E-Book, Englisch, Band 17, 298 Seiten
Lian Security and Privacy in Mobile Information and Communication Systems
1. Auflage 2009
ISBN: 978-3-642-04434-2
Verlag: Springer
Format: PDF
Kopierschutz: 1 - PDF Watermark
First International ICST Conference, MobiSec 2009, Turin, Italy, June 3-5, 2009, Revised Selected Papers
E-Book, Englisch, Band 17, 298 Seiten
ISBN: 978-3-642-04434-2
Verlag: Springer
Format: PDF
Kopierschutz: 1 - PDF Watermark
MobiSec 2009 was the first ICST conference on security and privacy in mobile information and communication systems. With the the vast area of mobile technology research and application, the intention behind the creation of MobiSec was to make a small, but unique contribution to build a bridge between top-level research and large scale application of novel kinds of information security for mobile devices and communication. The papers at MobiSec 2009 dealt with a broad variety of subjects ranging from issues of trust in and security of mobile devices and embedded hardware security, over efficient cryptography for resource-restricted platforms, to advanced applications such as wireless sensor networks, user authentication, and privacy in an environment of autonomously communicating objects. With hindsight a leitmotif emerged from these contributions, which corrobarated the idea behind MobiSec, a set of powerful tools have been created in various branches of the security discipline, which await combined application to build trust and security into mobile (that is, all future) networks, autonomous and personal devices, and pervasive applications
Autoren/Hrsg.
Weitere Infos & Material
1;Preface;5
2;Organization;7
3;Table of Contents;9
4;On Trust Evaluation in Mobile Ad Hoc Networks;11
4.1;Introduction;11
4.2;Related Work;12
4.3;Definition of Trust;13
4.4;Accuracy of Trust Evaluation;14
4.4.1;Estimation of a Node’s Capacities;14
4.4.2;Number of Observations Required;17
4.5;Trust and Network Connectivity;19
4.5.1;Connectivity of Trust-Based Networks;19
4.5.2;Validation;20
4.6;Conclusion;21
4.7;References;22
5;A Distributed Data Storage Scheme for Sensor Networks;24
5.1;Introduction;24
5.2;Proposed Data Partitioning Scheme;25
5.3;A Stronger Variation to the Protocol Modulo a Composite Number;29
5.4;Addressing the Data Partitions;30
5.5;Future Work and Other Applications;30
5.6;Conclusions;31
5.7;References;31
6;A Rich Client-Server Based Framework for Convenient Security and Management of Mobile Applications;33
6.1;Introduction;33
6.2;State of the Art;35
6.3;A Framework for Secured Applications;36
6.3.1;A Sample Scenario;36
6.3.2;The Use Case;38
6.3.3;The Authentication Services;38
6.4;Architecture of the Plaform;39
6.4.1;Risk Analysis;41
6.5;The Open and Secure Mobile System;42
6.5.1;OSMOSYS Client and Companion;42
6.5.2;OSMOSYS Server;42
6.6;Conclusion and Future Work;43
6.7;References;44
7;A Robust Conditional Privacy-Preserving Authentication Protocol in VANET;45
7.1;Introduction;45
7.2;Security Requirements;47
7.3;SystemModel;48
7.4;Proposed Protocol;49
7.4.1;Setup;49
7.4.2;Registration;50
7.4.3;Multiple Anonymous Certificates Generation;50
7.4.4;Safety Message Authentication;51
7.4.5;OBU’s Real ID Trace;51
7.5;Discussion;51
7.5.1;Security;51
7.5.2;Efficiency;52
7.6;Conclusion;54
7.7;References;54
8;An Autonomous Attestation Token to Secure Mobile Agents in Disaster Response;56
8.1;Introduction;56
8.1.1;Trusted Computing;57
8.1.2;Mobile Agents;58
8.2;Related Work;59
8.3;Mobile Agent Security in Disaster-Relief Scenarios;59
8.4;Local Attestation;61
8.4.1;Operational Challenges;62
8.5;An Attestation Based Key Release Protocol;62
8.6;The AAT Hardware Architecture;64
8.7;Conclusion;65
8.8;References;66
9;An ECDLP-Based Threshold Proxy Signature Scheme Using Self-Certified Public Key System;68
9.1;Introduction;69
9.2;The Proposed Scheme;70
9.2.1;Registration;71
9.2.2;Proxy Share Generation;71
9.2.3;Proxy Signature Issuing without Revealing Proxy Shares;72
9.2.4;Proxy Signature Verification;72
9.3;Correctness of the Proposed Scheme;73
9.4;Security Analysis;74
9.5;Performance Evaluation;78
9.6;Conclusions;78
9.7;References;79
10;Building Efficient Integrity Measurement and Attestation for Mobile Phone Platforms;81
10.1;Introduction;81
10.2;Security Goals;83
10.3;Our Approach;84
10.3.1;Secure Boot;85
10.3.2;Secure Runtime;86
10.3.3;Putting Together: IntegrityMeasurement and Protection;89
10.4;Implementation;90
10.5;Related Work;91
10.6;Conclusion;91
10.7;References;92
11;Context-Aware Monitoring of Untrusted Mobile Applications;93
11.1;Introduction;93
11.1.1;Mobile Malware Defence;93
11.1.2;Execution Monitoring;94
11.1.3;Paper Structure;95
11.2;Modelling Application Behaviour;95
11.2.1;Approach Summary;95
11.2.2;Application Behaviour Modelling Language (ABML);96
11.3;Demonstration;98
11.3.1;Existing Device Protection;98
11.3.2;Attacks and Countermeasures;98
11.4;Policy Compilation and Enforcement;101
11.4.1;Synthesising Monitors from ABML Specifications;101
11.4.2;ABML Policy Enforcement;102
11.4.3;Performance Analysis;103
11.5;Related Work;104
11.6;Conclusion;104
11.7;References;105
12;Extending the Belgian eID Technology with Mobile Security Functionality;107
12.1;Introduction;107
12.2;Belgian Electronic Identity Card Technology;108
12.3;Notations;109
12.4;Mobile Access to Secrets;109
12.5;Proxying the Belgian eID;112
12.6;Discussion;114
12.7;A Mobile and Secure e-mail Client;115
12.7.1;Requirements;115
12.7.2;Protocols;115
12.7.3;Evaluation;117
12.8;Conclusion;118
12.9;References;118
13;Filtering SPAM in P2PSIP Communities with Web of Trust;120
13.1;Introduction;120
13.2;A P2P SIP System;121
13.2.1;Trust in a Distributed System;123
13.3;Beyond the First Hop;124
13.4;Trusted Pathfinder Service;125
13.5;Implementation of the Pathfinder;126
13.6;Performance;128
13.6.1;Wotsap PGP Signature Data-Set;128
13.6.2;Measurements;129
13.7;Conclusion;130
13.8;References;130
14;Generating Random and Pseudorandom Sequences in Mobile Devices;132
14.1;Introduction;132
14.2;Requirements on Random Data;133
14.2.1;Qualitative Requirements;133
14.2.2;Quantitative Requirements;134
14.3;Randomness in Mobile Devices;135
14.3.1;Sources of Randomness in Mobile Devices;135
14.3.2;Secure Pseudorandom Numbers;138
14.4;Integration into Symbian OS;139
14.4.1;ANSI X9.31 PRNG;139
14.4.2;Fortuna PRNG;141
14.5;Conclusions and Future Work;142
14.6;References;143
15;A Context-Aware Security Framework for Next Generation Mobile Networks;144
15.1;Introduction;144
15.2;Related Work;145
15.3;Context-Aware Security Framework;146
15.3.1;Security Context;146
15.3.2;Security Actions;149
15.3.3;Context-Based Security Policies;150
15.4;Architectural Model;152
15.5;Conclusions;155
15.6;References;156
16;Information Reconciliation Using Reliability in Secret Key Agreement Scheme with ESPAR Antenna;158
16.1;Introduction;158
16.2;Secret Key Agreement Scheme Using ESPAR Antenna;159
16.3;Cascade Protocol;161
16.4;Cascade Using Reliability;162
16.5;Simulation Setting;165
16.5.1;System Model;165
16.5.2;Simulation Model;165
16.6;Simulation Results;166
16.6.1;The Number of Disclosed Bits;166
16.6.2;The Number of Communications;166
16.6.3;The Efficiency of Protocol;167
16.7;Conclusion;168
16.8;References;168
17;Protecting Privacy and Securing the Gathering of Location Proofs – The Secure Location Verification Proof Gathering Protocol;170
17.1;Introduction;170
17.2;Related Work;171
17.3;A System for the Secure Verification of Location Claims;172
17.3.1;System Model and Assumptions;172
17.3.2;Threat Model;173
17.3.3;The Role of the Verifier;173
17.3.4;The Use of Distance Bounding in the SLVPGP;174
17.4;The Secure Location Verification Proof Gathering Protocol (SLVPGP);175
17.4.1;Protocol Outline;175
17.4.2;Protocol Discussion;176
17.5;Extending the Protocol;176
17.5.1;The SLVPGP: Extension 1;177
17.5.2;The SLVPGP: Extension 2;177
17.5.3;The SLVPGP: Extension 3;177
17.6;Overall Analysis;179
17.6.1;Cost Analysis;179
17.6.2;Security Analysis;179
17.7;Future Work;180
17.8;Conclusion;180
17.9;References;180
18;Providing Strong Security and High Privacy in Low-Cost RFID Networks;182
18.1;Introduction;182
18.1.1;The RFID Technology;182
18.1.2;A New Problematic;183
18.1.3;Privacy Threats;183
18.2;Related Works;184
18.3;Proposed Solution;185
18.3.1;A Few Assumptions;185
18.3.2;The Protocol;186
18.4;Security Evaluation;186
18.4.1;Security Analysis;186
18.4.2;Privacy Analysis;187
18.5;Conclusion;188
18.6;References;189
19;Safe, Fault Tolerant and Capture-Resilient Environmental Parameters Survey Using WSNs;190
19.1;Introduction;190
19.2;Model Architecture and Network Functioning;191
19.2.1;Tree Construction;192
19.2.2;Tree Maintenance and Convergence;192
19.2.3;Routing Tree;193
19.2.4;Nodes Querying;193
19.2.5;Automatic Rejoining;194
19.3;Data Integrity and Authenticity;195
19.3.1;Nodes Initialization;195
19.3.2;Data Collection and Hashchains;196
19.4;Capture-Resilience;198
19.5;Conclusion;198
19.6;References;199
20;SAVAH: Source Address Validation with Host Identity Protocol;200
20.1;Introduction;200
20.2;Background on Host Identity Protocol;201
20.3;Related Work;202
20.4;SAVAH Design and Implementation;202
20.4.1;SAVAH Architecture;203
20.4.2;SAVAH Router Discovery;203
20.4.3;Packet Authentication;205
20.4.4;Source Address Validation;206
20.5;Deployment and Integration with General SAVA Architecture;207
20.6;Performance Evaluation;208
20.7;Conclusions;210
20.8;References;210
21;Secure Service Invocation in a Peer-to-Peer Environment Using JXTA-SOAP;212
21.1;Introduction;212
21.2;Background;213
21.3;JXTA-SOAP;215
21.3.1;JXTA-SOAP for Java Standard Edition (J2SE);216
21.3.2;JXTA-SOAP for Java Micro Edition (J2ME);217
21.4;Secure Service Invocation;218
21.4.1;DefaultTLSTransport;218
21.4.2;DefaultWSSMessage;221
21.4.3;MIKEYPolicy for Mobile Applications;221
21.5;Conclusions;222
21.6;References;222
22;Security Aspects of Smart Cards vs. Embedded Security in Machine-to-Machine (M2M) Advanced Mobile Network Applications;224
22.1;Introduction;224
22.2;M2M Requirements;225
22.3;The Options for a TRE to Host Secure, Downloadable MCIMs;225
22.4;Smart Card Security in Mobile Networks: Why Is the Smart Card a Trusted Anchor?;227
22.5;Meeting M2M Requirements with UICCs;229
22.6;Security Analysis and Comparison: Can an Embedded TRE Ever Be as Secure as a Smart Card?;231
22.7;Conclusions;233
22.8;References;234
23;Simple Peer-to-Peer SIP Privacy;236
23.1;Introduction;236
23.2;Problem Scope;237
23.3;SolutionModel;238
23.3.1;Storage Key Obfuscation;239
23.3.2;Usability Considerations;240
23.4;Implementation;241
23.4.1;Technology;241
23.4.2;Prototype Overview;242
23.4.3;Privacy Enhancements;242
23.4.4;Evaluation;243
23.5;Discussion;245
23.6;Summary and Future Work;245
23.7;References;246
24;On Modeling Viral Diffusion in Heterogeneous Wireless Networks;248
24.1;Introduction;248
24.2;Related Works and Motivation;250
24.3;Modeling Disease with Heterogeneity of Nodes;251
24.3.1;Assumptions;251
24.3.2;Elaborate Models;252
24.4;Discussion on the Models;254
24.4.1;Assumption and Parameter Discussion;254
24.4.2;Analysis of Disease Extent;254
24.5;Simulation Results;255
24.6;Conclusions and Future Works;260
24.7;References;261
25;Mobile WiMAX Network Security;263
25.1;Introduction;263
25.2;WiMAX Network Architecture;263
25.3;Network Access Authentication;265
25.3.1;Authentication Scenarios;266
25.3.2;Subscription Authentication;267
25.3.3;Device Authentication and Subscription Provisioning;268
25.4;Key Management for Mobility Support;270
25.5;Summary and Outlook;273
25.6;References;274
26;LoPSiL: A Location-Based Policy-Specification Language;275
26.1;Introduction;275
26.2;LoPSiL;277
26.2.1;Core Linguistic Constructs;277
26.2.2;Example Policies;279
26.3;A LoPSiL Compiler;282
26.3.1;Compiler Architecture;282
26.3.2;Experiential Observations;284
26.4;Conclusions and Future Work;285
26.5;References;286
27;Impersonation Attacks on a Mobile Security Protocol for End-to-End Communications;288
27.1;Introduction;288
27.2;The LYH Mobile End-to-End Authentication and Secrecy Protocol;289
27.2.1;Certification Phase;289
27.2.2;Authentication Phase;291
27.3;Analyzing the LYH Protocol;292
27.3.1;Forging Certificates for the LYH Protocol;292
27.3.2;An Attack to Impersonate a Mobile User;293
27.3.3;An Attack to Impersonate a Base Station;294
27.4;Fixing the LYH Protocol;295
27.4.1;Using the Elgamal Signature Scheme in the LYH Protocol;295
27.4.2;Resistance of Fixed Protocol to the Presented Impersonation Attacks;295
27.5;Conclusions;296
27.6;References;296
28;Author Index;298
