A two‐step authentication framework for Mobile ad hoc networks

The lack of fixed infrastructure in ad hoc networks causes nodes to rely more heavily on peer nodes for communication. Nevertheless, establishing trust in such a distributed environment is very difficult, since it is not straightforward for a node to determine if its peer nodes can be trusted. An additional concern in such an environment is with whether a peer node is merely relaying a message or if it is the originator of the message. In this paper, we propose an authentication approach for protecting nodes in mobile ad hoc networks. The security requirements for protecting data link and network layers are identified and the design criteria for creating secure ad hoc networks using several authentication protocols are analyzed. Protocols based on zero knowledge and challenge response techniques are presented and their performance is evaluated through analysis and simulation

Mind your step! : How profiling location reveals your identity - and how you prepare for it

Location-based services (LBS) are services that position your mobile phone to provide some context-based service for you. Some of these services – called ‘location tracking’ applications - need frequent updates of the current position to decide whether a service should be initiated. Thus, internet-based systems will continuously collect and process the location in relationship to a personal context of an identified customer. This paper will present the concept of location as part of a person’s identity. I will conceptualize location in information systems and relate it to concepts like privacy, geographical information systems and surveillance. The talk will present how the knowledge of a person's private life and identity can be enhanced with data mining technologies on location profiles and movement patterns. Finally, some first concepts about protecting location information

Secure Digital Information Forward Using Highly Developed AES Techniques in Cloud Computing

Nowadays, in communications, the main criteria are ensuring the digital information and communication in the network. The normal two users' communication exchanges confidential data and files via the web. Secure data communication is the most crucial problem for message transmission networks. To resolve this problem, cryptography uses mathematical encryption and decryption data on adaptation by converting data from a key into an unreadable format. Cryptography provides a method for performing the transmission of confidential or secure communication. The proposed AES (Advanced Encryption Standard)-based Padding Key Encryption (PKE) algorithm encrypts the Data; it generates the secret key in an unreadable format. The receiver decrypts the data using the private key in a readable format. In the proposed PKE algorithm, the sender sends data into plain Text to cypher-text using a secret key to the authorized person; the unauthorized person cannot access the data through the Internet; only an authorized person can view the data through the private key. A method for identifying user groups was developed. Support vector machines (SVM) were used in user behaviour analysis to estimate probability densities so that each user could be predicted to launch applications and sessions independently. The results of the proposed simulation offer a high level of security for transmitting sensitive data or files to recipients compared to other previous methods and user behaviour analysis

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Building robust m-commerce payment system on offline wireless network

Mobile commerce is one of the upcoming research area with focus on mobile payment systems. Unfortunately, the current payment systems is directly dependent on fixed infrastructure of network (cellular network), which fails to facilitate optimal level of security for the payment system. The proposed system highlights a novel approach for building a secure, scalable, and flexible e-payment systems in the distributed scenario of wireless adhoc network in offline mode of communication for enhanced security on transaction and payment process. The proposed system uses Simple Public Key Infrastructure for providing the security in payment processes. The performance analysis of the proposed model shows that the system is highly robust and secure ensuring anonymity, privacy, non-repudiation offline payment system over wireless adhoc network

Issues in a Mobile Agent-based Multimedia Retrieval Scenario

Abstract. Mobile agents traverse the Internet, often on behalf of their users. Intelligent search agents access dynamic information in heterogeneous environments. The legal implications of the use of agents in such situations are not fully understood. In this paper a scenario in which a mobile agent searches a multimedia database on behalf of its user, is used to illustrate the legal and technical issues involved. Requirements related to identity management, integrity, traceability and availability are identified and discussed in the context of existing technology.