: EPC network, RFID, Mobile RFID, Smart RFID networ

An Analysis of open security issues of Android interfaces to cloud computing platforms

Smartphone usage is on the rise and some may argue that these devices are ubiquitous in today\u27s society, even among non-technical users. To remain competitive, mobile devices and applications need to quickly perform tasks with as minimal as possible impact on battery life. The emergence of cloud computing, open-source cloud platforms, and cloud-supported ventures such as Apple iCloud and Amazon Silk provide new and promising methods to improve device and application performance. However, little work has been done to examine the security of offloading processing from mobile devices to cloud services and the performance effects of implementing security features. This work aims to answer the questions that arise in securing mobile applications that communicate with the cloud. Via a proof-of-concept application that offloaded resource-intensive computations to an open-source cloud computing platform, the security of cloud computing and Android was studied. It was found that, by following recommended coding practices, the cloud-smartphone security landscape could be significantly improved. Further security enhancements were also recommended and summarized. Additionally, performance was analyzed, and it was found that mobile device applications benefit heavily from cloud support and that features such as secure authentication and encryption do not noticeably impact application performance

Securing the Internet of Things Infrastructure - Standards and Techniques

The Internet of Things (IoT) infrastructure is a conglomerate of electronic devices interconnected through the Internet, with the purpose of providing prompt and effective service to end-users. Applications running on an IoT infrastructure generally handle sensitive information such as a patient’s healthcare record, the position of a logistic vehicle, or the temperature readings obtained through wireless sensor nodes deployed in a bushland. The protection of such information from unlawful disclosure, tampering or modification, as well as the unscathed presence of IoT devices, in adversarial environments, is of prime concern. In this paper, a descriptive analysis of the security of standards and technologies for protecting the IoT communication channel from adversarial threats is provided. In addition, two paradigms for securing the IoT infrastructure, namely, common key based and paired key based, are proposed