Evaluating location based privacy in wireless networks

Research into the use of Location Based Services (LBS) that can pinpoint the exact location of users using wireless networks is the fastest growing area in Information Technology (IT) today. This is because of the need to transform the radio waves which act as a wireless networks data’s transmission medium into a private location. Contemporary research on LBS suggests that indoor location can be difficult as the geo positional satellites (GPS) cannot give an accurate positional computation due to insulation provided by physical barriers like the walls and furniture of a house. Previous research however suggests a way around this by making use of wireless fidelity (WiFi) cards signal strength but acknowledges limitations on the range which doesn’t exceed 50 meters. Other researchers have suggested that using LBS technology would allow hackers to track the user’s movement over time and so proposed that the user identity be kept secret by disposing the identifiers. Against this backdrop, some researchers have championed the call for a framework in LBS privacy in order to curtail the security risks that come with using wireless networks and suggested using a transactionbased wireless communication system in which transactions were unlinkable. This would in effect camouflage the movement of users as their location would not be able to be tracked. This paper aims to review contemporary issues on location based privacy in wireless technology and proposes a model for optimising LBS privacy and describes the initial stages of a research project aimed at filling the research void through the application of a hybrid research methodolog

Security strategy models (SSM)

The aim of this research paper is to analyse the individual and collective information security risks which could arise from using a security strategy model (SSM); the objective of creating the SSM was so as to protect a wireless local area network (WLAN). As such the focus of this paper shall be on the individual operational components used to create the SSM and the information security risks which stem from their being part of the SSM. In order to review the components of the SSM the paper shall use the BS ISO/IEC 17799:2005 which is the British Standard, International Standard and also the European Standard for using Information Communication Technology (ICT) correctly in order to effectively mitigate against the exposure of an organizations data to unauthorized access. The general idea of using the BS ISO/IEC 17799:2005 is so that the SSM is created based on best practice within the ICT industry of protecting confidential data or at least that the possible risks that stem from using the SSM are mitigated against; this is also known as risk based auditing. Against this backdrop the paper shall review each component of the SSM and use the risks to create a ‘Threat’ model which would then be used to create a ‘Trust model in order to strengthen the confidentiality of any data that passes through the SSM

Geofencing Components and Existing Models

This paper describes the various Geofencing Components and Existing Models in terms of their Information Security Control Attribute Profiles. The profiles will dictate the security attributes that should accompany each and every Geofencing Model used for Wi-Fi network security control in an organization, thus minimizing the likelihood of malfunctioning security controls. Although it is up to an organization to investigate the best way of implementing information security for itself, by looking at the related models that have been used in the past this paper will present models commonly used to implement information security controls in the organizations. Our findings will highlight the strengths and weaknesses of the various models and present what our experiment and prototype consider as a robust Geofencing Security Model for securing Wi-Fi Network

Geofencing as a Security Strategy Model

This thesis presents a Wireless Security Model (WSM) to the security risks caused by the leakage of electromagnetic radio waves in wireless networks. The WSM is divided into two parts. The first part uses a robust security strategy model which enables the Information Security management of the WSM to be continuously improved. The context here is continual improvement of the WSM and takes into consideration those factors both internal and external to the WSM that affects its behaviour. The second part of the WSM uses the geographic limitation inherent in location based services to contain the access of an authorised wireless network user within a predefined parameter. The context here is access based on geographic limitation and takes into consideration the exact position of a mobile device using indoor positioning technology on a single radio frequency to obtain network access. The security strategy model uses the International Standard Organisations (ISO), Information Security Management Systems (ISMS) requirements (27001:2005) and Information Technology Infrastructure Library (ITIL) Version 3 as a governance framework which makes it suitable for use in any organisation of the 162 member countries who have signed up to and adopted the ISO 27001:2005. The positioning technology uses a Wireless Location Appliance (WLA) to identify the location of a mobile device before allowing it to access the network, it then continues to monitor the location at time intervals which are preset using the WLA and then maintains the connection to the network for the duration that the mobile device complies with the preset rules based on its location and any other of the organisations internal information security policies. The security strategy model was evaluated using a questionnaire to collect data from Small Medium Enterprises (SME) which use wireless networks to understand the kind of infrastructure they use and the kind of information security policies they have in place to protect them. The results were compared with surveys undertaken by PricewaterhouseCoopers (PwC) on behalf of the United Kingdom's Government office of Commerce (GOC) which produced the ISO 27001:2005 and ITIL V3 documents. The positioning technology was experimentally evaluated using a laboratory owned by a company that provides Location Based Services to the National Health Service (NHS). The results were compared with a predetermined route marked out on the architectural plan of a room in the laboratories building which was used as a test bed. The security solution model achieved 95% confidence levels for accuracy and precision, with the security strategy model achieving 95% confidence levels for compliance and implementation