Trialling Secure Billing with Trusted Third Party Support for UMTS Applications

We present a protocol developed by the ASPeCT project for secure billing that provides the incontestable charging that is required for UMTS. This protocol realises a payment system for value added services. We describe the protocol and in particular the design features that are of particular relevance to the UMTS environment. We also describe the configuration of a field trial of this protocol over the experimental UMTS platform developed by the project EXODUS

A Secure Business Framework for File Purchasing Application in Vehicular Ad Hoc Networks

Vehicular ad hoc networks (VANETs) are gaining growing interest from both industry and academia. Driven by road safety requirements, the car manufacturers, transportation authorities and communications standards organizations are working together to make a quantum step in terms of vehicular information technology (IT) by equipping the vehicles with sensors, on-board processing and wireless communication modules. VANETs are composed of OBUs (On Board Units) and RSUs (Road Side Units). The communication standard used in VANETs is called DSRC (Dedicated Short Range Communication). With many essential vehicle components (radios, spectrum, standards, etc) coming into place, a lot of new applications are emerging beside road safety, which support not only safety related services, but also entertainment and mobile Internet access services. In this study, we propose a promising commercial application for file purchasing in VANETs, where a legitimate vehicle can purchase digital files/data through a roadside unit (RSU). Due to the high mobility of the vehicles, the contact period between an RSU and a vehicle could be insufficient to download the complete file. To purchase a digital file, a vehicle purchases a permission key from a fixed RSU and then begins to download the file from the RSU via vehicle-to-RSU communications (V2R) when it is in the transmission range of the RSU. Once the vehicle in the process of downloading a file leaves the transmission range of the RSU, its neighboring vehicles with a piece of the file cooperatively help to complete the file transfer via vehicle-to-vehicle (V2V) communications. Such a commercial file purchasing system can obviously initiate a new application scenario. However, it cannot be put into practice unless the security issues, such as the user privacy, incentives for inter-vehicle cooperation, and the copyright protection for the file content are well addressed. In order to deal with these security issues, we develop a secure business framework for the file purchasing system in this study. In this framework, we preserve the user privacy by using the pseudo identity for each vehicle. We stimulate the cooperation between vehicles through micro-payment incentive mechanism and guarantee the secure payment at the same time. To protect the digital file content from unauthorized distribution, we encrypt the file content before delivery to an end user and use digital fingerprint technology to generate a unique copy for each vehicle after delivery. In a word, we propose a file purchasing application in VANETs and also develop a secure framework for this application

A Framework for the Self-Configuration of Wireless Mesh Networks

The use of wireless radio technology is well established for narrowband access systems, but its use for broadband access is relatively new. Wireless mesh architecture is a first step towards providing high-bandwidth wireless network coverage, spectral efficiency, and economic advantage. However, the widespread adoption and use of Wireless Mesh Networks (WMN) as a backbone for large wireless access networks and for last-mile subscriber access is heavily dependent on the technology’s ease of deployment. In order for WMNs to be regarded as mainstream technology, it needs to gain a competitive edge compared to wireline technologies such as DSL and cable. To achieve this, a broadband wireless network must be self-configuring, self-healing and self-organizing. In this thesis, we address these challenges. First, we propose a four-stage scheme (power-up, bootstrapping, network registration, and network optimization). We develop algorithms for each of these stages, taking advantage of the inherent properties of WMNs to determine the network’s topology. The novel part of our scheme is in the de-coupling of the subscriber’s credentials from the network hardware. This is a key part of our architecture as it helps ensure quick network enrolment, management and portability. It also helps, in our opinion, make the concept of widespread deployment using commodity hardware feasible

Security mechanisms for next-generation mobile networks

Basic concepts and definitions -- Motivation and research challenges -- Research objectives -- Mobile value-added service access -- UMTS access security -- DoS attacks in mobile networks -- A lightweight mobile service access based on reusable tickets -- Background work and motivation -- Service access through tickets -- System security analysis -- Comparisons with related work -- Enhancing UMTS AKA with vector combination -- Overview of UMTS AKA -- UMTS AKA weaknesses- -- Vector combination based AKA -- Security analysis of VC-AKA -- Mobility-oriented AKA in UMTS -- Mobility-oriented authentication -- Security analysis of MO-AKA -- A fine-grained puzzle against DOS attacks -- Quasi partial collision -- Fine-grained control over difficulties -- Lightweight to mobile devices -- Against replay attacks -- Confidentiality, integrity and user privacy

Undeniable Billing in Mobile Communication

In the current mobile communication networks, users have to trust network operators to make correct charges over the calls they made. There is lack of evidence to resolve possible disputes over the number of calls and the duration of each call. Such a concern may grow when users roam among different network operators. This paper proposes an efficient solution to undeniable billing when a mobile user roams into foreign networks. This is achieved by the combination of digital signature and hash-chaining techniques. Mobile users need to submit a digital signature when requesting a call and release chained hash values during the session so that the call and its duration are undeniable. Our mechanism is light-weighted regarding the storage requirement and computation overheads on a mobile user, and is applicable for mobile phone users equipped with a smart card. Keywords: undeniable billing, mobile communication security, non-repudiation, cryptographic protocol 1 Introduction Mobile comm..